Chapter 8 - Systems and controls

Question 1

Components of interanl control

Answer 1

• Control environment
• enitity’s risk assessment process
• monitoring
• information system
• control activities

Question 2

Risk assessment process

Answer 2

1. Identify relevant business risks
2. Estimate the significance of the risks
3. Assess the likelihood of occurrence
4. Decide on the actions to address the risks

Question 3

Control activities include

Answer 3

SPARV
Authorisation/Approval
Reconciliations
Verifications
Physical or logical controls
Segregation of duties

Question 4

The 2 categories of IT controls

Answer 4

General controls - support the continued proper operation of the IT environment
Information processing controls - relate to the processing of information in IT application or manual processes that dicetly address risks to the integrity of information

Question 5

Covering letter

Answer 5

Set out a number of disclaimers
- the report is not a comprehensive list of deficiencies
- the report is for the sole use of the company
- no disclosure should be madeto a third party without the written agreement from the auditor
- no responsibility is assumed to any other parties