SlideShare une entreprise Scribd logo

Chapter 7

E
EasyStudy3

aud

Formation
1  sur  38
Télécharger pour lire hors ligne
7-1 Chapter 5 Internal Control
Internal Control A process, effected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity’s) objectives relating to: ❑Operations ❑Reporting, and ❑Compliance
Control Objectives In each area of internal control (Reporting, Operations and Compliance) ◦ Control objectives and ◦ Sub objectives exist External Reporting Example: Accounts Receivable (A/R) Top level objective – prepare and issue reliable financial information ◦ Detailed level applied to A/R sub objectives ◦ All goods shipped are accurately billed in the proper period ◦ Invoices are accurately recorded for all authorized shipments and only for such shipments ◦ Authorized and only authorized sales returns and allowances are accurately recorded ◦ The continued completeness and accuracy of A/R is ensured ◦ Accounts receivable records are safeguarded
Foreign Corrupt Practices Act Passed in 1977 in response to American corporation practice of paying bribes and kickbacks to officials in foreign countries to obtain business The Act ◦ Requires an effective system of internal control ◦ Makes the payment of bribes to foreign officials illegal
Components of Internal Control - CRIME The Control Environment Risk Assessment Control Activities Information System Relevant to Financial Reporting and Communication Monitoring Activities
Control Environment Commitment to integrity and ethical values. Board of directors demonstrates independence from management and exercises oversight of internal control. Establishment of effective structure, including reporting lines, and appropriate authorities and responsibilities. Commitment to attract, develop, and retain competent employees. Holding employees accountable for internal control responsibilities.
Risk Assessment Clearly specify ROC objectives to allow the identification and assessment of risks related to those objectives. Identify and analyze risks to the achievement of its objectives to determine how they may be managed. Consider potential fraud relating to the achievement of objectives. Identify and assess changes that could impact internal control.
Control Activities Performance reviews Transaction control activities Physical controls Segregation of duties ◦ Segregate Proper authorization, access, recording, and custody of assets (SPARC) ◦ Fundamental principle – ensure two or more persons participate in every transaction
Objectives of an Accounting Information System Identify and record valid transactions Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions Measure the value of transactions appropriately Determine the time period in which the transactions occurred to permit recording in the proper period Present properly the transactions and related disclosures in the financial statements
Monitoring Ongoing monitoring activities ◦ Regularly performed supervisory and management activities ◦ Example: Continuous monitoring of customer complaints Separate evaluations of internal control ◦ Performed on nonroutine basis ◦ Example: Periodic audits by internal audit
Controls over Financial Reporting Preventive ◦ Aimed at avoiding the occurrence of misstatements in the financial statements ◦ Example: Segregation of duties Detective ◦ Designed to discover misstatements after they have occurred ◦ Example: Monthly bank reconciliations Corrective ◦ Needed to remedy the situation uncovered by detective controls ◦ Example: Backups of master file Controls overlap ◦ Complementary – function together ◦ Redundant – address same assertion or control objective ◦ Compensating – reduces risk existing weakness will result in misstatement
Limitations of Internal Control Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc. Controls that depend on the segregation of duties may be circumvented by collusion Management may override the structure Compliance may deteriorate over time
Enterprise Risk Management (ERM) COSO issued a framework in 2004 (revised in 2017) on Enterprise Risk Management (ERM). It does not replace the original COSO internal control framework. It goes beyond internal control to focus on how organizations can effectively manage risks and opportunities. The auditing standards are still structured around the original COSO internal control framework but the risk management framework is useful in evaluating the risk assessment component of internal control.
Auditors’ Consideration of Internal Control Roadmap
Auditors’ Overall Approach with Internal Control Review: Overall approach of an audit 1. Plan the audit 2. Obtain an understanding of the client and its environment, including internal control 3. Assess the risks of material misstatement and design further audit procedures 4. Perform further audit procedures 5. Complete the audit 6. Form an opinion and issue the audit report Steps 2-4 relate most directly to the role of internal control in financial statement audits
Obtain an understanding of the client and its environment, including internal control The understanding of internal control is used to help the auditors to ◦ Identify types of potential misstatements ◦ Consider factors that affect the risks of material misstatement ◦ Design tests of controls (when applicable) and substantive procedures Auditors must consider all five internal control components ◦ Control environment ◦ Accounting information system ◦ Risk assessment ◦ Control activities ◦ Monitoring In doing so, the auditors should also consider areas difficult to control like non-routine transactions
Obtaining the Understanding Procedures include ◦ Inquiring of entity personnel ◦ Observing the application of specific controls ◦ Inspecting documents and reports ◦ Tracing transactions through the information system relevant to financial reporting May also obtain evidence on operating effectiveness of various controls
Documenting the Understanding of Internal Control Questionnaires ◦ Typically standardized by firm Written Narratives ◦ Memos that describe flow of transactions Flowcharts ◦ Systems flowcharts Walk-through ◦ Trace one or two transactions through cycle
7-21 Flowchart Symbols
Assess the Risks of Material Misstatement General approach ◦ Identify risks while obtaining an understanding of the client and its environment, including its internal control ◦ Relate the identified risks to what can go wrong at the relevant assertion level ◦ Consider whether the risks are of a magnitude that could result in a material misstatement ◦ Consider the likelihood that the risks could result in a material misstatement
The Nature of Transactions Consider the nature of the transactions ◦ Routine transactions—e.g., revenue, purchases, and cash receipts and disbursements ◦ Non-routine transactions—e.g., taking of inventory, calculating depreciation expense ◦ Estimation transactions—e.g., determining the allowance for doubtful accounts Generally routine transactions have the strongest controls
Assessing Risks at the Financial Statement Level Examples ◦ Preparing the period-end financial statements, including the development of significant accounting estimate and preparation of the notes ◦ The selection and application of significant accounting policies ◦ IT general controls ◦ The control environment Responses to high risks ◦ Assigning more experience staff or those with specialized skills ◦ Providing more supervision and emphasizing the need to maintain professional skepticism ◦ Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed ◦ Increasing the overall scope of audit procedures, including the nature, timing or extent
Assessing Risks at the Assertion Level Examples ◦ Failure to recognize an impairment loss on a long-lived asset affects only the valuation assertion ◦ Inaccurate counting of inventory at year-end affect the valuation of inventory and the accuracy of cost of goods sold Responses ◦ Decisions are made here as to the appropriate combination of tests of controls and substantive procedures
Perform Further Audit Procedures – Test of Controls Approach: ◦ Identify controls likely to prevent or detect material misstatements ◦ Perform tests of controls to determine whether they are operating effectively Tests of controls address: ◦ How controls were applied ◦ The consistency with which controls were applied ◦ By whom or by what means (e.g., electronically) the controls were applied
Perform Further Audit Procedures – Test of Controls Tests of controls include: ◦ Inquiries of appropriate client personnel ◦ Inspection of documents and reports ◦ Observation of the application of controls ◦ Reperformance of the controls The results of the tests of controls are used to determine the nature, timing and extent of substantive procedures
Effects of Data Analytics Data analytics may be used to perform tests of controls (operating effectiveness); auditors may test controls over the entire population of transactions rather than a sample Will use Urgent Medical Device as an example
Use of the Work of Internal Auditors Work of Internal Auditors may be used in two ways: ◦ Obtaining audit evidence by using the internal auditors’ work performed as a part of their normal responsibilities, and ◦ Using internal auditors to provide direct assistance on the external audit.
Service Organizations Computer service organizations provide processing services to customers who decide not to invest in their own processing of particular data Examples: Outsource processing of payroll or Internet sales; storage of data and records in the service organization’s Cloud
Service Organizations Auditor should obtain understanding of the outsourced function by following one or more of: ◦ Contacting service organization to obtain information. ◦ Visiting service organization an performing necessary procedures. ◦ Obtaining a report from service organization Terms ◦ Service auditor—provides examination of service organization’s controls. ◦ User Auditor—Uses that report.
7-33 Service Organizations Types of Service Auditor Reports ◦ Type 1—Management’s description of the system and the auditor’s assessment of the suitability of the design of controls ◦ Type 2—Attributes of 1, plus assurance on the operating effectiveness of controls ◦ A Type 2 report may provide the user auditor with a basis for assessing control risk below the maximum.
7-34 Relationships Among Deficiencies Deficiency in Internal Control Less than Significant Significant Deficiency Material Weakness
Internal Control in the Small Company Due to lack of employees, internal control is seldom strong in small businesses Specific practices for small businesses ◦ Record all cash receipts immediately ◦ Deposit all cash receipts intact daily ◦ Make all payments by serially numbered checks, with exception of petty cash disbursements ◦ Reconcile bank accounts monthly and retain copies ◦ Use serially numbered invoices, purchase orders, and receiving reports ◦ Issue checks to vendors only in payment of approved invoices that have been matched with purchase orders and receiving reports ◦ Balance subsidiary ledger with control accounts ◦ Prepare comparative financial statements monthly to disclose significant variations in any category of revenue or expense
Assume that you have been hired by Willington, CPA, as a new staff assistant. He informs you that his approach to audits has always been to assess control risk at the maximum and perform all the substantive procedures he considers necessary. However, he has recently read an article in The Journal of Accountancy that indicates that a more efficient audit may sometimes be achieved by performing some tests of controls and thereby assessing control risk at a lower level. Willington shows you the following table that came from the article: Assessed Level of Control Risk Inherent Risk Low Moderate Maximum Low Highest allowable detection risk (lowest allowable scope of substantive procedures) High detection risk (low scope of substantive procedures) Moderate detection risk (moderate scope of substantive procedures) Moderate High detection risk (low scope of substantive procedures) Moderate detection risk (moderate scope of substantive procedures) Low detection risk (very high scope of substantive procedures) Maximum Moderate detection risk (moderate scope of substantive procedures) Low detection risk (very high scope of substantive procedures) Lowest detection risk (highest scope of substantive procedures) Willington understands that the table is only for illustrative purposes and that other “in between” levels of the various risks are possible, but he wants you to use the ones in the table to help him understand the trade-offs between tests of controls and substantive procedures. He understands that these risks would be assessed at the assertion level for the various accounts, but he wants to better understand how the various tests performed in an audit “tie together.” To keep things simple, he says to assume that inherent risk is at the maximum level in all cases.
Chapter 7
Chapter 7

Recommandé

Presentation 11, Test of controls of the system, Workshop on System-based aud...
Presentation 11, Test of controls of the system, Workshop on System-based aud...Presentation 11, Test of controls of the system, Workshop on System-based aud...
Presentation 11, Test of controls of the system, Workshop on System-based aud...
Support for Improvement in Governance and Management SIGMA
 
Jzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lectureJzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lecture
casahiljain1992
 
Internal Control
Internal ControlInternal Control
Internal Control
Salih Islam
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
Sazzad Hossain, ITP, MBA, CSCA™
 
Hanrick Curran Audit Training - Risk Assessment - March 2013
Hanrick Curran Audit Training - Risk Assessment - March 2013Hanrick Curran Audit Training - Risk Assessment - March 2013
Hanrick Curran Audit Training - Risk Assessment - March 2013
Matthew Green
 
Internal control system
Internal control systemInternal control system
Internal control system
Madiha Hassan
 
Internal control
Internal controlInternal control
Internal control
iPleaders - Re-engineering Legal education, New Delhi
 
Presentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationPresentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control Evaluation
Marzanur Rahman
 

Recommandé

Presentation 11, Test of controls of the system, Workshop on System-based aud...
Presentation 11, Test of controls of the system, Workshop on System-based aud...Presentation 11, Test of controls of the system, Workshop on System-based aud...
Presentation 11, Test of controls of the system, Workshop on System-based aud...
Support for Improvement in Governance and Management SIGMA
 
Jzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lectureJzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lecture
casahiljain1992
 
Internal Control
Internal ControlInternal Control
Internal Control
Salih Islam
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
Sazzad Hossain, ITP, MBA, CSCA™
 
Hanrick Curran Audit Training - Risk Assessment - March 2013
Hanrick Curran Audit Training - Risk Assessment - March 2013Hanrick Curran Audit Training - Risk Assessment - March 2013
Hanrick Curran Audit Training - Risk Assessment - March 2013
Matthew Green
 
Internal control system
Internal control systemInternal control system
Internal control system
Madiha Hassan
 
Internal control
Internal controlInternal control
Internal control
iPleaders - Re-engineering Legal education, New Delhi
 
Presentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationPresentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control Evaluation
Marzanur Rahman
 
Audit planning
Audit planningAudit planning
Audit planning
Richard Clarke Academy
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
Jami Martin
 
Internal control system of jamuna bank ltd......................................
Internal control system of jamuna bank ltd......................................Internal control system of jamuna bank ltd......................................
Internal control system of jamuna bank ltd......................................
Md Mir Belal
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)
Hisyam
 
Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...
Support for Improvement in Governance and Management SIGMA
 
04 Audit documentation
04 Audit documentation 04 Audit documentation
04 Audit documentation
CA. (Dr.) Rajkumar Adukia
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDIT
Ros Dina
 
Advance audit
Advance auditAdvance audit
Advance audit
preeti garg
 
Lecture 6, part b, Chapter 10, Materiality and Audit Evidence
Lecture 6, part b, Chapter 10, Materiality and Audit EvidenceLecture 6, part b, Chapter 10, Materiality and Audit Evidence
Lecture 6, part b, Chapter 10, Materiality and Audit Evidence
Sazzad Hossain, ITP, MBA, CSCA™
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
Syed Osama Rizvi
 
Internal Controls
Internal ControlsInternal Controls
Internal Controls
mscuttle
 
Everything You Need To Know About Internal Control Reviews
Everything You Need To Know About Internal Control ReviewsEverything You Need To Know About Internal Control Reviews
Everything You Need To Know About Internal Control Reviews
Adriana Sklencar
 
Risk assessment managment and risk based audit approach
Risk assessment managment and risk based audit approachRisk assessment managment and risk based audit approach
Risk assessment managment and risk based audit approach
n|u - The Open Security Community
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit Approach
SALIH AHMED ISLAM
 
Arens12e 08
Arens12e 08Arens12e 08
Arens12e 08
John Sy
 
Internal controls
Internal controlsInternal controls
Internal controls
Geetali Tare
 
Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)
bagarza
 
Internal control
Internal controlInternal control
Internal control
SALIH AHMED ISLAM
 
Auditing procedure & internal control system
Auditing procedure & internal control systemAuditing procedure & internal control system
Auditing procedure & internal control system
RadhikaGupta215
 
What are the major steps in a financial statement audit.pdf
What are the major steps in a financial statement audit.pdfWhat are the major steps in a financial statement audit.pdf
What are the major steps in a financial statement audit.pdf
RathnakarReddy17
 
AUDIT.pptx
AUDIT.pptxAUDIT.pptx
AUDIT.pptx
beminaja
 
01 Auditing CH 1.ppt
01 Auditing CH 1.ppt01 Auditing CH 1.ppt
01 Auditing CH 1.ppt
ShimelisTamene2
 

Contenu connexe

Tendances

Internal Controls
Internal ControlsInternal Controls
Internal Controls
mscuttle
 
Arens12e 08
Arens12e 08Arens12e 08
Arens12e 08
John Sy
 
Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)
bagarza
 

Tendances (17)

Audit planning
Audit planningAudit planning
Audit planning
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Internal control system of jamuna bank ltd......................................
Internal control system of jamuna bank ltd......................................Internal control system of jamuna bank ltd......................................
Internal control system of jamuna bank ltd......................................
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)
 
Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...
 
04 Audit documentation
04 Audit documentation 04 Audit documentation
04 Audit documentation
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDIT
 
Advance audit
Advance auditAdvance audit
Advance audit
 
Lecture 6, part b, Chapter 10, Materiality and Audit Evidence
Lecture 6, part b, Chapter 10, Materiality and Audit EvidenceLecture 6, part b, Chapter 10, Materiality and Audit Evidence
Lecture 6, part b, Chapter 10, Materiality and Audit Evidence
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
 
Internal Controls
Internal ControlsInternal Controls
Internal Controls
 
Everything You Need To Know About Internal Control Reviews
Everything You Need To Know About Internal Control ReviewsEverything You Need To Know About Internal Control Reviews
Everything You Need To Know About Internal Control Reviews
 
Risk assessment managment and risk based audit approach
Risk assessment managment and risk based audit approachRisk assessment managment and risk based audit approach
Risk assessment managment and risk based audit approach
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit Approach
 
Arens12e 08
Arens12e 08Arens12e 08
Arens12e 08
 
Internal controls
Internal controlsInternal controls
Internal controls
 
Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)Audit evidence a framework (ppt ch7[1].pdf)
Audit evidence a framework (ppt ch7[1].pdf)
 

Similaire à Chapter 7

Auditing procedure & internal control system
Auditing procedure & internal control systemAuditing procedure & internal control system
Auditing procedure & internal control system
RadhikaGupta215
 
Internal control system
Internal control systemInternal control system
Internal control system
Madiha Hassan
 
The internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentThe internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessment
Mohammad Wahid Abdullah Khan
 
Audit Framework presentation.pptx
Audit Framework presentation.pptxAudit Framework presentation.pptx
Audit Framework presentation.pptx
OnwVinx
 
ISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docxISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docx
priestmanmable
 
auditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdfauditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdf
owaissayyed0041
 
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docxChapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
mccormicknadine86
 

Similaire à Chapter 7 (20)

Internal control
Internal controlInternal control
Internal control
 
Auditing procedure & internal control system
Auditing procedure & internal control systemAuditing procedure & internal control system
Auditing procedure & internal control system
 
What are the major steps in a financial statement audit.pdf
What are the major steps in a financial statement audit.pdfWhat are the major steps in a financial statement audit.pdf
What are the major steps in a financial statement audit.pdf
 
AUDIT.pptx
AUDIT.pptxAUDIT.pptx
AUDIT.pptx
 
01 Auditing CH 1.ppt
01 Auditing CH 1.ppt01 Auditing CH 1.ppt
01 Auditing CH 1.ppt
 
Audit report- Consideration of Internal Control
Audit report- Consideration of Internal ControlAudit report- Consideration of Internal Control
Audit report- Consideration of Internal Control
 
Audit process
Audit processAudit process
Audit process
 
Final (international standard on auditing 315)
Final (international standard on auditing 315)Final (international standard on auditing 315)
Final (international standard on auditing 315)
 
Chapter 12 - Designing Substantive Procedures
Chapter 12 - Designing Substantive ProceduresChapter 12 - Designing Substantive Procedures
Chapter 12 - Designing Substantive Procedures
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Ch 7 controlling
Ch 7 controllingCh 7 controlling
Ch 7 controlling
 
What is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdfWhat is the procedure for financial statement audit.pdf
What is the procedure for financial statement audit.pdf
 
Audits and Regulatory Compliance
Audits and Regulatory ComplianceAudits and Regulatory Compliance
Audits and Regulatory Compliance
 
The internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentThe internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessment
 
Audit Framework presentation.pptx
Audit Framework presentation.pptxAudit Framework presentation.pptx
Audit Framework presentation.pptx
 
ISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docxISO 19001ISO 19001Student’s NameUniversity Name.docx
ISO 19001ISO 19001Student’s NameUniversity Name.docx
 
.POINTS TO REMEMBER ADVANCED AUDITING.pdf
.POINTS TO REMEMBER ADVANCED AUDITING.pdf.POINTS TO REMEMBER ADVANCED AUDITING.pdf
.POINTS TO REMEMBER ADVANCED AUDITING.pdf
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditing
 
auditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdfauditpresentation-121006061658-phpapp02.pdf
auditpresentation-121006061658-phpapp02.pdf
 
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docxChapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
Chapter 9Audit Risk AssessmentPrepared by Dr Phil Saj1.docx
 

Plus de EasyStudy3

2. polynomial interpolation
2. polynomial interpolation2. polynomial interpolation
2. polynomial interpolation
EasyStudy3
 
Chapter2 slides-part 2-harish complete
Chapter2 slides-part 2-harish completeChapter2 slides-part 2-harish complete
Chapter2 slides-part 2-harish complete
EasyStudy3
 
Chapter 12 vectors and the geometry of space merged
Chapter 12 vectors and the geometry of space mergedChapter 12 vectors and the geometry of space merged
Chapter 12 vectors and the geometry of space merged
EasyStudy3
 
Topic 4 gen chem guobi
Topic 4 gen chem guobiTopic 4 gen chem guobi
Topic 4 gen chem guobi
EasyStudy3
 
Gen chem topic 3 guobi
Gen chem topic 3 guobiGen chem topic 3 guobi
Gen chem topic 3 guobi
EasyStudy3
 
Gen chem topic 1 guobi
Gen chem topic 1 guobiGen chem topic 1 guobi
Gen chem topic 1 guobi
EasyStudy3
 

Plus de EasyStudy3 (20)

Week 7
Week 7Week 7
Week 7
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Week 6
Week 6Week 6
Week 6
 
2. polynomial interpolation
2. polynomial interpolation2. polynomial interpolation
2. polynomial interpolation
 
Chapter2 slides-part 2-harish complete
Chapter2 slides-part 2-harish completeChapter2 slides-part 2-harish complete
Chapter2 slides-part 2-harish complete
 
L6
L6L6
L6
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
2
22
2
 
Lec#4
Lec#4Lec#4
Lec#4
 
Chapter 12 vectors and the geometry of space merged
Chapter 12 vectors and the geometry of space mergedChapter 12 vectors and the geometry of space merged
Chapter 12 vectors and the geometry of space merged
 
Week 5
Week 5Week 5
Week 5
 
Chpater 6
Chpater 6Chpater 6
Chpater 6
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
Lec#3
Lec#3Lec#3
Lec#3
 
Chapter 16 2
Chapter 16 2Chapter 16 2
Chapter 16 2
 
Chapter 5 gen chem
Chapter 5 gen chemChapter 5 gen chem
Chapter 5 gen chem
 
Topic 4 gen chem guobi
Topic 4 gen chem guobiTopic 4 gen chem guobi
Topic 4 gen chem guobi
 
Gen chem topic 3 guobi
Gen chem topic 3 guobiGen chem topic 3 guobi
Gen chem topic 3 guobi
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Gen chem topic 1 guobi
Gen chem topic 1 guobiGen chem topic 1 guobi
Gen chem topic 1 guobi
 

Dernier

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 

Dernier (20)

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 

Chapter 7

  • 2. Internal Control A process, effected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity’s) objectives relating to: ❑Operations ❑Reporting, and ❑Compliance
  • 3. Control Objectives In each area of internal control (Reporting, Operations and Compliance) ◦ Control objectives and ◦ Sub objectives exist External Reporting Example: Accounts Receivable (A/R) Top level objective – prepare and issue reliable financial information ◦ Detailed level applied to A/R sub objectives ◦ All goods shipped are accurately billed in the proper period ◦ Invoices are accurately recorded for all authorized shipments and only for such shipments ◦ Authorized and only authorized sales returns and allowances are accurately recorded ◦ The continued completeness and accuracy of A/R is ensured ◦ Accounts receivable records are safeguarded
  • 4. Foreign Corrupt Practices Act Passed in 1977 in response to American corporation practice of paying bribes and kickbacks to officials in foreign countries to obtain business The Act ◦ Requires an effective system of internal control ◦ Makes the payment of bribes to foreign officials illegal
  • 5. Components of Internal Control - CRIME The Control Environment Risk Assessment Control Activities Information System Relevant to Financial Reporting and Communication Monitoring Activities
  • 6. Control Environment Commitment to integrity and ethical values. Board of directors demonstrates independence from management and exercises oversight of internal control. Establishment of effective structure, including reporting lines, and appropriate authorities and responsibilities. Commitment to attract, develop, and retain competent employees. Holding employees accountable for internal control responsibilities.
  • 7. Risk Assessment Clearly specify ROC objectives to allow the identification and assessment of risks related to those objectives. Identify and analyze risks to the achievement of its objectives to determine how they may be managed. Consider potential fraud relating to the achievement of objectives. Identify and assess changes that could impact internal control.
  • 8. Control Activities Performance reviews Transaction control activities Physical controls Segregation of duties ◦ Segregate Proper authorization, access, recording, and custody of assets (SPARC) ◦ Fundamental principle – ensure two or more persons participate in every transaction
  • 9. Objectives of an Accounting Information System Identify and record valid transactions Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions Measure the value of transactions appropriately Determine the time period in which the transactions occurred to permit recording in the proper period Present properly the transactions and related disclosures in the financial statements
  • 10. Monitoring Ongoing monitoring activities ◦ Regularly performed supervisory and management activities ◦ Example: Continuous monitoring of customer complaints Separate evaluations of internal control ◦ Performed on nonroutine basis ◦ Example: Periodic audits by internal audit
  • 11. Controls over Financial Reporting Preventive ◦ Aimed at avoiding the occurrence of misstatements in the financial statements ◦ Example: Segregation of duties Detective ◦ Designed to discover misstatements after they have occurred ◦ Example: Monthly bank reconciliations Corrective ◦ Needed to remedy the situation uncovered by detective controls ◦ Example: Backups of master file Controls overlap ◦ Complementary – function together ◦ Redundant – address same assertion or control objective ◦ Compensating – reduces risk existing weakness will result in misstatement
  • 12. Limitations of Internal Control Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc. Controls that depend on the segregation of duties may be circumvented by collusion Management may override the structure Compliance may deteriorate over time
  • 13. Enterprise Risk Management (ERM) COSO issued a framework in 2004 (revised in 2017) on Enterprise Risk Management (ERM). It does not replace the original COSO internal control framework. It goes beyond internal control to focus on how organizations can effectively manage risks and opportunities. The auditing standards are still structured around the original COSO internal control framework but the risk management framework is useful in evaluating the risk assessment component of internal control.
  • 15. Auditors’ Overall Approach with Internal Control Review: Overall approach of an audit 1. Plan the audit 2. Obtain an understanding of the client and its environment, including internal control 3. Assess the risks of material misstatement and design further audit procedures 4. Perform further audit procedures 5. Complete the audit 6. Form an opinion and issue the audit report Steps 2-4 relate most directly to the role of internal control in financial statement audits
  • 16. Obtain an understanding of the client and its environment, including internal control The understanding of internal control is used to help the auditors to ◦ Identify types of potential misstatements ◦ Consider factors that affect the risks of material misstatement ◦ Design tests of controls (when applicable) and substantive procedures Auditors must consider all five internal control components ◦ Control environment ◦ Accounting information system ◦ Risk assessment ◦ Control activities ◦ Monitoring In doing so, the auditors should also consider areas difficult to control like non-routine transactions
  • 17. Obtaining the Understanding Procedures include ◦ Inquiring of entity personnel ◦ Observing the application of specific controls ◦ Inspecting documents and reports ◦ Tracing transactions through the information system relevant to financial reporting May also obtain evidence on operating effectiveness of various controls
  • 18. Documenting the Understanding of Internal Control Questionnaires ◦ Typically standardized by firm Written Narratives ◦ Memos that describe flow of transactions Flowcharts ◦ Systems flowcharts Walk-through ◦ Trace one or two transactions through cycle
  • 19.
  • 20.
  • 22.
  • 23. Assess the Risks of Material Misstatement General approach ◦ Identify risks while obtaining an understanding of the client and its environment, including its internal control ◦ Relate the identified risks to what can go wrong at the relevant assertion level ◦ Consider whether the risks are of a magnitude that could result in a material misstatement ◦ Consider the likelihood that the risks could result in a material misstatement
  • 24. The Nature of Transactions Consider the nature of the transactions ◦ Routine transactions—e.g., revenue, purchases, and cash receipts and disbursements ◦ Non-routine transactions—e.g., taking of inventory, calculating depreciation expense ◦ Estimation transactions—e.g., determining the allowance for doubtful accounts Generally routine transactions have the strongest controls
  • 25. Assessing Risks at the Financial Statement Level Examples ◦ Preparing the period-end financial statements, including the development of significant accounting estimate and preparation of the notes ◦ The selection and application of significant accounting policies ◦ IT general controls ◦ The control environment Responses to high risks ◦ Assigning more experience staff or those with specialized skills ◦ Providing more supervision and emphasizing the need to maintain professional skepticism ◦ Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed ◦ Increasing the overall scope of audit procedures, including the nature, timing or extent
  • 26. Assessing Risks at the Assertion Level Examples ◦ Failure to recognize an impairment loss on a long-lived asset affects only the valuation assertion ◦ Inaccurate counting of inventory at year-end affect the valuation of inventory and the accuracy of cost of goods sold Responses ◦ Decisions are made here as to the appropriate combination of tests of controls and substantive procedures
  • 27. Perform Further Audit Procedures – Test of Controls Approach: ◦ Identify controls likely to prevent or detect material misstatements ◦ Perform tests of controls to determine whether they are operating effectively Tests of controls address: ◦ How controls were applied ◦ The consistency with which controls were applied ◦ By whom or by what means (e.g., electronically) the controls were applied
  • 28. Perform Further Audit Procedures – Test of Controls Tests of controls include: ◦ Inquiries of appropriate client personnel ◦ Inspection of documents and reports ◦ Observation of the application of controls ◦ Reperformance of the controls The results of the tests of controls are used to determine the nature, timing and extent of substantive procedures
  • 29. Effects of Data Analytics Data analytics may be used to perform tests of controls (operating effectiveness); auditors may test controls over the entire population of transactions rather than a sample Will use Urgent Medical Device as an example
  • 30. Use of the Work of Internal Auditors Work of Internal Auditors may be used in two ways: ◦ Obtaining audit evidence by using the internal auditors’ work performed as a part of their normal responsibilities, and ◦ Using internal auditors to provide direct assistance on the external audit.
  • 31. Service Organizations Computer service organizations provide processing services to customers who decide not to invest in their own processing of particular data Examples: Outsource processing of payroll or Internet sales; storage of data and records in the service organization’s Cloud
  • 32. Service Organizations Auditor should obtain understanding of the outsourced function by following one or more of: ◦ Contacting service organization to obtain information. ◦ Visiting service organization an performing necessary procedures. ◦ Obtaining a report from service organization Terms ◦ Service auditor—provides examination of service organization’s controls. ◦ User Auditor—Uses that report.
  • 33. 7-33 Service Organizations Types of Service Auditor Reports ◦ Type 1—Management’s description of the system and the auditor’s assessment of the suitability of the design of controls ◦ Type 2—Attributes of 1, plus assurance on the operating effectiveness of controls ◦ A Type 2 report may provide the user auditor with a basis for assessing control risk below the maximum.
  • 34. 7-34 Relationships Among Deficiencies Deficiency in Internal Control Less than Significant Significant Deficiency Material Weakness
  • 35. Internal Control in the Small Company Due to lack of employees, internal control is seldom strong in small businesses Specific practices for small businesses ◦ Record all cash receipts immediately ◦ Deposit all cash receipts intact daily ◦ Make all payments by serially numbered checks, with exception of petty cash disbursements ◦ Reconcile bank accounts monthly and retain copies ◦ Use serially numbered invoices, purchase orders, and receiving reports ◦ Issue checks to vendors only in payment of approved invoices that have been matched with purchase orders and receiving reports ◦ Balance subsidiary ledger with control accounts ◦ Prepare comparative financial statements monthly to disclose significant variations in any category of revenue or expense
  • 36. Assume that you have been hired by Willington, CPA, as a new staff assistant. He informs you that his approach to audits has always been to assess control risk at the maximum and perform all the substantive procedures he considers necessary. However, he has recently read an article in The Journal of Accountancy that indicates that a more efficient audit may sometimes be achieved by performing some tests of controls and thereby assessing control risk at a lower level. Willington shows you the following table that came from the article: Assessed Level of Control Risk Inherent Risk Low Moderate Maximum Low Highest allowable detection risk (lowest allowable scope of substantive procedures) High detection risk (low scope of substantive procedures) Moderate detection risk (moderate scope of substantive procedures) Moderate High detection risk (low scope of substantive procedures) Moderate detection risk (moderate scope of substantive procedures) Low detection risk (very high scope of substantive procedures) Maximum Moderate detection risk (moderate scope of substantive procedures) Low detection risk (very high scope of substantive procedures) Lowest detection risk (highest scope of substantive procedures) Willington understands that the table is only for illustrative purposes and that other “in between” levels of the various risks are possible, but he wants you to use the ones in the table to help him understand the trade-offs between tests of controls and substantive procedures. He understands that these risks would be assessed at the assertion level for the various accounts, but he wants to better understand how the various tests performed in an audit “tie together.” To keep things simple, he says to assume that inherent risk is at the maximum level in all cases.