Ethics and Audit Control/Assurance Flashcards
DECIDE FRAMEWORK
D=define the facts
E=ethical review
C=consider the options
I=investigate the outcomes
D=make a decision
E=evaluate results
First D in decide
what are the facts
which issues demand a decision
(facts and stakeholders - who’s affected)
First E in Decide
which ethical principles are relevant?
C in decide
what are the most reasonable and practical choices?
I in decide
given past experience, what are the likely ethical outcomes, costs, benefits of each choice?
Second D in decide
what are your goals and objectives? how do you intend on achieving them
Second E in decide
what criteria will you use to judge success? goals, ethical objectives
CAANZ XRB code of ethics
integrity
objectivity
professional competence and due care
confidentiality
professional behavior
-independence- overarchning
Integrity
members are obligated to be straightforward and honest in all professional and business relationships
Objectivity
Judgement should not be compromised because of bias, conflict of interest, or influence of others
Professional competence and due care
doing good job, not pressured to do something you dont have skills/mental space to do well
knowledge and skill
competence and diligence
follow right standards
carry out tasks in a timely manner
Confidentiality
not sharing info you shouldnt, unless required by law
Confidentiality - whistle blowing
reveals info to protect the public
risky because often they are doing something illegal by disclosing that information
Laws made to protect whistleblowers (if they can justify it based on the harm not revealing info could do) in contempoary democratic societies
Confidentiality - insider trading
illegal
knowing certain inside information and sharing it shareholders to tell them to buy more/sell shares…….in return getting a cut of what they make
shareholders should all have same knowledge
Professional behaviour
Not one person working for our own interest, part of a community of the profession
Comply with relevant laws and regulations
Avoid actions that may discredit the professional includes:
Courtesy and consideration in workplace
Being honest and truthful about services that you offer
Not making disparaging references about others and their work…
Objectives internal control should help a company achieve
- Reliability and relevance of financial reporting - want it to be accurate
- Effectiveness and efficiency of operations - eg lecture doors limiting entrance outside lecture hours, job done, effective and efficient
- Compliance with applicable laws and regulations
Elements of internal control
CRIME
C= Control
R = Risk Assessment
I = Information
M = Monitoring
E = Control Environment
C in CRIME
Control Activity
procedure policy that governance put in place to help them achieve the objective of the company and minimise risk to an acceptable level.
- Activities they want to be doing
eg. separation of activity… people who handles money shouldn’t authorise payments
R in CRIME
Risk Assessment
Identify, analyse (not all risk have the same impact, high risk, low risk etc), mitigate/manage to an acceptable level (cant elemiate risk)
Eg
Analyse impact of the risks to operations
I in CRIME
Information & Communication
Relevant info should be identified captured and communicated to employees to help discharge responsibility assigned to them
Top to bottom management, bottom to top, employees/people anonymously reporting misbehaviour eg whistle blowing
M in CRIME
Monitoring
Constant assessment of internal control.
Eg
Consistently monitoring physical access…. Door still work?
Internal auditing
E in CRIME
Control Environment
Foundational to every other internal control component. Control activity, risk assessment, information, monitoring…..because control environment is the tone/culture set at the top (ethical culture, values of leadership). Strong values = strong risk assessment, control activities etc
People, culture at strategic top management
eg
Commitment to ethical values and integrity
Board oversight, audit committee oversight
