Upload
darren-
View
222
Download
0
Embed Size (px)
Citation preview
8/9/2019 Topic 6 Internal Control
1/23
1
TOPIC 6
INTERNAL CONTROL
8/9/2019 Topic 6 Internal Control
2/23
2
Reasons Why Fraud Occurred
1. Poor internal control
2. Management override of internalcontrols
3. Collusion between employees
and third parties
4. Collusion between employees or
management
8/9/2019 Topic 6 Internal Control
3/23
3
Accounting system
Internal control
Internal Control and
Accounting System
8/9/2019 Topic 6 Internal Control
4/23
4
Accounting System
SAS 300
j In planning the audit, auditors
should obtain and document anunderstanding of the accounting
system and control environment
sufficient to determine their auditapproach
8/9/2019 Topic 6 Internal Control
5/23
5
Accounting System contd
Obtain understanding to enablethem to identify and understand:
Major classes of transactions;
How such transactions areinitiated;
Significant accounting records,
supporting documents, accounts; Accounting and financial
reporting process
8/9/2019 Topic 6 Internal Control
6/23
6
Accounting System contd
Input capture a mass accounting data
Process converting the mass of raw
data into useful info.Output prepare the accounting info in
a form useful to those who wish to use it
8/9/2019 Topic 6 Internal Control
7/23
7
Accounting System contd
Effective accounting systemprovide reasonable assurance on:
Identification and record of allvalid transactions;
Proper classification for fin.reporting;
Proper measurement on the valueof transaction
Proper presentation in f/s
8/9/2019 Topic 6 Internal Control
8/23
8
Internal Control
jA process, affected by an entitys board ofdirectors, management and other personnel,designed to provide reasonable assurance
regarding the achievement of objectives :
Effectiveness and efficiency of operations
Reliability of financial reporting
Prevention and detection of fraud and error Compliance with applicable laws and
regulations
8/9/2019 Topic 6 Internal Control
9/23
9
Internal Control System
Comprises control environment (CE)and control procedures (CP)
Includes policies and procedures
adopted by directors and management Objectives:
Adherence to internal policies,
safeguarding assets, prevention anddetection of F & E, accuracy andcompleteness of acc. records, timelypreparation of fin. info.
8/9/2019 Topic 6 Internal Control
10/23
10
Control environment
Overall attitude, awareness and
actions of directors and
management regarding internal
controls and their importance in
the entity.
8/9/2019 Topic 6 Internal Control
11/23
11
Factors Affecting the Control
Environment Integrity and ethical values
Commitment to competence
Participation of the BOD and auditcommittee
Managements philosophy and
operating style Assignment of authority and
responsibility
Human resource policies andpractices
8/9/2019 Topic 6 Internal Control
12/23
12
Control Procedures
Policies and procedures in addition tothe control environment
Being establish to achieve entitys
specific objectives Particular procedures to prevent,
detect and correct error.Performance review
Controls in Information ProcessingPhysical Control
Segregation of Duties
8/9/2019 Topic 6 Internal Control
13/23
13
Control Procedures contd
Specific control procedures:
Approval and control documents;
Controls over computerizedapplications;
Check arithmetical accuracy ofrecords;
Maintain and review control accountsand trial balances;
Reconciliation
8/9/2019 Topic 6 Internal Control
14/23
14
Risk Assessment and Monitoring
Internal Control
j Changes in internal and ext. events
j Consider circumstances that may affect
entitys ability to record, process, reportj Example :
Changes in the operating environment
New personnel
New or revamped info. system
Rapid growth
Foreign operations
8/9/2019 Topic 6 Internal Control
15/23
15
Limitations of Int. Control
j Reasonable assurance due to
inherent limitations
j Example : Management override of int.
control
Personnel errors and mistakes
Collusion
Cost benefit analysis
8/9/2019 Topic 6 Internal Control
16/23
16
Internal control Planning and
Performing and Auditj ISA 400- auditor should assess the
entitys control risk at high unless :
(a) the auditor is able to identifyinternal controls which are likely toprevent or detect materialmisstatements in f/s and;
(b) the auditor plan to perform test ofcontrols to support the assessmentof control risk as less than high
8/9/2019 Topic 6 Internal Control
17/23
17
Auditors Consideration of
Internal Control and Its
Relation to Substantive Tests
Substantive Strategy or
Reliance Strategy ?
8/9/2019 Topic 6 Internal Control
18/23
18
Substantive Strategy
jSet control risk at the highest for
some or all assertion because :
The control do not pertain to anassertion
The controls are assessed as
ineffective
Evaluating the effectiveness of
control is inefficient
8/9/2019 Topic 6 Internal Control
19/23
19
Reliance Strategy
jAssess control risk at less than
high and should:
(a) identify specific internalcontrols relevant to specific
assertion that are likely to prevent
or detect material misstatements (b) Test controls to evaluate their
effectiveness
8/9/2019 Topic 6 Internal Control
20/23
20
Test of Control
j Audit procedures that evaluate
the effectiveness of internal
control
j Reliance strategy to support
the lower level of control risk
8/9/2019 Topic 6 Internal Control
21/23
21
Test of Control contd
jCarry out to provide reasonable
assurance whether:
The control is suitably designed toprevent material misstatements;
Control was applied, consistent with
which it was applied during auditperiod, and by whom it was applied.
8/9/2019 Topic 6 Internal Control
22/23
22
Test of Control contd
jExample:
Inquiry of appropriate clientpersonnel
Inspection of documents, reports
Observation of the application ofthe policies
Reperformance of the applicationof the policy or procedure by theauditor
8/9/2019 Topic 6 Internal Control
23/23
23
Understanding Internal Control
Copies of the entitys procedures
Narrative description
Internal control questionnaires
(ICQ)
Flowcharts