Nothing Special   »   [go: up one dir, main page]
Scribd Logo
Upload

Welcome to Scribd!

  • 5 views

    Internal Control System of Company

    Uploaded by

    Liyana Ismail

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    Internal Control System of Company

    Uploaded by

    Liyana Ismail
    5 views38 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    5 views38 pages

    Internal Control System of Company

    Uploaded by

    Liyana Ismail

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    of 38

    Internal Control System

    Chapter 4
    Internal Control Objectives
    1. Reliability of financial reporting

    2. Efficiency and effectiveness of operations

    3. Compliance with laws and regulations


    Management and Auditor Responsibilities Related
    to Internal Control

     Management’s responsibility for establishing internal control

     Reasonable assurance

     Inherent limitations
    Management and Auditor Responsibilities Related
    to Internal Control
     Design of internal control

     Operating effectiveness of controls


    Management and Auditor Responsibilities Related
    to Internal Control

     Auditor responsibilities for understanding internal control

     Controls over the reliability of financial reporting

     Control over classes of transactions


    Sales Transaction-related Audit Objectives
    Transaction-related Audit Sales Transaction-related
    Objective – General form Audit Objectives
    Recorded transactions Sales are for shipments
    exist (occurrence) to existing customers

    Existing transactions are Existing sales transactions


    recorded (completeness) are recorded

    Transactions are stated Sales for goods shipped


    correctly (accuracy) are correctly billed
    Sales Transaction-related Audit Objectives
    Transaction-related Audit Sales Transaction-related
    Objective – General form Audit Objectives
    Transactions are correctly Sales transactions are
    filed (posting and correctly included in the
    summarization) master files

    Transactions are correctly Sales transactions are


    classified (classification) correctly classified

    Transactions are recorded Sales are recorded on


    on correct dates (timing) the correct dates
    Five Components of Internal Control

    Risk Information and


    assessment communication

    Control
    Monitoring
    activities
    1 The Control Environment
     Integrity and ethical values

     Commitment to competence

     Board of directors or audit


    committee participation
    1 The Control Environment
     Management’s philosophy and operating style

     Organizational structure

     Human resource policies and practices


    2 Risk Assessment
     Identify factors that may increase risk

     Estimate the significance of the risk

     Assess the likelihood of the risk occurring

     Determine actions necessary to manage the risk


    3 Control Activities
    1. Adequate separation of duties

    2. Proper authorization of transactions and activities

    3. Adequate documents and records

    4. Physical control over assets and records

    5. Independent checks on performance


    Adequate Separation of Duties
    Custody of assets from Accounting

    Authorization The custody of


    from
    of transactions related assets

    Operational Record-keeping
    from
    responsibility responsibility

    IT duties from User departments


    Proper Authorization of Transactions and
    Activities
     General authorization

     Specific authorization
    Adequate Documents and Records
     Prenumbered consecutively

     Prepared at the time of transaction

     Designed for multiple use

     Constructed to encourage correct preparation


    Physical Control Over Assets
    and Records
    The most important type of protective measure for safeguarding
    assets and records is the use of physical precautions.
    Independent Checks on Performance

    The need for independent checks arises because internal


    control tends to changeover time unless there is a mechanism
    for frequent review.
    4 Information and Communication

    The purpose of an accounting information and communication


    system is to…

    initiate, record, process, and report the entity’s transactions


    and to maintain accountability for the related assets.
    5 Monitoring

    Monitoring activities deal with management’s ongoing and


    periodic assessment of the quality of internal control
    performance…

    to determine whether controls are operating as intended


    and modified when needed.
    Process for Understanding Internal Control and
    Assessing Control Risk
    Obtain an
    understanding of Design, perform,
    Phase 1 internal control: Phase 3 and evaluate tests
    design and of controls
    operation

    Decide planned
    Assess control detection risk
    Phase 2 risk Phase 4 and substantive
    tests
    Methods Used

    Narrative

    Flowchart

    Internal
    control
    questionnaire
    Narrative

    1. The origin of every document and record in the system

    2. All processing that takes place

    3. The disposition of every document and record in the system

    4. An indication of the controls relevant to the assessment of control risk


    Flowchart

    Diagrams of client’s document & their sequential flow in organization.


    Flowchart is easier to understand than narrative.

    Internal control questionnaire


    A series of questions about the controls in each audit area, where it can
    assist to identify the deficiencies.

    Using the questionnaire and flowchart together is useful to understand


    the client’s internal control design and deficiencies
    Evaluating Internal Control Operation
     Update and evaluate auditor’s previous
    experience with the entity
     Make inquiries of client personnel
     Examine documents and records
     Observe entity activities and operations
     Perform walk-throughs of the accounting system
    Assess Control Risk

    Assess whether the financial statements are auditable.

    Determine assessed control risk supported by the understanding


    obtained assuming the controls are being followed.

    Use of a control risk matrix to assess control risk.


    Control Risk Matrix

    Many auditors use the control risk matrix to assist in


    the control risk assessment process.
    Control Risk Matrix
     Identify audit objectives
     Identify existing controls
     Associate controls with related audit objectives

     Identify and evaluate control deficiencies,


    significant deficiencies, and material weaknesses
    Evaluating Significant Control Deficiencies
    SIGNIFICANCE

    Material

    Material
    Weakness

    LIKELIHOOD Remote Probable

    Immaterial
    Identify Deficiencies and Weakness
     Identify existing controls
     Identify the absence of key controls
     Consider the possibility of compensating controls

     Decide whether there is a significant deficiency


    or material weakness

     Determine potential misstatements that could result


    Communications

     Communications to those charged with governance

     Management letters
    Tests of Controls

    The procedures to test effectiveness of controls in support of


    a reduced assessed control risk are called tests of controls.
    Procedures for Tests of Controls
    1. Make inquiries of client personnel

    2. Examine documents, records, and reports

    3. Observe control-related activities

    4. Reperform client procedures


    Extent of Procedures
     Reliance on evidence from prior year’s audit

     Testing of controls related to significant risks

     Testing less than the entire audit period


    Relationship of Assessed Control
    Risk and Extent of Procedures
    Assessed Control Risk
    High level:
    Type of Procedures to obtain Lower level:
    procedure an understanding Tests of controls
    Inquiry Yes–extensive Yes–some
    Documentation Yes–with transaction Yes–using sampling
    walk-through
    Observation Yes–with transaction Yes–at multiple times
    walk-through
    Reperformance No Yes–using sampling
    Decide Planned Detection Risk and Design Substantive
    Tests

    The auditor uses the results of the control risk assessment process
    and tests of controls to determine the planned detection risk and
    related substantive tests.

    The auditor links the control risk assessments to the


    balance-related audit objectives.
    Reporting on Internal Control

    1. The auditor’s opinion on whether management’s assessment of the


    effectiveness of internal control over financial reporting as of the end of
    the fiscal period is fairly stated, in all material respects.

    2. The auditor’s opinion on whether the company maintained, in all material


    respects, effective internal control over financial reporting as of the specified
    date.
    Differences in Scope of Controls Tested

    Internal controls over financial reporting

    Internal controls used to assess


    control risk below maximum

    Controls that must be tested in Controls that must be tested in


    an audit of internal controls an audit of financial statements
    End of Chapter

    You might also like