STUDY AND EVALUATION OF INTERNAL CONTROL

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/48

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

49 Terms

1
New cards

It is the process designed, implemented, and maintained by those charge with governance, management and other personnel to provide reasonable assurance about the achievement of an entity’s objectives with regard to

a. reliability of financial reporting;

b. effectiveness and efficiency of operations; and

c. compliance with applicable laws and regulations

d. safeguarding of entity’s assets

Internal Control

2
New cards

Characteristics of Internal Control

  • Is a process

  • Effected by entity’s personnel

  • Provides reasonable assurance of achieving its objectives

  • Geared toward attainment of entity’s objectives

3
New cards

Inherent Limitations of Internal Control

COC CHA

  • Cost-benefit consideration

  • Management Overriding the Control

  • The possibility of circumvention of controls through Collusion with parties outside the entity or with employees of the entity

  • The possibility that procedures may become inadequate due to Change in condition and compliance with procedures may deteriorate

  • The potential for Human error due to carelessness, distraction, mistakes of judgment, or the misunderstanding of instructions

  • The fact that most controls tend to be directed at Anticipated types (routine) of transactions and not at unusual (non-routine) transactions.

4
New cards

it includes, but not limited to, plan of organization and the procedures and records that are concerned with the decision processes leading to management’s authorization of transactions and promotes operational efficiency and adherence to managerial policies

Administrative Control

5
New cards

It comprises of the plan of organization and the procedures and records that are concerned with the safeguarding of assets and the reliability of financial records. It involves systems of authorization and approval controls over assets, internal audit and all other financial matters

Accounting Control

6
New cards

Areas of Internal Control

  • Administrative Control

  • Accounting Control

7
New cards

It means the series of tasks and records of an entity by which transactions are processed as a mean of maintaining financial records.

Accounting System

8
New cards

They make sure that the internal control system within the organization is adequate. The primary responsibility for the development and maintenance of internal control rests with them.

Board of Directors and its Audit Committee

9
New cards

They identify control problems and develop solutions for improving and strengthening internal controls. It is also their responsibilities to ensure to ensure the adequacy of the system of internal control, the reliability of data, and the efficient use of the organization’s resources.

Internal Auditors

10
New cards

They assess the effectiveness of internal control within an organization to plan the financial statement audit. They focus primarily on controls that affect financial reporting. They also have a responsibility to report internal control weakness to the audit committee of the board of directors.

External Auditors

11
New cards

It is the system of stewardship and control to guide organizations in fulfilling their long-term economic, moral, legal, and social obligations towards their shareholders or members and other stakeholders.

Corporate Governance

12
New cards

Purpose of Corporate Governance

Maximize the organization’s long-term success, thereby creating sustainable value for its shareholders/members, other stakeholders, and the nation

13
New cards

Elements

Objective

Responsibility

Governance

Risk Management

Internal Control

Elements

Objective

Responsibility

Governance

Strategic Control

TCWG

Risk Management

Management Control

Senior Management

Internal Control

Operational Control

Risk Owners

14
New cards

They will be exercising the corporate powers of a corporation, conduct all its business, and control its properties

Those Charged With Governance

15
New cards

They have given the authority by the TCWG to implement the policies it has laid down in the conduct of the business

Management

16
New cards

They execute daily risk management activities to effectively address business risks

Risk Owners

17
New cards

Components of Internal Control

CRIME

  • Control Activities

  • Entity’s Risk Assessment Process

  • Information and Communication System

  • Monitoring of Controls

  • Control Environment

18
New cards

These controls are not sufficiently precise to prevent, detect, or correct misstatements at the assertion level (not directly effected)

Indirect Controls

19
New cards

These controls are precise enough to address risks of material misstatement at the assertion level

Direct Controls

20
New cards

Indirect Controls

REM

  • Entity’s Risk Assessment Process

  • Control Environment

  • Monitoring of Controls

21
New cards

Direct Controls

IC

  • Information and communication systems

  • Control Activities

22
New cards

It describes as a set of standards, processes, and structure that provide the basis for carrying out internal control across the organization. It is the foundation on which an effective system of internal control is built and operated in an organization.

Control Environment

23
New cards

Components of Control Environment

Old

New

IM CPA HO (Old)

  • Communication and enforcement of Integrity and ethical values

  • Management’s philosophy and operating style

  • Commitment to competence

  • Participation by those charged with governance

  • Assignment of authority and responsibility

  • Human resources policies and procedures

  • Organizational structure

ICE AA (Revised PSA 315)

  • TCWG’s Independence from management and exercise oversight of the entity’s system of internal control

  • Attraction and development of Competent individuals in alignment with its objectives

  • Management’s commitment to integrity and Ethical values

  • Entity’s Assignment of authority and responsibility in pursuit of its objectives

  • Individuals are held Accountable for their responsibilities in pursuit of the objectives

24
New cards

It is the entity’s process for identifying and responding to business risks and the results thereof

Entity’s Risk Assessment Process

25
New cards

Components of Entity’s Risk Assessment Process

IAM

  • Identifying business risks relevant to financial reporting objectives

  • Assessing the significance of risks and the likelihood of their occurrence

  • Deciding how to Manage those risks

26
New cards

It is the process of assessing the quality of internal control performance over time. It involves assessing the design and operations of controls on a timely basis and taking necessary corrective actions.

Monitoring of Controls

27
New cards

Monitoring can be accomplished through:

  • Ongoing monitoring activities (checked by someone in the same department)

  • Separate evaluations (checked by someone outside the department)

  • Combination of the two

28
New cards

It enables the entity to have the ability to generate timely and meaningful information

Information System

29
New cards

Information System Consists of

  • Infrastructure (physical and hardware components)

  • Software (process and procedures)

  • People

  • Input or Data

  • Output or Meaningful Information

30
New cards

It involves providing an understanding of individual roles and responsibilities of the entity’s system of internal control

Communication

31
New cards

The auditor gives emphasis on the communication relating to financial reporting, including:

  • Between people within the entity

  • Communications between management and those charged with governance

  • External communications, such as those with regulatory authorities

32
New cards

These are actions (generally described in policies, procedures, and standards) that help management mitigate risks in order to ensure the achievement of the objectives

Control Activities

33
New cards

Components of Control Activities (Old)

APIPS

  • Authorization (General - routinary and Specific - non-routinary)

  • Performance Reviews

  • Information processing

  • Physical controls

  • Segregation of duties

34
New cards

Optimum Segregation of Duties

ARICE

  • Authorization

  • Recording

  • Independent checks / Internal Audits

  • Custody

  • Execution

35
New cards

Minimum Segregation of Duties

CAR

  • Custody

  • Authorization

  • Recording

36
New cards

Components of Control Activities (New)

PARVS (Revised PSA 315)

  • Physical and logical controls

  • Authorization and approvals

  • Reconciliation

  • Verifications

  • Segregation of duties

37
New cards

Analytical procedures are performed during

  • Planning

  • Substantive Test (ToC and ToD)

  • Completing

38
New cards

Procedures in understanding of internal control (planning)

  • Inquiry

  • Inspection

  • Observation

  • Walk-through tests

39
New cards

Procedures in understanding of Test of Controls

  • Inquiry

  • Inspection

  • Observation

  • Reperformance

40
New cards

Analytical Procedures are one of the procedures in understanding internal control (T/F)

False

41
New cards

When obtaining an understanding of controls that are relevant to the audit, the auditor shall evaluate the following:

  1. Design of the controls (Inquiry and Inspection); and

  2. Determine whether they have been implemented (inquire and observation)

42
New cards

The auditor will not rely on the internal controls, and the auditor will rely heavily on substantive testing to gather sufficient appropriate evidence. It is also known as Primarily Substantive Approach

No Reliance Approach

43
New cards

Test of Control will only be required if the auditor perceived that the Internal Control has expective effectiveness (T/F)

True

44
New cards

Purpose of Test of Controls

To provide evidence that the initial assessment is correct (Reassessment)

45
New cards

Just like Test of Control, Substantive Test can be eliminated (T/F)

False

46
New cards

Understanding

CR

ToC

Y1

Y2

Y3

Y4

Understanding

CR

ToC

Y1

Y2

Y3

Y4

Can be made once every 3 years if

  • there is no significant changes in Internal Control; and

  • Control risk remain less than high

Exception

  • Significant Risk (fraudulent act, complex transaction, etc) —— ToC

47
New cards

Items required by the standards to be documented related to study and evaluation of internal control:

  • Control risk assessment

  • Understanding of internal control

  • Basis for the control risk assessment

48
New cards

Control Risk Assessment

Understanding of Internal Control

Control Risk Assessment

Basis for the Control Risk Assessment

High

Less than High

Control Risk Assessment

Understanding of Internal Control

Control Risk Assessment

Basis for the Control Risk Assessment

High

Yes

Yes

No

Less than High

Yes

Yes

Yes

49
New cards

The auditor shall communicate material weaknesses in internal control identified during the audit on a timely basis to

  • management at an appropriate level of responsibility; and

  • with those charged with governance (unless all of those charged with governance are involved in managing the entity)

Explore top notes

Explore top flashcards