Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10.

Similar presentations


Presentation on theme: "©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10."— Presentation transcript:

1 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10

2 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Compliance with laws and regulations 2. Efficiency and effectiveness of operations 1. Reliability of financial reporting Internal Control Objectives

3 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Five Components of Internal Control Risk assessment Control activities Information and communication Monitoring

4 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The Control Environment  Integrity and ethical values  Commitment to competence  Board of directors or audit committee participation

5 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The Control Environment  Management’s philosophy and operating style  Organizational structure  Human resource policies and practices

6 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Risk Assessment  Identify factors that may increase risk  Assess the likelihood of the risk occurring  Determine actions necessary to manage the risk  Estimate the significance of the risk

7 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Control Activities 1. Adequate separation of duties 2. Proper authorization of transactions and activities 3. Adequate documents and records 4. Physical control over assets and records 5. Independent checks on performance

8 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Proper Authorization of Transactions and Activities  General authorization  Specific authorization

9 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Adequate Documents and Records  Prenumbered consecutively  Prepared at the time of transaction  Designed for multiple use  Constructed to encourage correct preparation

10 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Physical Control Over Assets and Records The most important type of protective measure for safeguarding assets and records is the use of physical precautions.

11 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Independent Checks on Performance The need for independent checks arises because internal control tends to change over time unless there is a mechanism for frequent review.

12 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Information and Communication The purpose of an accounting information and communication system is to… initiate, record, process, and report the entity’s transactions and to maintain accountability for the related assets.

13 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Monitoring Monitoring activities deal with management’s ongoing and periodic assessment of the quality of internal control performance… to determine whether controls are operating as intended and modified when needed.

14 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Process for Understanding Internal Control and Assessing Control Risk Obtain an understanding of internal control: design and operation Assess control risk Design, perform, and evaluate tests of controls Decide planned detection risk and substantive tests Phase 1 Phase 2 Phase 3 Phase 4

15 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Obtain and Document Understanding of Internal Control Auditing standards require auditors to obtain an understanding of internal control for every audit. Procedures to obtain an understanding:  Design of internal controls  Whether placed in operation  Uses this information as a basis for the integrated audit

16 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Methods Used Narrative Flowchart Internal control questionnaire

17 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Narrative 1. The origin of every document and record in the system 2. All processing that takes place 3. The disposition of every document and record in the system 4. An indication of the controls relevant to the assessment of control risk

18 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Evaluating Internal Control Operation  Update and evaluate auditor’s previous experience with the entity  Make inquiries of client personnel  Examine documents and records  Observe entity activities and operations  Perform walk-throughs of the accounting system

19 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Assess Control Risk Assess whether the financial statements are auditable. Determine assessed control risk supported by the understanding obtained assuming the controls are being followed. Use of a control risk matrix to assess control risk.

20 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Control Risk Matrix Many auditors use the control risk matrix to assist in the control risk assessment process.

21 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Control Risk Matrix  Identify audit objectives  Identify existing controls  Associate controls with related audit objectives  Identify and evaluate control deficiencies, significant deficiencies, and material weaknesses

22 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Evaluating Significant Control Deficiencies Material Weakness LIKELIHOOD SIGNIFICANCE Material Immaterial ProbableRemote

23 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Identify Deficiencies and Weakness  Identify existing controls  Identify the absence of key controls  Consider the possibility of compensating controls  Decide whether there is a significant deficiency or material weakness  Determine potential misstatements that could result

24 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Communications  Management letters  Communications to those charged with governance

25 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Tests of Controls The procedures to test effectiveness of controls in support of a reduced assessed control risk are called tests of controls.

26 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Procedures for Tests of Controls 1. Make inquiries of client personnel 2. Examine documents, records, and reports 3. Observe control-related activities 4. Reperform client procedures

27 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Extent of Procedures  Reliance on evidence from prior year’s audit  Testing of controls related to significant risks  Testing less than the entire audit period

28 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Decide Planned Detection Risk and Design Substantive Tests The auditor uses the results of the control risk assessment process and tests of controls to determine the planned detection risk and related substantive tests. The auditor links the control risk assessments to the balance-related audit objectives.

29 ©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley End of Chapter 10


Download ppt "©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10."

Similar presentations


Ads by Google