Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Control and Control Risk

Published byMaurice Evrard Modified over 9 years ago

Similar presentations

Presentation on theme: "Internal Control and Control Risk"— Presentation transcript:

1 Internal Control and Control Risk
Chapter 10

2 Internal Control Objectives
1. Reliability of financial reporting 2. Efficiency and effectiveness of operations 3. Compliance with laws and regulations

3 Five Components of Internal Control
Control Environment Risk assessment Control activities Information and communication Monitoring

4 The Control Environment
Integrity and ethical values Commitment to competence Board of directors or audit committee participation

5 The Control Environment
Management’s philosophy and operating style Organizational structure Human resource policies and practices

6 Risk Assessment Identify factors that may increase risk
Estimate the significance of the risk Assess the likelihood of the risk occurring Determine actions necessary to manage the risk

7 Control Activities 1. Adequate separation of duties
2. Proper authorization of transactions and activities 3. Adequate documents and records 4. Physical control over assets and records 5. Independent checks on performance

8 Proper Authorization of Transactions and Activities
General authorization Specific authorization

9 Adequate Documents and Records
Prenumbered consecutively Prepared at the time of transaction Designed for multiple use Constructed to encourage correct preparation

10 Physical Control Over Assets and Records
The most important type of protective measure for safeguarding assets and records is the use of physical precautions.

11 Independent Checks on Performance
The need for independent checks arises because internal control tends to change over time unless there is a mechanism for frequent review.

12 Information and Communication
The purpose of an accounting information and communication system is to… initiate, record, process, and report the entity’s transactions and to maintain accountability for the related assets.

13 Monitoring Monitoring activities deal with management’s
ongoing and periodic assessment of the quality of internal control performance… to determine whether controls are operating as intended and modified when needed.

14 Process for Understanding Internal Control and Assessing Control Risk
Phase 1 Obtain an understanding of internal control: design and operation Phase 2 Assess control risk Phase 3 Design, perform, and evaluate tests of controls Phase 4 Decide planned detection risk and substantive tests

15 Obtain and Document Understanding of Internal Control
Auditing standards require auditors to obtain an understanding of internal control for every audit. Procedures to obtain an understanding: Design of internal controls Whether placed in operation Uses this information as a basis for the integrated audit

16 Methods Used Narrative Flowchart Internal control questionnaire

17 Narrative 1. The origin of every document and record in the system
2. All processing that takes place 3. The disposition of every document and record in the system 4. An indication of the controls relevant to the assessment of control risk

18 Evaluating Internal Control Operation
Update and evaluate auditor’s previous experience with the entity Make inquiries of client personnel Examine documents and records Observe entity activities and operations Perform walk-throughs of the accounting system

19 Assess Control Risk Assess whether the financial statements
are auditable. Determine assessed control risk supported by the understanding obtained assuming the controls are being followed. Use of a control risk matrix to assess control risk.

20 Control Risk Matrix Many auditors use the control risk matrix
to assist in the control risk assessment process.

21 Control Risk Matrix Identify audit objectives
Identify existing controls Associate controls with related audit objectives Identify and evaluate control deficiencies, significant deficiencies, and material weaknesses

22 Evaluating Significant Control Deficiencies
SIGNIFICANCE Material Material Weakness LIKELIHOOD Remote Probable Immaterial

23 Identify Deficiencies and Weakness
Identify existing controls Identify the absence of key controls Consider the possibility of compensating controls Decide whether there is a significant deficiency or material weakness Determine potential misstatements that could result

24 Communications Communications to those charged with governance
Management letters

25 Tests of Controls The procedures to test effectiveness of controls
in support of a reduced assessed control risk are called tests of controls.

26 Procedures for Tests of Controls
1. Make inquiries of client personnel 2. Examine documents, records, and reports 3. Observe control-related activities 4. Reperform client procedures

27 Extent of Procedures Reliance on evidence from prior year’s audit
Testing of controls related to significant risks Testing less than the entire audit period

28 Decide Planned Detection Risk and Design Substantive Tests
The auditor uses the results of the control risk assessment process and tests of controls to determine the planned detection risk and related substantive tests. The auditor links the control risk assessments to the balance-related audit objectives.

29 End of Chapter 10

Download ppt "Internal Control and Control Risk"

Similar presentations

Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Chapter 13 Overall Audit Plan and Audit Program

Chapter 13 Overall Audit Plan and Audit Program
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 1 - 1 The Demand for Audit and Assurance Services Chapter.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Demand for Audit and Assurance Services Chapter.
Summary of Internal Control Definition

Summary of Internal Control Definition
Audit Reports Chapter 3.

Audit Reports Chapter 3.
25 seconds left…...

25 seconds left…...
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 21 - 1 Audit of the Capital Acquisition and Repayment.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Audit of the Capital Acquisition and Repayment.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 12 - 1 The Impact of Information Technology on the Audit Process Chapter 12.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Impact of Information Technology on the Audit Process Chapter 12.
Audit of the Sales and Collection Cycle

Audit of the Sales and Collection Cycle
15 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Sampling for Tests of Controls and Substantive Tests of Transactions.

©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Sampling for Tests of Controls and Substantive Tests of Transactions.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 11 - 1 Fraud Auditing Chapter 11.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Fraud Auditing Chapter 11.
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 11 - 1 Fraud Auditing Chapter 11.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Fraud Auditing Chapter 11.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 18 - 1 Audit of the Acquisition and Payment Cycle Chapter.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Audit of the Acquisition and Payment Cycle Chapter.
Overall Audit Plan and Audit Program

Overall Audit Plan and Audit Program
Internal Control.

Internal Control.
Chapter 10 Section 404 Audits of Internal Control and Control Risk

Chapter 10 Section 404 Audits of Internal Control and Control Risk
The Islamic University of Gaza

The Islamic University of Gaza
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Similar presentations

Ads by Google