Internal Control Systems Flashcards
Inherent Limitations of Internal Control
Cost outweighing benefits
Collusion
Unforeseen circumstances
Poor judgement
Bypassing/overriding
Data processing controls
Human error or fraud
Non-routine transactions
Updates not applied
Categories of Control
Corporate
Management
Business process
Transaction
Corporate Controls
General policy statements
Establishment of core culture & values
Overall monitoring procedure (audit committee)
Management Controls
Planning & performance management
System of accountabilities to superiors
Risk evaluation
Bus. Process Controls
Authorisation limits, validation of input & reconciliation of different sources of info
Transaction Controls
Complying with prescribed procedures
Accuracy & completeness checks
Prevent Controls
Designed to prevent errors occurring in the first place
Detect Controls
Designed to detect errors once they have occurred
Correct Controls
Designed to minimise/negate the effect of errors
Direct Controls
Direct activities or staff towards a desired outcome
Discretionary Controls
Subject to human discretion
Non-discretionary Controls
Provided automatically by the system & cannot by bypassed or overridden
Voluntary Controls
Chosen by the organisation to support the business management
Mandated Controls
Required by law & imposed by external authorities
Levels of Information
Stategic
Tactical
Operational
Qualities of Good Monitoring Info
Accurate
Complete
Cost-beneficial
User-targeted
Relevant
Authoritative
Timely
Easy to use
Quality of IA
Scope of work (far-reaching?)
Independence
Authority (recommended actions taken?)
Resources
Application Controls
Specific pieces of software & often cover controls over transaction processing
Prevent, detect & correct errors & irregularities as transactions flow through business systems
General Controls
Wider computer environment – org. policies on use/procurement of hardware
The environment in which the application system is operated
Financial Controls
Focus on key transaction areas with emphasis on safeguarding of assets, maintenance of proper accounting records & reliable financial info
Non-financial Controls
Concentrate on wide performance issues
Qualitative
Quantitative
Monitoring of Controls
External information
Financial information
Non-financial information
Strategic Information
Used to plan organisational objectives & to assess whether the objectives are being met in practice
Tactical Information
Used to decide how resources of the organisation should be employed & to monitor how they are being employed
Operational Information
Used to ensure specific operational tasks are planned & carried out as intended
