7 Flashcards
What are the layers of regulation and control relevant to auditing?
External regulation: Laws, regulations (e.g., Companies Act, ISA standards).
Corporate governance: Internal frameworks (e.g., Board, Audit Committee).
Internal controls: Policies/procedures to achieve objectives (operations, reporting, compliance).
Internal audit & quality assurance: Monitoring effectiveness of internal controls.
Define internal control (ISA 315).
Internal control is a process effected by the board, management, and personnel designed to provide reasonable assurance regarding:
Effectiveness & efficiency of operations
Reliability of financial reporting
Compliance with laws/regulations
Safeguarding assets
What are the 5 components of internal control (COSO framework)?
Control environment
Entity’s risk assessment process
Information systems & communication
Control activities
Monitoring of controls
What is the control environment and why is it significant?
The control environment sets the tone at the top, influencing the control consciousness of the entity.
Includes:
Integrity & ethical values
Governance participation
Management philosophy
Organizational structure
HR policies
Strong control environment = reliable records, lower control risk.
Explain the significance of accounting systems and quality assurance systems in internal controls.
Accounting systems: Ensure valid, accurate, complete, timely recording & reporting of transactions.
Quality assurance/control systems: Monitor and maintain audit quality, ensure compliance with standards, and support continuous improvement.
What is the entity’s risk assessment process in internal control?
The process by which management identifies and responds to business risks.
Includes:
Assessing significance and likelihood of risks.
Deciding actions to mitigate, accept, or avoid risks.
What are general controls in IT systems?
Controls over the IT environment ensuring systems operate effectively, including:
Systems development/maintenance controls
Organizational controls
Security controls
Quality assurance
What are systems development/maintenance controls?
Controls over design, testing, documentation, and modification of IT systems.
Key features:
Project management structure
Documented development process
Testing & approval
Prevent unauthorized changes
Ensure completeness & audit trail
What are application controls in IT systems?
Controls within specific applications ensuring data integrity:
Input controls (e.g., validation, check digits)
Processing controls (e.g., sequence checks, error reports)
Output controls (e.g., distribution, manual review)
Why are monitoring of controls important?
Monitoring ensures internal controls continue to operate effectively over time.
Can be:
Ongoing activities
Separate evaluations (e.g., internal audit reviews)
