Internal Controls Flashcards
Internal control
Internal control is the process designed, implemented and maintained by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of an entity’s objective with regard to reliability of financial reporting, effectiveness and efficiency of operations and compliance with applicable laws and regulations
Understanding accounting system
The auditors must understand the accounting system and control environment in order to determine their audit approach
An understanding of internal control assists the auditor to:
Identify potential misstatements
Identify factors thag affect the risk of material
Design the nature, timing and extent of audit procedures
Internal control 5 components
Internal control 5 components:
The control environment The entity’s risk assessment process The information system relevant to financial reporting Control activities Monitoring controls
internal control 5 components: 1. The control environment
The control environment:
Governance and management functions
Attitudes, awareness and actions of management
Sets the tone by creating a culture of honesty and ethical behaviour
Provide an appropriate foundation for the other components of internal control
Internal control 5 components: 2. The entity’s risk assessment process
The entity’s risk assessment process:
How management identifies risk
How management decides on actions to address those risks
Internal control components: 3. The info system relevant to financial reporting
The information system relevant to financial reporting:
Includes the financial reporting system
ConSists if infrastructure, software, people, procedures and data to initiate, record, process and report transactions
Auditor needs understanding of the related:
Accounting records
Supporting info
Specific accounts in the fs
Internal control components; 4. Control activities
Control activities are those polices and procedures that help ensure that management directives are carried out.
eg:
Approval and control of documents
Controls over it
Checking the arithmeticql accuracy of records
Maintaining control accounts and trial balances
Physical controls
Segregation of duties
Internal control components: 5. Monitoring of controls
Monitoring of consoles is a process to assess the effectiveness of internal control performance over time
It involves assessing the effectiveness of controls on a timely basis and taking necessary remedial actions
Limitations of internal control
Inherent limitations of controls:
The cost of control must not outweigh the benefits
The potential for human error
collusion between employees
The possibility that controls are overridden by management
Controls are designed to cope with routine transactions
Significant deficiencies
A significant deficiency is internal control is a deficiency that in the auditors professional judgement, is of sufficient importance to merit the attention of those charged with governance
Significant deficiencies shall be communicated in writing to those charged with governance in a report to management
Computer systems control
The internal control in a computerised environment include both manual procedures and procedures designed into the computer programmes .
The consoles which the auditor would expect To find are:
General it policies - policies and procedures that relate to many applications
Application controls - manual or automated procedures that typically operate at a business process level, for specific applications
General it controls and application controls are inter related
