Internal Control - Concepts and Standards Flashcards
The 3 objectives of internal controls
- Reliability of financial reporting
- Effectiveness and efficiency of operations
- Compliance with applicable laws and regulations.
3 risk assessment procedures that might be used by an auditor to obtain an understanding of the entity and its environment, including its internal control
- Inquires of management and others
- Observation and inspection
- Analytical procedures
The 5 interrelated components of internal controls
C-CRIM
- Control Environment
- Control Activities
- Risk Assessment
- Information and Communication systems
- Monitoring
Define “Risk Assessment”
Policies and procedures involving the identification, prioritization, and analysis of relevant risks as a basis for managing those risks.
The 5 “Control Activities”
SCARE
- Segregation of duties
- Controls - “physical controls”
- Authorization
- Review - “performance review”
- EDP/IT - “information processing”
Control Risk should be assessed in terms of what?
The financial statement assertion
3 Limitations to controls
- Human judgement & performance
- Collusion
- Management Overrride
Does an auditor need knowledge of the operating effectiveness of controls to gain an understanding of controls?
No
What can an auditor assess while they are gaining an understanding of an entity’s control structure?
Control Risk