Smieliauskas6e PPT Ch09
Chapter 9:
Control Assessment and Testing
Electronic Presentations in Microsoft® PowerPoint®
Prepared by:
Don Smith, Georgian College
© 2013 McGraw-Hill Ryerson Limited
2
Learning Objectives
LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls.
LO2 Explain why the auditor evaluates an auditee’s internal controls.
LO3 Define seven internal control objectives, relating them to the assertions in management’s financial statements.
LO4 Describe general and application control activities found in an accounting information system.
3
Learning Objectives
LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk.
LO6 Write key control tests for an audit program.
LO7 Outline the auditor’s responsibility when internal control evaluation work detects or indicates a significant control deficiency or a high risk of fraudulent misstatement.
4
Appendices
Appendix 9A: Internal Control Assessment Aids for Audit Planning
Appendix 9B: Understanding Information
Systems and Technology for Risk and Control
Assessment (online)
5
Management Versus Auditor
Responsibility for Control
Management responsibility:
Management is responsible for its control environment, accounting system, and for establishing and maintaining a system of internal control procedures.
Cost
of controls is balanced with the benefit of risk reduction LO1
6
Internal Control
Internal control is defined as:
the process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations and compliance with applicable laws and regulations.
LO1
7
Management Versus Auditor
Responsibility for Control
External auditor’s responsibility:
Evaluating existing internal controls and assessing the
Control Assessment and Testing
Electronic Presentations in Microsoft® PowerPoint®
Prepared by:
Don Smith, Georgian College
© 2013 McGraw-Hill Ryerson Limited
2
Learning Objectives
LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls.
LO2 Explain why the auditor evaluates an auditee’s internal controls.
LO3 Define seven internal control objectives, relating them to the assertions in management’s financial statements.
LO4 Describe general and application control activities found in an accounting information system.
3
Learning Objectives
LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk.
LO6 Write key control tests for an audit program.
LO7 Outline the auditor’s responsibility when internal control evaluation work detects or indicates a significant control deficiency or a high risk of fraudulent misstatement.
4
Appendices
Appendix 9A: Internal Control Assessment Aids for Audit Planning
Appendix 9B: Understanding Information
Systems and Technology for Risk and Control
Assessment (online)
5
Management Versus Auditor
Responsibility for Control
Management responsibility:
Management is responsible for its control environment, accounting system, and for establishing and maintaining a system of internal control procedures.
Cost
of controls is balanced with the benefit of risk reduction LO1
6
Internal Control
Internal control is defined as:
the process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations and compliance with applicable laws and regulations.
LO1
7
Management Versus Auditor
Responsibility for Control
External auditor’s responsibility:
Evaluating existing internal controls and assessing the