Internal Control Flashcards
auditors of entities that do not report to SEC aka non-issuers are required to follow
GAAS issued by auditing standard board (ASB) of the AICPA
auditors of entities that DP report to SEC aka issuers are required understand
internal control
required to perform integrated audit of both internal control over financial reporting and of financial statements
5 assertions related to Events and Transactions that occurred during period of audit
CPA-CO
Completeness
Period Cuttof
Accuracy
Classification
Occurrence
4 assertions related to Account Balances
RACE
Rights and obligations
Allocation and Valuation
Completeness
Existence
5 assertions related to Presentation
RACOU-n
Rights and obligations Accuracy and valuation Completeness Occurence Understandability and Classification
auditor seeks reasonable assurance that internal control are achieving certain objectives:
ACE
Accurate and reliable financial reporting
Compliance w law and reg.
Effectiveness and efficiency of operations
5 components of internal control
CRIME
- control ‘E’nvironment (E)
- risk assessment (R)
- control activities (C)
- info and communication (I)
- monitoring (M)
control environment
CHOPPER
C-ommitment to competence
H-uman resource policies and practices
O-rganizational structure
P-articipation of those charged w governance
P-hilosophy of management and mgt operating style
E-thical values and integrity
R-esponsibility assignment
inherent limitation - things that could occur even if theres rly good internal control
COCO
Collusion (no segregation of duties)
Override by mgmt
Competence/Human error
Obsolescent (changes in company’s operation/size , change in tech, changes affecting entity’s business
reasonable assurance
cost of maintain internal control should now exceed benefit derived from having the control.
Segegration
ARCC
authorization
recording
custody
comparison
Factors associated with the control environment include
- commitment to competence
- human resource policies and practices
- organizational structure
- participation of those charged with governance
- philosophy of management and operating style
- ethical values and integrity
- responsibility assignment
what has more scope, internal control or assessment of risk of material misstatement?
In the assessment of RMM, the auditor will only test those controls that are expected to be relied upon, more limited in scope than an examination of internal control
In an examination of internal control, the auditor expresses an opinion in relation to the effectiveness of internal control, requiring an engagement more extensive in scope.
letter written about internal control is for who?
The distribution of the report on internal controls in conjunction with an audit is restricted to management, the audit committee and the board of directors
Control activities are the policies and procedures that
management uses to provide reasonable assurance that the entity’s objectives will be achieved