Controlling & Auditing Flashcards
What are Internal Control Systems?
Describe the policies, plans, procedures implemented by management of an organisation.
Done to protect company assets, to ensure accuracy & completeness of financial info, and to meet business objectives.
What are the Objectives of Internal Control Systems?
- Safeguard assets
- Check accuracy & reliability of accounting data
- Promote operational efficiency
- Enforce prescribed managerial policies
How do Internal Control Systems Provide Reasonable Assurance that the Company’s Objectives can be Achieved?
- Effectiveness and efficiency of operations
- Reliability of reporting
- Protection of assets
- Compliance with applicable laws and regulations
What are Components of Internal Control?
1) Internal environment
2) Objective setting
3) Event identification
4) Risk assessment
5) Risk response
6) Control activities
7) Info & communication
8) Monitoring
What are Features of Internal Environment?
- Integrity
- Competence of employees
- Management philosophy & operating style
- Intention & direction
- Assignment of authority and responsibility
- HR policies & procedures
What are the Objective Settings?
- Strategic – high level goals and mission
- Operations – day-to-day efficiency, performance, and profitability
- Reporting – internal and external
- Compliance – laws and regulations
How is Event Identification Used?
- Organization identifies internal & external events that affect achievement of its objectives.
- Identify events having a negative impact that represent risks.
- Identify events having a positive impact that are opportunities
What is Risk Assessment & Risk Response?
Risks that appear to affect accomplishment of a company’s goals should be identified, analyzed, and acted upon. Risk responses: accept, avoid, reduce, or share. After considering risk tolerance and costs/benefits of responding to identified risks, implement cost-effective countermeasures
What are Control Activities?
Policies, procedures & rules that provide reasonable assurance that management’s control objectives are met, and risk responses are carried out. Includes: good audit trail, physical protection of assets, internal reviews & performance reports.
What is Information & Communication in AIS?
Info refers to organisation’s accounting system – Methods & records to identify, assemble, analyse, classify, record transactions & maintain accountability of assets & liabilities.
Need: Documentation of accounting system, double-entry system of accounting, audit trial.
Communication provides clear understanding of all policies & procedures.
What is Monitoring in AIS?
Ongoing process of assessing quality of internal controls and taking corrective action when necessary.
What are Threats to AIS?
- Natural & political disasters
- Software & equipment malfunctions
- Unintentional acts (human error)
- Intentional acts (computer crime)
