Chapter 10

Modern
Modern Auditing:
Auditing:
Assurance
Assurance Services
Services and
and the
the Integrity
Integrity
of
of Financial Reporting, 8th Edition
Financial Reporting, 8 th
Edition
William C. Boynton
California Polytechnic State
University at San Luis Obispo
Raymond N. Johnson
Portland State University
Chapter 10 – Understanding Internal Control

Chapter
Chapter 10
10 Overview
Overview
Fundamental
Fundamental Concepts
Concepts of
of
Internal
Internal Controls
Controls
• Process integrated with an entity’s
infrastructure
• People implement internal control
• Can only provide reasonable assurance
• Achieve objectives in financial reporting,

compliance, and operations
Components
Components of
of Internal
Internal Control
Control
• Control Environment
• Risk Assessment
• Control Activities
• Information and Communication
• Monitoring
Entity
Entity Objectives
Objectives with
with Internal
Internal
Control
Control
• Reliability of financial information
• Compliance with applicable laws

and regulations
• Effectiveness and efficiency of

operations
Limitations
Limitations of
of Internal
Internal Control
Control
• Mistakes in Judgment
• Breakdowns
• Collusion
• Management Override
• Cost versus Benefits

Roles
Roles and
and Responsibilities
Responsibilities
• Management
• Board of Directors and Audit

Committee
• Internal Auditors
Roles
Roles and
and Responsibilities
Responsibilities (cont.)
(cont.)
• Other Entity Personnel
• Independent Auditors
• Other External Parties

Components
Components of
of Internal
Internal Control
Control
Control
Control Environment
Environment
• Integrity and Ethical Values
• Commitment to Competence
• Board of Directors and Audit

Committee
• Management’s Philosophy and

Operating Style
Control
Control Environment
Environment (cont.)
(cont.)
• Organizational Structure
• Assignment of Authority and

Responsibility
• Human Resource Policies and

Practices
Risk
Risk Assessment
Assessment Process
Process
Information
Information and
and Communication
Communication
• Information
– Transactions
– Audit Trail or Transaction Trail
– Documents
– Records
• Communication
Control
Control Activities
Activities
• Authorization Controls
• Segregation of Duties
– Transaction authorization
– Custody of assets
– Recorded accountability in accounting
records
Segregation
Segregation of
of Duties
Duties
Control
Control Activities
Activities (cont.)
(cont.)
• Information Processing Controls
– General Controls
– Computer Application Controls
– Controls over the Financial Reporting

Process
General
General Controls
Controls
• Organization and Operation Controls
• Systems Development and

Documentation Controls
• Hardware and Systems Software Controls
• Access Controls
• Data and Procedural Controls

Computer
Computer Application
Application Controls
Controls
• Input Controls
• Processing Controls
• Output Controls
Controls
Controls over
over the
the Financial
Financial
Reporting
Reporting Process
Process
Control
Control Activities
Activities (cont.)
(cont.)
• Physical Controls
• Performance Reviews
• Controls over Management

Discretion in Financial Reporting
Control
Control Activities
Activities (cont.)
(cont.)
• Monitoring
– Ongoing monitoring programs
– Separate evaluations
– Element of reporting deficiencies to

the audit committee
Antifraud
Antifraud Programs
Programs and
and Controls
Controls
Understanding
Understanding Internal
Internal Control
Control
Must perform procedures to:
• Understand design of policies and

procedures
• Determine whether the policies and

procedures are operating
Understanding
Understanding Internal
Internal Control
Control
Auditor uses the understanding to:
• Identify types of potential

misstatements
• Understand factors affecting risk of

material misstatement
• Design further audit procedures

Effects
Effects of
of Preliminary
Preliminary Audit
Audit
Strategies
Strategies
• Control Environment
• Risk Assessment
• Information and Communication
• Control Activities
• Monitoring
Procedures
Procedures to
to Obtain
Obtain an
an
Understanding
Understanding
• Review previous experience with the
client
• Inquire management, supervisory, and

staff personnel
• Inspect documents and records
• Observe activities and operations
• Trace transactions through system

Documenting
Documenting the
the Understanding
Understanding
• Questionnaires
• Flowcharts
• Decision Tables
• Narrative Memoranda
Questionnaire
Questionnaire
Decision
Decision Table
Table
Narrative
Narrative Memoranda
Memoranda

Chapter 10

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 10

Uploaded by

Copyright:

Available Formats

Modern

Chapter 10 – Understanding Internal Control

• People implement internal control

• Can only provide reasonable assurance

• Achieve objectives in financial reporting,

• Information and Communication

• Compliance with applicable laws

• Effectiveness and efficiency of

• Cost versus Benefits

• Board of Directors and Audit

• Other Entity Personnel

• Other External Parties

• Board of Directors and Audit

• Management’s Philosophy and

• Assignment of Authority and

• Human Resource Policies and

– Computer Application Controls

– Controls over the Financial Reporting

• Systems Development and

• Hardware and Systems Software Controls

• Data and Procedural Controls

• Controls over Management

– Element of reporting deficiencies to

Must perform procedures to:

• Understand design of policies and

• Determine whether the policies and

• Identify types of potential

• Understand factors affecting risk of

• Design further audit procedures

• Information and Communication

• Inquire management, supervisory, and

• Inspect documents and records

• Observe activities and operations

• Trace transactions through system

You might also like