J. Efrim Boritz and
Theophanis Stratopoulos
University of Waterloo

• HIPAA of ‘96 in the US created stringent privacy requirements for all health care industry participants ... HIPAA fully in place as of January
’05 and many US competitors are already in compliance.
• Early ‘05, a major OEM who advanced half the funds for a $5 million contract for the delivery of a toolkit for its MRI scanners has requested that all company personnel be trained in HIPAA requirements as well as procedures and documentation to ensure the training was tracked and will be maintained. The customer has the right to audit the company’s development practices under ISO
9000:2000.
• Company’s goals are to increase market share in the US, retain OEM customers. The company has added HIPAA requirements to the specifications for all new systems so that new products will be HIPAA compliant in ‘06. The company has been encouraging all its employees to complete an internally developed course on HIPAA.

Tracing from …
• environmental changes, to
• business strategy changes, to
• internal process changes, and ultimately to
• financial statement impacts … is a complex and challenging task.

Help students see the linkages between …
• environmental changes,
• strategic responses,
• internal processes and
• financial statement accounts
Help them perform task more effectively

Scenario 1
Environment/
External
Factors
Regulatory agency (HIPAA) created stringent privacy requirements for all health care industry participants.
HIPAA is fully in place as
January 2005.
Relevant
Strategic
Goals
Increase
Market Share
In the US
Internal
Processes &
Resources
Impact on
Accounts?
Company has added
HIPAA requirements to new system specifications so that new products will be
HIPAA-compliant in
2006.
Revenue General &
Admin
Many Competitors already in compliance with
HIPAA
Employees encouraged to take internal HIPAA courses
Cost of
Sales
Retain OEM customers
Major OEM Customer Request for HIPAA
Training and Training Tracking System;
Customer has right to audit co development practices; has already advanced half of $5 M contract
Inventory R & D
Legend
Elements :
Relationships:
Intra- or Inter-c ategory linkages s uc h as exis tenc e, c aus ality, and c hange over time
Environment/
External Factors:
Competitors , regulators , ec onomy c us tomers , markets , etc .
Relevant Strategic
Goals:
Organizational objec tives of the organization
Internal Processes
& Resources:
P roduc ts , s ervic es , bus ines s proc es s es , res ourc es (e.g., human, financ ial, information), etc .
Impact on
Accounts:
A c c ount c las s es or s pec ific ac c ounts

1.
Pre: Outline the principles of Strategic Auditing and ask students to review the case (Approximately 15-20 minutes)
2.
During - General Information: Audit risk assessment and business models. Business risk implications associated with industry structure and company’s strategy. Review financial statements. (Approximately 30 minutes)
3.
During - Case Discussion: Select simplest possible combination for first challenge and make it more complicated as you move to the subsequent challenges. (Approximately 40 to 50 minutes or 20 to 25 minutes per challenge)
4.
Post: Assign one of the other challenges – with desired degree of difficulty - as a homework assignment.

• Objective: Evaluate the effectiveness of the case.
• Tool/Method: A pre and post questionnaire. Matched pairs.
• Target Audience: Arts/Public accounting and Math/Public accounting students in a co-op program (with 8 months prior co-op work experience) taking an audit class prior to an 8month co-op term
• Condition: Instructor was not involved in the development of the case and had access only to teaching notes

Question
- Five point Likert scale (1 = strongly disagree, … 5 = strongly agree).
- Questions were asked before and after the completion of the case
Arts/Public
Accounting
Average
(Pre-Post) t-score
(p-value)
Math/Public
Accounting
Average
(Pre-Post) t-score
(p-value)
Understanding a audit client’s business strategy is essential for performing effective audit
External auditors should focus more on the risk of errors in judgment and application of
GAAP than on the risk of poor strategic business decisions made by client
Risks arising from a change in a client’s business strategy are important in the longrun but unlikely to create audit risk of the current period
-.03
.12
.10
-.5
(.62)
.97
(.34)
.72
(.48)
-.16
.87
.08
-2.60
(.01)
5.59
(.00)
.51
(.61)

Question
- Five point Likert scale (1 = strongly disagree, … 5 = strongly agree).
- Questions were asked after the completion of the case
The e-vision case enhanced my understanding of how strategic business risks affect the risk of material misstatement
Arts/Public
Accounting
Average t-score
(p-value)
3.78
9.11
(.00)
The diagram enhanced my understanding of how strategic business risks affect the risk of material misstatement
3.53
4.6
(.00)
Math/Public
Accounting
Average t-score
(p-value)
3.66
5.05
(.00)
2.94
-.45
(.83)

• The degree of difficulty of the case, can be modified to the experience of your students.
• For example provide the relationships linking the external factors to relevant strategic goals to internal processes and provide a list of relevant as well as irrelevant accounts.
(See next slide)

Scenario 1
Environment/
External
Factors
Regulatory agency (HIPAA) created stringent privacy requirements for all health care industry participants.
HIPAA is fully in place as
January 2005.
Relevant
Strategic
Goals
Increase
Market Share
In the US
Internal
Processes &
Resources
Impact on
Accounts?
Company has added
HIPAA requirements to new system specifications so that new products will be
HIPAA-compliant in
2006.
Revenue General &
Admin
Many Competitors already in compliance with
HIPAA
Employees encouraged to take internal HIPAA courses
Cost of
Sales
Retain OEM customers
Major OEM Customer Request for HIPAA
Training and Training Tracking System;
Customer has right to audit co development practices; has already advanced half of $5 M contract
Inventory R & D
Legend
Elements :
Relationships:
Intra- or Inter-c ategory linkages s uc h as exis tenc e, c aus ality, and c hange over time
Environment/
External Factors:
Competitors , regulators , ec onomy c us tomers , markets , etc .
Relevant Strategic
Goals:
Organizational objec tives of the organization
Internal Processes
& Resources:
P roduc ts , s ervic es , bus ines s proc es s es , res ourc es (e.g., human, financ ial, information), etc .
Impact on
Accounts:
A c c ount c las s es or s pec ific ac c ounts

Teaching notes, based on personal interviews with audit partners and senior audit managers from the Big-4 firms, cover the following areas:
1.
General Evaluation
– Company Background
– Strategy
– Financial Statement Analysis
– Stock Market
2.
Detailed Evaluation of Each of the 4 Challenges

• Martin, R. and F. Phillips. 2006 “Aerospace Lighting, Inc. (ALI):
Linking Business Strategy to Audit Planning.” Issues in
Accounting Education, 21(3), pp. 313-321.
• Ballou, B. and W Robert Knechel 2002. Ceskoslovenska
Obchodni Banka, a.s.: Applying business risk audit techniques.
Issues in Accounting Education; Aug 2002; 17, 3, 289-312.
• Bell, T., F. Marrs, I.Solomon and H. Thomas. 1997. Auditing
Organizations Through a Strategic-Systems Lens. Montvale,
NJ: KPMG Peat Marwick LLP.
• Bell, T.B., M. E. Peecher, and I.Solomon. 2002. The strategicsystems approach to auditing. In Cases in Strategic-Systems
Auditing eds. T.B. Bell and I.Solomon,1-34.