Professional Documents
Culture Documents
Iasb 47192 Sia 120
Iasb 47192 Sia 120
INTERNAL CONTROLS
Contents
Paragraph(s)
Introduction ........................................................................................... 1
Objectives .............................................................................................. 2
Definition of Internal Controls .................................................................. 3
Responsibility of the Board and Management ............................................ 4
Responsibility of the Internal Auditor ......................................................... 5
Effective Date ........................................................................................ 6
*Note: This Standard on Internal Audit (SIA) supersedes Standard on Internal Audit
(SIA) 12, Internal Control Evaluation, issued in February 2009.
1. Introduction
1.1 Internal Controls is a key concept in Internal Audit and this Standard
seeks to clarify the concept and the responsibility of the Internal
Auditor, Management and other stakeholders, with respect to Internal
Controls, keeping in mind their legal, regulatory and professional
obligations.
1.2 Internal Controls are systemic and procedural steps adopted by an
organisation to mitigate risks, primarily in the areas of financial
accounting and reporting, operational processing and compliance with
laws and regulations.
1.3 The definition of Internal Audit (refer Para 3.1 in the “Framework
Governing Internal Audits”) and SIA 230, “Objectives of Internal
Audit”, indicate providing independent assurance on the effectiveness
of Internal Controls as a basic expectation from Internal Audit. The
definition on Internal Audit elaborates on the term “Internal Controls”
by clarifying how these are integral to the management function and
business operations.
1.4 Scope: This Standard applies to all internal audits conducted where
internal controls are subject of audit review, and are being assessed,
evaluated and reported upon.
2. Objectives
2.1 The purpose of this Standard is to:
(a) Provide a common terminology on Internal Controls to prevent
ambiguity or confusion on the subject matter;
(b) Define Internal Controls, how they mitigate risks, and also how
they are viewed from a legal perspective;
(c) Explain the responsibilities of management and auditors with
regard to Internal Controls, as mandated by law and
regulations; and
(d) Specify certain requirements which need to be met to be able
to provide an independent assurance on Internal Controls in the
organisation under review.
Standard on Internal Audit (SIA) 120
2
Internal Controls
3
Standard on Internal Audit (SIA) 120
INTERNAL
CONTROL INTERNAL ENTITY
INTERNAL
OVER OPERATIONAL FINANCIAL LEVEL
CONTROL
FINANCIAL CONTROL (OC) CONTROL CONTROLS
(IC)
REPORTING (IFC) (ELCs)
(ICFR)
INTERNAL
CONTROL
CONTROL
MULTIPLE PROCESS LEVEL CONTROLS (PLCs) ENVIRON
SYSTEM
MENT
(ICs)
4
Internal Controls
5
Standard on Internal Audit (SIA) 120
6
Internal Controls
6. Effective Date
6.1. This Standard is applicable for internal audits beginning on or after a
date to be notified by the Council of the Institute.