Chapter_5__Part_1

What is internal control?

A process designed to provide reasonable assurance regarding the achievement of objectives in financial reporting, operations, and compliance.

What are the three categories of objectives for internal control?

1. Reliability of financial reporting 2. Effectiveness and efficiency of operations 3. Compliance with applicable laws and regulations.

What is the acronym to remember the components of internal control?

CRIME, which stands for Control activities, Risk assessment, Information and communication, Monitoring, and Control environment.

What are the limitations of internal control?

Human error, deliberate circumvention, management override, collusion, and cost-benefit considerations.

Who is responsible for establishing and maintaining adequate internal control over financial reporting?

Management is responsible for establishing and maintaining adequate internal control.

What is the auditor's responsibility regarding internal control?

To issue an opinion on the effectiveness of internal control over financial reporting and assess control risk.

What are the five interrelated components of a properly designed internal control system?

1. Control environment 2. Risk assessment 3. Control activities 4. Monitoring 5. Information and communication.

What characterizes the control environment in an organization?

Commitment to integrity, ethical values, board oversight, financial reporting competencies, and appropriate authority for internal control.

What is the role of the audit committee?

To oversee the audit firm, resolve disagreements between management and the audit team, oversee internal audit and engage legal counsel in management fraud.

What types of control activities are commonly used?

Physical security controls, separation of duties, information processing controls, and management review controls.

What is the purpose of monitoring in internal controls?

To continuously review control effectiveness, involving ongoing and separate evaluations and reporting deficiencies.

What is the importance of information and communication in internal controls?

To create timely, reliable, and relevant information that supports internal controls and maintains an audit trail.

What does the term 'separation of duties' refer to?

The practice of dividing responsibilities among different people to prevent fraud and errors.

What should management do to properly respond to identified risks?

Management should analyze, respond to risks, and implement appropriate control activities.

What are the characteristics of effective management review controls?

They occur with sufficient frequency, and discrepancies are thoroughly investigated.

What should auditors consider when assessing the control environment?

The effectiveness and engagement of the audit committee, along with its financial literacy and expertise.

What is 'audit trail' in the context of internal controls?

A trail of activities generated by information systems from data identification to the production of financial reports.