Professional Documents
Culture Documents
2 - INTERNAL
CONTROL
TABLE OF CONTENTS
Fundamental concepts
Objective, characteristics & limitations
Definition of IC
Importance of IC to auditors
Relationship of IC and audit evidence
Review & documentation of ICS
IC’s compliance test in transaction cycle
Strength & deficiencies of internal control
Management letter
INTERNAL CONTROL –DEFINITION
Reliability
of financial reporting
Compliance with applicable laws & regulation
Effectiveness & efficiency of operations
Prevention & detection of fraud & errors
INTERNAL CONTROL - OBJECTIVES
All the policies and procedures (IC) adopted by the
management of an entity to assist in achieving
management’s objectives of ensuring the efficient
conduct of its business.
Several objectives of internal control includes : -
adherence to mgmt policies
Monitoring of Control
COMPONENTS OF IC (2)
(FEATURES OF GOOD ICS)
1) Control Environment
Consists of actions, policies & procedures which reflect the overall
attitudes of top mgmt, directors & owners of an entity about IC & its
importance to the entity.
Factors that may affect it :
Organizational structure
3) Control Procedures
Policies & procedures that help to ensure that mgmt directives
are carried out to achieve its objectives and also to
reduce/address risks.
AI 400 states that control activity generally relates to:
Segregation of duties
Information processing
Physical control
Performance review
COMPONENTS OF IC (4)
(FEATURES OF GOOD ICS)
5) Monitoring
Mgmt’s ongoing & periodic assessment of the quality of IC
performance to determine whether controls are operating as intended
& modified when needed.
CHARACTERISTICS OF IC
1) Management perform independent checks on performance
Mgmt is responsible for devising & maintaining the system
of IC. Review on the adequacy of IC need to be performed
on regular basis to ensure that all significant controls are
operating effectively.
For example: personnel are likely to forget or intentionally
fail to follow procedures, or they may become careless
unless someone regularly observes and evaluate their
performance.
2) Organisational structure
Mgmt creates an org.structure to facilitate delegation of
duties, coordination of activities and to control the actions
of its employees. Such org. structure should be clearly
defined by hierarchy to show who is responsible for what
area of the org and the official title of the person in charge.
Eg. Organization chart.
CHARACTERISTICS OF IC (2)
4) Segregation of duties
Means that proper segregation of duties between staff in-
charge of authorisation on transactions, recording of
transactions & custody of assets. As a result, no one
person sees a transaction through from beginning to end
of their own.
CHARACTERISTICS OF IC (3)
5) Supervision
Supervision should be carried out on a regular and continuous
basis. For example, work done by a clerk must be supervised by
his/her superior or supervisor in charge.
(e.g. manager supervises the officer, officers supervises the clerk)
Auditor’sconcern about IC
Auditor needs to understand the IC systems of
an entity in planning the audit
If the IC system is strong , the FS & other data
generated by the entity more reliable & thus,
the auditor could possibly reduce substantive
tests
OTOH, if the IC is weak, the auditor needs to
perform > ST & detailed checking during the
audit
WHO’S RESPONSIBLE TO
MAINTAIN THE ICS?
Mgmt / Auditor?
Auditor – will evaluate & ascertain the ICS in
deciding the level of testing required. A
good ICS will reduce the amt of audit work
required.
Management – Responsible to maintain
good ICS to make sure the organisation run
smoothly and the company will not exposed
to the possible misstament of FS.
REASONS FOR AUDITORS TO
UNDERSTAND CLIENT’S IC
1) To obtain info abt integrity of mgmt
2) To obtain info abt the nature & extent of available acc.
records
3) To identify the types of potential errors & fraud that
might affect the FS
4) To assess the Control Risk
5) To plan & design the appropriate audit test
1. Narrative description
2. Internal control questionnaires (ICQ)
3. Flowcharts
DOCUMENTATION OF CLIENT’S ICS (2)
Narrative - a written description of a client’s IC system
A proper narrative of an a/c system & related procedures includes
4 characteristics
Origin of every document & recording in the system
Easy to describe
Disadvantage
Difficult to describe details of large org IC system
Authorisation on documents
Physical examination
SUMMARY
IC is important for the effective operation of entities
The auditor must obtain an understanding of the IC
structure to effectively plan the audit