Flashcards in Internal Control Deck (13):
What is internal control?
Internal control is the process designed and implemented by management to address identified business risks.
What is the purpose of internal control?
Internal controls help an organisation to achieve its objectives and mitigate business risks.
What are the limitations of internal controls?
Human error, unusual transactions, collusion, small companies.
What are the components of internal control systems?
Control environment, risk assessment process, information system, control activities, and monitoring.
Management functions, attitude and awareness of employees, and an audit committee.
Made up of non-executive directors, required for listed companies, and oversee FS, internal audit, and external audit.
Risk assessment process stages
Identify relevant business risks, estimate the significance of the risks, assess the likelihood of the occurrence, and decide on action.
Systems relevant to the financial reporting objectives.
Authorisation, performance reviews, information processing, physical controls, segregation of duties.
ITGCs - policies and procedures that support the effective function of application controls.
ITACs - manual or automated procedures that apply to individual areas within the system to ensure completeness, accuracy, and validity.
Consider adequacy of internal controls after changes in the environment and business risks.
Internal/external audit may identify weaknesses.
Significance of internal controls to the external auditor
Internal controls allow the auditor to assess the level of control risk and determine the audit approach to take.