Brief overview on Internal control (Audit)
-
Upload
hisyam-ismail -
Category
Education
-
view
96 -
download
2
Transcript of Brief overview on Internal control (Audit)
AUD 390INTERNAL CONTROL
Prepared by:
•Mohd Hisyamuddin bin Mohd Ismail
•Mohamad Shahrin bin Mohd Jaafar
What is Internal Control?
Definition:
By SAS (Statement of Auditing Standard):
Integrated framework publish by COSO ( Committee of Sponsoring Organisation) .
Definition (cont):
Process affected by “entity” designed to provide reasonable assurance in ensuring:- “FARREGEBO”
1. FAR- Fair and accurate financial accounting and reporting
2. REG- Comply with laws & regulations
3. EBO – Helps the company get effective & efficient with business operations
Objectives of Internal control
Objectives:
1. FAR- Fair and accurate financial accounting and reporting
2. REG- Comply with laws & regulations
3. EBO – Helps the company got effective & efficient with business operations
Side objectives:
• To safeguard the assets – ensure they are optimally utilised and protected from misuse, fraud or theft.
• To prevent and detect fraud – controls are necessary to show up any operational or financial disagreement that might be result of the theft or fraud.
Characteristics/ components of Internal Control
“CRIME” to management not to have proper internal control
• Control environment
• Risk Assessment
• Information & communication
• Monitoring
• Existing control activities
Limitations of Internal Control
• A good internal control system cannot turn a poor manager into a good one
• Controls are only designed to cope with routine transactions and events.
• The system can only provide reasonable assurance regarding the achievement of objectives
Inherent Limitation of Internal Control
- Human error; mistakes in judgement
- Management may override the control set up by them
- Cost constraints (cost > benefits)
- Lack of personal quality of staff i.e. integrity & independent
- Inadequate/ inefficient of ICS due to changes in company size or activities
Importance of Internal control
• Control – reduce the risk of assets loss, help & ensure that plan information is complete & accurate
• To minimize opportunity for unintentional errors or intentional errors that may harm the plan (Preventive control)
• To discover small errors before they become big problem (Detective control)
Relationship of IC & Audit evidence
Audit evidence – “information” used by the auditor to determine which audit opinion to issue.
• To ensure that management has provide reasonable assurance with are met reliability of financial reporting, the effectiveness & efficiency of operation & compliance with laws & regulations. So that enable the auditor to give opinion on the audit evidence.
Review & Documentation of IC
Documentation of the computer software programs is crucial to both the audit client and the auditor. This software includes the system & controls of:
• Input of information
• Information processing
• Output of information
• Report processing
• Logic of the software program
• Operator instructions
IC’s compliance test in transaction cycle
• Auditors could obtain evidence about the effectiveness of a control at an interim date & not test its operation at year end.
• Auditors must evaluate the operating effectiveness of control involving all relevant significant accounts & disclosure each year.
• Auditors can use the work of others (Internal auditors, other company personnel) to evaluate/test internal control.
Strengths & weakness of IC
Strengths Weakness
Computer can display all is available Large number of accounting records are not recorded on a timely basis
Orders directly go to the customer order database
Anyone can perform a credit check
Sales order is filed in chronological order Internal control can be by-passed by management override.
Management Letter
Def : Management letter includes suggestions to improve the effectiveness or efficiency of the client’s operations & the internal control procedures.
• Acknowledge management’s responsibility for establishing & maintaining effective internal control over financial reporting
• State that management has assessed the effectiveness of internal control over financial reporting & specify the control criteria used
• State management’s conclusion about the effectiveness of internal control over financial reporting based on the control criteria as of a specific date