Week 9

Question 1

Rely on Internal Controls

Why?

Answer 1

To identify entity-level & transaction controls

Assess effectiveness of IC…what is the risk that they are not operating well?

Question 2

Rely on Internal Controls

How

Answer 2

Thoroughly understand client operations, industry, economy
Interview client, tour operations
Identify ICs within Business Processes by creating or reading documentation
Evaluate IC – strength or weakness

Question 3

3 phases of Control valuation

Answer 3

1. Understand client’s internal control system
   Identify what controls exist at the entity-level and transactional level
2. Assess control risk by identifying controls strengths & weaknesses in the AIS.
3. Testing controls to prove control risk.

Question 4

Entity vs. Transactional Controls

Answer 4

Entity
Throughout the entire organization

Transaction
Affect a particular transaction
Respond to WCGW with transactions
Must be sensitive enough to prevent or detect

Question 5

Classes of Transactions

Answer 5

Companies make money by creating value

• Making products
• Providing a service

Companies do this via a series of activities (business process) in the value chain

These activities are reported in the f/s

• Purchase inventory: dr inventory cr cash
• Sell inventory: dr COGS cr inventory

Classes of transactions is the grouping of routine transactions

Question 6

Prevent vs. Detect Controls

Prevent

Answer 6

Applies to each transaction
Before / during the transaction
Evidence of the effectiveness may not be available
Dependent on IT controls

Question 7

Prevent vs. Detect Controls

Detect

Answer 7

Applies to a group of transactions
After the transaction
Vary greatly
Need to be sensitive, consistent and timely
Dependent on prevent controls

Question 8

Types of Internal Controls

Answer 8

Manual

IT General Controls
Automated
Combination

Question 9

IT General Controls to ensure:

Answer 9

Effective Management of the IT Department

• Governance - personal practices, how department is run
• Segregation of duties
• Contracts are signed with qualified 3rd party service providers

Accurate Processing of Data

• Access to programming & applications is limited
• Formal change management procedures for program changes
• Training of Staff & input controls
• Testing of applications

Prevent Unauthorized Access to Data

• Physical environment and physical security of the system
• Logical security
• Business Continuity

Question 10

Types of Application Controls

Answer 10

Input Controls
Processing Controls
Output Controls

Question 11

Input Controls

Answer 11

Ensure information is reliable

Mandatory fields
Checks – range, validity
Observation by competent staff

Question 12

Processing Controls

Answer 12

Ensure correctly classified & summarized
Logic is working as intended

Batch Totals
Programs tested
Exception reports

Question 13

Output Controls

Answer 13

Ensure completeness & security of information

Reconciliations
Output is Limited
Performance reviews

Question 14

Strengths of IC

Answer 14

Successfully prevents errors from occurring
Sensitive enough to detect errors & correct them
Operates consistently throughout the year

Question 15

Weaknesses of IC

Answer 15

Absence of a control
Not operating consistently throughout the year
Not being performed by a competent person, or one with skepticism

Question 16

Objectives of IC for Financial Reporting

Answer 16

Completeness
Recorded – omission of transactions will be prevented or detected

Accuracy
Classified – transactions are recorded in the right account
Summarized – transactions are summarized & totaled correctly
Posted – accumulated totals in special journals are transferred to the Sub-ledger and G/L correctly
Timely – transactions are recorded in the correct accounting period

Valuation
Valued – correct amounts are assigned to transactions

Existence
Real – fictitious or duplicate transactions are not included