Professional Documents
Culture Documents
Chapter 10
510
- 5- 1
Learning Objective 1
Describe the three primary objectives
of effective internal control.
10 - 2
Compliance
with laws and
regulations
Reliability of
financial
reporting
Efficiency/
effectiveness
of operations
10 - 3
Learning Objective 2
Contrast managements
responsibilities for maintaining and
reporting on internal controls with
the auditors responsibilities for
understanding, testing, and reporting
on internal controls.
10 - 4
Managements Responsibilities
for Establishing Internal Control
Management must establish and
maintain the entitys internal controls
Managements design and implementation
of internal controls is based on two key
underlying concepts:
Reasonabl
e
2012 Pearson assurance
Education, Auditing 14/e, Arens/Elder/Beasley
Inherent
limitations
10 - 5
10 - 6
Managements Assessment of
Internal Controls
Management must first test the design of
internal controls over financial reporting.
Management must also test the operating
effectiveness of those controls.
10 - 7
Managements Assessment of
Internal Controls
10 - 8
10 - 9
Sales Transaction-related
Audit Objectives
10 - 10
10 - 11
Learning Objective 3
Explain the five components of the
COSO internal control framework.
10 - 12
10 - 13
10 - 14
Human resource
policies and practices
Organizational
structure
10 - 15
Risk Assessment
Identify factors that may increase risk
Estimate the significance of the risk
Assess the likelihood of the risk occurring
10 - 16
Control Activities
1. Adequate separation of duties
10 - 17
Adequate Separation of
Duties
Custody of assets
from
Accounting
from
The custody of
related assets
Operational
responsibility
from
Record-keeping
responsibility
IT duties
from
User departments
Authorization
of transactions
10 - 18
Proper Authorization of
Transactions and Activities
Transaction Approval Policies
General
Authorization
Specific
Authorization
10 - 19
10 - 20
10 - 21
10 - 22
Independent Checks on
Performance
The need for independent checks arises
because internal control tends to change
over time unless there is a mechanism
for frequent review.
10 - 23
Information and
Communication
The purpose of an accounting information
and communication system
Initiate
Initiate
Record
Record
Report
Report
transactions
transactions
Process
Process
2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley
Maintain
Maintain
Accountability
Accountability
for
forRelated
RelatedAssets
Assets
10 - 24
Monitoring
Monitoring activities deal with managements
ongoing and periodic assessment of the
quality of internal control performance
to determine whether controls are operating
as intended and modified when needed.
10 - 25
Learning Objective 4
Obtain and document an
understanding of internal control.
10 - 26
10 - 27
10 - 28
Methods Used
Narrative
Flowchart
Internal
control
questionnaire
10 - 29
Narrative
1. The origin of every document
and record in the system
2. All processing that takes place
3. The disposition of every document
and record in the system
4. An indication of the controls relevant
to the assessment of control risk
10 - 30
10 - 31
Learning Objective 5
Assess control risk by linking key
controls, significant deficiencies, and
material weaknesses to transactionrelated audit objectives.
10 - 32
10 - 33
10 - 34
10 - 35
Evaluating Significant
Control Deficiencies
10 - 36
10 - 37
Communications to Those
Charged with Governance
Auditor must communicate in writing
significant deficiencies and material
weaknesses to the audit committee
Management letters from the auditor
less significant control weaknesses
ideas for operational improvements
10 - 38
Learning Objective 6
Describe the process of designing and
performing tests of controls.
10 - 39
Tests of Controls
10 - 40
Examine
documents,
records, reports
Reperform
client
procedures
Observe
control-related
activities
10 - 41
Extent of Procedures
10 - 42
Type of
procedure
Inquiry
Yesextensive
Documentation Yeswith transaction
walk-through
Observation
Yeswith transaction
walk-through
Reperformance No
2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley
Yessome
Yesusing sampling
Planned
detection
risk
Tests of
controls
Related
substantive
tests
Control risk
assessments
Balance
related audit
objectives
10 - 44
Learning Objective 7
Understand Section 404 requirements
for auditor reporting on internal
control.
10 - 45
10 - 46
Types of Opinions
No material weaknesses
No scope restrictions
Unqualified
One or more
material weaknesses
Adverse
Scope limitation
Qualified or
disclaimer
10 - 47
Learning Objective 8
Describe the differences in evaluating,
reporting, and testing internal control
for nonpublic companies.
10 - 48
10 - 49
Differences in Scope of
Controls Tested
Internal controls over financial reporting
10 - 50
End of Chapter 10
510- 5- 51