Lecture 6 - Internal controls (3) and internal audit Flashcards
Capital structure transaction cycles-
Four types of property, plant & equipment (PP&E) transactions may occur:
-Acquisition of capital assets for cash or other non-monetary considerations.
-Disposal of capital assets through sale,
exchange, retirement, or abandonment.
-Depreciation of capital assets over their useful
economic life.
-Leasing of capital assets.
Long-term debt transaction cycles -
-The auditor must be assured that the amounts shown on the balance sheet for the various types of long-term debt are not materially misstated.
-This assurance extends to the recognition of interest expense.
-For the vast majority of entities, it is more efficient
to follow a strategy of conducting substantive testing.
Equity transaction cycle -
Main transactions:
-Issuance of shares e.g. sale of shares for cash; the
exchange of shares for assets; and issuance of
shares for share splits.
-Repurchase of shares including both the reacquisition of shares and retirement of shares.
-Payment of dividends including cash and share dividends (rights issues).
Bank and cash transaction cycles -
Cash reported in the financial statements represents currency on hand and cash on deposit in bank accounts.
- Cash equivalents are frequently combined with cash for presentation in the financial statements.
- Definition: Short-term, highly liquid investments that are readily convertible to known amounts of cash or which are subject to an insignificant risk of changes in value.
- Examples: Treasury bills, commercial paper, and money market funds.
Limitations of internal controls include:
(a) Cost versus benefits
(b) Management override
(c) Errors or mistakes
(d) Collusion
(e) Breakdowns
(a) costs versus benefits
- The cost of internal controls should not exceed their benefit.
- However, precise measurement not always possible.
(b) management override
-Where management instructs a more junior
employee to amend, enter or remove data, in the
process ignoring the usual controls which are in
place.
-The junior employee may know this is wrong,
but not speak out for fear of losing their job. This
can be very hard to spot in an audit situation,
particularly with manual data
(c) Errors of mistakes
For example:
-Computer programmers may not understand the
purpose of controls, and may design them incorrectly
-Control reports may not be understood, and ignored
instead of checked.
-Many errors/mistakes can be avoided by adequate
training and supervision, but this is not always
possible.
(d) Collusion
-The ‘segregation of duties’ controls, in particular,
can be overridden if two or more people work
together.
-For example, if a clerk entering fictitious invoices is
working in collusion with the authorising manager,
the invoices can be presented for payment as valid.
(e) Breakdowns
-Breakdowns in controls due to misunderstanding
of instructions or errors due to carelessness.
-Controls can also breakdown as a result of errors
due to carelessness or tiredness
When weaknesses are found, the auditor must…..
-Re-visit the original risk assessment and adjust the
level of risk.
-Conduct further audit procedures accordingly.
-Perform more substantive procedures, if appropriate
The auditor needs to report material weaknesses
in internal control when they are discovered.
Report to:
-Those charged with governance – often the audit
committee
-Management
Non-material weaknesses are also often
reported.
Corporate governance is…
A system by which companies are directed and controlled
-The UK Corporate Governance Code (July 2018)
applies to all companies incorporated in the UK
and listed on the London stock exchange, and
states:
-‘The audit committee should monitor and review the
effectiveness of the internal audit activities. Where
there is no internal audit function….the reasons for
the absence should be explained..’
Internal auditing is an independent and objective
activity designed to…..
Add value and improve an organisations operations
The audit committee provides…..
The link between internal audit and the board. The audit committee should:
(i) Approve the appointment/removal of the head
of internal audit.
(ii) Ensure the function has the necessary resources.
(iii) Ensure access to the board chair.
(iv) Review the internal audit annual work-plan
(v) Receive periodic reports from internal auditor.
(vi) Meet with internal auditor without the presence
of management.
(vii) Monitor management’s responsiveness to
internal audit.
(viii) Review the overall effectiveness of internal audit
