Professional Documents
Culture Documents
1288628380-D InternalControl PDF
1288628380-D InternalControl PDF
1288628380-D InternalControl PDF
INTERNAL CONTROL
Auditor must understand the accounting system and control environment in order to determine their
audit approach.
Internal control is the process designed and put in place by those whose job it is to govern and manage
the company to provide reasonable assurance about the reliability of financial reporting, the efficiency
and effectiveness of operations and compliance with applicable laws and regulations.
The control environment includes the functions, attitudes, awareness and actions of those responsible
for governance and management concerning the entitys internal control and its importance in the
entity. Because controls are more likely to operate well in an environment where they are treated as
being important a strong control environment does not, by itself, ensure the effectiveness of the overall
internal control system but a weak control environment can undermine the effectiveness of controls.
The entitys risk assessment process involves processes the entity has put in place to identify business
risk relevant to financial reporting objectives, estimating the significance of the risk, assessing the
likelihood of their occurrence, and deciding upon actions to address those risk.
What is the Information System Relevant to Financial Reporting?
The information system relevant to financial reporting includes the financial reporting system, it consists
of procedures and records established to start, record, process and report entity transactions and
maintain accountability for the related assets, liabilities and equity.
Control activities are those policies and procedures that help ensure that management directives are
carried out. Control activities include those activities to prevent or to detect and correct errors. This
includes activities relating to authorisation, performance reviews, information processing, physical
controls and segregation of duties.
Note: Segregation of duties is a part of the control activities. Segregation implies more people being
involve in the accounting process and this makes it more difficult for fraud or accidental errors to slip
through. The key functions that should be segregated are the carry out of a transaction, the recording of
a transaction and the maintaining custody of assets that arise from the transaction.
Monitoring of controls is a process to assess the effectiveness of internal control performance over
time. It includes assessing the design and operation of controls on a timely basis and taking necessary
corrective actions modified for changes in conditions.
The internal controls in a computerised environment include general controls and application controls?
The purpose of application controls is to establish specific control procedures over the accounting
applications in order to provide reasonable assurance that all transactions are authorised and recorded
and are processed completely, accurately and on a timely basis.
An internal control can only provide, at best, a reasonable assurance that objectives are being reached
because of inherent limitations, such as, human error and potential for fraud. These inherent limitations
demonstrate why auditors cannot obtain all their evidence from tests of the systems of internal control.
Give some examples of inherent risk that affect the Internal Control System?
Human error
Collusion between employees
Controls being by-passed or overridden by management
Controls maybe design to handle routine transactions and not non-routine transactions
The cost of a control may not outweigh the benefit so it may not be implemented
Narrative notes
Questionnaires
Flowcharts
Checklists
What are the two different types of Questionnaires and what is their purpose?
Internal Control Questionnaire it is use to evaluate whether controls exist which meet specific
control objectives.
Internal Control Evaluation Questionnaire it is use to determine whether there are controls
which prevent or detect specified errors or omissions.
Transaction Cycles
Tests of Control
Why do auditors perform test of control?
Test of controls are perform to obtain audit evidence about the effectiveness of the design of the
accounting and internal control systems and its operation throughout the period.
Auditors should consider how controls were applied, the consistency with which they were applied
during the period and by whom they were applied.
SALES
What are the Control Objectives of a sales system?
One person is not responsible for taking orders, recording sales and receiving payment
Recorded sales transactions represent goods shipped
Goods and services are only supplied to customers with good credit rating
Goods and services are provided at authorised prices and on authorised terms
Customers are encouraged to pay promptly
All revenue relating to goods dispatch is recorded
All goods and services sold are correctly invoiced
All sales and adjustments are correctly journalised summarised and posted to the correct
accounts
Transactions have been recorded in the correct period
All transactions are properly classified in accounts
What are the Controls that can be put in place in a sales system?
Segregation of duties
Sales recorded only with approved sales order form and shipping documents
Accounting for numerical sequences of invoices
Monthly customer statements sent out and customer queries and complaints handled
independently
Authorisation of credit terms to customers
Authorisation by senior staff required for changes in standing data
Orders not accepted unless credit limits reviewed first
Authorised price lists and specified terms of trade in place
Shipping documentation is matched to sales invoices
Sales invoices are reconciled to the daily sales report
An open-order files is maintained and reviewed regularly
Sales invoices and matching documents required for all entries
All shipping documentation is forwarded to the invoicing section on a daily bases
Daily invoicing of goods shipped
Chart of accounts in place
Codes in place for different types of products or services
PURCHASES
What are the Control Objectives of a purchase system?
What are the Controls that can be put in place in a purchase system?
Authorisation procedures and policies in place for ordering goods and services
Segregation of duties
Purchase orders raised for each purchase and authorised by appropriate senior personnel
Approved purchase order for each receipt of goods
Staff receiving goods check them to the purchase order
Stores clerks sign for goods received
Purchase orders and GRNs are matched with the suppliers invoices
Periodic accounting for pre-numbered GRNs and purchase orders
Independent check of amount recorded in the purchase journal
Purchase orders and GRNs are matched with the suppliers invoices
Mathematical accuracy of the suppliers invoice is verified
Amount posted to general ledger is reconciled to the purchases ledger
Chart of accounts in place
All goods received reports forwarded to accounts payable department daily
Procedures in place that require recording of purchases as soon as possible after goods/services
received
INVENTORY
What are the control objectives for the inventory system?
CASH
What are the control objectives of the cash system?
Segregation of duties
Supplier statements independently reviewed to payable records
Monthly bank reconciliations prepared and reviewed
Only authorised staff can make electronic cash payments and issue cheques
Electronic cash payments and cheques prepared only after all source documents have been
independently approved
Review of cash payments by manager before release
Daily cash payments reconciled to posting to payable accounts
Use of pre-number cheques
Reconciliation of daily payments report to electronic cash payment transfers and cheques
issued
Suppliers statements reconciled to payable accounts regularly
Monthly bank reconciliations of bank statements to ledger account
Agreement of monthly cash payments journal to general ledger posting
Payable accounts reconciled to general ledger control account
Reconciliation of electronic funds transfers and cheques issued with postings to cash payments
journal and payable accounts
Chart of accounts
Independent approval and review of general ledger account assignment
Use of cash registers or point-of-sale devices
Periodic inspections of cash sales procedures
Restrictive endorsement of cheques immediately on receipt
Mail opened by two staff members
Immediate preparation of cash book or list of mail receipts
Independent check of agreement of cash/cheques to be deposited at bank with register totals
and receipts listing
Independent check of agreement of bank deposit slip with daily cash summary
Customer statements prepared and sent out on a regular basis
Receivables ledger reconciled to control account
PAYROLL
What are the Control Objectives for the payroll system?
What are the control objectives of the revenue and capital expenditure?
What are the controls for the revenue and capital expenditure system?
What are the tests of controls for the revenue and capital expenditure system?
Auditor can carry out walk-through tests to confirm their understanding of the control systems. What
this involves is taking a transaction and following it through the system to see whether all the controls
they anticipate should be in existence were in operation with regard to that transaction.
Significant deficiencies in internal controls shall be communicated in writing to those charged with
governance in a report to management in accordance with ISA 265. The communication can be done
orally as well.
A deficiency in internal control is where a control that is designed, implemented or operated to prevent,
or detect and correct, misstatements in the financial statements on a timely basis is unable to do so or a
control necessary to prevent, or detect and correct, misstatements in the financial statements on a
timely basis is missing.
THE END.