Audit Chapter 7 concepts (material)
COSO illustrates the following control objectives (sub-objectives)
1. All goods shipped are accurately billed in the proper period. 2. Invoices are accurately recorded for all authorized shipment and only for such shipments 3. Authorized and only authorized sales returns and allowances are accurately recorded 4. The continued completeness and accuracy of accounts receivable is ensured 5. Accounts receivable records are safeguarded
Risk assessment is managements process of indemnifying, analyzing and responsive to such risks. In performing effective risks assessment, organization should:
1. Clearly specify objectives to allow the identification and assessment of risks related to those objectives 2. Identify risks to the achievement of its objectives 3. Consider potential fraud relating to the achievement of objectives 4. Identify and assess changes that could impact internal control
The control environment may be viewed as the foundation for the other internal control components; its basic principles should include:
1. Commitment to integrity and ethical values 2. Board of directors independence of management and effective oversight of internal control 3. An effective organizational structure, including appropriate reporting lines and appropriate authorities and responsibilities. 4. Commitment to attract, develop and retain competent employees. 5. Accountability for internal control responsibilities
Committee of Sponsoring Organizations (COSO) commissioned a study to?
1. Establish a common definition of internal control to serve the needs of different parties 2. Provide a standard against which businesses and other entities can assess their controls systems and determine how to improve them.
A clients anti fraud programs and controls include both broad programs that
1. are designed to prevent, deter and detect fraud (promote honesty and ethical behavior) 2. Controls designed to mitigate specific risks of fraud (controls over access to inventory)
The organizational structure of an entity should separate responsibilities for:
1. authorization of transactions 2. record keeping for transactions 3. custody of assets
Internal Control - Integrated Framework defines internal control as :
A process, effected by the entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: * Reliability of financial reporting *Effectiveness and efficiency of operations * Compliance with applicable laws and regulations
Reasonable assurance recognizes that the cost of an organizations internal control should not exceed the
Benefits expected to be obtained.
Under the direction of the treasurer, the finance department is responsible for
Financial operations and custody of liquid assets. Activities of this department including planning future cash requirements, establishing customer credit policies, and arranging to met the short and long term financing needs of the business.
The definition of internal control is comprehensive in that it addressed the achievement of objectives in these areas:
Financial reporting, operations and compliance with laws and regulations.
What are the results of violating the Foreign Corrupt Act?
Fines up to $ 1 milion dollars and imprisonment of the members of management who are responsible.
A well designed organizational structure provides a basis for
Planning, directing and controlling operations
Controls over financial reporting are often classified as;
Preventive, detective or corrective
What is the major difference between control objectives and assertions ?
The control objectives are broader in that they related not only to financial reporting, but also to operations and compliance.
Which controls are most relevant to the audit of fiancial statements?
Those that pertain to the reliability of financial reporting- that is, those that affect the preparation of fiancial information for external reporting purposes.
The accounting department, under the authority of the controller, is responsible for all accounting functions and, often, the design and implementation of internal control.
With respect to financial activity, the accounting department records financial transactions but does not handle fianicla assets.
Are controls designed to safeguard the organizations assets relevant to an audit ?
Yes, IF they affect the reliability of financial reporting.
COSO's defintion of internal control emphasized that internal control is a process, or a means to an end and not
an end in and of itself. The process is effected by individuals, not merely policy manual, documents and forms.
In audits of SEC registrants, the Sarbanes-Oxley Act of 2002 requires that the audit committee be directly responsible for
the appointment, compensation and oversight of the work of the CPA firm (including resolution of any disagreements between management and the CPA firm)
The organizations must hold individuals accountable for their internal control responsibilities to assure
the effectiveness of the process
With respect to internal control, the accounting department maintains the independent records with which quantities of assets and operating results are compared.Often, this reconciliation function is performed by
the operations control group of some other subdepartment within accounting.