1. Consult Paragraphs 65-69 of PCAOB Auditing Standard No. 12.

Based on your
understanding of fraud risk assessment, what three conditions are likely to be present when
a fraud occurs (the fraud triangle)? Based on the information provided in the case, which of
these three conditions appears to have been the most prevalent at Enron, and why?

At Enron, as evidenced by the case information, the incentives and pressure was the most dominant
factor. Executives had incentive to achieve high revenue growth because their salary and bonus levels
were directly linked to reported revenues. In addition, they also had incentive to achieve high revenues
and earnings targets because of the shares of stock they held. Enron made significant use of stock options
as a means to provide incentives for its executives to achieve growth. As of December 31, 2000, Enron
dedicated 96 million of its outstanding shares that is at almost 13% of its common shares outstanding to
stock option plans. When a senior manager holds a quantity of stock options, it is in their personal best
interest to see the value of the share go up even if it means overstating income fraudulently. This is
precisely the type of condition that may lead to a fraud.
2. Consult paragraph 25 of PCAOB auditing standard No. 5. Define what is meant by
control environment. Why is the control environment so important to effective
internal control over financial reporting at an audit client like Enron?
The control environment is the effectiveness and oversight of a company’s internal control
systems. The internal control systems are, or at least should be designed to protect the company
from fraud, or financial statement omissions or misstatements.
The lack of effective internal controls and the oversight and collusion among the top
management led to Enron’s collapse. To have effective internal controls, the company should set
the “tone at the top”. It is important for senior management and executives to set a good example
that effective internal controls are a top priority for a company.
I’m not sure how you can prevent Enron’s “white collar crime” from happening , especially
when the accounting firm that is attesting to their financial statements are turning a blind eye.
However, when a company is becoming “too big to fail,” the government regulators should be
conducting oversight.
Also, since Enron was the first company outside the financial services industry to use “Mark to
Market” (MTM) accounting practice, established Special-purpose Entities (SPEs) and
experienced more than 750 percent growth, the Securities and Exchange commission (SEC)
should have followed-up and kept a close eye on these newly approved practices.
 3. Consult Paragraphs 21-22 of PCAOB Auditing Standard No. 5. Comment on how your
understanding of Enron’s control environment and other entity-level controls would help
you implement a top-down approach for an internal control audit at Enron.

According to paragraph #21 of PCAOB Auditing Standard No. 5, “The auditor should use a top-down
approach to the audit of internal control over financial reporting to select the controls to test. A top-down
approach begins at the financial statement level and with the auditor's understanding of the overall risks to
internal control over financial reporting. The auditor then focuses on entity-level controls and works
down to significant accounts and disclosures and their relevant assertions. This approach directs the
auditor's attention to accounts, disclosures, and assertions that present a reasonable possibility of material
misstatement to the financial
statements and related disclosures.”
In paragraph #22, the PCAOB states that the “auditor must test those entity-level controls that are
important to the auditor's conclusion about whether the company has effective internal control over
financial reporting. The auditor's evaluation of entity-level controls can result in increasing or decreasing
the testing that the auditor otherwise would have performed on other
controls.” The absolute goal of this process is to help the auditor focus on those controls that really
matter in supporting the goal of reliable financial reporting.
While it is difficult to glean information that would allow for a complete evaluation of Enron’s
control environment and entity level controls, the case does provide enough detail to conclude that the
integrity of Enron’s management, their leadership style, and their compensation philosophy should raise
concern about their control environment and perhaps other entity level controls. Overall, by the end of
class discussion, it should be clear that a proper functioning control environment and strong entity level
controls provide a foundation for the entire internal control system.

4. Consult Sections 204 and 301 of SARBOX. What is the role of the audit committee
in the financial reporting process? Do you believe that an audit committee can be
effective in providing oversight of a management team like Enron’s?
SARBOX 204- Auditor Reports to Audit committees: Each registered public accounting firm
that performs for any issuer any audit required by this title shall timely report to the audit
committee of the issuer…
All critical accounting policies and practices
Management discussions in regards to financial reporting in accordance with GAAP
Any material findings or discussions between the audit firm and company management
SARBOX 301- Public Company audit Committees:
Prohibit listing any security if the issuer is not in compliance for the issuer to correct any
discrepancies prior to prohibiting the listing of security.

5. Consult Sections 302 and 305 and Title IX of SARBOX. Do you believe that these provisions
could help to deter fraudulent financial reporting by an upper management group? Why or
why not?

According to section 302 of SOX, in the post-Sarbanes audit environment, the CEO and CFO of each
issuer must now prepare a statement to accompany the audit report to certify the “appropriateness of the
financial statements and disclosures contained in the periodic report, and that those financial statements
and disclosures fairly present, in all material respects, the operations and financial condition of the
issuer.” If a CEO or CFO violates this section, he/she can be held criminally liable. Essentially this
statement holds the CEO and the CFO personally liable for the assertions that they have made within the
financial statements. And, under Title IX of SOX, the maximum penalty for filing false financial
statements with the SEC “for willful and knowing violations” are “a fine of not more than $5,000,000
and/or imprisonment of up to 20 years.” This is an absolutely critical point that must be made to answer
this question. The bottom line is that crime does not pay! Imprisonment and financial penalties have
been established to deter an upper management group from committing fraudulent activity.
Given the changes brought upon by SOX, these new provisions are likely to deter fraudulent
behavior. Stated simply, the penalties are severe and if it is found that such an upper manager did profit
from a fraudulent act, the law now provides a clear mechanism to get the money back; not only to repay
the financial benefit but also to incur punitive penalties as well, amounting to financial penalty and jail
time.