Professional Documents
Culture Documents
In
such cases, it is likely that management will identify risks through direct personal
about identified risks and how they are addressed by management is still
necessary.
A77. The information system relevant to financial reporting objectives, which includes
the accounting system, consists of the procedures and records designed and
established to:
• Initiate, record, process, and report entity transactions (as well as events and
conditions) and to maintain accountability for the related assets, liabilities, and
equity;
files and procedures followed to clear suspense items out on a timely basis;
ledger;
other than transactions, such as the depreciation and amortization of assets and
Journal entries
A78. An entity’s information system typically includes the use of standard journal
35
A79. An entity’s financial reporting process also includes the use of non-standard
ledger and prepare financial statements, such entries may exist only in electronic
form and may therefore be more easily identified through the use of computerassisted audit
techniques.
services;
Business processes result in the transactions that are recorded, processed and
business processes, which include how transactions are originated, assists the
A81. Information systems and related business processes relevant to financial reporting
in small entities are likely to be less sophisticated than in larger entities, but their
role is just as significant. Small entities with active management involvement may
processes may therefore be easier in an audit of smaller entities, and may be more
A82. Communication by the entity of the financial reporting roles and responsibilities
36
over financial reporting. It includes such matters as the extent to which personnel
understand how their activities in the financial reporting information system relate
higher level within the entity. Communication may take such forms as policy
A83. Communication may be less structured and easier to achieve in a small entity than
A84. Control activities are the policies and procedures that help ensure that
manual systems, have various objectives and are applied at various organizational
• Authorization.
• Performance reviews.
• Information processing.
• Physical controls.
• Segregation of duties.
• Those that are required to be treated as such, being control activities that relate
to significant risks and those that relate to risks for which substantive
A86. The auditor’s judgment about whether a control activity is relevant to the audit is
influenced by the risk that the auditor has identified that may give rise to a
substantive testing.
37
control activities that address the areas where the auditor considers that risks of