Chapter 9 - Internal Control

Question 1

What is Internal Control?

Answer 1

It is the process designed, implemented
and maintained by those charged with governance to achieve reasonable assurance of the objectives of organization in regards to reliability of financial reports, operating effectiveness and efficiency and compliance with laws and regulations.

Question 2

What are the components of IC?

Answer 2

1. Control environment
2. Risk assessment
3. Information system
4. Control activity
5. Control monitor

Question 3

What is control environment?

Answer 3

It is the attitude, awareness and actions

of the responsible to design, implement and monitor IC.

Question 4

What is risk assessment?

Answer 4

It is the procedures to identify risk to

corporate objectives. How it decides to address and results of doing so

Question 5

What is information system about?

Answer 5

Procedures to record, process transections

to maintain accountability for assets, equity and liability. Related to financial reporting system.

Question 6

What is control procedure?

Types of control procedures?

Answer 6

It can be administrative or accounting.
Administrative - management decision complied with the standards.
Accounting - accurate records to achieve accountability.

PREVENT, DETECT, CORRECT are the steps.

Types:

1. Physical counts
2. Segreggation of duty
3. Authorization

Question 7

What is control monitoring?

Answer 7

Ongoing and periodic assessment of IC
done by the IC department.
Checking control deficiencies and so on.

Find out what the system client uses, understand, record, assess and test it.

How do we record though?
Flowcharts
Questionnaires
Narrative notes
Checklists

Narrative notes can be flexible and easy,
but it also can be very time consuming
if the system is complex.

Flowcharts are only applicable
for a standard system usually.

Question 8

What is collusion?

Answer 8

Employees conspire together

to create fraud. There are motivated and competent BUT untrustworthy employees.

Question 9

Limitations of IC?

Answer 9

Collusion
Authorization abuse
Staff mistakes
Cost over benefit
Management over riding controls

Question 10

Difference between ICQ and ICEQ?

Does it have equal weight?
Can it deal with unusual transactions?

Answer 10

ICQ
Does controls exists that meets
the control objectives?
YES or NO. (close ended)

ICEQ
EVALUATE controls that exist
to detect, prevent and correct SPECIFIC
errors. (Open ended) CAN we do this and why?

Both gives equal weight.
ANY of them cannot deal with unusual transactions and NARRATIVE notes must be used!

Question 11

General controls VS Application?

Answer 11

General is about overall stability of the system.

Application is about preventing, detecting and correcting errors. It is about transactions. But, remember that both are related.

Question 12

Cover letter format?

Answer 12

Weakness l Consequence l Recommendation

Question 13

How do we evaluate IC?

Answer 13

1. Inquiry
2. Observe
3. Inspect
4. Re performance

Question 14

Before issuing to the board IC control deficiencies?

Answer 14

Discuss with the management. There could

be more info to be gained.

Question 15

General control?

Answer 15

1. Disaster
2. Protection
3. IC