In the United States, the management and auditors of publicly held companies must evaluate their internal controls annually. The purpose of the evaluation is to look for any control deficiencies. Doing so will help avoid any penalties such as the $10.5 million that the SEC imposed on Citigroup Inc. as a result of its internal controls failures. See the article from, Citigroup to Pay More Than $10 Million for Books and Records Violations and Inadequate Controls.

You are an external auditor hired by Citigroup to perform an audit. You will be reporting to Citigroup’s audit committee.


Write a 2–3 page report for the audit committee in which you:

  1. Critique Citigroup’s internal controls and the purpose they serve.
  2. Distinguish between operation and design control deficiency.
  3. Determine the reasons that led Citigroup Inc. to pay $10.5 million in penalties.
  4. Recommend techniques that will overcome the weaknesses of Citigroup’s internal controls; justify the recommendation.
  5. Use three sources to support your writing. Choose sources that are credible, relevant, and appropriate. Cite each source listed on your source page at least one time within your assignment. For help with research, writing, and citation, access the library, or review library guides.

This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.

The specific course learning outcome associated with this assignment is:

  • Evaluate internal control as an indicator of effectiveness and accuracy of financial statements.
Powered by WordPress