Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Assurance > Chapter 5 > Flashcards

Chapter 5 Flashcards

1
Q

What is internal controls?

A

The whole system of controls, financial and otherwise established by the management in order to carry out the business of the enterprise in an orderly and efficient manner, ensure adherence to management policies, safeguard the assets, present and detect fraud and errors and secure as far as possible the completeness and accuracy of the records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are information flows

A

refer to processes by which information is exchanged between people and systems within the entuty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is the purpose of internal controls?

A

help an organisation to achieve its objectives and mitigate the business risks it faces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are examples of internal controls?

A
  • quality controls
  • credit controls- to limit bad debts
  • inventory ordering controls
  • payroll controls- ensure employees are paid the right amount
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what are the limitations to internal controls?

A
  • human error
  • unusual transactions outside the scope of controls
  • collusion
  • management override
    -special considerations in small companies:
    informal nature/ lack of documentation
    limited staff
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what are the reporting rules for internal controls?

A

Directors of companies applying the UK Corporate Governance Code are required to report on risk management and systems of internal control in the companies annual reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the components of internal control set out in ISA 315?

A
  1. Control environment
  2. The entity’s risk assessment process
  3. Information system and communication
  4. Control activities
  5. Monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what is meant by the control environment?

A

includes both the governance and management functions of an organisation.

It will focus upon the attitudes, awareness and actions of those responsible within the business for designing, implementing and monitoring internal controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What would indicate a strong control environment?

A
  • existence of an audit committee
  • An internal audit function
  • effective documentation of control systems
  • the importance of controls communicated to all staff members
  • no management override controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is meant by an audit committee?

A

subsection of the board of directors which has a particular interest in the accounting and finance activities of the company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Effective systems of internal control consist of five integrated elements. These include:

a)control activities.
b)control environment.
c)governance.
d)information and communication.
e)monitoring.

A

a,b, d, e

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which element of an effective systems of internal control is most concerned with the day-to-day procedures put in place to ensure continuation of business processes?
a)control activities.
b)monitoring activities.
c)risk assessment.
d)control environment.

A

a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what is meant by business risk?

A

Business risk is a risk resulting from significant conditions, events, circumstances, actions or inactions that could adversely affect an entity’s ability to achieve its objectives and execute its strategies, or from the setting of inappropriate objectives and strategies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what can cause risks to arise or change?

A
  • changes in operating environment
  • new personnel
  • new or revamped information system
  • rapid growth or corporate restructuring
  • new technology
  • new business models, products or activities
  • expanded foreign operations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what is meant by information systems and communication?

A

include the financial reporting system and consist of the procedures established to initiate, record, process and report entity transactions and to maintain accountability for the related assets, liabilities and equity

  • examples: ledger, daybooks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What information systems and communications are auditors interested in?

A
  • systems for preparing financial statements
  • accounting software used
  • accounting records and books
  • roles and responsibilities allocated to personnel
18
Q

What is meant by control activities?

A

the policies that help ensure that management directives are carried out

19
Q

what are preventative controls

A

prevent errors occuring

20
Q

what are detective controls?

A

identify an error has occurred and correct it

21
Q

what are the 5 control activities the ISA 315 set out? (Examinable topic)

A
  • authorisation and approval
  • reconciliations
  • verifications
    physical or logical controls
  • segregation of duties
22
Q

what is meant by authorisation and approval controls?

A

affirms that a transaction is valid these can be manual or automated

23
Q

what is an example of authorisation and approval controls?

A
  • supervisor approving an expense report after reviewing
  • director reviewing then signing back reconciliations
24
Q

what is meant by reconciliations controls?

A

Controls that compare two or more data elements. If differences are identified, action is taken to bring the data into agreement

25
what is an example of reconciliation controls?
- comparing sales reports to statement of profit or loss - comparing bank transactions per the bank statement with those in the cash book
26
what is meant by verification controls?
controls that compare two or more items with each other or compare an item with a policy
27
what is an example of a verification control?
- comparing monthly expenditure to budgeted expenditure - comparing occupancy rates hotel by hotel for a hotel chain - agreeing a despatch note signed by the customer to the sales order form
28
What is the difference between verification controls and reconciliation controls?
verification controls may not result in matching items
29
what are physical or logical controls?
controls that encompass the physical security of assets such as secured facilities over access to assets and records, authorisation for access to computer programs and data files
30
what are examples of physical or logical controls?
- physical counting of petty cash - electronic tagging of inventory - banking cash immediately
31
what is meant by segregation of duties controls ?
assigning different people the responsibilities of authorising transactions, recording transactions and maintaining custody of assets
32
33
What is meant by general IT controls?
Controls over the entities IT processes that support the continued operation of the IT environment
34
What are examples of general IT controls?
- testing system performance - controls over system design, programming and documentation - staff training - password protection - virus checks - restricting physical access with locks - back up copies - disaster recovery procedures
35
What is meant by information processing controls?
These are controls relating to processing of information in IT applications or manual information processes in the information system that directly address risks to the integrity of information
36
What are the information processing control examples?
- controls over input completeness - controls over input accuracy - controls over input authorisation - controls over standing data
37
what are the key risks of an entities IT systems?
- hacking - theft - deliberate sabotage -viruses, malware and other corruption - denial of service attacks
38
what does the ICAEW audit insight recommend to combat cyber risks?
- improve communication about cyber risk and how to manage -define who is responsible for cyber security - assign board level accountability - non executive directors should monitor the actions of the executive related to cyber security
39
why does an auditor need to understand the systems and controls?
- assess the level of control risk - determine the audit approach
40
what are an auditors options for documenting an organisations systems and controls? what do they do after documenting
- narrative notes - questionnaires or checklists - diagrams or flowcharts After documenting: perform walkthrough tests to confirm their understanding of the system
41

Assurance (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions