Internal control
Chapter 7 – Internal control
Internal control – steps taken by business to prevent fraud – misappropriation of assets and fraudulent financial reporting, COSO defines IC as means to an end
Achievements of objectives in the area of financial reporting, operations, compliance with law and regulations
Foreign corrupt practices act: Transactions authorized with the knowledge of and authorization of management
Means of achieving internal control – preventive control – prevents fraud ex: segregation of duties and approval of period-ending journal entries, detective control - discover misstatements monthly misstatements and corrective control – remedy the situation (maintain key copies of transaction and transaction files for corrections)
Functions are complementary to achieve the same objective, redundant – same financial statement assertion
Compensating – reduces the risk that an existing /potential control weakness will result in misstatement
Internal control of an organization is viewed including 5 components
1. The control environment
2. Risk assessment process
3. Control activities
4. Information system relevant to reporting
5. Monitoring of controls
Control environment
1. Integrity and ethical values
2. Commitment to competence
3. Management philosophy and operating style
4. Organizational structure- provides basis for planning, directing and controlling operations
5. Assignment of authority and responsibility
6. Human resources policy and procedure – fidelity bonds – form of insurance in which the bonding company agrees to reimburse within limits for losses attributable to theft and embezzlement by bonded employees.
Risk assessment
Management process of identifying, analyzing and responding to risks
Control activities
Relevant control activities to an audit of organizational structure
1. Performance reviews – personal at different levels are effectively carrying out the objectives of an organization
2. Information processing
Internal control – steps taken by business to prevent fraud – misappropriation of assets and fraudulent financial reporting, COSO defines IC as means to an end
Achievements of objectives in the area of financial reporting, operations, compliance with law and regulations
Foreign corrupt practices act: Transactions authorized with the knowledge of and authorization of management
Means of achieving internal control – preventive control – prevents fraud ex: segregation of duties and approval of period-ending journal entries, detective control - discover misstatements monthly misstatements and corrective control – remedy the situation (maintain key copies of transaction and transaction files for corrections)
Functions are complementary to achieve the same objective, redundant – same financial statement assertion
Compensating – reduces the risk that an existing /potential control weakness will result in misstatement
Internal control of an organization is viewed including 5 components
1. The control environment
2. Risk assessment process
3. Control activities
4. Information system relevant to reporting
5. Monitoring of controls
Control environment
1. Integrity and ethical values
2. Commitment to competence
3. Management philosophy and operating style
4. Organizational structure- provides basis for planning, directing and controlling operations
5. Assignment of authority and responsibility
6. Human resources policy and procedure – fidelity bonds – form of insurance in which the bonding company agrees to reimburse within limits for losses attributable to theft and embezzlement by bonded employees.
Risk assessment
Management process of identifying, analyzing and responding to risks
Control activities
Relevant control activities to an audit of organizational structure
1. Performance reviews – personal at different levels are effectively carrying out the objectives of an organization
2. Information processing