Internal Control Flashcards
An entity’s objectives may be divided into 3 categories?
Reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations
What are the 5 components of Internal Control?
Control environment, risk assessment, information and communication systems, monitoring, and existing control activities
What does the control environment do?
Set the tone of an organization
What is an entity’s identification and analysis of risks to achievement of its objectives?
Risk assessment
What systems support the identification, capture, and exchange of information in a timely and useful manner?
Information and communication systems
What is the process that assesses the quality of internal control performance over time?
Monitoring
Establishing and maintaining internal control is a responsibility of?
Management
Control activities relevant to an audit include the following procedures?
Prenumbering documents, authorization of transactions, independent checks to maintain asset accountability, documentation, timely and appropriate performance reviews, information processing controls, physical controls for safeguarding assets, and segregation of duties
What is the mneumonic for the control activities?
PAID TIPS
What are the 2 types of information processing controls?
Application and general
What controls apply to the processing of individual transactions?
Application controls
What controls apply to the information processing throughout the company?
General controls
What are the functions that should not be combined when dealing with segregation of duties?
Authorization, record keeping, and custody of related assets
The internal control environment should preventt/detect fraud by? But not?
One person, Collusion and management override
What controls are designed to provide reasonable assurance that only valid transactions are recognized, approved, and submitted for processing?
Preventive controls
What controls are designed to provide reasonable assurance that errors or irregularities are discovered and corrected on a timely basis?
Detective controls
What is the purpose of walkthroughs?
Confirm the auditor’s understanding
Documentation may include?
Flowchart, internal control questionnaire or checklists, narrative, and documentation from the client
What is an adequate flowchart that shows the origin of each document in the system, its subsequent processing and its final disposition?
System flowcharts
What is a flowchart that is initially created to document the logic and existing flow of a computer program?
Program flowcharts
What shape in the flowchart is used for decision?
Diamond
What consists of a list of questions to be answered by “Yes” or “No” response?
Internal control questionnaire
What is a written version of a flowchart?
Narrative
What controls are performed by people and are more suitable when judgment and discretion are required?
Manual controls
What are manual controls also used for?
Monitoring automated controls
What controls are more suitable for high volume or recurring transactions?
Automated controls
What are the different groups when speaking abou segregation of duties?
Control group, operators, programmers, analyst, and librarian
What is a report on the design and implementation of a service organization’s controls but does not provide assurance on the operating effectiveness of the controls?
Report on Management’s Description of the Service Organization’s System and the Suitability of the Design of Controls(Type 1 Report)
What is a report on the design, implementation, and operating effectiveness of a service organization’s controls?
Report on Management’s Description of the Service Organization’s System and the Suitability of the Design and Operating Effectiveness of Controls(Type 2 Report)