Internal Control Systems Flashcards
(19 cards)
what are internal control systems?
Internal controls are the systems and processes a business puts in place
what does internal control systems ensure?
- reliable financial reporting
- compliance with laws and regulations
- efficiency and effectiveness of operations
- safeguarding of assets
what are the 5 components of internal control?
- control environment
- risk assessment
- control activities
- information and communication
- monitoring
what does risk assessment mean?
how the business identifies and responds to risks
what does control activities mean?
actual controls put in place to address the risks
what does information and communication mean?
how info flows within the company to support controls
what does monitoring mean?
ongoing checks to ensure controls are working
what are the limitations of internal controls?
- human error
- collusion
- management override
what are the types of internal control activities?
- authorisations
- computer controls
- comparison
- arithmetic controls
- maintain control accounts
- account reconciliations
- physical controls
- segregation duties
what are the systems documentation?
- narrative notes
- flowcharts
- internal control questionnaires
- Internal control evaluation
What’s the risk if the same person processes payroll and authorises payment?
Fraud or unauthorised activity could go undetected
Why is access control important in payroll?
to prevent unauthorised changes to employee records or pay rates
whats the risk of allowing sales without credit checks?
increased likelihood of bad debts
why should discount authorisation be monitored?
to prevent excessive or fraudulent discounts reducing revenue
Why is it risky if one person orders, receives and records inventory?
lack of segregation increases fraud and error risk
What’s the danger of not reconciling inventory records to physical stock?
inventory balances may be overstated or understated
What risk arises from weak password policies?
Unauthorised access to systems and data.
Why is not having data backups a major issue?
Critical data could be permanently lost due to system failure.
What’s the risk of users sharing login details?
No accountability and higher risk of unauthorised activities
