16. Audit and financial control Flashcards
What is internal control?
The achievement of reliability of financial reporting.
What is an internal check?
An element of internal control ensuring that no single task is executed entirely by an individual.
In more detail, the purpose of internal control is to: (5)
- Order in the business
- Safeguarding of assets
- The prevention of fraud and error
- Accuracy of accounting records
- The timely prep of reliable information
Name the 5 components of internal control. What are they?
- The control environment: management opinion
- The entity’s risk assessment process
- The information system relevant to financial reporting
- Control activities: ACCUMAPS
- Monitoring of controls: timely measurement
An information system must be able to (5)
- Identify and record all valid transactions
- Describe transactions
- Measure transactions
- Determine the correct accounting period
- Present transactions properly
ACCUMAPS is relevant to which category of internal control? What does the mnemonic stand for?
Relevant to control activities.
- Authorisation
- Comparison
- Computer Controls
- Arithmetical controls
- Maintaining a trial balance and control accounts
- Accounting reconciliations
- Physical controls
- Segregation of duties
What are the three types of internal controls? Give examples.
- Preventive controls: controls that prevent errors or frauds occurring.
- Detective controls: controls that detect if problems have occurred.
- Corrective controls: address the problem after it has occurred.
What are the general methods of control for IT systems? (6)
- Physical controls
- Hardware and software configuration
- Logical access
- Disaster recovery
- Output controls
- Technical support
What are the application methods of control for IT systems? (5)
- Completeness
- Authorisation
- Identification
- Validity
- Forensic checks
In annual assessments of internal control, the board should consider (3)
- The changes in nature and significance of risks
- The scope of monitoring risks
- Any significant control failings or weaknesses
Define internal and external audit.
Include: what it means, who decides the work, legality and who they report to.
Internal audit measures a companies systems of internal control. Scope of work is determined by management as there is no legal requirement for it to be completed. Report to directors.
External audit measures whether the inputs of a financial statement are true and fair. Legally required so performed by an external auditor. Report to directors.
The UK Corporate Governance Code states that…
companies without an internal audit should annually review the need for one.
In relation to corporate risk management, internal audit can…(3)
- Manage the basic data used by management to identify risks
- Identify techniques for managing risks
- Report on internal controls
Internal audit staff are typically expected to carry out a variety of tasks, these include, but are not limited to… (4)
- Reviewing internal controls
- Reviewing risk management systems
- Carrying out special assignments i.e. fraud investigations
- Conducting operational reviews i.e. efficiency of the business
Limitations of internal audit (3)
- Independence
- Cost, staff and resources
- Fear of disclosing information