Presentation is loading. Please wait.

Presentation is loading. Please wait.

Auditing 81.3550 Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9.

Published byJoshua Jordan Modified over 8 years ago

Similar presentations

Presentation on theme: "Auditing 81.3550 Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9."— Presentation transcript:

1 Auditing 81.3550 Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9

2 Highlights What is internal control? Why is it important? How do auditors study, evaluate and document an organization’s internal control processes? What types of tests are used? Understanding the two basic audit approached commonly used What is internal control? Why is it important? How do auditors study, evaluate and document an organization’s internal control processes? What types of tests are used? Understanding the two basic audit approached commonly used

3 What is internal control? Internal control consists of the policies & procedures established & maintained by management to assist in orderly & efficient conduct of business. Need to keep in mind the cost vs. benefit of internal control processes and procedures

4 Internal Control Internal control is a process designed to provide reasonable assurance regarding the achievement of management’s objectives regarding: reliability of controls optimizing use of resources safeguarding of assets preventing & detecting fraud & error

5

6

7

8

9 Components of Internal Control the control environment

10 Control Environment The control environment is the actions, policies, and procedures that reflect management’s attitude regarding controls and their importance. The control environment is the actions, policies, and procedures that reflect management’s attitude regarding controls and their importance.

11 Elements of the Control Environment Management Philosophy and Operating Style: –Approach to monitoring and responding to risk –Attitude and actions around financial reporting –Emphasis on meeting goals both financial and operational –Honesty and type of business behaviours exhibited and encouraged Management Philosophy and Operating Style: –Approach to monitoring and responding to risk –Attitude and actions around financial reporting –Emphasis on meeting goals both financial and operational –Honesty and type of business behaviours exhibited and encouraged

12 Elements of the Control Environment Board of Directors and Audit Committee : –How active of a role does the committee take in running the company? –Audit Committees dealings and interest in the auditors and their work

13 Elements of The Control Environment Organizational Structure –Clearly defined lines of responsibility and authority Organizational Structure –Clearly defined lines of responsibility and authority

14 Elements of The Control Environment Methods used in the assignment of authority and responsibly What are the formal methods that management uses to communicate internal controls to employees? Company Policies Employee Handbook Job Description Memo:

15 Elements of The Control Environment Management Control Methods Do management’s methods send a clear message about the importance of control? Do management’s methods serve to detect misstatements?

16 Elements of The Control Environment Systems Development Methodology –Who can make modifications? –What testing is done? Systems Development Methodology –Who can make modifications? –What testing is done? Does management have a methodology for developing and modifying systems and procedures?

17 Elements of The Control Environment Personal Policies and Practices Management should ensure that competent, trustworthy, motivated personnel are employed to meet client goals and objectives. Employees are the critical component of effective internal control.

18 Elements of The Control Environment Management reactions to external influences Should be aware of these influences and prepared to react properly Management reactions to external influences Should be aware of these influences and prepared to react properly Is management aware of external influences such as changes in the economy and technology?

19 Elements of The Control Environment Internal Audit Does an internal audit department exist? Does it effectively monitor control policies and procedures, and enhance operational effectiveness and efficiency? Who does the internal audit department report to?

20 Components of Internal Control control systems Accounting Systems + Control Procedures

21 Components of Internal Control accounting systems Accounting systems have several subcomponents - classes of transactions

22 Components of Internal Control Control procedures are policies and procedures, in addition to those related to other components, established to enable the entity to address risks in the achievement of their objectives. control procedures

23 Categories of Control Procedures Appropriate segregation of duties –Separate custody of assets from accounting –Separate custody of assets from authorization of transactions –Separate operational responsibility from record keeping –Adequate segregation of duties within EDP –Reconciliation – i.e. separate from transaction data entry clerk Appropriate segregation of duties –Separate custody of assets from accounting –Separate custody of assets from authorization of transactions –Separate operational responsibility from record keeping –Adequate segregation of duties within EDP –Reconciliation – i.e. separate from transaction data entry clerk

24 Categories of Control Procedures Can be difficult in smaller companies due to the costs involved Fewer employees make segregation tough

25 Categories of Control Procedures Segregation of duties designed to help prevent loss but difficult if there is collusion Collusion is the defeat of adequate separation of duties wherein employees cooperate to perpetrate fraud....we’re agreed. We’ll be rich be- yond our wildest dreams!...we’re agreed. We’ll be rich be- yond our wildest dreams!

26 Why is collusion particularly troublesome for auditors? Competent, untrustworthy, motivated personnel often know how to conceal their fraud.

27 Categories of Control Procedures Proper authorizations of transactions and activities –general authorization - management establishes authorization policies –specific authorization - management makes authorizations on a case-by-case (ie all A/P requests) Proper authorizations of transactions and activities –general authorization - management establishes authorization policies –specific authorization - management makes authorizations on a case-by-case (ie all A/P requests) accounts payable policies & procedures cash receipts policies & procedures personnel policies & procedures

28 Categories of Control Procedures Adequate Documents and Records should provide reasonable assurance that all assets are properly controlled and all transactions are correctly recorded.

29 Design and Use of Documents, Input Screens, and Electronic Transactions Documents should be prenumbered and accounted for Documents should be complete soon after the transaction Documents should be understandable, correctly designed including routing and authorizations Documents should be prenumbered and accounted for Documents should be complete soon after the transaction Documents should be understandable, correctly designed including routing and authorizations Documents should be designed for multipurpose

30 Categories of Control Procedures Adequate safeguards over access to and use of assets and records Examples include physical: locking rooms, fenced areas, fireproof safes, safe deposit boxes, security guards; access; backup files and recovery Adequate safeguards over access to and use of assets and records Examples include physical: locking rooms, fenced areas, fireproof safes, safe deposit boxes, security guards; access; backup files and recovery

31 Categories of Control Procedures Independent verification of performance and the accuracy of recorded amounts Controls may change or be forgotten about if not followed up on or performed Segregation of duties between required

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50 When should weaknesses be reported to the client? When there are significant deficiencies in the design or operation of internal control. GAAS requires the auditor to communicate(oral or written) with the audit committee regarding the significant deficiencies.

51 Two Basic Audit Approaches Substantive Approach –Used when decide not to rely on internal controls or not cost effective to do so –CR=Max, DR=Low –No test of controls required –Extent of evidence will be high Substantive Approach –Used when decide not to rely on internal controls or not cost effective to do so –CR=Max, DR=Low –No test of controls required –Extent of evidence will be high Combination Approach –Used when auditor can rely on internal controls for a specific assertion –CR=below Max, DR=Med-High –Extent of evidence will be medium to low –Need to not only understand IC system but also do test of controls to support assessment level below max

Download ppt "Auditing 81.3550 Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9."

Similar presentations

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
An Internal Control Overview

An Internal Control Overview
Internal Control and Control Risk

Internal Control and Control Risk
Auditing Concepts.

Auditing Concepts.
Internal Control.

Internal Control.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
S11: Risk Based Audit Approach. Session Objectives  To define audit risks and establish the relationship between materiality and audit risk  To discuss.

S11: Risk Based Audit Approach. Session Objectives  To define audit risks and establish the relationship between materiality and audit risk  To discuss.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control Structure. Learning Objectives l To understand the components of an organization’s internal control structure l To know the objectives.

Internal Control Structure. Learning Objectives l To understand the components of an organization’s internal control structure l To know the objectives.
CHAPTER 10 UNDERSTANDING INTERNAL CONTROLS Fall 2007

CHAPTER 10 UNDERSTANDING INTERNAL CONTROLS Fall 2007
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004

CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
9 - 1 What is the purpose of an ICS? l First, what is it?? Policies and procedures established to provide reasonable assurance that the entities specific.

9 - 1 What is the purpose of an ICS? l First, what is it?? Policies and procedures established to provide reasonable assurance that the entities specific.
Chapter 9 The Study of Internal Control and Assessment of Control Risk

Chapter 9 The Study of Internal Control and Assessment of Control Risk
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk

Similar presentations

Ads by Google