Professional Documents
Culture Documents
BKAA2013 - Topic 8 (Chapter 4) - IFA
BKAA2013 - Topic 8 (Chapter 4) - IFA
INTERNAL
BKAA2013 CONTROL SYSTEM
Audit and
Assurance I
CHE AHMAD ET AL.
(2018)
CHAPTER 4
After studying this chapter, you
should be able to:
Outcomes effectiveness
■ (a) Preventive controls are built to avoid errors or any irregularities from
happening. These are also known as proactive controls because they help
to ensure the organization’s objectives are achieved. Some examples of
preventive controls are:
– Segregation of duties: Duties and responsibilities are segregated to
reduce risks and errors for certain events.
– Safeguarding assets: Different departments may have different
security level to access certain parts of the building in the
organization, or different level of staff have different levels of
access into the company’s information system.
(B) DETECTIVE CONTROLS
ARE DESIGNED TO FIND OR
ALLOCATE ERRORS AFTER
THEY HAVE OCCURRED.
Fundamental
Concepts
(cont.) FOR EXAMPLE MANAGEMENT
ANALYSES ON IDENTIFYING
UNEXPECTED RESULTS OR
LOSSES ON PRODUCTIONS, OR
RECONCILIATIONS ON ACTUAL
OUTCOME AND FORECASTED
RESULTS. ALL THESE REQUIRE
CORRECTIVE ACTION.
ELEMENTS OF INTERNAL INTERNAL CONTROL CONSISTS
CONTROL OF FIVE COMPONENTS, AS
SUGGESTED BY THE COSO
Fundamental INTERNAL CONTROL,
INTEGRATED FRAMEWORK
(2013).
Concepts
(cont.)
15
Review and Documentation of
Internal Control System
This accounting system
Flowcharts are pictorial
A widely used method to flowchart shows the flow
representation of the flow
document and evaluate of information and
of the transactions for a
control is a system documents, and provides
specified department or
flowchart. narration of related
division.
procedures.
Documentation of
Internal Control
System (cont.)
A deficiency in internal control system This deficiency might arise from deficiency
would suggest that there exists a disruption in design or deficiency in operation, such
in the financial reporting process. as;
the design or operation of a control that does not allow the
management or employees to perform their functions and
duties effectively, to prevent or detect any misstatements
on a timely basis.
Communicating with Those Charged
with Governance (cont.)
Therefore this deficiency has to be The external auditors would then The letter shall attest to the accuracy
communicated to those charged with prepare a management representation of the financial statements that the
governance, i.e. the management and letter, which would be signed by company or client had submitted to
the board of directors. Usually this senior management of the company. the external auditors for the audit.
would take place after the completion
of the audit.
Communicating with Those Charged
with Governance (cont.)
■ Among the contents of this letter are;
– the management’s acknowledgement of their responsibility for the
design and implementation of controls to prevent and detect fraud,
– any knowledge of fraud or suspected fraud that would affect the
company involving the management,
– details of employees that have significant roles in internal control, or
– where fraud could have a significant effect on the financial
statements.