1 / 19

Internal Control Basic Concepts

Internal Control Basic Concepts. Why do stores use cash registers?. To safeguard assets To insure accuracy and reliability of accounting data To provide efficiency in operations To encourage adherence to prescribed policies & procedures. Why Consider Internal Controls?.

kalonice
Download Presentation

Internal Control Basic Concepts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internal Control Basic Concepts

  2. Why do stores use cash registers? • To safeguard assets • To insure accuracy and reliability of accounting data • To provide efficiency in operations • To encourage adherence to prescribed policies & procedures

  3. Why Consider Internal Controls? • The second standard of fieldwork: • A sufficient understanding of the internal control structure is to be obtained to plan the audit and to determine the nature, timing , and extent of tests to be performed. • To ensure that the company’s objectives are being met.

  4. Internal Control Basics The Auditing Standards Board (ASB) has defined the internal control structure as “the policies and procedures established to provide reasonable assurance that specific entity objectives will be achieved”. SAS No. 55 and No. 78 relate to the internal control structure.

  5. Internal Control Basics • Recently, the Information Systems Audit and Control Foundation (ISACF) developed the Control Objectives for Information and related Technology (COBIT) • Business aspects • IT resources • IT processes

  6. Internal Control Basics The Committee of Sponsoring Organizations (COSO) defines internal control as the process implemented by the board of directors, management, and those under their direction to provide reasonable assurance that control objectives are achieved with regard to the following: 1. Effectiveness and efficiency of operations 2. Reliability of financial reporting 3. Compliance with applicable laws and regulations

  7. COSO Integrated Framework

  8. Internal Control Components • Control Environment - The collective effect of various factors on establishing, enhancing, or mitigating the effectiveness of specific policies and procedures. • Integrity and Ethical Values • Management’s Philosophy and Operating Style • Organizational Structure • The Board of Directors and the Audit Committee • Methods of Assigning Authority and Responsibility • Human Resources Policies and Practices • External Influences

  9. Internal Control Components • Risk Assessment - This is the entity’s identification and analysis of relevant risks to achievement of its objectives, forming a basis for determining how the risks should be managed. • Identify Threats • Estimate Risk • Estimate Exposure • Identify Controls • Estimate Costs and Benefits

  10. Internal Control Components • Control Activities - Policies and procedures in addition to the control environment and risk assessment that provide reasonable assurance that entity objectives will be achieved. • S egregation of duties • C omparisons and compliance monitoring • A dequate documents and records • L imited access to and use of assets and records • P roper authorization of transactions and activities

  11. Internal Control Basics • Classifications • Preventive, Detective, Corrective • General and Application • Input, Processing, and Output

  12. Internal Control Components • Information and Communication - This area deals with the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities. • Identify and record all valid transactions (existence & completeness) • Properly classify transactions (presentation) • Record transactions at their proper monetary value (valuation) • Record transactions in the proper accounting period (allocation) • Properly present transactions and related disclosures in the financial statements. (presentation & disclosure)

  13. Internal Control Components • Monitoring - The process that assesses the quality of the internal control performance over time. • Effective supervision • Responsibility accounting • Internal auditing

  14. Document Your Understanding • Narrative • Flowchart • Questionnaire

  15. Internal Control Risk • Rt = IR x CR x DR • SAS No. 47 requires the auditor to asses control risk. Maximum control risk is 100%

  16. Assessing Control Risk • Start with the assertions • Existence or Occurrence • Completeness • Rights and Obligations • Valuation or Allocation • Presentation and Disclosure

  17. Assessing Control Risk • Match the documented control procedures with the assertions • Three considerations: • Are there adequate controls in place? • Are the controls in place designed adequately? • Are the controls in place operating effectively?

  18. Tests of Controls • Inquiry • Inspection • Observation • Re-performance

  19. Additional Issues • SAS No. 55 requires documentation of the assessed level of control risk • SAS No. 60 requires the auditor to communicate any reportable conditions to the audit committee

More Related