Internal Control 1

Question 1

Definiton and objective of Internal Control

Answer 1

AU-C 315 - in the Internal Control - Integrated framework publish by COSO

IC is a process designed to provides reasonable assurance that certains objective are achieved: ACE

• Accurates & Reliable financial reporting
• Compliance with laws and regulations
• Effectiveness and Efficiency of operations

The auditor’s responsibility with respect to safeguarding of assets is limited to those relevant to the reliability of financial reporting

Question 2

What are the 3 objectives of Internal Control?

Answer 2

ACE

• Accurates & Reliable financial reporting
• Compliance with laws and regulations
• Effectiveness and Efficiency of operations

Question 3

What are the 5 components of Internal Control?

Answer 3

AU-C 315 - in the Internal Control - Integrated framework publish by COSO

CRIME

1. Control Environment
2. Risk Assessment
3. Control Activities
4. Information and Communication
5. Monitoring

Question 4

What is the purpose for a Control Environment assessment?

Answer 4

Sets tone for the entire company

Question 5

What are the components of the Control Environment?

Answer 5

CHOPPER

• Commitment to competence
• Human resource policies & practices
• Organizational Structure
• Participation of those charged with Governance (audit committee or BOD)
• Philosophy of the management and operating style
• Ethics values & Integrity
• Responsibility assignment

Question 6

What are the goal of risk assessment procedures?

Answer 6

The knowledge obtained through risk assessment procedures is used to:

• Identify the types of potential misstatement (errors/frauds)
• Considered factors that affect the RMM
• Design test of control and substantive procedures

Note:understanding doesn’t require evaluating their operating effectiveness

Question 7

Describe policies and procedures included in Control Activities

PIPS

Answer 7

Control Activities includes policies and procedure that helps to ensure that management directives are carried out:

PIPS

• Performance reviews
• Information processing
• Physical controls
• Segregation of duties (ARCC’s: Authorization of transactions, Recording of transactions, Custody of assets and Comparisons)

Question 8

What are the steps the auditor should performed to obtain an understanding of IC?

UPDATED

Answer 8

UPDATED

1. Obtain Understanding of the design of CRIME (perform RMM procedures)
2. Document the understanding of IC
3. Assess RMM
4. Perform Test of Control (TFC)
5. Reasses RMM and Evaluate results
6. Document conclusions and complete the planned substantive procedures

Question 9

What are the Risk Assessment procedures

AIIO/PIIO

Answer 9

Risk Assessment procedures includes: AIIO/PIIO

• Analytical Procedure / Prior audits
• Inquiry
• Inspection
• Obervation (to determine if the control have been implemented in practice)

Question 10

How can an auditor document understanding of Internal Control?

FIND

Answer 10

FIND

• Flowchart: a symbolic representation of a system of sequential processes
• Internal control questionnaire ICQ
• Narative or Memorandum
• Decision table/tree

Question 11

Effect of reliance on IC and Assessing RMM

Answer 11

Intent to Rely on IC

• NO reliance IC:
  
  • (1) IC does NOT opperate effectively,
  • (2) cost/benefit of substantive procedure vs. Test of control -
  • RRM is ↑ ⇒ Substantive approach alone provide cost benefit
• YES reliance IC:
  
  • (1) IC does opperate effectively or
  • (2) substantive procedure alone does not provide sufficent audit evidence -
  • RRM is ↓⇒ Combined approach (test of control & substantive test)

Question 12

What questions should be asked to determine the risk of material misstatement?

Answer 12

• Were all transactions recorded?
• Were they timely?
• Measured appropriately?
• Recorded in correct period?
• Presented and disclosed properly?
• Did Management communicate their responsibilities?

Question 13

the purpose of tests of controls

Answer 13

is to provide reasonable assurance that the internal control procedures are designed and operating effectively

Type of Test of control is RIIO

Question 14

4 procedures of Test of Control

RIIO

Answer 14

Noah build an ARCC’s to go to RIIO

• Reperfomance of the control by the auditor (when evaluating operation)
• Inspection of documents and reports
• Inquiries of appropriate personnel
• Observation of the application of controls - most effective

​look at frequency or percentage for tes of control

Question 15

Materiality

Answer 15

Materiality:

• is a concept that recognizes that some matters, individually or in the aggregate, are important for fair presentation of financial statements in conformity with generally accepted accounting principles.
  
  • The auditor’s opinion that the financial statements are presented fairly in all material respects is for the financial statements as a whole, so materiality levels are generally considered in terms of the smallest aggregate level of misstatement that could be considered material to any one of the financial statements.
• is a matter of professional judgment influenced by the auditor’s perception of the needs of users of the financial statements.
• involves both quantitative and qualitative considerations.