Professional Documents
Culture Documents
Published by COSO
(Committee of
Sponsoring
Organizations) Comprehensive
framework of internal
control
COSO’s Internal
Internal control over
Control, Integrated
financial reporting
Framework
Used to assess
effectiveness of:
Controls over
operational and
compliance objectives
Internal Control - Integrated
Framework
COSO defines internal control as a process:
Commitment
towards • Attract
competence is • Train
demonstrated • Mentor
through • Evaluate
policies and • Retain employees
procedures to:
Organization Enforces Accountability -
COSO Principle 5
Individuals held
accountable for Accountability
internal control mechanisms
responsibilities
Advantages
• Help train new personnel
• Serve as a reference tool for all employees
Provide clarity and communication of • Provide evidence that the controls are
operating
standards and expectations • Enable proper monitoring activities
• Support reporting on internal control
effectiveness
• Used by external auditors to understand client’s
internal control system
Guidelines for Developing Reliable
Documentation
Pre-numbered paper or computer-generated documents facilitate control
of, and accountability for, transactions
Timely preparation
Authorization of a transaction
Transaction trail
• Tracing a transaction from its origination through to its final disposition, or vice versa
Reporting on Internal Control Over Financial
Reporting
Suitable criteria be
used as the benchmark
in assessing internal
control effectiveness
(e.g., COSO)
STEPS IN MANAGEMENT’S
EVALUATION OF INTERNAL CONTROL
OVER FINANCIAL REPORTING
Examples of Approaches to Management Testing
of Operating Effectiveness of Control
IMPORTANCE OF INTERNAL CONTROL TO THE
EXTERNAL AUDIT
Importance of Internal Control FOR
the External Audit
Auditors are
The auditor needs to understand the company’s
required to
identify and assess internal controls to determine appropriate audit
risks of material procedures
misstatement due
to fraud or error
Auditor then
gathers evidence • By taking a random sample auditor needs to
on operating independently determine whether the
effectiveness of controls are working
these controls
Reference
• Karla M. Johnstone. (2016). Auditing : a risk-based approach
to conducting a quality audit. 10th ed. Cengage Learning.
Boston. ISBN: 9781305080577.
• Iain Gray, Stuart Manson, Louise Crawford. (2015). The Audit
Process Principles, Practices and Cases. 06. Cengage
Learning. Hampshire. ISBN: 9781408081709.
Thank You