Chapter 5 Internal control

Question 1

Which of the following applies to internal control?

1. charged to governance and management
2. provide full assurance of achievement of entity objectives
3. control the directors and audtiors
4. promotes stability of operations

Answer 1

1. T
2. F
   provides reasonable
3. F
4. F
   Promotes reliability of Fin reporting

Question 2

Which role has which responibility for ‘quality control’, ‘credit control’, ‘control over inventory’, ‘compliance department’ and controls over payroll.

1. Ensure eomployee paid correct.
2. stock-outs prevention and minimal stock held
3. limit bad debts
4. implement policies ensure business adhere
5. prevent poor quality

Answer 2

1. • 5
2. • 3
3. • 2
4. 4
5. 1

Question 3

For the three business risks listed below, list some controls which the
entity may implement to help minimise these risks.
 Non-payment by customers
 Producing damaged/poor quality products
 Paying too much for supplies

Answer 3

Non-payment by customers
 Credit checks on all new customers
 Credit limits set for all customers
 Regular review of balances against credit limits to ensure not breached
 Reducing/altering payment terms for poor payers.
Production of damaged/poor quality products
 Choose suppliers with good market reputation (approved supplier list)
 Regularly review level of returns/credit notes issued to determine
whether problem exists
 Instigate appropriate training techniques for production staff
 Implement adequate quality control procedures.
Paying too much for supplies
 Check taking advantage of any prompt payment/bulk discounts
 Compare all invoices received to goods received note (GRN) prior to
payment
 Marking paid invoices as such to avoid duplicate payments

Question 4

What are the limitation of internal control?

Answer 4

1. Human error
2. unusual transactions
3. collusion
4. Special consideration in small companies

Question 5

What are the internal controls in the annual report?

Answer 5

1. Management responsibilities
2. Principle of control design
3. Inherent limitation
4. management assessment

Question 6

What are ICS components?

Answer 6

A. Control environment 
B. risk Assessment process
C Information systems 
D. Control activities 
E. Monitoring

Question 7

What does the control environment include?

Answer 7

Attitudes
awareness
actions

Question 8

Which group of people indicate a strong control enviornment?

Answer 8

1. Audit Committee
2. Audit Function
3. documents of control systems
4. controls communicated to everyone
5. no managment overrides possible.
6. employees that work for one loyal as fuck

Question 9

What are the Audit Committee?

Answer 9

Just below board of directors who have interest in Ac&Fi of the company

Question 10

What are key feature of audit committee?

Answer 10

1. non executive directors
2. need for UK companies under uk corporate governance code
3. required to have written terms of reference
4. view over Finstat., internal audit and external audit

Question 11

How does the risk assessment process follow through?

Answer 11

1. identify relevant business risk
2. Est. sig. of risk
3. calc. likelyhood of occurence
4. decide on actions to address the risk

Question 12

What are three priorities in Tesco?

Answer 12

1. Regaining competitiveness
2. protecting the balance sheet
3. rebuilding trust and transperency

Question 13

Name 4 factors to assess principle risk ?

Answer 13

• Customer proposition
• Transformation of economic model.
• People
• Safety

Question 14

What is the board responsible for the risk management?

Answer 14

• engage directly

Question 15

What s the Audit Committe responsible in terms of risk?

Answer 15

• risk framework and controls for Board

Question 16

What is Group Chief Executive and Committee responsibilities for risk?

Answer 16

• accountable for control and risk man.

- indiv. reporting to GCE responsible for own

Question 17

Name 4 factors to assess priniciple risk?

Answer 17

• Regulatory and reporting
• Data and security and Data privacy
• Technology
• branch of the business

Question 18

Name 4 factors to assess priniciple risk?

Answer 18

• Brand, Reputation and trust
• Competition and markets
• Liqudity
  safety

Question 19

What is relevant for the information systems?

Answer 19

• The procedures and records to initiate
• record
• maintain accountability for BS main 3

Question 20

What are the auditors interested in for the information systems?

Answer 20

• Identify sig. classes and transactions
• systems for preparing FStat
• Acc software used

Question 21

What are the auditors interested in for the information systems?

Answer 21

• related Acc records

- Roles and responsibilities allocated to personnel

Question 22

What is the control activities achieved?

Answer 22

Manual or computerised procedures

Question 23

What are the 5 types of control activities?

Answer 23

• Authorisation
• Performance reviews
• Information processing
• Physical control
• segregation of duties
• computer controls

Question 24

What is the authorisation within control activities for internal review?

Answer 24

Ensuring only valid transaction

e.g timesheet overtime is valid

Question 25

WWhat is the ‘performance reviews’ within control activities for internal review?

Answer 25

identify unexpected items indicating error

e.g compare a chain of hotels

Question 26

What is the information processing within control activities for internal review?

Answer 26

Check completeness and accuracy of information

Question 27

What is the physical controls within control activities for internal review?

Answer 27

Restriction of access to assets or data

Question 28

What is the segregation of duties within control activities for internal review?

Answer 28

Different people different role, less risk

Question 29

What two types of computer controls are there for internal control review

Answer 29

General control

Application control

Question 30

What does the general control in computer control for internal control contain?

Answer 30

Policies and procedures to support function of application control (part of computer controls)

e. g. - controls over system
- test system
- staff training
- password protection
- virus checks

Question 31

What does the Application controls from computer controls for internal control contain?

Answer 31

• manual/automated procedures apply to certain area of system
  e. g accuracy, validity, completeness

Question 32

What are the risk from cyber security in internal controls?

Answer 32

• hacking
• fraud
• deliberate sabotage
• denial of service attacks
• improvement:
  1. communications of the risk
  2. Nominate one to responsibility
  3. assign board accountability
  4. monitor actions of people in cyber security

Question 33

What is the monitoring controls from the internal controls?

Answer 33

monitor continually for effectiveness

- internal audit recommend for new systems if weak

Question 34

What is the significance of internal controls to the external auditor?

Answer 34

• Auditor enable control

- determine audit approach

Question 35

What are the documentation required from internal control to external auditor?

Answer 35

• Narrative notes (simple to read)
• Questionnaires or checklists (easy to complete)
• Diagrams or flowcharts (for complex systems)