CIRI Audit Process Ensures Accuracy of Company’s Controls and Records

The word “audit” is known to strike fear into the hearts of companies and organizations. However, that’s not the case at CIRI. Thanks to sound planning, an atmosphere of constructive involvement and ongoing communication between the client and auditor, CIRI views the annual audit as an opportunity to improve the running of its business.

“I see a lot of benefit to the audit process,” said Rhonda Oliver, vice president, CIRI Corporate Controller. “I love getting to the end of the process and having an Annual Report that reflects what the company has done that year and memorializing it. Having a completed, tangible Annual Report and audit opinion, it’s a really good process to go through. I think it’s immensely valuable.”

An independent, third-party examination and evaluation of a company’s financial statements, an external audit provides an objective overview of CIRI’s accounting process. The audit process takes six months, beginning mid-summer of the current year and concluding late spring the following year. CIRI closes its books Dec. 31 and prepares a final set of financial statements, from which the auditors perform their analysis and issue their opinion. The CIRI Annual Report, which includes the Independent Auditors’ Report and Management’s Discussion and Analysis of Financial Condition and Results of Operations (MD&A), is mailed to shareholders in April.

The Raven’s Circle sat down with Oliver and CIRI Senior Vice President Stig Colberg to find out what’s involved with CIRI’s audit process, the challenges and benefits, as well as what shareholders need to know about its role in strengthening the company’s overall business practices.

Raven’s Circle (RC): What are the auditors actually looking at when they perform their audit?

Rhonda Oliver (RO): The auditors look across all our industry segments and determine what they consider material to CIRI’s audit. They don’t test 100 percent of our transactions, of course; it took us 12 months to accumulate them, and it would take them an equal amount of time to audit them. The audit process is really designed on a sampling. If something stands out – a large-dollar transaction, for example – the auditors will ask for support for whatever transaction or process they’re examining.

RC: Are they making determinations about our transactions with regard to the dollar amount, whether we purchased or sold something at a fair price?

RO: They’re not making those types of determinations, no. What they are looking for is, if we said, “This is our process,” that we have followed the process and that the amounts we reported are correctly represented within the financial statements.

Stig Colberg (SC): They don’t make determinations, but they test our determinations. There are a number of places in our financial report where we have to make determinations about future events, liabilities we may have, the value of companies we own and the prospects for those companies. Auditors will push hard on our estimates. They test them against what they know in the market, what they know in industry, to see whether or not we’re applying them similarly.

RC: It sounds intense! Does it ever get contentious?

RO: Intense, yes; contentious, no. The auditors do challenge us by making us think about the processes we’re using, hopefully to end up with a better product at the end. It creates a healthy debate, which can be a little intense.

RC: Aside from helping ensure the company’s financial statements accurately represent its financial position, are there other benefits of the audit process?

SC: Absolutely. One, it gives us the opportunity to examine our accounting procedures with a critical eye and work on making improvements. Two, it forces a discipline around our financial accounting and reporting, our processes and controls, which is healthy for the business. Three, we actually learn a lot about the business. It requires that we know the business really, really well to get through the audit. Not just are the numbers accurate, but are the systems and the processes we have in house designed to ensure the numbers are accurate.

RC: What happens if the auditor finds something in our accounting records that is incomplete or inaccurate? Has that ever happened?

RO: If the auditor identified a weakness in our internal controls system, either by identifying a specific transaction that didn’t process correctly or a situation where the opportunity for misstatement could occur, they would write it down in a management letter that goes directly to the Audit Committee of the CIRI Board of Directors. When they do that, management has to provide a response. We’ve been fortunate in that CIRI hasn’t had a management letter recommendation from our auditors in many years. I think it demonstrates the commitment CIRI has made to ensure our processes are sound and that we’ve created an environment that results in accurate financial reporting.

RC: Are external auditors testing for fraud?

SC: The auditors aren’t testing for fraud per se, but if the company had a system set up that was easily manipulated, that would come up. It’s an interesting fact: The two most senior financial officers in a company —in CIRI’s case, Rhonda and myself—don’t have the ability to enter any data into the accounting system, which would be completely non-intuitive to most people. Because we have the ability to approve cash moving around, we don’t want the ability to then go in and input data. That would permit us an avenue to defraud the company.

RO: Neither Stig nor I can directly process a transaction inside our accounting software, because we shouldn’t! We have approval authority, so we shouldn’t be able to directly input data into the system. A transaction processes through many different hands; it’s coined a “segregation of duties.” Any process we have should never be controlled by a single individual. Multiple people are involved along the way to ensure all the documentation supports the transaction.

It’s important to keep in mind, too, that over time, the industry changes. Take the Enron scandal back in 2001, for example. When those things happen, it’s not unusual for the Financial Accounting Standards Board, which sets generally accepted accounting principles (GAAP), to respond and to provide additional guidance, or clarification, or reporting requirements, or analysis for both management and the auditor, to ensure that something like an Enron doesn’t ever happen again. The board is designed to be responsive.

RC: Anything else our readers should know about the audit process?

SC: In CIRI’s case, you can’t separate the audit from the Annual Report; the audit is designed to ensure that the Annual Report is accurate. And CIRI, North Wind and the Cruz companies each have separate, stand-alone audits.

RO: Auditors are required to be independent of CIRI; they’re required to turn over their staff after a certain period of time, so you don’t have a relationship with a partner or senior manager that goes on indefinitely. Each individual auditor has to cycle out of the audit and somebody else comes in to ensure the auditors have complete independence.