Internal Control

Question 1

How does the auditor assess the risk of misstatement?

Answer 1

By performing risk assessment procedures to assess the risk of material misstatement at the financial and assertion level and also understanding the client’s internal control.

Question 2

What is the difference between a SOX and ASB requirement of internal control documentation?

Answer 2

ASB requires auditors to document their understanding of the internal control in order to assess the RMM while SOX requires documentation and for the auditor to provide an opinion of the internal control (integrated audit)

Question 3

What are the objectives of internal control?

Answer 3

Accurate and reliable financial reporting
Compliance with laws and regulations
Effectiveness and efficiency of operations

Question 4

What are the 5 components of internal control?

Answer 4

Control Environment
Risk Assessment
Information and Communication
Monitoring
Risk Assessment

Question 5

What is the control environment?

Answer 5

Commitment to competence
Human resource policies & practices
Organizational structure
Participation of those charged with governance
Philosophy of management & operating style
Ethical values & integrity
Responsibility assignment

Question 6

What are the procedures to control activities?

Answer 6

Performance Reviews
Information processing
Physical controls
Segregation of Duties

Question 7

What are the responsibilities in segregation of duties?

Answer 7

Authorization of transactions
Recording of transactions
Custody of assets
Comparisons