Presentation is loading. Please wait.

Presentation is loading. Please wait.

[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.

Published byNeal Richard Modified over 9 years ago

Similar presentations

Presentation on theme: "[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal."— Presentation transcript:

1 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal Control and Control Risk Principles of Auditing: An Introduction to International Standards on Auditing - Ch. 7 Rick Stephan Hayes, Roger Dassen, Arnold Schilder, Philip Wallage

2 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.2 Internal Control is A process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial reporting, compliance with applicable laws and regulations and safeguarding of assets against unauthorized acquisition, use or disposition.

3 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.3 Internal control is geared to the achievement of objectives in one or more separate overlapping categories: 1 effective operations — relating to effective and efficient use of the entity's resources 2 financial reporting — relating to preparation of reliable published financial statements 3 compliance — relating to the entity's compliance with applicable laws and regulations 4 safeguarding of assets

4 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.4 Management Control Objectives Effective Operations goal safeguarding of assets (cash, accounts receivable, accounting records) Financial Reporting Need for accurate information because management has a responsibility to see that statements are prepared fairly in accordance with accounting standards. Auditor is interested primarily in financial reporting controls (especially controls over transactions). Compliance Companies must comply with many laws and regulations including company law, tax law and environmental protection regulations.

5 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.5 Auditor’s Primary Control Consideration and Emphasis To understand an entity’s internal control, the auditor will evaluate the design and implementation of a control. The auditor's primary consideration is whether, and how, a specific control prevents, or detects and corrects, material misstatements in classes of transactions, account balances or disclosures. The heaviest emphasis by auditors is on controls over classes of transactions rather than account balances or disclosures.

6 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.6 Design and Implementation of Controls To understand the entity’s internal control the auditor will evaluate the design of a control and judge whether it has been implemented. He determines if the control is designed to prevent, detect, or correct transactions that misstate the account balances. Implementation of a control means that the control exists and that the entity is using it.

7 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.7 Components of Internal Control are Control Environment, Risk Assessment, Control Activities / Control Procedures, Information and Communication and Monitoring.

8 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.8 Components of Internal Control Illustration 7.1

9 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.9 Control Environment The control environment means the overall attitude, awareness, and actions of directors and management regarding the internal control system and its importance in the entity.

10 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.10 Elements Contributing to a Successful Control Environment (1) Communication and enforcement of integrity and ethical values; (2) Commitment to competence; (3) Participation by those charged with governance - independence and integrity of the board of directors; (4) Management's philosophy and operating style - leadership via control by example; (5) Organizational structure; (6) Assignment of authority and responsibility; and (7) Human resource policies and practices.

11 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.11 Risk Assessment Management assesses risks as part of designing and operating the internal control system to minimize errors and irregularities. Auditors assess risks to decide the evidence needed in the audit. If management effectively assesses and responds to risks, the auditor will typically need to accumulate less audit evidence than when management fails to, because control risk is lower.

12 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.12 Identify Risks A technique to identify risks involves identifying and prioritizing high risk activities: ¬identify the essential resources of the business and determine which are most at risk; ­identify possible liabilities which may arise; ®review the risks that have arisen in the past; ¯consider any additional risks imposed by new objectives or new external factors; and °seek to anticipate change by considering problems and opportunities on a continuing basis.

13 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.13 Information and Communication. Information must be relevant and delivered to people who need it in a form and time frame that allows them to carry out their control and other responsibilities.

14 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.14  The accounting system;  Customer and vendor records  Production system;  Budget information,  Personnel system;  Computer systems software;  Computer applications software Sub- systems

15 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.15  accounting transactions  correspondence  personnel information  customer and vendor information  entity objectives and standards  procedure manuals  information about external events, activities and conditions Input for Information System

16 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.16 Output of Information System Qaccounting reports Qbudget reports Qproduction reports Qoperating reports Qcorrespondence Qall the records and files generated by applications software

17 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.17 Obtain an understanding of the information system and the related business processes relevant to financial reporting in the following areas: The classes of transactions in the entity's operations that are significant to the financial statements. The procedures by which those transactions are initiated, recorded, processed and reported from their occurrence to their inclusion in the financial statements. The related accounting records, supporting information, and specific accounts in the financial statements.

18 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.18 How the information system captures events and conditions, other than transactions, that are significant to the financial statements. The financial reporting process used to prepare the entity's financial statements, including significant accounting estimates and disclosures Obtain an understanding of the information system and the related business processes relevant to financial reporting in the following areas (continued):

19 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.19 Control Activities (Control Procedures) There are potentially many control activities, but they generally fall into five categories: Performance reviews; Information processing: proper authorization of transactions and activities, General Controls; Information: accuracy, adequate documents and records, Application controls; Physical control over assets and records; adequate Segregation of duties.

20 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.20 Control Comments Transaction Records Application Controls General Controls Computer Facility Controls

21 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.21 Segregation of Duties Segregation of duties entail three fundamental functions which must be separated and adequately supervised:  authorization  recording  custody

22 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.22 Monitoring  Monitoring is assessing the design of controls and their operation on a timely basis and taking necessary corrective actions.  Ongoing monitoring information comes from several sources: exception reporting on control activities, reports by government regulators, feedback from employees, complaints from customers, and most importantly from internal auditor reports..

23 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.23 Evaluation of Monitoring When evaluating the ongoing monitoring the following issues might be considered: 4Periodic comparisons of amounts recorded with the accounting system and with physical assets. 4Responsiveness to internal and external auditor recommendations to strengthen internal controls. 4Extent to which training seminars, planning sessions and other meetings provide information on effective operation of controls. 4Effectiveness of internal audit activities 4Extent to which personnel obtain evidence on internal control function

24 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.24 Design of Internal Control To gain an understanding of the entity’s internal control, the auditor is required to evaluate the design of controls and determine whether they have been implemented. It is especially important to evaluate the design of (1) controls that address significant risks (2) controls for which substantive procedures alone is not sufficient.

25 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.25 Methods for Obtaining Controls Audit Evidence Obtaining audit evidence about the design and implementation of relevant controls may involve (1) Inquiring of entity personnel. (2) Observing and re-performing the application of a specific control. (3) Inspecting documents and reports, (4) Tracing transactions through the information system

26 [Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.26 Thank You for Your Attention Any Questions?

Download ppt "[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal."

Similar presentations

Internal Control and Control Risk

Internal Control and Control Risk
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control.

Internal Control.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
The Islamic University of Gaza

The Islamic University of Gaza
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Review of Introduction to Auditing

Review of Introduction to Auditing
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004

CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 5.1 Client Acceptance.

[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 5.1 Client Acceptance.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.

[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.
Chapter 10 Internal control and Control Risk.

Chapter 10 Internal control and Control Risk.
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting

Similar presentations

Ads by Google