Professional Documents
Culture Documents
Chapter – 9
Internal Control
Dec 09
Past Paper
Q 3) Control Environment
1- Control Environment
Means the overall attitude, awareness and actions of Management towards Controls
Indicators includes
3- Information Systems
The auditor shall obtain an understanding of the information system, including the related
business processes,
For example, if orders are placed via a website. The appropriate approach would be to place a
test order via the website and ensure the order has been recorded in the system by viewing it on
screen.
4- Control Activities
Activities includes
Reports and summaries
Approvals
Reconciliations
Comparisons / analytical reviews
Physical inspections
Segregation of duties
Software controls
5- Monitoring of Controls
Evaluate effectiveness of controls over time
Re-assessing design and operations of the internal controls
(Internal audit function helps in this activity)
2- Document the internal control system (narrative notes, flow-charts, IC questionnaires, etc.)
Internal Control Questionnaire (ICQ): Used to ask questions whether control exists in order to
document the existing system
5- Revision of risk assessment if evidence obtained indicates that the controls are not working as
expected