Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10.

Published byDennis Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10."— Presentation transcript:

1 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10

2 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 2 Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal control when designing an audit.

3 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 3 Inherent Limitations Reasonable Assurance Management’s Responsibility Key Concepts

4 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 4 Client’s Concerns Compliance with applicable laws and regulations Reliability of financial reporting Efficiency and effectiveness of operations

5 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 5 Auditor Concerns Controls over classes of transactions Controls related to reliability of financial reporting

6 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 6 Sales Transaction-Related Audit Objectives Objective – General FormRelated Audit Objectives Recorded transactions exist (existence). Sales are for shipments to existing customers. Existing transactions are recorded (completeness). Existing sales transactions are recorded. Transactions are stated correctly (accuracy). Sales for goods shipped are correctly billed.

7 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 7 Sales Transaction-Related Audit Objectives Objective – General FormRelated Audit Objectives Transactions are properly classified (classification). Sales transactions are properly classified. Transactions are recorded on correct dates (timing). Sales are recorded on the correct dates. Transactions are properly filed (posting and summarization). Sales transactions are properly included in the master files.

8 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 8 How Frauds Have Been Discovered Notification by employee Internal controls Internal auditor Customer notification Accidental discovery Management investigation 58% 51% 43% 41% 37% 35%

9 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 9 How Frauds Have Been Discovered Anonymous reporting Hot line notification Employee investigation Government notification External auditor Other sources 35% 25% 21% 16% 4% 20%

10 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 10 Learning Objective 2 Describe how information technology affects internal control.

11 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 11 Effect of Information Technology on Internal Control Information Technology IT can improve the effectiveness and efficiency of internal controls. IT also enhances the timeliness and accuracy of information.

12 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 12 Risks Associated With the Use of Information Technology Programmed errors Processing incorrect data Unauthorized access

13 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 13 Learning Objective 3 Explain the five components of internal control.

14 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 14 Five Components of Internal Control Risk Assessment Control Activities Information and Communication Monitoring Control Environment

15 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 15 The Control Environment Integrity and ethical values Commitment to competence Board of directors or audit committee participation Management’s philosophy and operating style

16 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 16 The Control Environment Organizational structure Assignment of authority and responsibility Human resources policies and practices

17 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 17 Risk Assessment Identify factors affecting risk. Assess significance of risks and likelihood of occurrence. Determine actions necessary to manage risk.

18 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 18 Control Activities 1. Adequate separation of duties 2. Proper authorization of transactions and activities 3. Adequate documents and records 4. Physical control over assets and records 5. Independent checks on performance

19 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 19 Adequate Separation of Duties Custody of assets Authorization of transactions Operational responsibility IT Duties Accounting The custody of related assets Record-keeping responsibility User departments

20 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 20 Proper Authorization of Transactions and Activities General authorization Specific authorization

21 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 21 Adequate Documents and Records Prenumbered consecutively Prepared at the time of transaction Designed for multiple uses Constructed to encourage correct preparation Simple enough to ensure understanding

22 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 22 Physical Control over Assets and Records Physical precautions Controls related to IT equipment, programs, and data files Physical controls Access controls Backup and recovery procedures

23 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 23 Independent Checks on Performance The need for independent checks arise because internal control tends to change over time unless there is a mechanism for frequent review.

24 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 24 Information and Communication The purpose of an accounting information and communication system is to… initiate, record, process, and report the transactions and to maintain accountability for the related assets.

25 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 25 Monitoring Management’s ongoing and periodic assessment of the quality of internal control performance … to determine whether controls are operating as intended and modified when needed.

26 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 26 Learning Objective 4 Explain methods used to obtain an understanding of internal control.

27 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 27 Understanding Internal Control and Assessing Control Risk Obtain Understanding of Internal Control: Design and Operation Assess Control RiskTest Controls Decide Planned Detection Risk and Substantive Tests

28 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 28 Reasons for Sufficiently Understanding Internal Control SAS 55 (as amended by SAS 78 and 594 plus AU319) requires the auditor to obtain an understanding of internal control for every audit. Minimum audit planning matters Auditability Potential material misstatements Detection risk Design of test

29 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 29 Procedures to Determine Design and Placement Update and evaluate auditor’s previous experience with the entity. Make inquires of client personnel. Read client’s policy and systems manuals. Examine documents and records. Observe entity activities and operations.

30 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 30 Documentation of the Understanding Narrative Flowchart Internal control questionnaire Internal control questionnaire

31 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 31 Learning Objective 5 Assess control risk by linking strengths and weaknesses of internal control to transaction- related audit objectives.

32 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 32 Assess Control Risk Obtain sufficient understanding for planning. Assess whether the entity is auditable. Determine assessed control risk. Assess if a lower control risk could be supported. Determine the appropriate assessed control risk.

33 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 33 Assess Control Risk Identify transaction-related audit objectives. Identify specific controls. Identify and evaluate weaknesses.

34 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 34 Identify and Evaluate Weaknesses Identify existing controls. Identify the absence of key controls. Determine misstatements that could result. Consider compensating controls.

35 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 35 The Control Risk Matrix Auditors use the control risk matrix to identify both controls and weaknesses and to asses control risk.

36 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 36 Communication Reportable conditions letter Management letters Audit committee communications

37 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 37 Learning Objective 6 Describe the process of designing and performing tests of controls.

38 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 38 Tests of Controls The procedures to test effectiveness of controls in support of a reduced assessed control risk are called tests of controls.

39 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 39 Procedures for Tests of Controls Make inquiries of client personnel. Examine documents, records, and reports. Observe control-related activities. Reperform client procedures.

40 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 40 Extent of Procedures Reliance on evidence from prior year’s audit Testing less than the entire audit period

41 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 41 Relationship of Assessed Control Risk and Extend of Procedures Assessed Control Risk High Level:Lower Level: Obtaining anTests of Type of ProcedureUnderstanding OnlyControls InquiryYes – extensiveYes – some DocumentationYes – with transactionYes – using walk-through sample ObservationYes – with transactionYes – multiple walk-through times ReperformanceNoYes – sampling

42 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 42 Decide Planned Detection Risk and Design Substantive Tests The auditor uses the results of the control risk assessment process and tests of controls to determine the planned detection risk and related substantive tests. The auditor links the control risk assessments to the balance-related audit objectives.

43 ©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 43 End of Chapter 10

Download ppt "©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 10 - 1 Internal Control and Control Risk Chapter 10."

Similar presentations

Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
Internal Control and Control Risk

Internal Control and Control Risk
Internal Control.

Internal Control.
Chapter 10 Section 404 Audits of Internal Control and Control Risk

Chapter 10 Section 404 Audits of Internal Control and Control Risk
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Chapter 9 The Study of Internal Control and Assessment of Control Risk

Chapter 9 The Study of Internal Control and Assessment of Control Risk
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 5 - 5 Audit of the Acquisition and Payment Cycle: Tests of Controls, Substantive.

©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Audit of the Acquisition and Payment Cycle: Tests of Controls, Substantive.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
Audit of the Sales and Collection Cycle: Tests of Controls and Substantive Tests of Transactions Chapter 14.

Audit of the Sales and Collection Cycle: Tests of Controls and Substantive Tests of Transactions Chapter 14.
11 - 1 ©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Audit of the Sales and Collection Cycle Chapter 11.

©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Audit of the Sales and Collection Cycle Chapter 11.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 18 - 1 Audit of the Acquisition and Payment Cycle: Tests of Controls, Substantive.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Audit of the Acquisition and Payment Cycle: Tests of Controls, Substantive.
Chapter 10 Internal control and Control Risk.

Chapter 10 Internal control and Control Risk.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 5 Internal Control over Financial Reporting

Chapter 5 Internal Control over Financial Reporting

Similar presentations

Ads by Google