3(New). Rish Assessment and Internal Control Flashcards
What is understood by “non-routine” transactions? Briefly outline why risks of material misstatement is greater for such transactions.
Significant risks often relate to significant non-routine transactions or judgmental matters.
Non-routine transactions are transactions that are unusual, due to either size or nature, and that therefore occur infrequently.
Judgmental matters may include the development of accounting estimates for which there is significant measurement uncertainty.
The following are always significant risks:
i) Risks of material misstatement due to fraud
ii) Significant transactions with related parties that are outside the normal course of business for the entity.
Risks of Material Misstatement - Greater for Significant Non-Routine Transactions:
Risks of material misstatement may be greater for significant non-routine transactions arising from matters such as the following:
i) Greater management intervention to specify the accounting treatment. Greater manual intervention for data collection and processing.
ii) Complex calculations or accounting principles.
iii) The nature of non-routine transactions, which may make it difficult for the entity to implement effective controls over the risks.
Risks of material misstatement- Greater for Significant Judgmental Matters:
Risks of material misstatement may be greater for significant judgmental matters that require the development of accounting estimates, arising from matters such as the following:
i) Accounting principles for accounting estimates or revenue recognition may be subject to differing interpretation.
ii) Required judgment may be subjective or complex, or require assumptions about the effects of future events, for example, judgment about fair value.
The auditor shall obtain an understanding of the major activities that the entity uses to monitor internal control over financial reporting” Explain.
The auditor shall obtain an understanding of the major activities that the entity uses to monitor internal control over financial reporting.
Monitoring of controls is a process to assess the effectiveness of internal control performance over time.
It involves assessing the effectiveness of controls ona timely basis and taking necessary remedial actions.
Management accomplishes monitoring of controls through ongoing activities, separate evaluations, or a combination of the two.
Management’s monitoring activities may include using information from communications from external parties such as customer complaints and regulator comments that may indicate problems or highlight areas in need of improvement.
“Risk of material misstatement consists of two components” Explain clearly defining risk of material misstatement.
SA 200 states that risk of material statement is the risk that the financial statements are materially misstated prior to audit.
The risk of material misstatement at assertion level comprises of two components i.e., inherent risk and control risk.
i) Inherent risk:
Inherent risk is the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements before consideration of any related controls.
ii) Control risk:
Control risk is the risk that a misstatement that could occur in an assertion about a class of transaction, account balance or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control.
“The SAs do not ordinarily refer to inherent risk and control risk separately, but rather to a combined assessment of the “risks of material misstatement”” Explain.
Standards on auditing do not ordinarily refer to inherent risk and control risk separately, but rather to a combined assessment of the “risks of material misstatement”.
However, the auditor may make separate or combined assessments of inherent and control risk depending on preferred audit techniques or methodologies and practical considerations.
The assessment of the risks of material misstatement may expressed in quantitative terms, such as in percentages, or in non-quantitative terms.
“The auditor shall obtain an understanding of the control environment” Explain stating what is included in control environment.
The auditor shall obtain an understanding of the control environment. As part of obtaining this understanding, the auditor shall evaluate whether:
i) Management has created and maintained a culture of honesty and ethical behaviour and
ii) The strengths in the control environment elements collectively provide an appropriate foundation for the other components of internal control.
What is included in Control Environment?
The control environment includes:
i) the governance and management functions and
ii) the attitudes, awareness, and actions of those charged with governance and management.
iii) the control environment sets the tone of an organization, influencing the control consciousness of its people.
Elements of Control Environment.
Elements of the control environment that may be relevant when obtaining an understanding of the control environment include the following:
a) Communication and enforcement of integrity and ethical values:
The effectiveness of controls cannot rise above the integrity and ethical values of the people who create, administer, and monitor them.
b) Commitment to competence:
Matters such as management’s consideration of the competence levels for particular jobs and how those levels translate into requisite skills and knowledge.
c) Participation by those charged with governance:
It includes attributes of those charged with governance such as
i) their independence from management
ii) their experience and stature
iii) the extent of their involvement and the information they receive and the scrutiny of activities.
d) Management’s philosophy and operating style:
Management’s philosophy and operating style encompass a broad range of characteristics. For example,
i) management’s attitudes towards financial reporting;
ii) approach of management to taking and managing business risks;
iii) management’s attitude towards information processing and accounting function and personnel.
e) Organisational structure:
The framework within which an entity’s activities for achieving its objectives are planned, executed, controlled, and reviewed.
f) Assignment of authorit and responsibility:
Matters such as how authority and responsibility for operating activities are assigned and how reporting relationships and authorisation hierarchies are established.
g) Human resource policies and practices:
Policies and practices that relate to, for example, recruitment, orientation, training, evaluation, counselling, promotion, compensation, and remedial actions.
