Professional Documents
Culture Documents
5 Components of Internal Control
5 Components of Internal Control
Risk
Internal Control
Presentation Outline
I. An Overview of Internal Control
II. The Components of Internal Control
III. Process for Understanding Internal
Control and Assessing Control Risk
IV. Communications with the Audit
Committee and Management
I. An Overview of Internal
Control
A. Internal Control Defined
B. Reasonable Assurance
C. Section 404 Reporting Requirements for
Management
D. Key Components of Managements
Assessment of Internal Control
E. Auditor Responsibilities for
Understanding Internal Control
B. Reasonable Assurance
Code the
missing cash
to bad debts.
Collusion
Reasonable assurance
involves two
considerations:
The cost of the entitys
internal control should
not exceed the
expected benefits.
Limitations exist in
any entitys internal
control.
2. Commitment to Competence
Managements
consideration of the
competence levels for
specific jobs and how
those translate into
requisite skills and
knowledge.
5. Organizational Structure
Understanding the
clients organizational
structure provides the
auditor with an
understanding of how
the clients business
functions and
implements controls.
Em
pl
De J oy
sc ob ee
ri p
tio
ns
B. Risk Assessment
C. Control Activities
1. Adequate Segregation of
Duties
Separation of the
functions of
authorization,
recordkeeping, and
custody.
Separating IT duties
from User
Departments
2. Proper Authorization of
Transactions and Activities
General authorization
is permissible for
routine events for
which there are
policies to follow.
For some transactions
specific authorization
is needed on a caseby-case basis.
Incorrect
Password
5. Independent Checks on
Performance
E. Monitoring
Client managements ongoing and periodic assessment
of the quality of internal control performance to
determine whether controls are operating as intended
and modified when needed.
For many companies, especially larger ones, an
internal audit department is essential for effective
monitoring.
To maintain internal audit independence, it is
imperative that they be independent of operating and
accounting departments; and that they report to a high
level of authority, preferably the audit committee of
the board of directors.
Summary
1.
2.
3.
4.