Professional Documents
Culture Documents
Introduction
Internal control is the responsibility of the
mgt and BOD, not the auditors.
As part of performing a financial statement
audit, the auditor is required to obtain an
understanding of the accounting and internal
control system consisting of:
Accounting system
Control environment
Control procedures
Fundamental Concepts of
Internal Control
Internal control is a process, consisting or a
series of actions that are pervasive and
integrated with an entitys infrastructure.
Internal control is effected by people.
Internal control can be expected to provide
only reasonable assurance, not absolute
assurance (due to inherent limitation in IC).
Internal control is geared to the achievement
of objectives in the overlapping categories of
fin reporting, compliance and operations.
Control Environment
Integrity and ethical values
Commitment to competence
Managements philosophy and operating style
Organizational structure
Board of directors and audit committees
Assignment of authority and responsibility
Internal audit
The use of information technology
Human resources policies and practices
Control Activities
Information processing controls
General Controls
Application Controls
Physical controls
Transaction authorization
Segregation of duties
Accounting records
Access controls
Supervision
Independent verification
Segregation of duties
Custody from accounting
Authorization from custody
Operational responsibility from recordkeeping
Separation of duties within EDP
System analyst
Programmer
Librarian
Computer operator
Data control group
Inherent Limitations
Cost vs benefit considerations
IC tend to be directed at routine
transactions
Human error
Collusion
Management override
Communication breakdown
Proper Authorization of
Transactions and Activities
General
Specific
Authorization
Approval
Procedures to Gain an
Understanding
Inquiries of appropriate management,
supervisory and staff personnel.
Reviewing previous experience with
entity.
Inspecting documents and records
Observing entity activities and
operations
Procedures to Gain an
Understanding-continued
Documenting the understanding
Questionnaire
Flowchart
Narrative memoranda
Checklists
Confirm
Walkthrough test
Test of Controls
General Procedures
Inspection of documents
Inquiries
Observations
Reperformance of control procedures
Test of Controls
To obtain audit evidence about the
effectiveness of the