Internal Controls

Question 1

What are the basic steps of an audit?

Answer 1

1. Prepare for the audit
2. Obtain understanding of client, environment(including I/C)
3. Assess RMM & determine nature, timing and extent of procedures
4. Perform tests of controls
5. Perform substantive procedures
6. Formulate an opinion
7. Issue audit report

Question 2

What additional asessments are needed for an issuer’s internal controls when compared to a non issuer’s?

Answer 2

• Need an understanding of I/C to assess RMM(Public & non public)
• Integrated audit - Needs sufficient evidence to support an opinion on I/C over financial reporting(ICFR) *Only Public companies

Question 3

What are the components of internal control?

Answer 3

“CRIME”

1. Control Activities
2. Risk Assessment
3. Info & Communication
4. Monitoring
5. Environment(control environment)

Question 4

What are control activities?

Answer 4

Policies procedures used to ensure that management directives are carried out:

“PIPS”

1. Performance Reviews
2. Information Processing
3. Physical Controls
4. Seg. of Duties

Question 5

What duties should be segregated for internal control purposes?

Answer 5

1. Authorization
2. Recording(posting)
3. Custody
4. Comparisons

Question 6

Describe a control environment:

Answer 6

The tone of an organization; set by the following factors:

“CHOPPER”

1. Commitment to competence
2. HR Policies
3. Org. Structure
4. Participation of those charged w/ gov
5. Philosophy of mgmt
6. Ethical Values
7. Responsibility assignment

Question 7

How often must an auditor test the operating effectiveness of I/C, if he plans to use the evidence about operating effectiveness from a prior audit and the controls have not changed?

Answer 7

At least every 3 years.

Question 8

What are the four approaches for testing the effectiveness of the design/operation of internal controls?

Answer 8

“RIIO”

1. Reperformance
2. Inspection
3. Inquiry
4. Observation