AUD 2 - Risk Assessment: Part 2 Flashcards
(2 cards)
Define CRIME?
It is a CRIME not to have a strong internal control framework
Bottom layer - Control Environment - the tone at the top (communication and organization of integrity and values)
Next layer above - Risk Assessment - management looks to see where lying, cheating, and stealing will occur
Next layer above - Existing Control Activities - control policies that prevent lying, cheating, and stealing
Top layer - Monitoring - making sure there are controls that are PRESENT AND FUNCTIONING and people are not cheating on the control (control is functioning) -
Sides - Information and Communication Systems - a means of recording transactions and communicating responsibilities - system supports the identification, capture, and exchange of information
What are the three objectives of internal control?
1) Reliability of financial reporting - financial statement fraud = lying *Most relevant to the audit “CRIME”
2) Effectiveness and efficiency of operations - asset misappropriation = stealing
3) Compliance with applicable laws and regulations - corruption = cheating
