AUD 390INTERNAL CONTROL

Prepared by:

•Mohd Hisyamuddin bin Mohd Ismail

•Mohamad Shahrin bin Mohd Jaafar

What is Internal Control?

Definition:

By SAS (Statement of Auditing Standard):

Integrated framework publish by COSO ( Committee of Sponsoring Organisation) .

Definition (cont):

Process affected by “entity” designed to provide reasonable assurance in ensuring:- “FARREGEBO”

1. FAR- Fair and accurate financial accounting and reporting

2. REG- Comply with laws & regulations

3. EBO – Helps the company get effective & efficient with business operations

Objectives of Internal control

Objectives:

1. FAR- Fair and accurate financial accounting and reporting

2. REG- Comply with laws & regulations

3. EBO – Helps the company got effective & efficient with business operations

Side objectives:

• To safeguard the assets – ensure they are optimally utilised and protected from misuse, fraud or theft.

• To prevent and detect fraud – controls are necessary to show up any operational or financial disagreement that might be result of the theft or fraud.

Characteristics/ components of Internal Control

“CRIME” to management not to have proper internal control

• Control environment

• Risk Assessment

• Information & communication

• Monitoring

• Existing control activities

Limitations of Internal Control

• A good internal control system cannot turn a poor manager into a good one

• Controls are only designed to cope with routine transactions and events.

• The system can only provide reasonable assurance regarding the achievement of objectives

Inherent Limitation of Internal Control

- Human error; mistakes in judgement

- Management may override the control set up by them

- Cost constraints (cost > benefits)

- Lack of personal quality of staff i.e. integrity & independent

- Inadequate/ inefficient of ICS due to changes in company size or activities

Importance of Internal control

• Control – reduce the risk of assets loss, help & ensure that plan information is complete & accurate

• To minimize opportunity for unintentional errors or intentional errors that may harm the plan (Preventive control)

• To discover small errors before they become big problem (Detective control)

Relationship of IC & Audit evidence

Audit evidence – “information” used by the auditor to determine which audit opinion to issue.

• To ensure that management has provide reasonable assurance with are met reliability of financial reporting, the effectiveness & efficiency of operation & compliance with laws & regulations. So that enable the auditor to give opinion on the audit evidence.

Review & Documentation of IC

Documentation of the computer software programs is crucial to both the audit client and the auditor. This software includes the system & controls of:

• Input of information

• Information processing

• Output of information

• Report processing

• Logic of the software program

• Operator instructions

IC’s compliance test in transaction cycle

• Auditors could obtain evidence about the effectiveness of a control at an interim date & not test its operation at year end.

• Auditors must evaluate the operating effectiveness of control involving all relevant significant accounts & disclosure each year.

• Auditors can use the work of others (Internal auditors, other company personnel) to evaluate/test internal control.

Strengths & weakness of IC

Strengths Weakness

Computer can display all is available Large number of accounting records are not recorded on a timely basis

Orders directly go to the customer order database

Anyone can perform a credit check

Sales order is filed in chronological order Internal control can be by-passed by management override.

Management Letter

Def : Management letter includes suggestions to improve the effectiveness or efficiency of the client’s operations & the internal control procedures.

• Acknowledge management’s responsibility for establishing & maintaining effective internal control over financial reporting

• State that management has assessed the effectiveness of internal control over financial reporting & specify the control criteria used

• State management’s conclusion about the effectiveness of internal control over financial reporting based on the control criteria as of a specific date

Thank you…