audit ch 10[1] maryoom
TRANSCRIPT
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 1/29
ControlEnvironmen
t
RiskAssessment
ControlActivities
Information
andCommunication
Monitoring
Objective 3
By:
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 2/29
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 3/29
ontrolEnvironme
nt• The control environment consists of the actions, policies,
and procedures that reflect the overall att i tudes of top
management, directors, and owners of an entity about
internal control and its importance to the entity.
• To understand and assess the control environment, auditors
shou ld consider the most important control subcomponents.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 4/29
C o n t r o l E n v
i r o n m
e n t
Integrity and ethicalvalues
Commitment tocompetence
Board of directorsor audit committee
participation
• are the product of the
entity’s ethical and behavioral
standards, as well as how they
are communicated and
reinforced in practice.
• Competence is the knowledge
and skills necessary to
accomplish tasks that define an
individual’s job.
• The board of directors is
essential for effective corporategovernance because it has
ultimate responsibility to make
sure management implements
proper internal control and financial
reporting processes.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 5/29
Management’sphilosophy
and operating style
Human resource
policies andpractices
Organizational
structure
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 6/29
ControlEnvironmen
t
ControlActivities
Information
andCommunication
Monitoring
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 7/29
This is management’s assessment of the
risk factors related to the preparation of
the financial statements inconformity withappropriate accounting standards.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 8/29
Risk Assessment
Identifyfactors that
mayincrease
risk
Estimatethe
significance
of the risk
Assess thelikelihoodof the risk
occurring
Determineactions
necessaryto manage
the risk
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 9/29
ControlEnvironmen
t
RiskAssessment
Information
andCommunication
Monitoring
3
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 10/29
Control activities are the policies and procedures
that help ensure that necessary actions are
taken to address risks to the achievement of theentity’s objectives.
Adequate
separation ofduties
Properauthorization of
transactions andactivities
Adequate
documents andrecords
Physical controlover assets and
records
Independentchecks on
performance
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 11/29
10-11
Custody of assets
Authorizationof transactions
Operational
responsibility
IT duties
from
from
from
from
Accounting
The custody ofrelated assets
Record-keeping
responsibility
User departments
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 12/29
Transaction Approval
Policies
General AuthorizationManagement establishes policies andsubordinates are instructed to implement
these general authorizations by approvingall transactions within the limits set by thepolicy.
Specific authorization applies to
individual transactions.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 13/29
Documents and records are the records upon
which transactions are entered and
summarized.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 14/29
Documents and records should be:
Prenumbered consecutively
Prepared at the time of transaction
Designed for multiple use
Constructed to encourage correct preparation
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 15/29
To maintain adequate internal control, assets
and records must be protected.
The most important type of protective measure for
safeguarding assets and records is the use of physical
precautions
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 16/29
The need for independent checks arises
because internal control tends to change overtime, unless there is frequent
review.
C
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 17/29
ControlEnvironmen
t
RiskAssessment
ControlActivities
Information
andCommunication
Monitoring
4
C t l
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 18/29
ControlEnvironmen
t
RiskAssessment
ControlActivities
Information
andCommunication
5
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 19/29
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 20/29
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 21/29
10-21
Identify factors that may increase risk
Estimate the significance of the risk
Assess the likelihood of the risk occurring
Determine actions necessary to manage the risk
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 22/29
10-
22
1. Adequate separation of duties
2. Proper authorization of transactions and activities
3. Adequate documents and records
4. Physical control over assets and records
5. Independent checks on performance
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 23/29
10-
23
Custody of assets
Authorization
of transactions
Operationalresponsibility
IT duties
from
from
from
from
Accounting
The custody of
related assets
Record-keepingresponsibility
User departments
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 24/29
10-
24
Transaction Approval Policies
General
Authorization
Specific
Authorization
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 25/29
10-
25
Prenumbered consecutively
Prepared at the time of transaction
Designed for multiple use
Constructed to encourage correct preparation
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 26/29
10-
26
The most important type of protective
measure for safeguarding assets and
records is the use of physical precautions.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 27/29
10-
27
The need for independent checks arises
because internal control tends to change
over time, unless there is frequent
review.
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 28/29
10-
28
The purpose of an accounting information
and communication system
Initiate
Record
Process
Reporttransactions
Maintain
Accountabilityfor Related Assets
8/13/2019 Audit Ch 10[1] Maryoom
http://slidepdf.com/reader/full/audit-ch-101-maryoom 29/29
10-
29
Monitoring activities deal with management’s
ongoing and periodic assessment of the
quality of internal control performance…
to determine whether controls are operating
as intended and modified when needed.