Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
rittenberg summary

rittenberg summary

|Views: 13|Likes:
Published by kevinlim186
rittenberg summary
rittenberg summary

More info:

Published by: kevinlim186 on Jan 19, 2013
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less





Internal control is designed to provide accountability of those entrusted to run theenterprise by the stakeholders, who have provided the resources to the entity.Controls exists as a way to mitigate and manage risk and are necessary for goodlong-term decision-making.Internal controls are needed because every organization faces significant risksranging from:a.
corporate failureb.
misuse of corporate assetsc.
incorrect or incomplete preparation of financial statementsinternal control assist the organization in the following categorya.
reliability of financial reportingb.
compliance with applicable laws and regulationc.
effectiveness and efficiency of operationsImportant aspects of internal controla.
it is a continuous processb.
starts at the top of the organizationc.
it includes all the peopled.
broader than internal control over financial reportinge.
applied across all activities of the organizationComponents of internal control1.
risk assessment a.
the manner in which a misstatement might occur varies with both
the organization’s control environment and the nature of 
control environment: refers to the overall governance of the organizationa.
starts with the audit committee, BOD and management b.
7 effective control environment i.
Integrity and ethical values particularly top management ii.
Importance of BOD in financial reporting and relatedcontrolsiii.
Management philosophy an operating style achievingeffective internal control (sets the tone-> articulate ->select accounting principles and oversees estimates)iv.
Organizational structure supporting effective internalcontrolv.
Commitment to financial reporting competenciesvi.
Authority and responsibility(jobs of BOD defineresponsibility and limit authority)vii.
Human resources: policies and practices includingcompensation program.3.
control activities: errors that can occur
policies and procedures that are established to assist organizations in accomplishing objectives and mitigating risks.b.
Organization implement control activities to mitigate the risks that are
to their organization.c.
Involves two componentsi.
The design and implementation of the controls including adescription of how the control activities operate.ii.
The operation of the controlsd.
3 process that affect the quality of data entering into the generalledgeri.
transactions processingii.
accounting estumatesiii.
adjusting and closing journal entriese.
control activitiesi.
segregation of duties ( custodial and process transaction)ii.
authorization proceduresiii.
adequately document transaction trail(provide evidence toauthorization)iv.
physical controls to safeguard assetsv.
reconciliation of control accounts with subsidiary ledgers,transactions recorded with submitted for processing andphysical counts of assets4.
information and communication: communication of the management a.
indentifying, capturing and exchanging information in a timely
fashion to enable accomplishment of the organization’s objectives.
monitoring: monitor to assure that everything operates effectivelya.
monitoring is a process that provides feedback n the effectivenessof the other four components of internal control.b.
Can be done through ongoing activities or separate evaluations.
entity level control:
exists on a higher level than transaction-level controls and affct multiple processes, transactions, accounts and assertions.Most BOD as three subcommittes:1.
the audit committee2.
the compensation committee3.
a nominating and governance committeepreventive VS detective control
Preventive control 
: designed to prevent the occurrence of a misstatement, usuallymore cost efficient but my not provide documentary evidence that controls areworking.
Edit control 
:prevent some inappropriate transactions from being recorded.
Detective control 
:provides evidence on whether processing has been effective inpreventing errors.
General computer controls
: computer controls that are pervasive and affect everycomputerized system
 Application controls
: controls that are built into specific processes.
: verifying to the system that the person is who she or he claims to be.(something they know, they possess or from them)General computer controlsa.
planning and controlling data processing functionb.
controlling applications development and changes to programs and or datafiles and records (failure of programs)c.
controlling access to equipment,data and programsa.
The auditor should determine the extent to which the client hasinstituted a data access program based on the following principlesi.
access to any data item is limited to those with a need to knowii.
the ability to change, modify or delete a data item is restrictedto thse with the authorization to make such changesiii.
the access control system has the ability to identify and verifyany potential users as authorized or unauthorized for the dataitem and function requestsiv.
a security department should actively monitor attempts tocompromise the systemd.
assuring business continuity such that control failures do not affect data orprograms (back ups)e.
controlling data transmission (encryption)Application controla.
input control- assure that it fully captures and records all thetransactions.i.
Unique transaction identifier established by the computerii.
Procedures to limit accessiii.
Formation of an audit trail- allow auditor to trace a transactionfrom its origination through to its final disposition.b.
Processing controli.
Designed to assure tha the correct program is used forprocessing, all are processed and the correct transactionupdate multiple filesc.
Output controli.
Designed to assure that all date are completely processed andthat output is distributed only to authorized recipients.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->