St Lawrence University Faculty of Business Management Auditing Assignment Facilitator Mr.

Oboth Alex Name: Tavian Rodney Reg No: BABA/07/D/004 Nov, 2010

Audit Course work a) Discuss the meaning and purpose of a good internal control system to an organization of your choice. What are the necessary prerequisites for a good internal control system? b) As an Audit professional, explain to the partners the meaning and content of the audit files, both permanent and current files. c) Explain to the partners the meaning, content and purpose of a management letter.

(a) An Internal Control is a process effected by a companys board of directors, management and other personnel designed to provide reasonable assurance regarding the achievement of objective in effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations. A control may be any action taken by management, the board and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. In so doing, management plans, organizes and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals are achieved. Its however important to note that a good internal control is a process thats achieved by people and it provides reasonable assurance geared towards achievement of objectives. The following are necessary prerequisites for a good internal control system;
-

Safe guarding assets of the company and in this particular scenario, there is limited access to assets and specific people are authorized say to have access to cash. Security is provided, provision of a safe (cash box) for money that should always be under lock and key

- Prevent fraud and error - Adherence to management policies - Completeness and accuracy of records - Carry on business in an orderly manner - Segregation of duties: there should not be domination of activities by a single individual

(b) Meaning and content of audit files both permanent and current files An audit file is that which contains data (information) about events which have occurred in a system. Audit files are mostly associated with applications e.g. a banking system has an audit file which contains data about the various transactions that have occurred with user accounts such as log-ins made to the system, name of the person making the log-in, time when it occurred and the password employed. Such files are often used for security purposes. Permanent Audit File normally contains information of a long term nature thats important to the auditor in carrying out his or her work for a period of time beyond one audit. Its contents are:- Statutory material related to the conduct of accounts of accounts and audit of enterprises such as the Companies Act, accounting and audit standards - Address of the registered office - Organizational chart showing the major departments and their sub divisions Regulatory requirements of the firm such as Memorandum of Association, Articles of Association and Partnership Deed - Documents of continuing importance to the auditor e.g. letters of engagement, trade licenses - Accounting procedures used by the organization such as depreciation methods Current Audit File contains information relevant to that particular or current years audit. It normally contains; - A copy of accounts and statements that the auditor is reporting on - A description of the internal controls in form of flow charts - A schedule for each item in the balance sheet, profit and loss account - A copy of the management letter that shows the weaknesses of ICS - An audit programme - A record or abstract from the minutes of the company, directors and partners (c) Meaning, content and purpose of the management letter

Management letter may also be the letter of weaknesses or internal control letter and its usually sent by the Auditor after the conclusion of the tests of control to management of the firm or company detailing areas in which internal control weaknesses have been identified during the course of the audit. Management letter usually contains the following: Procedures taken in carrying out the audit

Recommendations to management or the board should employ to curb the weaknesses

Auditors responsibilities Its addressed to owners of the firm (Directors) Address of the auditing firm Names of the Auditors Vital information in regard to new approaches that have just come up Period for which the audit was carried out Comments such as those regarding income taxes and financial aspects of Board minutes

Information on areas specific to a community is brought to the Boards attention with recommended changes to improve internal control(s).

Purpose The management letter (auditors letter) is addressed to the client and contains conclusions regarding the companys accounting policies and procedures, internal controls and operating policies as well as materials issues arising from the review of the financial statements. The auditor makes an evaluation of the present

system, pointing out problem areas and finally cites recommendations for improvement. The partners therefore have to understand what the management letter spells out so that their firm or company may prosper once they correct the concern areas.

References
- Auditing David Mwindi, @ 2005 - Auditing Handouts by Mr. Alex Oboth (Aug to Nov 2010) - CPAs Guide to Management Letter Comments 2008 by Bert L. Swain
-

www.encyclopedia.com/doc/1012-auditfile.html www.allbusiness.com/.../management-letter/4944472-1.html