Professional Documents
Culture Documents
AA - Sess
AA - Sess
SESSION 11
Internal Control System
Five Components of Internal Control
Documenting Internal Control System
Internal Control Deficiencies
Test of Control Procedures
Limitations of an Internal Control System
IT controls
SESSION 12
Revenue System
Purchase System
Payroll System
Inventory System
Cash & Bank
Capital Expenditure – Non Current Assets
SESSION 13
Internal Control Reporting
ISA 265 - Communicating Deficiencies in Internal Controls to
TCWG
Significant Deficiency
Internal Audit
External Audit v/s Internal Audit
Need for Internal Audits
Internal Audit Assignments
Outsourcing Internal Audit
Minimizing / Managing Risks of Outsourcing
Reporting by Internal Auditors
Factors to consider:
SIGNIFICANT DEFICIENCY
Communicated in writing
In a report to management or Orally communicated to the
management letter, at the end of appropriate level of management
audit process. Communicated to
TCWG.
INTERNAL AUDIT
Improve company
Express an independent
operations by reviewing
opinion as to whether
the operating
Objective the financial statements
effectiveness of the
provide a true and fair
internal controls.
view
Complexity of operations
Cost/benefit considerations
The reason for the absence of an internal audit function should also be
explained in the annual report. If an internal audit function is not
currently present in an organization, then the need for one should be
considered annually. This recommendation should be made by the audit
committee to the Board of Directors.
IT AUDIT
The auditor ensures that the IT systems provide a reliable basis for the
preparation of the financial statements.
FINANCIAL AUDIT
An internal financial audit ensures that the information produced is
reliable and was produced in an efficient and timely manner. This also
assesses the financial health of the business.
It also helps in the early identification of financial risks such as –
Cost price inflation
Adverse currency fluctuations
Adverse interest fluctuations
REGULATORY COMPLIANCE
The purpose of a regulatory compliance audit is to assess the
effectiveness of the business's systems and processes that are
designed to ensure that the company complies with the relevant laws
and regulations.
FRAUD INVESTIGATIONS
It helps to ensure as to whether fraud risk management controls are
adequate. It also helps to determine whether a fraud has actually
occurred.
PROS
Contract audits
Decreases the audit fee as less work will be done by the auditors.
Unlikely to happen in the first year of audit.
Corporate governance
CONS
Cost/ Benefits
Since there is no statutory requirement, it may be seen as a waste
of time and money
Directors may see it as a threat to their authority
ADVANTAGES
The service organization will have more specialist staff with the
appropriate qualification and expertise.
DISADVANTAGES
If the external and internal audit is done by the same firm, then
there is an ethical threat. This is prohibited in the UK.
If outsourcing results in redundancies of the staff, then it will be
opposed by the staff.
The outsourced staff may lack an understanding of firm’s culture,
objectives and attitudes.
If cost of outsourcing is high, then the directors may not have an
internal audit function at all.
The company will lose in house skills
Ensure external audit and internal audit are two separate functions
by putting controls and policies.