Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defining Internal Control

Published byHandoko Muljana Modified over 6 years ago

Similar presentations

Presentation on theme: "Defining Internal Control"— Presentation transcript:

1 Defining Internal Control
Internal control is a process, effected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity’s) objectives relating to: Operations Reporting Compliance Internal controls over financial reporting are: Preventive Detective Corrective Controls Overlap Complementary or compensating Let’s define internal control. Internal control is a process, effected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity’s) objectives relating to: Operations Reporting Compliance Internal controls over financial reporting are: Preventive controls aimed at avoiding the occurrence of misstatements in the financial statements. An example is segregation of duties. Detective controls that are designed to discover misstatements after they have occurred. An example is the monthly bank reconciliation. Corrective controls are those needed to remedy the situation uncovered by detective controls. An example is the backups of master files. And we also have controls overlap. These may be complementary. They function together. Or they may be redundant. They address same assertion or control objective. Compensating controls reduce risk existing weakness will result in misstatement. If we have a weak control, we may create another control to compensate for the weakness. START – 01:46

2 Components of Internal Control
The Components of Internal Control are: The Control Environment Risk Assessment Control Activities Information System Relevant to Financial Reporting and Communication Monitoring Activities The Components of Internal Control are: The Control Environment Risk Assessment Control Activities Information System Relevant to Financial Reporting and Communication Monitoring Activities 01:46 – 02:16

3 The Control Environment
Control Environment Factors: Commitment to integrity and ethical values. Board of directors demonstrates independence from management and exercises oversight of internal control. Establishment of effective structure, including reporting lines, and appropriate authorities and responsibilities. Commitment to attract, develop, and retain competent employees. Holding employees accountable for internal control responsibilities. Control Environment Factors are: Commitment to integrity and ethical values. Board of directors demonstrates independence from management and exercises oversight of internal control. Establishment of effective structure, including reporting lines, and appropriate authorities and responsibilities. Commitment to attract, develop, and retain competent employees. Holding employees accountable for internal control responsibilities. 02:16 – 03:06

4 Risk Assessment The Risk Assessment Process:
Clearly specify objectives to allow the identification and assessment of risks related to those objectives. Identify and analyze risks to the achievement of its objectives to determine how they may be managed. Consider potential fraud relating to the achievement of objectives. Identify and assess changes that could impact internal control. The Risk Assessment Process: Clearly specify objectives to allow the identification and assessment of risks related to those objectives. Identify and analyze risks to the achievement of its objectives to determine how they may be managed. Consider potential fraud relating to the achievement of objectives. Identify and assess changes that could impact internal control. 03:06 – 03:45

5 The Control Activities
Control activities are all the policies and procedures that help mitigate the risk that the organization’s internal control objectives are not met. These include: Performance reviews like comparing budget to actual Transaction control activities such as approvals, verifications, use of forms and documents, reconcilements and supervisory reviews Physical controls to include inventory counts, locking doors, and controlling access Segregation of duties is a basic concept that dictates that one person should not handle all aspects of a transaction from beginning to end. Segregate authorization, recording and custody of assets Control activities are all the policies and procedures that help mitigate the risk that the organization’s internal control objectives are not met. These include: Performance reviews like comparing budget to actual Transaction control activities such as approvals, verifications, use of forms and documents, reconcilements and supervisory reviews Physical controls to include inventory counts, locking doors, and controlling access Segregation of duties is a basic concept that dictates that one person should not handle all aspects of a transaction from beginning to end. Segregate authorization, recording and custody of assets 03:45 – 04:50

6 The Accounting System Objectives of the accounting system:
Identify and record valid transactions Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions Measure the value of transactions appropriately Determine the time period in which the transactions occurred to permit recording in the proper period Present properly the transactions and related disclosures in the financial statements Objectives of the accounting system: Identify and record valid transactions Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions Measure the value of transactions appropriately Determine the time period in which the transactions occurred to permit recording in the proper period Present properly the transactions and related disclosures in the financial statements 04:50 – 05:31

7 Monitoring Ongoing monitoring activities include regularly performed supervisory and management activities such as continuous monitoring of customer complaints. The activities of the internal audit department is another form of monitoring within an organization. Ongoing monitoring activities include regularly performed supervisory and management activities such as continuous monitoring of customer complaints. The activities of the internal audit department is another form of monitoring within an organization. 05:31 – 05:56

8 Limitations of Internal Control
Limitations of internal control include: Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc. Controls that depend on the segregation of duties may be circumvented by collusion Management may override the structure Compliance may deteriorate over time Limitations of internal control include: Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc. Controls that depend on the segregation of duties may be circumvented by collusion Management may override the structure Compliance may deteriorate over time 05:56 – 06:32

9 Documenting the Auditor’s Understanding of Internal Control
The auditor will document their understanding of the system of internal control through the use of: Questionnaires that are typically standardized by firm Written Narratives and memos that describe flow of transactions Flowcharts Walk-through wherein the auditor traces one or two transactions through the operating cycle The auditor will document their understanding of the system of internal control through the use of: Questionnaires that are typically standardized by firm Written Narratives and memos that describe flow of transactions Flowcharts Walk-through wherein the auditor traces one or two transactions through the operating cycle 06:32 – 07:05

10 The Test of Controls The auditor’s approach to the testing of controls is: Identify controls likely to prevent or detect material misstatements Perform tests of controls to determine whether they are operating effectively Tests of controls include: Inquiries of appropriate client personnel Inspection of documents and reports Observation of the application of controls Reperformance of the controls The auditor’s approach to the testing of controls is: Identify controls likely to prevent or detect material misstatements Perform tests of controls to determine whether they are operating effectively Tests of controls include: Inquiries of appropriate client personnel Inspection of documents and reports Observation of the application of controls Reperformance of the controls The results of the tests of controls are used to determine the nature, timing and extent of substantive procedures. The results of the tests of controls are used to determine the nature, timing and extent of substantive procedures. 07:05 – 08:17

11 Use of the Work of the Internal Auditors
Work of Internal Auditors may be used in two ways: Obtaining audit evidence by using the internal auditors’ work performed as a part of their normal responsibilities Using internal auditors to provide direct assistance on the external audit. The work of internal auditors may be used by the CPA auditors in two ways: Obtaining audit evidence by using the internal auditors’ work performed as a part of their normal responsibilities Using internal auditors to provide direct assistance on the external audit. 08:17 – 08:46

12 Service Organizations
Most service organizations provide similar services to many clients. It is unreasonable for the user auditor of each of the service center’s clients to visit the service center to evaluate internal controls at the service center. Instead, the service center will engage its own auditor (the service center auditor) to prepare a report on its internal control known as the Report of the Service Auditors. There are two variations: Type 1 Service Auditor Report describes the system and the suitability of the design of controls. Type 2 Service Auditor Report describes the system and the suitability of the design of controls, plus provides assurance on the operating effectiveness of controls. A Type 2 report is normally obtained by the user auditor in order to be able to rely on the internal controls at the service center. The organization being audited may outsource an operation. If the outsourced operation relates to the financial reporting, then the auditor (known as the user auditor) must consider it as if it is part of the company they are auditing. A good example is payroll. Many companies have their payroll accounting done by an outside service organization such as ADP. The user auditor still has to deal with the payroll accounting (to include internal control) when he audits payroll expense. Most service organizations provide similar services to many clients. It is unreasonable for the user auditor of each of the service center’s clients to visit the service center to evaluate internal controls at the service center. Instead, the service center will engage its own auditor (the service center auditor) to prepare a report on its internal control known as the Report of the Service Auditors. There are two variations: Type 1 Service Auditor Report describes the system and the suitability of the design of controls. Type 2 Service Auditor Report describes the system and the suitability of the design of controls, plus provides assurance on the operating effectiveness of controls. A Type 2 report is normally obtained by the user auditor in order to be able to rely on the internal controls at the service center. 08:46 – 10:55

13 Communication of Internal Control Deficiencies
Certain internal control deficiencies are classified as: Significant deficiency – a deficiency in internal control that is less severe than a material weakness in internal control, yet important enough to warrant the attention by those responsible for the oversight of the company’s financial reporting. Material weakness - a deficiency in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the company’s financial statements will not be prevented or detected on a timely basis. Certain internal control deficiencies are classified as: Significant deficiency – a deficiency in internal control that is less severe than a material weakness in internal control, yet important enough to warrant the attention by those responsible for the oversight of the company’s financial reporting. Material weakness - a deficiency in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the company’s financial statements will not be prevented or detected on a timely basis. Auditors are required to communicate both significant deficiencies and material weaknesses to management, and those charged with governance. Auditors are required to communicate both significant deficiencies and material weaknesses to management, and those charged with governance. 10:55 – 11:55

14 Internal Control in a Small Business
Due to lack of employees, internal control is seldom strong in small businesses. Specific practices for small businesses include: Record all cash receipts immediately Deposit all cash receipts intact daily Make all payments by serially numbered checks, with exception of petty cash disbursements Reconcile bank accounts monthly and retain copies Use serially numbered invoices, Purchase orders, and receiving reports Issue checks to vendors only in payment of approved invoices that have been matched with purchase orders and receiving reports Balance subsidiary ledger with control accounts Prepare comparative financial statements monthly to disclose significant variations in any category of revenue or expense Due to lack of employees, internal control is seldom strong in small businesses. Specific practices for small businesses include: Record all cash receipts immediately Deposit all cash receipts intact daily Make all payments by serially numbered checks, with exception of petty cash disbursements Reconcile bank accounts monthly and retain copies Use serially numbered invoices, Purchase orders, and receiving reports Issue checks to vendors only in payment of approved invoices that have been matched with purchase orders and receiving reports Balance subsidiary ledger with control accounts Prepare comparative financial statements monthly to disclose significant variations in any category of revenue or expense 11:55 - END

Download ppt "Defining Internal Control"

Similar presentations

Summary of Internal Control Definition

Summary of Internal Control Definition
Internal Control and Control Risk

Internal Control and Control Risk
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.

Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Auditing Concepts.

Auditing Concepts.
Internal Control.

Internal Control.
Internal Control Chapter 7 covers two distinct, but related topics:

Internal Control Chapter 7 covers two distinct, but related topics:
The Islamic University of Gaza

The Islamic University of Gaza
CHAPTER 10 UNDERSTANDING INTERNAL CONTROLS Fall 2007

CHAPTER 10 UNDERSTANDING INTERNAL CONTROLS Fall 2007
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004

CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Nature of an Integrated Audit

Nature of an Integrated Audit
Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.

Chapter 13 Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Auditing Human Resources Processes: Personnel and Payroll in Service Industries.
Chapter 10 Cash and Financial Investments McGraw-Hill/Irwin

Chapter 10 Cash and Financial Investments McGraw-Hill/Irwin
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Similar presentations

Ads by Google