Internal Control Basic Concepts

Shared by: DeanSampson

Tags

Internal Control Basic Concepts, Internal Control, financial statements, Laws and Regulations, Internal Control System, compliance requirements, Federal Awards, federal program, Internal Audit, Internal Controls

Stats

views:: 26
posted:: 7/27/2009
language:: English
pages:: 19

Public Domain

Document Sample

							Internal Control Basic
      Concepts
 Why do stores use cash
 registers?

To safeguard assets
To insure accuracy and
 reliability of accounting
 data
To provide efficiency in
 operations
To encourage adherence
 to prescribed policies &
 procedures
                             2
Why Consider Internal
Controls?

The second standard of fieldwork:
  A sufficient understanding of the internal
   control structure is to be obtained to plan the
   audit and to determine the nature, timing ,
   and extent of tests to be performed.
To ensure that the company’s objectives
 are being met.


                                                     3
Internal Control Basics

The Auditing Standards Board (ASB) has
 defined the internal control structure as
 “the policies and procedures established
 to provide reasonable assurance that
 specific entity objectives will be achieved”.
 SAS No. 55 and No. 78 relate to the
 internal control structure.


                                             4
Internal Control Basics

Recently, the Information Systems Audit
 and Control Foundation (ISACF)
 developed the Control Objectives for
 Information and related Technology
 (COBIT)
  Business aspects
  IT resources
  IT processes

                                           5
 Internal Control Basics
The Committee of Sponsoring Organizations (COSO)
  defines internal control as the process implemented
  by the board of directors, management, and those
  under their direction to provide reasonable
  assurance that control objectives are achieved with
  regard to the following:
     1.Effectiveness and efficiency of operations
     2.Reliability of financial reporting
     3.Compliance with applicable laws and regulations

                                                     6
COSO Integrated
Framework




                  7
Internal Control Components

Control Environment -            The collective effect of
 various factors on establishing, enhancing, or mitigating the
 effectiveness of specific policies and procedures.
  Integrity and Ethical Values
  Management’s Philosophy and Operating Style
  Organizational Structure
  The Board of Directors and the Audit Committee
  Methods of Assigning Authority and Responsibility
  Human Resources Policies and Practices
  External Influences
                                                           8
Internal Control Components

Risk Assessment -         This is the entity’s identification
 and analysis of relevant risks to achievement of its
 objectives, forming a basis for determining how the risks
 should be managed.
  Identify Threats
  Estimate Risk
  Estimate Exposure
  Identify Controls
  Estimate Costs and Benefits


                                                             9
Internal Control Components

Control Activities -        Policies and procedures in
  addition to the control environment and risk
  assessment that provide reasonable assurance that
  entity objectives will be achieved.
  S egregation of duties
  C omparisons and compliance monitoring
  A dequate documents and records
  L imited access to and use of assets and records
  P roper authorization of transactions and activities
                                                          10
Internal Control Basics

Classifications
  Preventive, Detective, Corrective
  General and Application
  Input, Processing, and Output




                                       11
Internal Control Components
Information and Communication -                 This area
 deals with the identification, capture, and exchange of
 information in a form and time frame that enable people to
 carry out their responsibilities.
  Identify and record all valid transactions (existence &
    completeness)
  Properly classify transactions (presentation)
  Record transactions at their proper monetary value
    (valuation)
  Record transactions in the proper accounting period
    (allocation)
  Properly present transactions and related disclosures in
    the financial statements. (presentation & disclosure) 12
Internal Control Components

Monitoring - The process that assesses the
  quality of the internal control performance over
  time.
  Effective supervision
  Responsibility accounting
  Internal auditing




                                                     13
Document Your
Understanding

Narrative
Flowchart
Questionnaire




                 14
Internal Control Risk

Rt = IR x CR x DR



SAS No. 47 requires the auditor to asses
 control risk. Maximum control risk is
 100%


                                            15
Assessing Control Risk

Start with the assertions
  Existence or Occurrence
  Completeness
  Rights and Obligations
  Valuation or Allocation
  Presentation and Disclosure



                                 16
Assessing Control Risk

Match the documented control procedures
 with the assertions
Three considerations:
  Are there adequate controls in place?
  Are the controls in place designed adequately?
  Are the controls in place operating effectively?



                                                17
Tests of Controls

Inquiry
Inspection
Observation
Re-performance




                    18
Additional Issues

SAS No. 55 requires documentation of the
 assessed level of control risk
SAS No. 60 requires the auditor to
 communicate any reportable conditions to
 the audit committee




                                        19