Module 3 - Internal Control Systems Flashcards
Why do directors want to implement a sound system of internal control?
To provide them with assurance over:
Reliability of financial reporting
Effectiveness and efficiency of operations
Compliance with applicable laws and regulations
Mnemonic for the five components of a sound system of internal control
CRIME
What does CRIME stand for?
Control activities
Risk assessment process
Information systems
Monitoring of controls
control Environment
What is a Business Process?
A series of activities that enable a company to meet one or more of its objectives
What is a business risk?
The threat that an action or event will adversely affect the organisation’s ability to achieve its objectives
What are accounting information systems?
Structures used by organisations to collect, store and process financial and accounting data
Mnemonic for control activities
PAIRS
How many categories of control activities are there?
Five
What does PAIRS stand for?
Physical
Authorisation
Information processes (ITGCs and IT and manual application controls)
performance Reviews
Segregation of duties
Examples of common IT application controls include
Audit log
Batch controls
Programmed editing
Calculation
Check digits
Exception reports
What are entity-level controls?
Controls that help establish the tone and culture of the organisation and can be relevant to a number of the components of internal control including the control environment, risk assessment, information systems and monitoring
Mnemonic for limitations of internal control systems
CROUCH
What does CROUCH stand for?
Cost
Relevancy / obsolescence
management Override
Unusual / infrequent transactions
Collusion
Human error
Mnemonic of the four key areas that ITGCs commonly cover
APOC
What does APOC stand for?
Access to programs and data
Program changes and development
computer Operations
Continuity of operations