1-internal control standards Flashcards Preview

3-Internal Control-Concepts and Standards > 1-internal control standards > Flashcards

Flashcards in 1-internal control standards Deck (7)
Loading flashcards...

the auditor should perform risk assessment procedures to obtain an understanding of the entity and its environment, including its internal control. the procedures are....

inquiries of management and others

observation and inspection

analytical procedures

review information

discussion among audit team members


the auditors understanding of the entity and its environment consists of these 5 things

industry, regulatory and other external factors

nature of the entity

objectives and strategy

measurement and review of the entities financial performance

obtain a sufficient understanding of entities internal control


the auditor ____ perform substantive tests to some degree for all significant audit areas. cannot assess control risk so low that substantive testing is omitted entirely.



internal control consists of 5 components

control environment - tone at the top or policies/procedures to establish the overall control consciousness of the organization

risk assessment - policies/procedures to identify and analyze relevant risks and prioritize them so they can be effectively managed

information and communication system -- policies/procedures related to identification, capture and exchange of info in a form and timeframe that enable people to carry out their responsibilities.

control activities -- policies/procedures to provide reasonable assurance that managements specific objectives will be reached.

monitoring -- policies/procedures involving the ongoing assessment of the quality of the internal control effectiveness over time.


internal control definition

a process --effected by those charged with governance, management, and other personnel-- that is designed to provide reasonable assurance about the achievement of the entity's objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance of applicable laws and regulations.


Control Activities-5 components (SCARE)

segregation of duties
controls-physical controls
review-performance review
information technology


segregation of duties

authorization (execution)
access or custody
accounting or record keeping