Scribd
Upload
314 views28 pages

CH06

This chapter discusses internal controls and their components. It defines internal control as processes designed to provide reasonable assurance of achieving objectives related to operations, financial reporting, and compliance. The five main components of internal controls are the control environment, risk assessment, information and communication, control activities, and monitoring. Effective segregation of duties and monitoring are fundamental to internal controls. The chapter also addresses internal controls in small businesses.

Uploaded by

Fachrurrozi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT or read online on Scribd
314 views28 pages

CH06

This chapter discusses internal controls and their components. It defines internal control as processes designed to provide reasonable assurance of achieving objectives related to operations, financial reporting, and compliance. The five main components of internal controls are the control environment, risk assessment, information and communication, control activities, and monitoring. Effective segregation of duties and monitoring are fundamental to internal controls. The chapter also addresses internal controls in small businesses.

Uploaded by

Fachrurrozi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT or read online on Scribd
You are on page 1/ 28

AUDITING: A RISK

ANALYSIS APPROACH
5th edition

Larry F. Konrath

Electronic Presentation
by Harold
O. Wilson
1
Chapter 6

2
OVERVIEW

Internal Control defined


Internal Control System Components
Control environment
Risk Assessment
Information & Communication
Control Activities
Monitoring

3
OVERVIEW

Internal Control and Management


Assertions in financial statements
Existence or occurrence
Completeness
Rights & obligations
Valuation & allocation
Presentation & disclosure

4
OVERVIEW

Inherent Limitations & minimum


substantive tests
Internal Control modifications for
small businesses

5
LEARNING
OBJECTIVES
•Define internal control
•Describe internal control components
•Relate components to assertions
•Understand minimum testing needs
•Identify effective internal controls
•Relate internal controls & entity sizes

6
INTERNAL CONTROL
DEFINED
 Internal Control: “The process effected
by an entity’s board of directors,
management, and other personnel designed
to provide reasonable assurance regarding
the achievement of objectives in the
following categories:”

7
Categories...

 Operations controls (resource uses)


 Financial reporting controls (reliable
published financial statements)
 Compliance controls (laws and regulations)
This clearly relates to all activities of an
organization. Auditors focus on financial
reporting controls.
8
FIVE COMPONENTS OF
INTERNAL CONTROL
 Control Environment (Prevention controls
& Detection controls)
 Risk assessment
 Information & communication
 Control activities
 Monitoring

9
1. Control
Environment
 Attitudes (Top management sets the tone!)
 Management must support control,
minimizing risks, personnel policies.
 Management must desire reliable reports,
proper accounting, internal audits.
 Management must promote integrity,
competence & ethical behavior (e.g.,
internal codes of conduct).
10
2. Risk
Assessment
 Managers assess business risk!
 Operating objectives must be well defined,
addressing resource control and uses
(e.g., technology, related laws,
compliance with controls).
 Financial reporting risks relate to data
processing, potential for error & fraud.

11
Risk is reduced by proper approvals,
surveillance, processing, procedures,
budgeting, training, “responsibility
accounting,” reviewing variances from
goals, technology, etc.

12
3. Information &
Communication
 Information requirements (who gets what
data when?)
 Reports consistent with objectives, with
sufficient details for action
 Feedback & revisions (often & proper)
 Commitment to appropriate resources for
effective information systems

13
Information...

 Identification of information -- controls to


ensure events trigger documents, records
 Capture of information -- computers, manual
procedures
 Processing of information -- journals
(tabulations), ledgers (sorts), systems &
standardizations
 Reporting of information (external, internal)
14
Communication...

 Employee responsibility
 Employee training
 Employee cooperation

15
4. Control
Activities
 Policies & procedures to ensure
management directives are followed,
objectives attained, reporting complete
& correct.
 Procedures to prevent errors, fraud.
 Procedures to detect errors, fraud.
 Documentation, approval, verification

16
Activities...

 Computer Information Systems (CIS)


require input editing, data center
controls, system & program controls,
“controlled reprocessing.”
 Reporting using manuals (guidance for
valuations, classifications, estimates,
adjustments, updates, records retention
 Physical safeguards over access, assets,
records, documents, confidential data)
17
The Fundamental Principle of
Internal Control
SEGREGATE:

1. Operations Personnel & Functions


2. Custodianships [over assets]
3. Accounting Personnel & Functions

18
Examples…

 Computer programmers from computer


operators.
 Payroll clerks from general ledger staff
 Bank reconciliations by disinterested parties

19
5. MONITORING Financial
Reporting Controls
 Transaction cycles emphasis (feedbacks,
corrective actions)
 “Real-time” basis
 Variances from budgets; causes
 Cross corroborations by
employees
 Investigating exceptions
20
Monitoring…

 Selected internal audit procedures


(confirmations, physical counts, etc.)
 “Effectiveness reviews” (ethics, compliance,
competence, fraud)

21
6. INHERENT LIMITATIONS
of Internal Control Systems
 No “absolute” assurances (systems,
computers & people temporarily break
down)
 Sampling is not perfect; 100% surveys are
not perfect.
 Collusion can circumvent controls!
and…

22
Limitations…

 Management may override controls!

There are implications of fraud in


such cases; often, there is nobody
at the top to “supervise” those
at the top.

23
INTERNAL CONTOL FOR
SMALL BUSINESS
 Effective organization
 Constant management surveillance
 Proper paper controls in place (supporting
documents before checks signed, bank
reconciliations by disinterested parties,
purchase orders)
 Controls over mailing, especially signed
checks
24
Controls at small
firms…
 Analytical procedures; investigation of
any unusual ratios, etc.; management
must read the financial statements.
 Stringent controls over cash in, cash out;
daily intact deposits; imprest funds,
cash register tapes, receipted deposit
slips direct to owners.
 Executive approvals of write-offs …
of any kind.
25
Controls at small
firms…
 Samplings & physical counts (inventory);
comparisons with records
 Payrolls signed, and occasionally
distributed, by top management
 Quarterly or annual reviews by external
CPAs (if audits unaffordable)
“It’s not what you own, but
what you can control!”
26
Critical Terms Review

 Access controls  Financial reporting


 Accounting manual controls
 Alterations (accounts)  Inherent limitations
 Alteration  Internal control
(substance)  Management override
 Chart of accounts  Monitoring
 Collusion  Reasonable assurance
 Control environment  Temporary
 Detection controls breakdowns
27
End of Chapter 6

28

You might also like