Beruflich Dokumente
Kultur Dokumente
SYSTEM
• Nature and Scope of Internal Control System
• Specific Internal Control Procedures
• Tests of Control
• Internal Control Report to Management
• Internal Audit as a Control Factor
NATURE AND SCOPE OF INTERNAL
CONTROL
• Introduction
• Definition
• Components of ICS
• Importance of ICQ
• Inherent Limitation of ICS
• Ascertaining ICS
• Recording/Documenting ICS
• Testing ICS
INTRODUCTION
• For systems based auditing to work effectively, the
auditor will like to rely on internal controls to reduce
the volume of substantive testing.
• It is therefore important for the auditor to examine the
internal control practice and procedures that are in
place in the client’s business.
• Where weaknesses are revealed, the auditor
recommends ways of improving the systems
•
DEFINITION
• Policies and procedures adopted by the management
of entity to assist in the objective of achieving as far as
practicable, the orderly and efficient conduct of the
business, including
• adherence to internal policies,
• the safeguarding of assets,
• the prevention and detection of fraud and error,
• the accuracy and completeness of the accounting records,
and
• the timely preparation of reliable financial information.
COMPONENTS OF INTERNAL
CONTROL
• Control environment
• Risk assessment process
• Information system
• Control procedures/activities
• Monitoring of controls
Control environment
•The control environment includes:
– the governance and management functions
and the attitudes,
– awareness, and actions of those charged with
governance ,and
– management concerning the entity’s internal
control and its importance in the entity.
•The control environment sets the tone of an
organisation, influencing the control consciousness
of its people.
Control Environment
•The control environment has many elements such as
– communication and enforcement of integrity and
ethical values,
– commitment to competence,
– participation of those charged with governance,
management’s philosophy and operating style,
– organisational structure,
– assignment of authority and responsibility and
– human resource policies and practices
Entity’s risk assessment process
•For financial reporting purposes, the entity’s risk
assessment process includes how management
identifies business risks relevant to the preparation
of financial statements in accordance with the
entity’s applicable financial reporting framework.
•It estimates their significance, assesses the
likelihood of their occurrence, and decides upon
actions to respond to and manage them and the
results thereof.
,
• Observation and selected tests will ensure that the ICQ
accurately reflects the strengths and weaknesses within
the procedures that operate from day to day
• The auditor should not place reliance on controls on the
basis of this preliminary evaluation.
• He should conduct further compliance tests designated to
give a reasonable assurance that the controls are
functioning properly
• The questions should be formulated in such a way that the
relevant internal control criteria are implicit, so that no more than
a yes/no answer is required to indicate compliance or non-
compliance.
• This degree of simplicity is not possible for every question, for
example cases where it is necessary to know the names of
executive officer authorized to sign cheques, or the limit on the
authority of a particular officer to authorise expenditure.
ICQs
PURCHASES &TRADE PAYABLES YES NO N/A DATE