W9 Internal Control Systems

Question 1

What are substantive procedures

Answer 1

Substantive procedures are audit procedures designed to detect material misstatements at the assertion level.

Provide direct evidence that the information in the financial statements is accurate.

Question 2

How can substantive procedures be categorized in

Answer 2

Test of details

Substantive analytical procedures

Question 3

What are test of details

Answer 3

Involve testing a number of transactions from the client’s accounting and other records

Used to verify individual transactions and balances

Question 4

What are substantive analytical procedures

Answer 4

Involve analysing relationships between information to identify unusual fluctuations which may indicate possible misstatement

Question 5

What are test of controls

Answer 5

Tests of controls are audit procedures“designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at the assertion level

Question 6

What are the categories of assertions

Answer 6

Classes of transaction and events, and related disclosures, for the period

2. Account balances and related disclosures at the period end

Question 7

What are the assertions about classes of transactions and events and related disclosures for the period

Answer 7

Occurrence (actually occurred and pertained to the entity)

Completeness (all events/disclosures that should have been recorded/disclosed have been record/disclosed)

Accuracy (amounts have been recorded appropriately, disclosures have been appropriately measured and described)

Cut-off (Transactions and events have been recorded in the correct accounting period)

Classification (Transactions recorded in proper accounts)

Presentation

Question 8

What are the assertions about account balances and related disclosures at the period end

Answer 8

Existence (assets, liabilities and equity interests exist)

Rights and obligations (entity controls rights to assets and liabilities are obligations of entity)

Completeness (a,l,e that should have been recorded have been recorded)

Accuracy, valuation and allocation (a,l,e have been included in f..s at appropriate amounts and any resulting valuation or allocation adjustments have been appropriately recorded)

Classification (a,l,e recorded in proper accounts)

Presentation

Question 9

What are internal controls

Answer 9

Process designed and maintained by those charged with governance to provide reasonable assurance about the achievement of an entity’s objectives with regard to reliability of financial reporting, effectiveness of operations, and compliance with applicable laws and regulations.

Question 10

What are the 5 different categories of control activities

Answer 10

Authorization and approvals
2. Reconciliations
3. Verifications
4. Segregation of duties
5. Physical controls

Question 11

What is the control activity (Authorization and approvals)

Answer 11

Confirming the validity of a transaction

ex. a manager signing a purchase order to confirm that the order can be placed

Question 12

What is the control activity (Reconciliations)

Answer 12

To address the completeness and/or accuracy of transactions

ex. a bank reconciliation
reconciliation of supplier statements with payables ledger

Question 13

What is the control activity (Verification)

Answer 13

Address the completeness, accuracy or validity of transactions

ex. comparing actual spend to budgeted spend

Question 14

What is the control activity (Segregation of Duties)

Answer 14

Assigning different people the responsibilities of authorizing transactions, recording transactions and maintaining custody of assets’ to reduce the risk of fraud and error

ex. warehouse staaff should not be responsible for the inventory count

Question 15

What is the control activity (Physical controls)

Answer 15

Prevent theft of assets or data

example: restrictions on assets e.g keeping cash in a sage

Password restrictions to prevent access to computer files

Question 16

Methods of classifying controls by their design

Answer 16

Preventative
Detective
Directive
Corrective

Question 17

Classify controls by their design (Preventative controls)

Answer 17

Designed to limit the possibility of an undesirable outcome being realized

More important it is that an undesirable outcome should not arise, more important it becomes to implement appropriate preventative controls

Question 18

Classify controls by their design (Detective controls)

Answer 18

Designed to identify occasions of undesirable outcomes having been realized

their effect is after the event, so only appropriate when it is possible to accept the loss/damage incurred or when corrective measures are available

Question 19

Classify controls by their design (Corrective controls)

Answer 19

Designed to correct undesirable outcomes that have been realized

Provide a route of recourse to achieve some recovery against loss or damage

Question 20

Classify controls by their design (Directive controls)

Answer 20

Designed to ensure that a particular outcome is achieved, and that appropriate guidance is provided in order to do so

Particularly important when it is critical that an undesirable event is avoided (typically associated with health and saftey or security)

Question 21

What are the 5 components of internal control

Answer 21

Control environment

Risk assessment

Information system and communication

Control activities

Monitoring

Question 22

Component of internal control (Control environment)

Answer 22

How managements responsibilities are carried out

how those charged with governance demonstrate independence from management and exercise oversight of the system

how the entity assigns authority and responsibility in pursuit of its objectives

how the entity holds individual accountable for their responsibilities (performance measures)

Question 23

Component of internal control (The entitiy’s risk assessment process)

Answer 23

Must gain an understanding of the entity’s process for identifying business risk relevant to financial reporting, assessing the significance of those risks and addressing those risks.

Question 24

Component of internal control (The entitys process to monitor the system of internal control)

Answer 24

This is the client’s continual process of evaluating the effectiveness of controls
over time and taking necessary remedial action.

Question 25

Component of internal control (The information system and communication)

Answer 25

The information system relevant to financial reporting consists of all of the
activities and policies relevant to financial reporting and communication.

The information system includes all the procedures and records which are
designed to:
* Transfer info to the general/nominal ledger

• Maintain accountability for assets, liabilities and equity.
• Resolve incorrect processing of transactions.
• Process and account for system overrides

Question 26

Component of internal control (control activities)

Answer 26

Control activities are the policies and procedures to achieve the control
objectives of management and those charged with governance

ex.

Authorization to confirm the validity of a transaction

Reconciliation to address the completeness or accuracy of transactions

Physical or logical controls to prevent theft of assets or data