A3 (6) - Internal Control

Question 1

Entity Objectives

Answer 1

1. Reliability of financial reporting.
2. Effectiveness and efficiency of operations.
3. Compliance with applicable laws and regulations

Question 2

Components of Internal Control - Five

Answer 2

1. Control Environment
2. Risk Assessment
3. Information and Communication Systems:
4. Monitoring
5. Existing Control Activities

Question 3

Summary of the Five Component of Internal Control

Answer 3

See Table

Question 4

Auditor Consideration of Internal Control - COSO framework

Answer 4

The auditor does not need to understand each component with the same degree of detail in every case

Question 5

Auditor Consideration of Internal Control - Identifying Controls Relevant to reliable Financial Reporting

Answer 5

1. Preventive Controls
2. Detective controls

Note:- The Auditor should focus the assessment of control risk on the entity’s relevant controls.

Question 6

Auditor Consideration of Internal Control - Evaluate the design and Implementation of internal control

Answer 6

Further to understand the five components, The auditor should be able to :-
1). Evaluate the design and implementation of relevant controls .

2) . Determine whether internal controls have been implemented .
3) . Perform procedures to obtain evidence about the design and implementation of internal controls.
4) . Design the nature, extent, and timing of further audit procedures

Question 7

Auditor Consideration of Internal Control - Walkthrough

Answer 7

a) Confirm the auditor’s understanding of key elements of the entity’s information processing system and internal controls
b) . Evaluate the design of the relevant internal controls
c) . Determine whether certain controls have been implemented

Question 8

Walkthrough procedures

Answer 8

(1) . Observe individuals performing their information processing and control procedures
(2) Re-perform the information processing or control procedures
(3) Inspect the relevant documents and accounting records
(4) . Corroborate inquiry responses with others knowledgeable about the information processing and control procedures

Question 9

Document the Understanding of Internal Control

Answer 9

1. Flowcharts
2. Internal Control Questionnaires
3. Narratives
4. An entity’s procedures manuals

Question 10

Information Technology on Internal Control

Answer 10

Automated controls are internal controls performed using IT and are more suitable for: High volume or recurring transactions.

General controls are policies and procedures that relate to many applications and include passwords. change management procedures, back/recovery systems, and administrative rights to the network.

Application controls are controls over input,processing, and output such as Administrative access rights, Automated edit checks of input data and Manual follow-ups of exception reports

Question 11

IT Benefits and Risks

Answer 11

Benefits :-

a. The ability to process large volumes of transactions and data accurately and consistently.
b. Improved timeliness and availability of information.
c. Facilitation of data analysis.
d. Reduction in the risk that controls will be circumvented

Risks:-

a. Potential reliance on inaccurate systems.
b. Unauthorized access to data, which may result in loss of data and/or data inaccuracies.
c. Unauthorized changes to data, systems, or programs.
d. Failure to make required changes or updates to systems or programs.
e. Inappropriate manual intervention.
f. Potential loss of data