Chapter 6 - Internal Control Flashcards
What is the definition of internal control systems?
System for management to control certain risks and therefore help businesses achieve their objectives
What is the board of directors responsible for?
Company’s system of internal control
What are all employees responsible for?
They have some responsibility for internal control as part of their accountability for acheiving objectives
What is the turnbull report?
Published in 1999, and set out best practice regarding internal controls for listed companies in the UK.
What does the risk management and internal control systems ecompass?
Policies, culture, organisation, behaviours, processes, systems and other aspects of a company that, taken together:
Facilitate its effective and efficient operation by enabling it to assess current and emerging risks
Reduce the likelihood and impact of poor judgement in decision making
Help ensure quality of internal and external reporting
Help ensure compliance with applicable laws and regulations
What does a company’s system of risk management and internal control include?
Risk assessment
Management or mitigation of risks including:
Use of control processes
Information and communication systems
Processes for monitoring and reviewing their continuing effectiveness
What does COSO stand for?
Committee of Sponsoring Organisation
What are the five integrated elements of the COSO?
Control environment
Risk assessment
Control activities
Information and communication
Monitoring
What can the control environment be thought as?
Management’s attitude, actions and awareness of the need for internal controls
What should the risk assessment consider?
Internal and external factors and distinguish between controllable and uncontrollable risks
What are some examples of control?
Segregation of duties
Physical controls
Authorisation and approval
Management control
Supervision
Organisational structure
Arithmetic and accounting
Personnel Controls
What are financial controls?
Controls express financial targets and spending limits
What are non-financial quantitative controls?
Controls focus on targets against which performance can be measured and monitored
Examples include balances scorecard targets and TQM quality measures
What are non-financial qualitative controls?
Day to day controls over most employees in organisations
What is fraud?
Dishonesty obtaining an advantage, avoiding an obligation or causing a loss to another party
What are some prerequisites for fraud?
Ability to rationalise the fraudulent action and hence act with dishonesty
Perceived opportunity to commit fraud
Motive, incentive or pressure to commit fraud
What is the three parts to fraud risk management strategy?
Fraud prevention
Fraud detection
Fraud response
What are some examples of fraud prevention?
Anti-fraud culture
Risk awareness
Whistleblowing
Sound internal control systems
How do we detect fraud?
Performing regular checks
Warning signals/fraud risk indicators:
Failures in internal control procedures
Lack of information provided to auditors
Unusual behaviour by individual staff members
Accounting difficulties
What is included in the response plan?
Internal disciplinary action
Civil litigation
Criminal prosecution
Responsibilities