Chap 13 - Intro to Internal Control Systems Flashcards
What is an internal control?
It is the policies, plans and procedures implemented by management of an organization to protect its assets, to ensure accuracy and completeness of its financial information and to meet its business objectives.
What are the 4 objectives of internal controls?
- Safeguard assets
- Check the accuracy and reliability of accounting data
- Promote operational efficiency
- Enforce prescribed managerial policies
What are the 5 components of the 1992 COSO Report?
- Control Environment
- Risk Assessment
- Control Activities
- Information and Communication
- Monitoring
What are 3 additional components of an internal control system as defined by the 2004 COSO ERM
- Objective Setting
- Event Identification
- Risk Response
What are some examples of control activities?
- good AUDIT trail
- sound personnel POLICIES and PROCEDURES
- separation of DUTIES
- physical PROTECTION of assets
- REVIEWS of operating performance
- timely performance REPORTS
A good audit trail helps how?
enables auditors to follow the path of the data from the initial source docs to the final dispostion of the data on the report
How do personnel policies help?
companies can encourage ethical behavior among employees by reviewing the rules and the Code of Conduct as well as offering annual training
How does separation of duties help?
structure work assignments to that one employee’s work serves as a check on another employee(s).
Assign 3 different functions to different employees: authorizing, recording and custody of assets
Three different areas to have physical protection?
inventory, document and cash
How do reviews of operating performance help?
when performing these reviews internal auditors may find that some internal controls are not functioning properly
2 principles relating to monitoring internal controls?
1) ongoing and/or seperate evaluations of internal controls
2) internal control deficiencies or weaknesses should be identified and communicated promptly
What are the elements of monitoring?
- Establish a foundation for monitoring (determine the current baseline)
- Design and execute monitoring procedures
- Assess and report the results of monitoring those key controls
What is COBIT?
a system that supports the COSO requirements by using IT resources to support business processes
What are 3 types of control?
Preventative controls (put in place to prevent problems from occurring) Detective controls (alerts managers when preventative controls fail) Corrective controls (procedures a company uses to correct a problem)
The report from an external audit of a company’s internal control system must include what info?
- statement that management understands that they are responsible for establishing and maintaining internal control structure and procedures
- an assessment, at year end, of the effectiveness of the internal control structure
- an attestation by the company’s auditor that the assessment is accurate
