Professional Documents
Culture Documents
Question Bank - Chapter 4B
Question Bank - Chapter 4B
INTERNAL CONTROLS
QUESTION BANK
QUESTION 2
The International Standard on Auditing (ISA) 315 (Revised), which identifies and assesses
the risks of material misstatement through an understanding of the entity and its
environment, requires an auditor to understand an entity’s internal control. ISA 315
(Revised) defines internal control and deals with the different components thereof.
SUGGESTED SOLUTION
a) Control environment: 1
i. Includes the governance and the management functions, as well as 1
the attitudes, the awareness, and the actions of those charged with
governance and management of the entity’s internal control and its
importance in the entity
ii. Sets the tone of an entity, influencing the control consciousness of 1
its people
iii. Has elements such as communication and the enforcement of 1
integrity and ethical values, commitment to competence, the
participation of those charged with governance, management’s
philosophy and operating style, organisational structure, the
assignment of authority and responsibility, and human resource
policies and practices.
b) The entity’s risk assessment procedures: 1
i. Include (for financial reporting purposes) how management identifies 1
business risks relevant to the preparation of financial statements in
accordance with the entity’s applicable financial reporting framework;
and 1
You were recently appointed as a partner at the audit firm of Tom, Dick, and Harry Inc.
One of your duties includes a monthly training session with the trainee accountants in order
to resolve their uncertainties regarding, among other things, aspects of internal control.
In order to identify problem areas, you distributed a questionnaire among the trainee
accountants, the results of which revealed that there are reservations about the benefits to
be derived from the implementation of a computerised system, the type of control activities
and the inherent limitations of internal control.
Prepare a guideline that could be used as a reference tool during the training
session, in which you:
1. Describe five potential benefits identified by ISA 315 (Revised) to be 5
derived from the implementation of a computerised system.
SUGGESTED SOLUTION
You have recently been employed as the audit manager responsible for resolving
technical issues and overseeing trainee accountants completing their studies part-time
through Various University. One of your tasks is to assist the trainee accountants in
preparing for their upcoming examinations.
One of the areas of concern is their understanding of internal control and, more
specifically, the control objectives relating to internal control. You have been tasked
with the preparation of a presentation on control objectives in order to answer the
following unrelated questions raised by the trainee accountants.
1. List and define the generic control objectives that need to be present 9
in all accounting systems. Bearing in mind that the objectives referred
to are those of management, and should not be confused with the
assertions that management implies in the financial statements,
answer using this tabular format:
Notes:
2. Explain the first step (one step only) in the design of a system of 2
internal control and the difference between risks and control
objectives.
SUGGESTED SOLUTION
1.
2. CONTROL OBJECTIVE 3. GENERIC DEFINITION OR MEANING
VALIDITY (1) All transactions and events executed:
QUESTION 5
List and describe briefly the five components of internal control according to ISA 315
Revised that should be present in every entity’s internal control system.
SUGGESTED SOLUTION
1. Control environment 1
a. This relates mainly to the attitude of those charged with governance 1
(management) of an entity.
b. A positive attitude where management is committed towards the
design, the implementation, and the maintenance of a system of 1
internal control is the basis for any internal control system.
2. Risk assessment procedures 1
a. Such procedures include the ways in which those charged with 1
governance (management) of an entity identify and deal with (manage)
business risks relevant to the preparation of financial statements in
accordance with the entity’s applicable financial reporting framework.
b. Certain companies (those to which the King IV™ report are applicable) 1
must include in the company’s risk assessment procedures how they
deal with the governance of risk as prescribed by the report.
3. Information system relevant to financial reporting 1
a. This relates to the financial reporting system of an entity and consists
of the procedures and records necessary to initiate, record, process
and report the transactions (as well as the events and the conditions)
of the entity, and to maintain accountability for the related assets, 1
liabilities and equity.
4. Control activities 1
a. These are the measures that those charged with governance
(management) of the entity design and implement in order to ensure 1
that the control objectives are met.
5. Monitoring of controls 1
b. Such monitoring refers to the processes by which those charged with
governance (management) of an entity consider whether the internal
controls implemented by them are operating as intended, and that the 1
internal controls are modified as appropriate for changes in conditions
at the entity.
MOTIVATION BOX
2. “I've failed over and over and over again in my life and that is why I succeed.”
Michael Jordan