Internal Control Flashcards
What is included in IIA Code of Ethics?
Integrity
Objectivity
Confidentiality
Competency
What are the attribute standards of ISPPIA?
Purpose, Authority, and Responsibility
Independence and Objectivity
Proficiency and Due Professional Care
Quality Assurance and Improvement
What are performance standards of ISPPIA?
Managing internal audit activity Nature of work Engagement planning Performing the engagement Communicating results Monitoring progress Communicating the acceptance of risks
What are external auditors required to communicate to the audit committee?
Critical accounting policies
Alternative treatments acceptable under GAAP discussed with management
Any additional written communication with management
What are external auditors required to communicate with those charged with governance under GAAS?
Responsibility to form opinion Planned scope and timing of audit Auditor's view about accounting policies, estimates, and disclosures Significant difficulties with management Uncorrected mistakes
What are corporate monitoring devices?
Board of directors Internal auditors External auditors Investment banks Credit agencies Attorneys SEC IRS
What are five components of COSO Internal Control Principles?
CRIME Control Environment Risk Assessment Control Activities Info and Communication Monitoring
What are factors of the control environment?
CHOPPER Commitment to competence Human resource policies Organizational structure Philosophy and management style Participation of Board of Directors Ethical values Responsibility and authority assignment
What are types of control activities?
PIPS Performance reviews Info processing Physical controls Segregation of duties
What are the incompatible functions?
ARCCS Authorization of transactions Recording of transactions Custody of assets Comparisons or reconciliations
What are the sequence of activities for monitoring?
Control baseline - develop understand of I/C
Change identification - use evaluations to identify and address changes in I/C
Change management - determination of when changes to I/C are needed and types that would be effective
Control revalidation/update - development of new baseline understanding of I/C of revised system
What are the inherent limitations of I/C?
COCO Collusion Override by management Competence - errors, mistakes, etc. Cost/benefit constraints Obsolescence
What does management’s report on internal control over financial reporting (ICFR) include?
Acknowledgment of management’s responsibility
Assessment of ICFR
Identify framework used to evaluate ICFR
Indication that auditor has issued attestation report
What does auditor’s report attesting to management’s assessment include?
Auditor is independent
Statement that management is responsible for ICFR
Identify management’s report on ICFR
Statement that auditor is responsible to express opinion
Definition of ICFR
Statement that audit was conducted in accordance with PCAOB standards
Statement describing audit processes and audit provides reasonable basis for opinion
Statement of limitations of I/C
Auditor’s opinion
Signature of firm with city and state where report issued
What are the objectives of I/C?
ACE
Accurate, reliable GAAP F/S
Compliance with laws and regulations
Efficiency and effectiveness of operations
