Audit: Internal Control

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

auditor's main concerns with IC

to identify the types of potential misstatements; ascertain factors that affect the risk of MMs, and design tests of controls and substantive procedures

why must an auditor obtain an understanding of IC

to plan the audit and to: - identify types of potential MM - pinpoint the factors that affect risk of MM - design tests of controls & substantive procedures

COSO framework

tool used for assessing effectiveness of IC

monitoring

updating of the system on a periodic basis

auditor perspective of IC

need assurance that data from acg system is reliable; understanding IC is a major factor in determining overall audit strategy

management perspective of IC

need reliable acg systems to make sound business decisions and to meet responsibilities of safreguarding assets

auditor's primary consideration regarding an entity's IC is:

affect the fin st assertions

tools that can document understanding of IC

- entity's procedures manuals & org charts - internal control questionnaires - flowcharts - narrative descriptions

assessing control risk below high involves:

- identifying specific controls to rely on - performing tests of controls - analyzing the achieved level of control risk after performing tests of controls

internal control provides reasonable assurance that:

- records are maintained - transactions are recorded - unauthorized acq, use, or disposition of the compnay's assets are promptly detected/prevented

factors that affect the control environment

1. integrity and ethical values 2. commitment to competence 3. participation of those charged with governance 4. mgmt's philosophy and operating style 5. org structure 6. assignment of auth & responsibilities 7. HR policies & practices

how to implement the monitoring component of COSO

as an ongoing process, as a separate evaluation, if its conducted by internal audit staff it can reduce external audit costs

auditor responsible for IC

assess control risk to plan audit of fin st; express opinion on IC

substantive strategy

auditor has decided to NOT rely on entity's controls and instead uses substantive procedures as main source of evidence; control risk @ max

reliance strategy

auditor intends to rely on entity's controls; more detailed understanding/documentation of IC

an auditor may set control risk at high for some assertion if he

believes the internal controls are unlikely to be effective

5 components of internal control

control environment, entity's risk assessment, control activities, info and communication, monitoring activities

control environment

most important; integrity, ethical values, and competence of the entity's people; atmosphere in which controls are actually conducted

when control risk is high

don't rely on controls and increase substantive tests

info and communication

how the org manages the processes of control system; communicate to the right people

control activities

how the organization addresses what could go wrong; policies and procedures

mgmt's incentives for est/maintaining strong IC

it helps them to make informed business decisions

inherent limitations of IC

mgmt override, personnel errors, collusion

definition of internal control

process, effected by an entity's BoD, mgmt, and other personnel, designed to proivde reasonable assurance regarding the achievement of objectives in the reliability of fin reporting

risk assessment

recognition of what could go wrong

when control risk is low

rely on controls and reduce substantive tests

AS 5 (SOX 404)

requires an auditor to express an opinion on IC

second standard of fieldwork

requires that auditor assess control risk to plan the audit

management responsibility for IC

responsible for creating, evaluating, testing, maintaining, documenting, and reporting on IC

significant deficiencies represent

significant deficiencies in design or operation of IC

regardless of assessed level of control risk, an auditor would perform some:

substantive procedures to restrict detection risk for significant transaction classes


Ensembles d'études connexes

AC Circuit Analysis Fourth Block

View Set

Chapter 16: Economic Growth and Productivity

View Set

Concept-Based Assessment Online Practice A Level 2

View Set

UNRS 107 Quiz2_Prep_Rationale - ATI Quiz #2 Prep

View Set

Communications Test 2 Study Guide

View Set

MGT Chap 13, MGT Chap 15, MGT Chapter 16, Chapt 12 Mgt, MGT Chap 14

View Set