Understanding Internal Control Flashcards
A process–effected by an entity’s BOD, management, and other personnel–designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
- reliability of financial reporting
- effectiveness and efficiency of operations
- compliance with applicable laws and regulations
Internal control
Internal control component that sets the tone of an organization, influencing the control consciousness of its people
Control environment
Internal control component whose purpose is its idenfication, analysis, and management of risks relevant to the prepartion of financial statements following GAAP
Risk environment
Internal control component composed of the various policies and procedures that help ensure that necessary actiosn are taken to address risks to achieving the entity’s objectives
Control activities
Reviews of actual performance against budgets, forecasts, one another, etc.
Performance reviews
Controls that check accuracy, completeness, and authorization of transactions
Information processing
A law passed by Congress in 1977 with provisions requiring every corp registered under Securites act of 1934 to maintain a system of strong internal accounting control, maintain accurate books and records, and make it illegal for individuals or business entities to make payments to froeign officials to secure business
Foreign Corrupt Practices Act
Section of SOX that makes officers responsible for maintainin effective internal control and to disclose all significatn internal control deficiencies tohte company’s auditors/audit committee
Section 302
Section of SOX that requires that management acknowledge its responsibility for establishing adequate internal control over financial reporting and provide an assessment in the annual report
Section 404
Section of SOX that requires that management certify reports filed with the SECthat the reports comply with relevant securities laws and fairly present the fianical condition of the company
Section 906
Graphic methods of of describing the logic of decisions–various combinations of conditions are matched to one of several actions
Decision tables
Standard for guidance on integrated audits for public companies
PCAOB Standard 5
Standard for guidance on integrated aduits for non-public companies–not required, unless specifically reqeuired to
SSAE 15
A specific target against which to evaluate the effectivenss of controls–generally relates to arelevant assertion and states a criterion for evaluating whether the company’s procedures provide reasonable assurance
Control objective
A financial statement assertion that has areasonable possibility of containing misstatemetns that could cause the financial statements to be materially misstated
Relevant assertion
An accounting method that involves altering the accounts receivable section of the balance sheet when cash that is intended for the payment of a receivable is stolen.
Lapping
A form of business insurance that offers an employer protection against losses - either monetary or physical - caused by its employees’ fraudulent or dishonest actions
Fidelity bonds
An internal document sent by the department in need of hte supplies to the purchasing department
Purchase requisition
An individual whose primary responsibility is to veify that stock is issued in accordance with the authorization of hte BOD andthe articles of incorporation
Stock registrar
An individual whose primary responsibiilty is maintinng detailed stockholder recods and carrying out transfers of stock ownership
Stock transfer agent
A reporton processing of transactions by service organizations that probides reasonable assurance as of a specific date that managemen’ts description is fairly presented and the controls are suitably designed–does not assure that tehy operate effectively
Type 1 report
A report on processing of transactions by service organizations that provide reasonable assurance for a specified time period that management’s description is fairly presented and that hte controls are suitable designed AND operate effectively
Type 2 report