Internal Control Flashcards
What is internal control?
Internal control is the process designed and implemented by management to address identified business risks.
What is the purpose of internal control?
Internal controls help an organisation to achieve its objectives and mitigate business risks.
What are the limitations of internal controls?
Human error, unusual transactions, collusion, small companies.
What are the components of internal control systems?
Control environment, risk assessment process, information system, control activities, and monitoring.
Control environment
Management functions, attitude and awareness of employees, and an audit committee.
Audit committee
Made up of non-executive directors, required for listed companies, and oversee FS, internal audit, and external audit.
Risk assessment process stages
Identify relevant business risks, estimate the significance of the risks, assess the likelihood of the occurrence, and decide on action.
Information systems
Systems relevant to the financial reporting objectives.
Control activities
Authorisation, performance reviews, information processing, physical controls, segregation of duties.
Computer controls
ITGCs - policies and procedures that support the effective function of application controls.
ITACs - manual or automated procedures that apply to individual areas within the system to ensure completeness, accuracy, and validity.
Monitoring controls
Consider adequacy of internal controls after changes in the environment and business risks.
Internal/external audit may identify weaknesses.
Significance of internal controls to the external auditor
Internal controls allow the auditor to assess the level of control risk and determine the audit approach to take.
Documentation of internal controls.
Narrative notes - simple systems;
Questionnaires/checklists - easy to complete;
Diagrams/flowcharts: complex systems.
