7/25/2019 PD 9184 and its IRR-A.ppt
1/195
1
TRAINING ON INTERNAL CONTROL
EVALUATION
Learning Objectives:
1. To discuss Internal Control Structure (ICS);
2. To link ICS with Risk Based Audit (RBA), fro the !T" tothe AAR#SC $hase;
%. To de&elo$'i$ro&e the skills of $artici$ants on thee&aluation of internal control; and
. To $ro&ide uidance on the utili*ation of the knowledeo+tained in this seinar in the eecution of audit work inthe #RAR $hase and re$ortin of audit results in theC- $hase.
7/25/2019 PD 9184 and its IRR-A.ppt
2/195
2
ISA 315(Internatina! Stan"ar"s n A#"iting$
%Understanding the Entity and Its Environment and
Assessing the Risks of Material Misstatementre/uiresthe auditor to0
1. "+tain an understandin of internal control structure and on
audit risks.
2. !se this understandin to identif t$es of $otentialisstateents.
%. Consider factors affectin the risks of $otential
isstateents.
. esin the nature, tiin and etent of further audit
$rocedures.
7/25/2019 PD 9184 and its IRR-A.ppt
3/195
%
IT3RA4 C"TR"4 S5ST3# defined0
All the $olicies and $rocedures ado$ted + anaeent to ensure 0
orderl and efficient conduct of its +usiness;
adherence to anaeent $olicies;
safeuardin of assets;
$re&ention and detection of fraud and error; accurac and co$leteness of accountin records; and
tiel $re$aration of relia+le financial inforation.
7/25/2019 PD 9184 and its IRR-A.ppt
4/195
nctins' Interna! Cntr!6 reventive Cntr!s7
are desined to $re&ent ad&erse actions or risks frooccurrin.
6 )etective Cntr!s *
are desined to detect an error or ad&erse e&ent after it
occurred +ut within a reasona+le tie to $erit correction.
6 Crrective Cntr!s *
are desined to reed $ro+les disco&ered with detecti&e
controls.
7/25/2019 PD 9184 and its IRR-A.ppt
5/195
8
Objectives ' Interna! Cntr!
1. 9inancial re$ortin control o+:ecti&e0
relates to the relia+ilit of the financial re$ortin $ro&ided+ accountin inforation sste and recordin function.
2. "$erations controls o+:ecti&e0
is intended to enhance the effecti&eness and efficienc
of o$erations.
%. Co$liance controls o+:ecti&e0
relates to co$liance with laws and reulations.
7/25/2019 PD 9184 and its IRR-A.ppt
6/195
Interna!Cntr! assertins
There are two assertions of anaeent0
6 internal control and
6 financial stateents.
7/25/2019 PD 9184 and its IRR-A.ppt
7/195
1
&stablish 'isk (anagement
)rocess
1
a. efine
Risk anaeent
oals and o+:ecti&es Coon lanuae
+. 3sta+lish risk o&ersiht
structures
!T" Assess Risk #anaeent =rocess
Estab!is0 ris5
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es
6 Coon 4an)ua)e
6 "&ersi)ht structure
In'r,atin 'r
"ecisin ,a5ing
)esign i,.!e,ent ris5,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk controls
+nitr ris5 ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris5 ,anage,ent
ca.abi!ities
Assess agenc/ ris5sGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif1 Source #easure
)eve!. ris5
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3,$loit Transfer
Acce$t and reduce
!T" Assess Risk #anaeent =rocess
7/25/2019 PD 9184 and its IRR-A.ppt
82/195
>2
Assess Agency 'isk
%dentify
*ource
(easure
a. Chanes in the en&ironent,ke assu$tions, and
o$eration $rocess, and the
i$act of these chanes
+. =rocess or acti&ities to
assess aenc risks and
inforation and inforation
$rocessin (II=)
@
Estab!is0 ris5
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es
6 Coon 4an)ua)e
6 "&ersi)ht structure
In'r,atin 'r
"ecisin ,a5ing
)esign i,.!e,ent ris5,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk controls
+nitr ris5 ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris5 ,anage,ent
ca.abi!ities
Assess agenc/ ris5sGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif1 Source #easure
)eve!. ris5
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3,$loit Transfer
Acce$t and reduce
* 'evelop Risk Management &trategies
7/25/2019 PD 9184 and its IRR-A.ppt
83/195
>%
*+'evelop Risk Management &trategies
6 Avoid
6 &+ploit6 Transfer
6 Accept and
'educe
Estab!is0 ris5
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es6 Coon 4an)ua)e
6 "&ersi)ht structure
In'r,atin 'r
"ecisin ,a5ing
)esign i,.!e,ent ris5
,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGRisk controls
+nitr ris5 ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris5 ,anage,ent
ca.abi!ities
Assess agenc/ ris5sGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif1 Source #easure
)eve!. ris5
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3,$loit TransferAcce$t and reduce
, 'esign-Implement Risk Control %roess
7/25/2019 PD 9184 and its IRR-A.ppt
84/195
>
,+ 'esign-Implement Risk Control %roess
a. 3nsure i&ision ead
and $rocess'acti&it
owners0 a&e the re/uisite
skill and e$ertise Assue
res$onsi+ilit andaccounta+ilit foranain sinificantrisk.
+. Assess the tieliness,efficienc andeffecti&eness of thedesin of new or
i$ro&ed risk control$rocesses.
Estab!is0 ris5
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es
6 Coon 4an)ua)e
6 "&ersi)ht structure
In'r,atin 'r
"ecisin ,a5ing
)esign i,.!e,ent ris5
,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGRisk controls
+nitr ris5 ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris5 ,anage,ent
ca.abi!ities
Assess agenc/ ris5sGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif1 Source #easure
)eve!. ris5
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3,$loit Transfer
Acce$t and reduce
UTO ? Assess Ris +anage,ent rcess
7/25/2019 PD 9184 and its IRR-A.ppt
85/195
>8
(onitor 'isk (anagement )erformance
This includes0
a. !tili*ation of all
a&aila+le Haudit
o$$ortunities
+. Bencharkin aainst
leadin 4D! $ractices,standards set +
o&ernent and, to
the etent a$$lica+le,
international standards
5Estab!is0 ris
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es6 Coon 4anuae
6 "&ersiht structure
In'r,atin 'r
"ecisin ,aing
)esign i,.!e,ent ris,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk anaeent strateiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk controls
+nitr ris ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris ,anage,ent
ca.abi!ities
Assess agenc/ rissGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif Source #easure
)eve!. ris
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3$loit Transfer
Acce$t and reduce
UTO ? Assess Ris +anage,ent rcess
7/25/2019 PD 9184 and its IRR-A.ppt
86/195
>
ontinuously %mprove'isk (anagement
apabilities
Estab!is0 ris
,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
6 Doals and o+:ecti&es6 Coon 4anuae
6 "&ersiht structure
In'r,atin 'r
"ecisin ,a5ing
)esign i,.!e,ent ris
,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk anaeent strateiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Risk controls
+nitr ris ,anage,ent
.rcesses .er'r,ance
Cntin##s!/ i,.rve
ris ,anage,ent
ca.abi!ities
Assess agenc/ rissGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
Identif Source #easure
)eve!. ris
,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
A&oid 3$loit TransferAcce$t and reduce
3nsure that risk anaeent, control and onitorin
$rocesses'acti&ities are co
