Professional Documents
Culture Documents
Chapter 7 Control of Accounting Information System
Chapter 7 Control of Accounting Information System
INFORMATION SYSTEM
CHAPTER 7
OVERVIEW OF CONTROL CONCEPTS
• Internal Control - is the process implemented by the board of
directors, management , and those under their direction to provide
reasonable assurance that the following control objectives are
achieved:
▪ Assets (including data) are safeguard.
▪ Records are maintained in sufficient detail to accurately and fairly reflect
company assets.
▪ Accurate and reliable information is provided.
▪ There is reasonable assurance that financial reports are prepared in
accordance with GAAP.
▪ Operational efficiency is promoted and improved.
▪ Adherence to prescribed managerial policies is encouraged.
▪ The organization complies with applicable laws and regulations.
INTERNAL CONTROL FUNCTIONS
• Internal controls perform three important functions:
- Preventive controls
- Detective controls
- Corrective controls
CLASSIFICATION OF CONTROLS
• Internal controls are often classified as:
- General controls
- Application controls
SOX AND THE FOREIGN CORRUPT PRACTICES ACT
• Control environment
• Control activities
• Risk assessment
• Information and communication
• Monitoring
COSO’S ENTERPRISE RISK MANAGEMENT
FRAMEWORK
• Risk management is:
- A process applied in strategy setting to identify potential events
that may affect the entity and manage risk in order to provide
reasonable assurance of the achievement of entity objectives.
• Basic principles behind ERM:
- Companies are formed to create value for owners.
- Management must decide how much uncertainty they will
accept.
- Uncertainty can result in:
• Risk
• Opportunity
COSO’S ENTERPRISE RISK MANAGEMENT
FRAMEWORK
• Basic principles behind ERM:
- Companies are formed to create value for owners.
- Management must decide how much uncertainty they will
accept.
- Uncertainty can result in:
• Risk
• Opportunity
COSO’S ENTERPRISE RISK MANAGEMENT
FRAMEWORK
INTERNAL ENVIRONMENT
INTERNAL ENVIRONMENT
• Assessment of management's philosophy and operating style
- Does management take undue business risks or assess
potential risks and rewards before acting?
- Does management attempt to manipulate performance
measures such as net income?
- Does management pressure employees to achieve results
regardless of methods or do they demand ethical behavior?
INTERNAL ENVIRONMENT
• External influences
- FASB
- PCAOB
- SEC Insurance commissions
- Regulatory agencies for banks, utilities, etc.
OBJECTIVE SETTING
OBJECTIVE SETTING
• Internal factors:
- Infrastructure
- Personnel
- Process
- Technology
EVENT IDENTIFICATION
• ERM framework
- Oriented toward future and constant change
- Risk-based approach
- Incorporates internal control framework plus three additional elements :
▪ Setting objectives.
▪ Identifying positive and negative events that may affect the company's ability
to implement strategy and achieve objectives,
▪ Developing a response to assessed risk.
REPORTERS:
• OPAO, ROBERT
• NARVASA, JANEL
• QUISTO, MICHAELLA
• SOCUACO, ETHEL MAE