Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

Published byBryce Alexander Modified over 5 years ago

Similar presentations

Presentation on theme: "Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business."— Presentation transcript:

1 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT

2 Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business risks that threaten the achievement of any of these objectives Reliability of financial reporting, Effectiveness and efficiency of operations and Compliance with applicable laws and regulations. to identify types of potential misstatements; to consider factors that affect the risks of material misstatements; and to design the nature, timing and extent of further audit procedures.

3 Components of Internal Control
The control environment The entity’s risk assessment process The information system, including the related business processes relevant to financial reporting and communication. Control activities Monitoring of controls

4 The Control Environment
Communication and enforcement of integrity and ethical values. Commitment to competence Participation by those charged with governance Management’s philosophy and operating style Organizational structure Human resource policies and practices

5 The Entity’s Risk Assessment Process
It is the process of identifying and responding to business risks that affect entity’s financial reporting. Such process includes how management: identifies risks that affect entity’s ability to produce financial statement that give true and fair view, estimates their significance, estimates likelihood of their occurrence and Decides upon actions to manage them.

6 Cont.…….. Risks relevant to financial reporting include: internal events, and external events and circumstance That may occur and adversely affect an entity’s ability to: initiate, record, process, and report the financial information.

7 Cont.…….. Risks can arise due to circumstances such as the following: (internal/external) Changes in operating environment New personnel New information systems Rapid growth New technology New business models, product or activities Corporate restructurings Expanded foreign operations New accounting pronouncements

8 Information system The information system consists of:
infrastructure (physical and hardware components), software people procedures and data Infrastructure and software will be absent, or have less significance, in systems that are exclusively or primarily manual. Many information systems make extensive use of IT.

9 Importance of Information System
Identify and record all valid transaction. Describe the sufficient detail to permit proper classification of transactions for financial reporting. Measure the value of transactions in a manner that permits recording their proper monetary value in the financial statements. Determine the time period in which transactions occurred to permit recording of transactions in the proper accounting period. Present properly the transactions and related disclosures in the financial statements.

10 Communication Communication involves: providing an understanding of individual roles and responsibilities pertaining to internal control, understanding roles of others and doing exception reporting to higher level management. Communication takes such forms as: policy manuals, accounting and financial reporting manuals. It may also be made: electronically, orally and through the actions of management

11 Control Activities Control activities include: a) Performance reviews
b) Information processing c) Physical controls d) Segregations of duties

12 Performance reviews These control activities include:
reviews and analyses of actual performance versus budgets, forecasts, and prior period performance; relating different sets of data - operating or financial - to one another, together with analyses of the relationships and investigative and corrective actions; comparing internal data with external sources of information; review of functional or activity performance, review of reports by branch, region, and loan type for loan approvals and collections

13 Information processing
A variety of controls are performed to check accuracy, completeness, and authorization of transactions. The two broad groupings of information systems control activities are: application controls and general IT controls. Application controls apply to the processing of individual applications. These controls help ensure that transactions occurred, are authorized, and are completely and accurately recorded and processed. General IT-controls commonly include controls over data center and network operations; system software acquisition, change and maintenance; access security; and application system acquisition, development, and maintenance. These controls apply to main-frame, mini-frame and end-user environments.

14 Physical controls These activities include the:
physical security of assets, including adequate safeguards such as secured facilities access to assets and records; authorization for access to computer programs and data files; and counting and comparison with amounts shown on control records (for example comparing the results of cash, security and inventory counts with accounting records).

15 Segregation of duties Assigning different people the responsibilities of authorizing transactions, recording transactions, and maintaining custody of assets is intended to reduce the opportunities errors or fraud in the normal course of the person's duties. Examples of segregation of duties include reporting, reviewing, approval and control of documents.

16 Monitoring of Control The auditor should obtain an understanding of the major types of activities that the entity uses to monitor internal control over financial reporting, and how the entity initiates corrective actions to its controls. Monitoring means and includes: If monitoring is not done, people may stop performing the functions they are required to perform. It also involves assessing the quality of internal control performance over times. Monitoring may be ongoing activities, separate evaluations or a combination of the two. Monitoring includes: Supervisions, functions of managers Internal audit Communication from external parties indicating areas requiring

17 Assessing the Risk of Material Misstatement
The auditor should identify and assess the risks of material misstatement at the financial statement level, and at the assertion level for classes of transactions, account balances, and disclosures. Identifies risks throughout the process of obtaining an understanding of the entity and its environment, including relevant controls that relate to the risks, and by considering the classes of transactions, account balances, and disclosures in the financial statements. Relates the identified risks to what can go wrong at the assertion level; Considers whether the risks that could result in a material misstatement of the financial statements

18 Significant Risks that require Special Audit Considerations
non-routine transactions (unusual) judgmental matters (e.g. accounting estimates) non-routine transactions arising from matters such as: greater management intervention to specify the accounting treatment greater manual intervention for data collection and processing complex calculations or accounting principles non-routine transactions (unusual) complex calculations or accounting principles

19 For significant risks, to the extent the auditor has not already done so, the auditor should evaluate the design of the entity’s related controls, including relevant control activities, and determine whether they have been implemented. If management has not appropriately responded by implementing controls over significant risks and if, as a result, the auditor judges that there is a material weakness in the entity’s internal control, the auditor communicates this matter to those charged with governance as required. In these circumstances, the auditor also considers the implications for the auditor’s risk assessment.

20 Risks for which substantive procedures alone do not provide sufficient appropriate audit evidence
As part of the risk assessment the auditor should evaluate the design and determine the implementation of the entity’s controls, including relevant control activities, over those risks for which, in the auditor’s judgment, it is not possible or practicable to reduce the risks of material misstatement at the assertion level to an acceptably low level with audit evidence obtained only from substantive procedures.

Download ppt "Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business."

Similar presentations

Internal Control and Control Risk

Internal Control and Control Risk
Control and Accounting Information Systems

Control and Accounting Information Systems
Auditing Concepts.

Auditing Concepts.
Internal Control.

Internal Control.
INTERNAL CONTROL COMPONENT Pertemuan_6 Mata Kuliah: CSP402, IT Governance Tahun Akademik : 2012/2013 SAS 78 / COSO Describes the relationship between the.

INTERNAL CONTROL COMPONENT Pertemuan_6 Mata Kuliah: CSP402, IT Governance Tahun Akademik : 2012/2013 SAS 78 / COSO Describes the relationship between the.
The Islamic University of Gaza

The Islamic University of Gaza
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Review of Introduction to Auditing

Review of Introduction to Auditing
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004

CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Similar presentations

Ads by Google