1. Define internal control.
2. Internal control provides reasonable assurance. Explain.
3. What are the objectives of a system of internal control?
4. Enumerate, and explain briefly, the components of an internal control.
5. What is the control environment? What are the elements that comprise the control environment?
6. What is meant by risk assessment process?
7. What is an information system?
8. What are control activities?
9. Give the different types of control activities.
10. Why is it necessary to monitor controls?
11. What are the inherent limitations of internal controls?
12. Enumerate, in chronological order, the steps followed in the study and evaluation of internal controls. Explain each step briefly.
13. What is a transaction walkthrough?
14. What are the different ways by which an understanding of controls is documented?
15. When is the control risk assessment High? Less than high?
16. How does a high control risk assessment affect the planned audit approach?
17. Give examples of responses to the assessed risk of material misstatement.
18. What is the relationship of a less than high control risk assessment to the nature, extent, and timing of substantive tests?
19. May substantive tests be eliminated?
20. How are audit matters related to internal control communicated to management and to those charged with governance?
1. Internal controls are group of those policies and procedures which implemented by a company to ensure the integrity of financial and accounting information, promote accountability, and prevent fraud.
2. Yes, Internal control provides reasonable assurance by designing, performance and reporting structure to fulfil following objectives-
i. Effectiveness and efficiency of regular and other operations of the organization.
ii. That information is reliable, accurate, and maintained in time.
iii. That it is compliance with applicable laws, contracts, regulations, policies and procedures.
iv. That the financial reporting is reliable.
3. The objectives of a system of internal control are-
i. To the achievement of objectives in several overlapping categories.
ii. To provide only reasonable assurance to management regarding achievement of operational, financial reporting, and compliance objectives.
iii. To compare the assets in the record with that of the existing ones at regular intervals and report to the those charged with governance, in case any difference is found.
iv. To review the working of the organization and the loopholes in the operations and take necessary steps for its correction.
v. To provide security to the company’s assets from unauthorised use. For this purpose, physical security systems are used to provide protection such as security guards, anti-theft devices, surveillance cameras, etc.
4. The components of an internal control are-
i. Control Environment- It is an attitude toward internal control and control consciousness established and maintained by the internal stakeholders of an organization. It is a result of management’s philosophy, style and supportive attitude, as well as the competence, ethical values, integrity, and morale of the organization’s people. The organization structure and accountability relationships are key factors in the control environment.
ii. Communication -It is the exchange of useful information among people and organizations to support decisions and coordinate activities. Within an organization, information must be provided to carry out responsibilities of managers and other employees. Communication should be also maintained with customers, suppliers and regulators etc.
ii. Risk Assessment-Risks are threats of accomplishment of objectives of the organization. At every level within an organization there are both internal and external risks that could prevent the accomplishment of established objectives. Ideally, management should minimize the levels of risk. Having reasonable assurance with objectives, management should ensure that risk is properly assessed and handled properly.
iv. Control Activities -Control activities are manual or automated tools which help to prevent the risks of accomplishment of the organization’s objectives. Management should establish control activities to effectively and efficiently accomplish the organization’s objectives.
v. Monitoring-Monitoring is the review of activities and transactions of an organization’s to assess the quality of performance over time and to determine whether controls are effective and working properly. Management should use monitoring efforts on internal control to achieve organization objectives. Objectives, and responsibilities and risk bearing level must be cleared to each employee and manager of the organization for effective monitoring.
1. Define internal control. 2. Internal control provides reasonable assurance. Explain. 3. What are the objectives...
1. Explain the what is meant by internal controls. 2. Explain the process the audit team uses to assess control risk; understand its impact on the risk of material misstatement; and ultimately know how it affects the nature, timing, and extent of further audit procedures to be performed on the audit. 3. Describe additional responsibilities for management and auditors of public companies required by Sarbanes-Oxley and PCAOB auditing standard #2201. I need the answer in like 200 o 250 words....
1. Consider the following statements: I. Per COSO, Control Activities are the policies and procedures that help insure that management’s directives are carried out. II. A Reliance Strategy is used when control risk is considered High. a. I is true; II is true b. I is true; II is false c. I is false; II is true d. I is false; II is false 2. Management's attitude toward aggressive financial reporting and its...
1. Using the definition of Internal Control, discuss what is understood by the term ‘Internal Control’. What are management’s and internal auditor’s responsibilities with respect to internal controls? What are suitable examples. 2. COSO Internal Control Framework is organized as comprising of Objectives, Components and Organizational Structure (Entity). What are the 'Components' of COSO Internal Control Framework in details. Any personal experiences or something that have read about. ( this can help - https://aaahq.org/Login?returnurl=%2f to do research on the component...
1. A CPA has accepted an engagement in which inquiry and analytical procedures are the primary procedures to be performed. These procedures will form the basis for issuance of: A) A compilation report B) Audit report on supplemental information issued by the client C) An agreed-upon procedures report D) Review report on financial statements for a nonpublic company 2. Auditors frequently use analytical procedures as substantive tests, but this is not required by auditing standards. A) True B) False 3....
1. Which of the following matters would an auditor most likely consider to be a significant deficiency to be communicated to the audit committee? A. Management's failure to renegotiate unfavorable long-term purchase commitments.B. Recurring operating losses that may indicate going concern problems.C. Evidence of a lack of objectivity by those responsible for accounting decisions.D. Management's current plans to reduce its ownership equity in the entity. 2. After obtaining an understanding of internal control and arriving at a preliminary assessed level...
1.Which of the following is not one of the steps the auditor must perform to assess control risk at less than “high” for a financial statement assertion? A) obtain an understanding of internal control B) identify controls that address all relevant assertions in the financial statements C) make a preliminary assessment of control risk based on the design of relevant controls D) test the operating effectiveness of the controls that must be effective to reduce control risk 2.Which of the...
Chapter 5 & 6- Basics of the Audit Understand the different types of procedures (analytics, sampling, year end, interim work)- what they mean, being able to identify examples. (If I give you a procedure can you determine if it is an analytical procedure, work performed at interim, etc.) Understanding the audit risk model- what it means to asses risk as high, moderate, low, or maximum. (Do you do more or less work) (If I change one part of the formula...
Chapter 5 & 6- Basics of the Audit Understand the different types of procedures (analytics, sampling, year end, interim work)- what they mean, being able to identify examples. (If I give you a procedure can you determine if it is an analytical procedure, work performed at interim, etc.) Understanding the audit risk model- what it means to asses risk as high, moderate, low, or maximum. (Do you do more or less work) (If I change one part of the formula...
1.To conclude that a management review control is effective, the auditor is required to identify a selection of instances in which the control operated, evaluate whether management followed the procedures specified by the control, and properly evaluated and resolved exceptions. A) True B) False 2. Which of the following statements about substantive analytical procedures is correct? A) The results of the procedure provide evidence about the existence or absence of misstatement in an account. B) The results of the procedure...
Internal controls can be categorized using the following framework: 1. Control environment 2. Risk assessment 3. Information and communication 4. Control activities 4.1. Authorization 4.2. Performance reviews 4.3. Information-processing controls 4.3.1. IT general controls 4.3.2. IT application controls 4.3.3. IT-dependent manual controls 4.4 Physical controls 4.5 Segregation of duties 5. Monitoring Following is a list of controls implemented by Waterfront, Inc. a. Management established a code of conduct that includes rules regarding conflicts of interest for purchasing agents. b. Waterfront's...