Professional Documents
Culture Documents
CONTENTS
1. Definition of internal controls
2. Developmental process
3. COSO report drafting process
4. COSO Report 1992 & 2013
5. The effectiveness of internal controls
Chapter 1 6. Internal control and management process
OVERVIEW OF 7. Responsibilities for internal controls
INTERNAL CONTROL
Auditing Department- SOA-UEH
2023 1 2
1 2
DEFINITION 1. DEFINITION
Control Control
It is a mean to reduce the factors that adversely affect
the operation of an object.
Internal Internal
The existence or location within or in relation to the
structure of an organization.
3 4
3 4
1
Internal Controls (UEH) - Chapter 1
1. DEFINITION 1. DEFINITION
Internal control is a process, effected by an entity’s board
PROCESS
of directors, management, and other personnel, designed
to provide reasonable assurance regarding the Board of
Operations
Directors
achievement of objectives relating to operations,
reporting, and compliance. Internal
Managers Control Reporting
(COSO Report)
5 6
5 6
1. Early stage
Operations Objectives – related to the effectiveness and efficiency of the
entity’s operations, including operational and financial performance
goals, and safeguarding assets against loss. 2. Formation stage
Reporting Objectives – related to internal and external financial and non‐
financial reporting to stakeholders, which would encompass reliability, 3.Development stage
timeliness, transparency, or other terms as established by regulators,
standard setters, or the entity’s policies. 4. Modern stage
Compliance Objectives – related to adhering to laws and regulations that
the entity must follow.
7 8
7 8
2
Internal Controls (UEH) - Chapter 1
AICPA
EARLY STAGE- FORMATION STAGE- defined ORGANIZATION STRUCTURE
Internal
DEVELOPMENT STAGE control system OF COSO
Internal control Guaranteed the COSO Treadway
over accounting exactly of Commission
accounting data The Committee of
(1936) Sponsoring
The National Commission
Organizations of the on Fraudulent Financial
Protect Treadway Commission
Protect Reporting
assets
moneys(1900) (1929) Efficiency of
operations
(1949)
9 10
9 10
• The outstanding feature of the COSO report is a broad Basel Committee on CoBIT®
and governance vision, in which internal control is no Banking Supervision Control Objectives
longer just an issue related to financial statements but Framework for Internal for Information and
Control System in Related Technology
is extended to other areas of operation and compliance Banking Organizations
ISACA (Information System Audit and
Control Association)
11 12
11 12
3
Internal Controls (UEH) - Chapter 1
13 14
CoBIT®
Internal control Control Objectives
for smaller for Information and
publicly traded Related Technology
15 16
15 16
4
Internal Controls (UEH) - Chapter 1
17 18
17 18
19 20
19 20
5
Internal Controls (UEH) - Chapter 1
Send Testing in
questionnaire reality
21 22
21 22
23 24
23 24
6
Internal Controls (UEH) - Chapter 1
Control Activities
Monitoring Activities
25 26
25 26
27 28
7
Internal Controls (UEH) - Chapter 1
29 30
30
29 30
31 32
8
Internal Controls (UEH) - Chapter 1
33 34
33 34
(source: Annual Report of FPT 2021)
BOARD OF DIRECTORS
Requirements for members of the Board of Directors:
Independent, competent and questionable
Understanding the operations and operating
environment of the entity and dedicating enough time to
carry out its administrative responsibilities
Use resources as necessary to investigate issues that
arise and have open, unlimited communication with
employees, internal auditors, independent auditors, legal
consultants, etc.
35 36
35 36
9
Internal Controls (UEH) - Chapter 1
Board of Supervisors
• Supervise the Board of Directors, and CEO in the management and
administration of the company
• Review, test and evaluate the effectiveness and efficiency of the company's
internal control, risk management and early warning systems
(source: Annual Report of FPT 2021)
37 38
37 38
AUDIT COMMITTEE
As a committee under the Board of Directors, with
members (at least 2) are selected by the Board of
Directors
The Chairman of the Audit Committee must be an
independent member of the Board of Directors.
Committee members must be non‐executive Board
members
Review of internal control and risk management (Source: Annual Report of VNM 2021)
systems
39 40
39 40
10
Internal Controls (UEH) - Chapter 1
41 42
41 42
MANAGERS
(source: Annual Report of FPT 2021)
43 44
43 44
11
Internal Controls (UEH) - Chapter 1
(b) Internal Control Evaluation and Reporting. With respect to the internal control
assessment required by subsection (a), each registered public accounting firm that prepares
or issues the audit report for the issuer shall attest to, and report on, the assessment made by
the management of the issuer.
45 46
45 46
EMPLOYEE
(Source: Annual Report of VNM 2021)
47 48
47 48
12
Internal Controls (UEH) - Chapter 1
OTHERS
External auditors (such as independent auditors, public
auditors)
Legislators or Regulators
Customers and suppliers can also provide useful
information through their dealings with the organization.
Others outside the organization such as financial analysts,
the media, etc.
49 50
49 50
13