IReading the following Internal audit section of the LDC Cloud Systems Case Study: NTERNAL AUDIT CFO...

IReading the following Internal audit section of the LDC Cloud Systems Case Study:

NTERNAL AUDIT
CFO Arizmendi had hired Scott Tensar during the
run-up to the IPO for the purpose of creating and
heading the internal audit function, and Tensar
had continued to report directly to Arizmendi since
that time, with a secondary reporting relationship
to the board’s audit committee. Tensar, who was
well-qualified for the position, was responsible for
providing assurance that LDC’s major risks were
being appropriately addressed including financial,
operational, and reporting. This included reviewing
LDC’s internal control over financial reporting (ICFR)
that was designed to address the risk of fraud.
Tensar and his team had tested these controls and
provided assurance that they were designed and
operating effectively.
Tensar felt that his internal audit team possessed the
skills and experience that were typical for a billiondollar
company. The problem he faced, however,
was that he had a wide scope of risks to address.
Further, LDC’s business model was more complex
than was typical given the variety of customer
payment models the company pursued, and LDC
was growing rapidly and engaging with customers in
unusual ways because much of what was happening
at the intersection of cloud computing and the
sharing economy was unchartered territory for any
technology company. There were few models for the
company to follow. In Tensar’s view, it seemed like
everything his team reviewed was more complicated
and took a bit longer than he expected.
Tensar had requested a larger budget this past
year so he could hire two additional experienced
auditors for his team, but Arizmendi denied the
request. At the time Arizmendi told Tensar, “If the
company meets its current year growth targets, I will
recommend that internal audit get more people,” but
then added: “With the pressure we are under now,
there is no chance that LeDuc will approve more
staffing for support functions.”
Tensar had wanted the larger team so he could keep
up with all that was happening and to enable some
extra time for training and professional development.
At current staffing levels, there was hardly time for
him, or members of his team, to catch their breath.
Tensar also wanted time to be able to plan ahead.
He was sure that LDC’s internal audit function
was doing the best it could with its resources, but
he was concerned that the risks coming from the
company’s unique business model needed more
attention. Tensar recalled a recent conversation with
Arizmendi:
Tensar: “I wish I had more time to stop and think.
We complete an annual fraud risk assessment
but do we miss anything? If someone wanted to
commit accounting fraud here, how would they
do it? Are there weaknesses in our accounting
systems that I am not aware of?”
Arizmendi: “Because of our business model, our
finance and accounting systems are so unusual
that most of our own people can’t figure them out.
I doubt someone could learn enough to commit a
material fraud without being detected.”
Tensar: “You could be right,” he said, reluctantly
agreeing. “I have not seen any sign of accounting
fraud, but you can’t be too careful. By the way,
Lester Darnal (audit committee chair) stopped by
again last week. I like him. He shows real interest
in what we are doing and is always asking good
questions.”
Arizmendi: “Yes, Lester knows his stuff and he
loves to always know what is going on. Just be
careful with what information you volunteer. We
need to get our own work done, and the board
sometimes has its own agenda.”

Question:

Do you think that the internal audit function is properly positioned? Why or why not?