Chp 7: Internal audit Flashcards

1
Q

What are the six overall objectives of internal control?

SCREAM

A
  1. Safeguard assets
  2. Compliance
  3. Reduce Overheads
  4. Effective Controls
  5. Accounting Records
  6. Managing Risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the four stages in the internal control process?

A
  1. Identifying business objectives
  2. Identifying risks that will threaten objectives
  3. Design internal controls to mitigate these risks
  4. Implement internal controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What three conditions are likely to cause fraud?

A
  1. Pressure - financial problems
  2. Rationalisation - internally justify it to themselves
  3. Opportunity - low risk of getting caught
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a system audit?

A

Tests and evaluates the internal controls in any system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a compliance audit?

A

A form of systems audit which ensures performance conforms to statuatory, regulatory or contractual requirement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a Value for Money (VfM) audit?

AKA a Best Value audit

A

Assesses how much economy, efficiency and effectivness an organisation has.

Can be achieved by implementing the four C’s:
- Challenge - how and why a service is provided
- Compare - Make comparisons with similar organisations
- Consult - Discuss with local stakeholders in setting performance targets
- Compete - Embrace fair competition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a management audit?

A

An audit into the effectiveness of managers and corporate structure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are social and environmental audits?

A

Designed to ascertain whether an entity is complying with codes of best practice, internal guidelines or is being a good corporate citizen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What four types of risk will auditors consider in their work?

A
  1. Inherent risk - the susceptibilit of an activity being subject to risk despite an internal control or the effectiveness of management
  2. Control risk - the risk that control systems fail, are absent or inadequate
  3. Residual risk - the risk that remains after controls have been deemed acceptable
  4. Detection risk - the risk the IA process doesn’t detect errors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the four types of auditor testing?

A
  1. Walkthrough testing - tracing an event from start to finish through a process
  2. Tests of Control - whether controls are operating as they should
  3. Substantive Testing - test whether indiviual events are valid (A COURIER)
  4. Analytical Review - gross margin, gearing etc.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

For substantive testing, what is the mnemonic A COURIER?

A
  • Analytical Review
  • Confirmation - verifying with objective third party
  • Observation
  • compUtation &
  • Recalculation - Internal Audit evidence
  • Inspection
  • Enquiry
  • Re-performance - repeating a control activity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the two types of auditing in an information systems environment?

A
  1. Systems development auditing
  2. Auditing computer systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What criteria do organisations use to assess the IA function?

PAIR

A
  • Professionalism - act with consistency
  • Authority - whether their recommendations are valued
  • Independence - who they report to?
  • Resources - do they have adequate training and experience?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How should IA reports be presented?

6 items

A
  1. The business objective of the audit
  2. The operational standard for the objective
  3. Observations of actual performance
  4. The causes of any weaknesses
  5. The effect of any weaknesses
  6. The recommendation to address any weaknesses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly