Internal Controls (2)

Question 1

What is the significance of internal controls for auditors? (5)

Answer 1

Reliability Assessment:

• Auditors evaluate whether the internal control system is reliable for preparing financial statements.

Control Reliance:

• Determine which controls can be relied upon for accurate reporting.

Designing Tests:

• Auditors must design effective and efficient tests for both controls and underlying details.

Opinion Formation:

• Understanding internal controls is crucial for auditors to express an opinion on the truth and fairness of financial statements.

Risk Mitigation:

• Internal controls help mitigate risks of material misstatement in financial reporting.

Question 2

How do auditors identify relevant internal controls? (4)

Answer 2

Client Understanding: Gaining an understanding of the client’s operations is essential.

Methods of Identification:

Inquiry:

• Engaging with management and previous audit teams to gather insights.

Observation:

• Watching controls in action to assess their effectiveness.

Documentation:

• Recording identified controls for further testing and evaluation.

Effectiveness Testing:

• Once identified, controls are tested for their effectiveness in mitigating risks, ensuring they function as intended.

Question 3

What methods are used to test the effectiveness of internal controls? (4)

Answer 3

Inquiry:

• Often requires corroboration from other sources to validate responses.

Observation:

• Best for physical controls (e.g., security measures) to ensure they are functioning properly.

Walk-throughs:

• Tracing transactions from initiation to their appearance in financial statements to verify the process.

Document Inspection:

• Reviewing relevant documents, such as board papers, to verify authorization levels and compliance with policies.

Question 4

What types of documentation are used for internal controls? (3)

Answer 4

Flowcharts:

• Visual representations of processes that illustrate how controls operate.

Short Notes:

• Concise notes for simpler systems that summarize key controls and procedures.

Questionnaires:

• Structured forms to gather information about controls during the risk assessment phase, ensuring comprehensive coverage of all relevant areas.

Question 5

What are the key differences between manual and IT systems in internal controls? (3,2)

Answer 5

Manual Systems:

• Prone to human error; auditors assume something will go wrong unless controls prevent it.
• Ideal for transactions requiring judgment or discretion, such as unique or non-recurring items.
• Risks: Easier to bypass, prone to simple mistakes, and inconsistent results, especially in high-volume transactions.

IT Systems:

• Generally automated; assume processes will function correctly unless specific threats arise.
• Risks: Include reliance on inaccurate data processing, unauthorized changes, and potential data loss.

Question 6

What advantages do IT systems offer for internal controls? (5)

Answer 6

Data Processing:

• Can handle large volumes of data consistently and accurately, reducing the risk of errors.

Timeliness:

• Enhances the availability and speed of data access, allowing for quicker decision-making.

Analytical Capability:

• Facilitates deeper analysis of information, enabling better insights into operations.

Control Circumvention Reduction:

• Lowers the risk of bypassing controls through automated checks and balances.

Segregation of Duties:

• Improves the effectiveness of separating responsibilities, reducing the risk of fraud.

Question 7

What are the potential risks associated with IT systems? (4)

Answer 7

Data Accuracy:

• Reliance on systems that may process inaccurate data, leading to financial misstatements.

Unauthorized Changes:

• Risks of unauthorized modifications to data or systems, which can compromise integrity.

System Updates:

• Failure to keep systems updated can lead to vulnerabilities and security breaches.

Data Loss:

• Potential for data loss or issues accessing critical information, impacting operational continuity.

Question 8

What are the benefits of using manual systems for internal controls? (4)

Answer 8

Judgment Required:

• Suitable for transactions requiring discretion, allowing for human oversight.

Handling Unusual Items:

• Effective for large, unusual, or non-recurring transactions that may not fit standard processes.

Monitoring Effectiveness:

• Useful in assessing the effectiveness of internal controls through direct observation and intervention.

Substantive Procedures:

• Examples include checking invoices against debtor balances and re-performing calculations to ensure accuracy.

Question 9

What risks are associated with manual systems? (4)

Answer 9

Bypass Potential:

• Easier to ignore or override controls, leading to potential fraud or errors.

Error Proneness:

• More susceptible to simple mistakes due to human oversight.

Inconsistency:

• Results can vary, especially in high-volume transactions, leading to unreliable data.

Not Suitable for High Volume:

• Manual systems are inefficient for high-volume or recurring transactions, increasing the likelihood of errors.

Question 10

What are financial statement assertions, and why are they important? (9)

Answer 10

Definition: Attributes accounting items must possess for accurate disclosure in financial statements.

Key Assertions Include:

Occurrence:

• Transactions recorded actually occurred and pertain to the entity.

Completeness:

• All transactions that should be recorded are included in the financial statements.

Authorization:

• All transactions are properly authorized, ensuring compliance with policies.

Accuracy:

• Recorded amounts are correct and reflect the true nature of transactions.

Cut-off:

• Transactions are recorded in the correct accounting period to avoid misstatements.

Classification:

• Transactions are recorded in the appropriate accounts, facilitating accurate reporting.

Existence:

• The existence assertion confirms that the assets, liabilities, and equity balances reported in the financial statements actually exist at the reporting date.

Rights & Obligations:

• ensures that the entity has legal rights to the assets reported and that the liabilities are the obligations of the entity.

Valuation:

• ensures that assets, liabilities, and equity are recorded at appropriate amounts in accordance with applicable accounting standards.

Question 11

Which transaction cycles and account balances are discussed? (3)

Answer 11

Revenue Cycle:

• Controls related to sales and receivables, ensuring accurate revenue recognition.

Purchases Cycle:

• Controls for procurement and payables, ensuring proper authorization and accuracy.

Inventory Cycle:

• Controls ensuring accurate inventory records and valuation.

Question 12

What controls are implemented for revenue transactions? (3,3)

Answer 12

Occurrence Control:

• Risk: Cash recorded but not deposited, leading to potential fraud.
• Controls: Segregation of duties; regular bank reconciliations to verify cash balances.
• Tests: Observation of duties and review of bank reconciliations for independent verification.

Completeness Control:

• Risk: Goods shipped but revenue not recorded, leading to understated revenue.
• Controls: Matching shipping documents to sales invoices to ensure all transactions are recorded.
• Tests: Tracing a sample of shipping documents through to sales invoices and the sales ledger to verify completeness.

Question 13

What controls are in place for purchase transactions? (3,3)

Answer 13

Authorization Control:

• Risk: Unauthorized purchases leading to financial losses.
• Controls: Existence of approved purchase orders to ensure compliance with procurement policies.
• Tests: Examine purchase orders for proper approval; if automatic orders, review application controls for compliance.

Accuracy Control:

• Risk: Incorrect invoicing leading to financial discrepancies.
• Controls: Invoices must be matched to purchase orders to verify pricing and terms.
• Tests: Agree a sample of invoices to related purchase orders and investigate any discrepancies.

Question 14

What controls ensure the accuracy of inventory records? (3,3)

Answer 14

Existence Control:

• Risk: Fictitious inventory records leading to inflated asset values.
• Controls: Regular physical inventory counts to verify existence and condition of inventory.
• Tests: Review client’s procedures for conducting physical inventory counts and records of findings.

Completeness Control:

• Risk: Inventory received but not recorded, leading to understated assets.
• Controls: Regular supplier statement reconciliations to ensure all inventory is accounted for.
• Tests: Review reconciliation procedures and follow up on any unreconciled items to ensure completeness.

Question 15

What controls are used for payroll transactions? (3,3)

Answer 15

Cut-off Control:

• Risk: Payroll transactions recorded in the wrong period, leading to misstatements.
• Controls: All time-cards must be forwarded to the payroll department weekly to ensure timely processing.
• Tests: Review client’s procedures for control of time-cards and test a sample of dates for accuracy.

Classification Control:

• Risk: Improper classification of payroll transactions leading to inaccurate financial reporting.
• Controls: Use of a chart of accounts; in computerized systems, employee numbers linked to account codes for accurate classification.
• Tests: Review the chart of accounts and controls over standing data.