Kế toán, kiểm toán - Chapter 7: Internal control

Internal ControlChapter 7Summary of Internal Control Definition A process ...designed to provide reasonable assurance...regarding, achievement of (the entity’s) objectives on:Effectiveness and efficiency of operationsReliability of financial reportingCompliance with applicable laws and regulations2Components of Internal Control The Control EnvironmentRisk AssessmentThe Accounting Information and Communication SystemControl ActivitiesMonitoring3Control Environment FactorsIntegrity and ethical valuesCommitment to competenceBoard of directors or audit committeeManagement philosophy and operating styleOrganizational structureHuman resource policies and practicesAssignment of authority and responsibility4Risk Assessment--Factors Indicative of Increased Financial Reporting RiskChanges in the regulatory or operating environmentChanges in personnelImplementation of a new or modified information systemRapid growth of the organizationChanges in technology affecting production processes or information systemsIntroduction of new lines of business, products, or processes5Objectives of an Accounting SystemIdentify and record valid transactionsDescribe on a timely basis the transactions in sufficient detail to permit proper classification of transactionsMeasure the value of transactions appropriatelyDetermine the time period in which the transactions occurred to permit recording in the proper periodPresent properly the transactions and related disclosures in the financial statements6Control ActivitiesPerformance reviewsInformation processingPhysical controlsSegregation of duties7Segregation of Duties8MonitoringOngoing monitoring activitiesSeparate evaluations9Limitations of Internal ControlErrors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc.Controls that depend on the segregation of duties may be circumvented by collusionManagement may override the structureCompliance may deteriorate over time10The Auditors’ Consideration of Internal ControlObtain an understandingDocument the understandingDetermine planned assessed level of control riskDesign additional tests of controlReassess control riskIf necessary, modify planned substantive tests1112Documenting Internal ControlQuestionnairesWritten NarrativesFlowcharts1314The Relationships Among Control Deficiencies15Content of Management’s Report on Internal ControlAcknowledgment of responsibility for internal controlAn assessment of internal control effectiveness as of the last day of the company’s fiscal year16Approach to Audit of Internal ControlPlan the engagementEvaluate management’s assessment processObtain an understanding of internal control Test and evaluate design effectiveness of internal controlTest and evaluate operating effectiveness of internal controlForm an opinion on control effectiveness17