Chapter 5 Internal control Flashcards
Which of the following applies to internal control?
- charged to governance and management
- provide full assurance of achievement of entity objectives
- control the directors and audtiors
- promotes stability of operations
- T
- F
provides reasonable - F
- F
Promotes reliability of Fin reporting
Which role has which responibility for ‘quality control’, ‘credit control’, ‘control over inventory’, ‘compliance department’ and controls over payroll.
- Ensure eomployee paid correct.
- stock-outs prevention and minimal stock held
- limit bad debts
- implement policies ensure business adhere
- prevent poor quality
- 5
- 3
- 2
- 4
- 1
For the three business risks listed below, list some controls which the
entity may implement to help minimise these risks.
Non-payment by customers
Producing damaged/poor quality products
Paying too much for supplies
Non-payment by customers
Credit checks on all new customers
Credit limits set for all customers
Regular review of balances against credit limits to ensure not breached
Reducing/altering payment terms for poor payers.
Production of damaged/poor quality products
Choose suppliers with good market reputation (approved supplier list)
Regularly review level of returns/credit notes issued to determine
whether problem exists
Instigate appropriate training techniques for production staff
Implement adequate quality control procedures.
Paying too much for supplies
Check taking advantage of any prompt payment/bulk discounts
Compare all invoices received to goods received note (GRN) prior to
payment
Marking paid invoices as such to avoid duplicate payments
What are the limitation of internal control?
- Human error
- unusual transactions
- collusion
- Special consideration in small companies
What are the internal controls in the annual report?
- Management responsibilities
- Principle of control design
- Inherent limitation
- management assessment
What are ICS components?
A. Control environment B. risk Assessment process C Information systems D. Control activities E. Monitoring
What does the control environment include?
Attitudes
awareness
actions
Which group of people indicate a strong control enviornment?
- Audit Committee
- Audit Function
- documents of control systems
- controls communicated to everyone
- no managment overrides possible.
- employees that work for one loyal as fuck
What are the Audit Committee?
Just below board of directors who have interest in Ac&Fi of the company
What are key feature of audit committee?
- non executive directors
- need for UK companies under uk corporate governance code
- required to have written terms of reference
- view over Finstat., internal audit and external audit
How does the risk assessment process follow through?
- identify relevant business risk
- Est. sig. of risk
- calc. likelyhood of occurence
- decide on actions to address the risk
What are three priorities in Tesco?
- Regaining competitiveness
- protecting the balance sheet
- rebuilding trust and transperency
Name 4 factors to assess principle risk ?
- Customer proposition
- Transformation of economic model.
- People
- Safety
What is the board responsible for the risk management?
- engage directly
What s the Audit Committe responsible in terms of risk?
- risk framework and controls for Board
What is Group Chief Executive and Committee responsibilities for risk?
- accountable for control and risk man.
- indiv. reporting to GCE responsible for own
Name 4 factors to assess priniciple risk?
- Regulatory and reporting
- Data and security and Data privacy
- Technology
- branch of the business
Name 4 factors to assess priniciple risk?
- Brand, Reputation and trust
- Competition and markets
- Liqudity
safety
What is relevant for the information systems?
- The procedures and records to initiate
- record
- maintain accountability for BS main 3
What are the auditors interested in for the information systems?
- Identify sig. classes and transactions
- systems for preparing FStat
- Acc software used
What are the auditors interested in for the information systems?
- related Acc records
- Roles and responsibilities allocated to personnel
What is the control activities achieved?
Manual or computerised procedures
What are the 5 types of control activities?
- Authorisation
- Performance reviews
- Information processing
- Physical control
- segregation of duties
- computer controls
What is the authorisation within control activities for internal review?
Ensuring only valid transaction
e.g timesheet overtime is valid
WWhat is the ‘performance reviews’ within control activities for internal review?
identify unexpected items indicating error
e.g compare a chain of hotels
What is the information processing within control activities for internal review?
Check completeness and accuracy of information
What is the physical controls within control activities for internal review?
Restriction of access to assets or data
What is the segregation of duties within control activities for internal review?
Different people different role, less risk
What two types of computer controls are there for internal control review
General control
Application control
What does the general control in computer control for internal control contain?
Policies and procedures to support function of application control (part of computer controls)
e. g. - controls over system
- test system
- staff training
- password protection
- virus checks
What does the Application controls from computer controls for internal control contain?
- manual/automated procedures apply to certain area of system
e. g accuracy, validity, completeness
What are the risk from cyber security in internal controls?
- hacking
- fraud
- deliberate sabotage
- denial of service attacks
- improvement:
1. communications of the risk
2. Nominate one to responsibility
3. assign board accountability
4. monitor actions of people in cyber security
What is the monitoring controls from the internal controls?
monitor continually for effectiveness
- internal audit recommend for new systems if weak
What is the significance of internal controls to the external auditor?
- Auditor enable control
- determine audit approach
What are the documentation required from internal control to external auditor?
- Narrative notes (simple to read)
- Questionnaires or checklists (easy to complete)
- Diagrams or flowcharts (for complex systems)
