Download internal-auditing-instructional-material

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
page
73
page
74
page
75
page
76
page
77
page
78
page
79
page
80
page
81
page
82
page
83
page
84
page
85
page
86
page
87
page
88
page
89
page
90
page
91
page
92
page
93
page
94
page
95
page
96
page
97
page
98
page
99
page
100
page
101
page
102
page
103
page
104
page
105
page
106
page
107
page
108
page
109
page
110
page
111
page
112
page
113
page
114
page
115
page
116
page
117
page
118
page
119
page
120
page
121
page
122
page
123
page
124
page
125
page
126
page
127
page
128
page
129
page
130
page
131
page
132
page
133
page
134
page
135
page
136
page
137
page
138
page
139
page
140
page
141
page
142
page
143
page
144
page
145
page
146
page
147
page
148
page
149
page
150
page
151
page
152
page
153
page
154
page
155
page
156
page
157
page
158
page
159
page
160
page
161
page
162
page
163
page
164
page
165
Document related concepts

Mergers and acquisitions wikipedia , lookup

International Financial Reporting Standards wikipedia , lookup

Mark-to-market accounting wikipedia , lookup

Microsoft Dynamics GP wikipedia , lookup

South African Institute of Chartered Accountants wikipedia , lookup

Energy audit wikipedia , lookup

History of accounting wikipedia , lookup

Institute of Cost Accountants of India wikipedia , lookup

Enterprise risk management wikipedia , lookup

Defense Contract Audit Agency wikipedia , lookup

Information audit wikipedia , lookup

Going concern wikipedia , lookup

Auditor's report wikipedia , lookup

Auditor independence wikipedia , lookup

SOX 404 top–down risk assessment wikipedia , lookup

Internal audit wikipedia , lookup

Internal control wikipedia , lookup

Transcript 
INTERNAL AUDITING
WHY AN INTERNAL AUDIT
- How it was define and the role it take decades back to 21st
century
- What service it offers to gain appreciation with the
booming industry and developing country
-What are the internal auditing standards its
explanations and applications as a guide to perform the
audit functions of internal auditors with the objective of
assurance and consulting activity to add value and
improve an organization’s operations.
If decades back, internal auditing focused as a mere watchdog
of management and or organization to comply that the
internal control procedures are properly undertaken, to this
end the internal auditing broadened its functions to wit:
-Review critical business activities
-Monitor the accuracy , timeliness and cost of work in
compliance with the quality of management system
-Identify the root where the error occur
-It furnish management of systems data analysis ,
recommendation, advise and other relevant infos
-helpful to the management based on the activities and
processed reviewed
-Assist the management in governance, risk and control
-It must posses technical and business management skills
to provide the management of highly relevant information
aside from professional skills that a candidate in internal
audit committee possesses.
Applying the function of an internal audit, it assists all members
of management in the effective discharge of their responsibilities
Accounting
Auditing
Financial
accounting
Bookkeeping
Bookkeeper collects data,
records to
book of
accounts,&extract for
financial statement
reports- for owners and
management entity use.
Financial
Management
Management
accounting
Cost accounting
Taxation
Government need funds
from established business,
thus taxes shall be correctly
imposed, verified, and
checked by th agency of the
Government.
Financial managers
Need detail planning
Requiring comprehensive
cost analysis data to set
objectives in safeguarding
financial resources
Changing Definitions of
Internal Auditing
Prior
Independent appraisal
activity within an
organization for the
review of accounting,
financial and other
operations as a basis
for protective and
constructive service to
management
19th century
An independent
appraisal function
established within an
organization to examine
and evaluate its
activities as a service to
the organization
21st Century
Internal auditing is an
independent, objective
assurance and consulting
activity designed to add
value and improve an
organization's
operations. It helps an
organization accomplish
its objectives by bringing
a
systematic, disciplined
approach to evaluate
and improve the
effectiveness of risk
management, control,
and governance
processes
Assurance would mean review of
historical financial information and
assurance dealing with subject matter
Other than historical financial
information
Important NOTES in
Definition of Internal
Auditing
1.
The term “service” implies that internal auditing is a staff rather
than a line activity within the organization.
2.
There is a shift from “serving management” to “serving the
organization” to finally “an integral component of corporate
governance as a separate value-added function”.
3.
The focus of internal auditing has shifted away from appraisal and
compliance activity toward objective assurance and consulting
activities.
4.
The role of internal auditors has changed from providing
management with input and objective feedback to directly
participating in decision-making.
5.
These definitions view internal auditing as an “activity,” which
implies it can be performed either within the organization or
outsourced to external auditors.
Valuable Independent
judgment
Add value and improve
organizational operations
ORGANIZATION
INTERNAL AUDIT SERV ICE FUNCTION
Transact
ion event
Complia
nce
R
E
A
F
R
F
Procedures
Operatio
n
Fraud
G
A
A
S
V
I
Record
trasaction
E
Financial
FS
W
Report
Audit
comm
Bod
Based on the internal service function enumerated & graphically presented,
the role of management and the internal auditor are defined as follows
Management
Internal Auditor
Responsible to
maintain the adequate
system of Internal
Control
-Responsible to
independently evaluate
adequacy of the
existing Internal
Control by analyzing
and testing control
-Recommends, based
on the review, to the
management to
OPERATIONAL AUDITING!
Internal auditors doing the operational or performance auditing as they
study of business operation for the purpose of:
-Making recommendation about economic & efficient use of resources
-Effective achievement of business objectives
-Compliance with company policies
Goal?
To help managers discharge their management
responsibilities and improve profitability…
OBJECTIVES OF INTERNAL AUDIT IN RELATION TO SERVICE IT OFFERS
1.
Determine the adequacy, efficiency and effectiveness of the entity’s
internal control structure.
2. Review the reliability and integrity of management, financial and
operating information
3. Review the systems established to ensure compliance with policies,
regulations, procedures and laws.
4. Review the means of safeguarding the assets of the entity
5. Appraise the economy and efficiency with which resources are employed
6. Review operations or programs to determine whether results and
outcomes consistent with established objective and goals are being
achieved
7. Participate in the design of major information system
8. Provide advisory and training services for entity’s segments or
components as required or requested to ensure fiscal and administrative
integrity of the entity.
IN
DE
PE
N
DE
NC
E
Question of independence have been viewed by many to be with
flaws in an internal audit environment because of the employer and
employee relationship; but does it mean the external audit are free
from the view of independence not in question?
External users needs independent report from the external
auditors, while high executives level and the audit committee of
the board of directors demand for the operational and reporting
independence
1. Free from control of direct influence of operating managers
whose function, operations, & results they may be assigned to
audit
2. To be objective in report findings without having to fear for
their jobs
IN
DE
PE
N
DE
NC
E
Organization separation from such influence is essential for
independence for the internal auditors can report directly to top
management without fear of their job or compensation retribution
CODE OF ETHICS…
With the independence so requires, with the management rely on the
profession to assist in the fulfillment of management stewardship, internal
auditors must maintain high standard of conduct, honor, and character in
order to carry on proper and meaningful internal auditing practice.
With the code of ethics, the responsibility to conduct with integrity and
good faith are not to be question & promote the highest possible internal
auditing standards advancing to the interest of the company organization
As approved by the Institute of Internal Auditors
CODE OF ETHICS…
Members,
1.
2.
3.
Shall have an obligation to exercise honesty, objectivity, and diligence in
the performance of their duties and responsibilities
In holding the trust of their employers, shall exhibit loyalty in all matters
pertaining to the affairs of the employer or to whomever they may be
rendering service, however, they shall not knowingly be a part of any
illegal or improper activity
Shall refrain from entering into any activity which may be in conflict
with the interest of their employers or which would prejudice their ability
to carry out objectively their duties and responsibilities
CODE OF ETHICS…
Members,
4. Shall not accept a fee or a gift from an employee, a client, a customer, or a
business associate of their employers without the knowledge and consent
of their senior management
5. Shall be prudent in the use of information acquired in the course of their
duties. They shall not use confidential information for any personal gain
nor in a manner which would be detrimental to the welfare of their
employer
6. In expressing an opinion, shall use all reasonable care to obtain sufficient
factual evidence to warrant such expression. In their reporting, materials
facts known must be revealed, if not, it could distort the report of the
result of operations under review or conceal unlawful practice.
CODE OF ETHICS…
Members,
7. Shall continually strive improvement in the proficiency and effectiveness of
their service
8. Shall abide by the laws and uphold the objectives of the Institute of
Internal Auditors, Inc. In practice of their profession, they shall be ever
mindful of their obligation to maintain the high standard of competence,
morality, and dignity which the Institute of Internal Auditors, Inc and its
members have established.
Case illustration- code of ethics
Scope of service
•Audits of financial reports and accounting control systems (present
fairly the financial position and the results of operation in accordance with
GAAP; compliance with laws and regulations that may have a material
effect on the financial statement
•Reviews of control systems that ensure compliance with company
policies, plans, and procedures, and with laws and regulations.
•Appraisal of the economy and efficiency of operation- (managing and
utilizing its resources, ie: personnel, property, space economically and
efficiently; the causes of inefficiency or uneconomically practice;
compliance with laws in matter of econony & efficiency
Scope of service
•Reviews of effectiveness in achieving program results in comparison to
pre-established objectives and goals- (the desired results or benefits
established by the legislature or other authorizing body are being achieved ;
that the agency has considered alternatives that might yield desired results
at a lower cost.
STATEMENT OF INTERNAL AUDIT
STANDARDS
Compliance depends on the acceptance and adoption and implementation by
practicing internal auditors who by standard requires to be skilled in dealing
with people and in communicating effectively because the auditors believe it is
their own responsibility to see that their reports are understood properly
Internal Audit Standard also require follow up to ascertain that
appropriate action is taken on reported audit findings or ascertain that
management or the board of directors has taken the risk of not taking
actions on reported findings.
GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF
INTERNAL AUDITING
Organizational status
INDEPENDENCE
Objectivity
Staffing
Knowledge, skill, & discipline
Supervision
PROFESSIONAL
PROFICIENCY
Compliance with standards of conduct
Human relations, & communication
Due professional care
Continuing Education
GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF
INTERNAL AUDITING
SCOPE OF WORK
Reviews
Reliability & integrity
of information
Compliance w/ policies, plans,
procedures, laws, & regulation
Examination and evaluation of the
adequacy & effectiveness of the
organization’s system of internal
control & the quality of
performance in carrying out
assigned responsibilities
Safeguarding of assets
Economic & efficient use of
resources
Accomplishment of established objective
& goals for operation or program
GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF
INTERNAL AUDITING
PERFORMANCE
OF AUDIT
Planning the audit
Examining & evaluating information
by collecting, analyze, interpret, &
document information to support audi
results
Includes planning the audit,
examining & evaluating
information, communicating
results, & following up.
Following up
Communicating results
GENERAL & SPECIFIC STANDARDS FOR PROFESSIONAL PRACTICE OF
INTERNAL AUDITING
Purpose, authority,&
responsibility
MGT OF INTERNAL
AUDIT DEPT
Planning
External auditor
Manage the internal
Auditing Department..
Policies, & procedures
Personnel mgt, & development
EXAMINATION AND EVALUATION (FIELD WORK AND REPORTING
STANDARDS FOR FINANCIAL COMPLIANCE AUDITS
Generally accepted auditing standards shall apply/adopted, & incorporated unless
otherwise stipulated…
Expanded standard for financial and compliance audit- as part of the scope of work
Standards on examination & evaluation:
1. Planning shall include consideration of the requirement of all levels of dept
2. A review is to be made of compliance with applicable laws & regulation
3. A written record of auditor’s work shall be retained in the form of working papers
4. Auditor shall be alert to situation or transactions that could be indicative of fraud,
abuse, and illegal expenditures and acts and if such evidence exists, extend audit
steps and procedures to identify the effect on the entity’s financial statement
EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING
STANDARDS FOR FINANCIAL COMPLIANCE AUDITS
Standards on reporting
1. Written audit reports are to be submitted to the appropriate of the organization
audited & to the appropriate officials of the organization requiring or arranging for
the audit unless legal restrictions or ethical consideration prevents it. Copies of the
report shall should also be sent to other authorized to receive such reports. Unless
restricted by law or regulation, copies should be made available for public inspection
2. A statement in the auditor’s report that the examination was made in accordance
with generally accepted internal/government auditing standards for financial and
compliance audit will be acceptable language to indicate that the audit was made in
accordance with these standards
EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING
STANDARDS FOR FINANCIAL COMPLIANCE AUDITS
3. Either the auditors’ report on the entity’s financial statement or a separate report
shall contain a statement of positive assurance on those items of compliance tested
and negative assurance on those items not tested. It shall also include material
instances of non compliance and instances or indication of fraud, abuse, or illegal acts
found during or in connection with the audit
4. The auditors’ shall report on their study and evaluation of internal accounting controls
made as part of the financial and compliance audit. They shall identify as a minimum
a. entity’s significant internal accounting controls
b. controls identified that were evaluated
c. controls identified that were not evaluated- auditor may satisfy this requirement by
identifying any significant classes of transaction and related assets non included in the
study & evaluation
d. material weaknesses identified as a result of evaluation
EXAMINATION AND EVALUATION (FIELD WORK) AND REPORTING
STANDARDS FOR FINANCIAL COMPLIANCE AUDITS
5. Either the auditors’ report on the entity’s financial statements or a separate report
shall contain any other material deficiency findings identified during the audit not
covered in report 3#
6. If certain information is prohibited from general disclosure, the report shall state the
nature of the information omitted and the requirement that makes the omission
necessary
EXAMINATION AND EVALUATION STANDARDS FOR ECONOMY &
EFFICIENCY AUDITS & PROGRAM RESULT AUDITS
1.
2.
3.
4.
Work is to be adequately planned
Assistants are to be properly supervised
A review is to be made of compliance with applicable laws & regulation
During the audit, a study and evaluation shall be made of internal control systemadmin control ) applicable to the organization program, activity, or function under
audit
5. When audits involved computer based systems, the auditor shall:
a. Review general controls in data processing systems to determine whether
1)controls have been designed according to management direction and known legal
requirements and 2)the controls are operating effectively to provide reliability of,
and security over the date being processed
b. Review application controls of installed data processing application on which the
auditor is relying to assess their reliability in processing data in a timely, accurate,
and complete manner.
EXAMINATION AND EVALUATION STANDARDS FOR ECONOMY &
EFFICIENCY AUDITS & PROGRAM RESULT AUDITS
6. Sufficient, competent, and relevant evidence is to be obtained to afford a reasonable
basis for the auditors’ judgments and conclusions regarding the organization,
program, activity, or function under audit. A written record of the auditors work
shall be retained in the form of working papers
7. The auditors shall:
a. Be alert to situation or transactions that could be indicative of fraud, abuse, and
illegal acts
b. if such evidence exist, extend audit steps and procedures to identify effects on the
entity’s operations and programs
REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS &
PROGRAM RESULTS AUDIT
1. Written audit report are to be prepared giving the results of each dept/government
audit
2. Written audit reports are to be submitted to the appropriate officials of the
organizations requiring or arranging for audit unless legal restrictions or ethical
considerations prevent it. Copies of the reports should also be sent to other officials
who may be responsible for taking action on audit findings and recommendations
and to others authorized to receive such reports. Unless restricted by law or
regulation, copies should be made available for public inspection
3. Report shall include:
a. A description of the scope and objective of the audit
b. A statement that the audit( economy & efficiency or program results is made in
accordance with generally accepted internal or auditing standards
REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS &
PROGRAM RESULTS AUDIT
4. The report shall include:
d. A statement of positive assurance on those items of compliance tested and negative
assurance on those items not tested. This should include significant instances of
noncompliance and instances of or indicating of fraud, abuse or illegal acts found
during or in connection with the audit. However, fraud, abuse or illegal acts normally
should be covered in a separate report, thus permitting the overall report to be
released to the public
e. Recommendations for actions to improve problem areas noted in the audit and to
improve operations. The underlying causes of problems reported should be included
to assist in implementing correction actions
f. Pertinent views or responsible officials of the organization, program activity, or
function audited concerning the auditors findings, conclusions, & recommendation.
When possible, their views
REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS &
PROGRAM RESULTS AUDIT
4. The report shall include:
f. contn: should be obtained in writing
g. A description of noteworthy accomplishment, particularly when management
improvement in one area may be applicable elsewhere
h. A listing of any issues and questions needing further study and considerations
i. A statement as to whether any pertinent information has been omitted because it is
deemed privileged or confidential. The nature of such information should be
described, and the law or other basis under which it is withheld should be stated. If a
separate report is issued containing this information, it should be indicated in the
report
5. The report shall:
a. Present factual data accurately and fairly. Include only information, findings, and
conclusion that are adequate supported by sufficient evidence in the auditors’
working papers to demonstrate or prove the bases for the matters reported and their
REPORTING STANDARDS FOR ECONOMY & EFFICIENCY AUDITS &
PROGRAM RESULTS AUDIT
5. The report shall:
a. cont’n…or prove the bases for the matters reported and their correctness and
reasonableness
b. Present findings and conclusions in a convincing manner
c. Be objective
d. Be written in language as clear and simple as the subject matter permits
e. Be concise, but at the same time clean enough to be understood by users
f. Present factual data completely to fully inform the users
g. Place primary emphasis on improvement rather than on criticism of the past;
critical comments should be presented in a balanced perspective considering any
unusual difficulties or circumstances face by the operating officials concerned.
BODY OF INTERNAL AUDIT REPORT
Address
Scope of audit work/ Date
Audit Highlights
Department name
Prior auditAudit scope coverage-
Findings noted
Particular work to be
done/Nature of audit
Overall opinionPositive and Negative
inputs noted
Executive Action required- Action made by the
Department audited
Summary Report
Foreword: includes the profile of the company
audited
department to be
Purpose: Specifically mentioned the scope of work to be audited in compliance with the
company control procedures, policies and governing laws
Opinion and Findings: Include positive and negative findings noted during the operation
and compliance audit
Summarize per department/areas audited by mentioning the control measures,
weaknesses and strength, and the audit procedure done
Signed by : Auditor in-Charge
Supervising Auditor
Manager of Internal Audit
Supplemental report
This body covers the more detail report of deficiency findings per area or scope of work,
and detailed audit procedure done for each weaknesses noted, and to whom discussed for
action to be made
Summary of findings requiring corrective action
Summarize the findings that require management actions
Reporting case:
The internal audit department have just concluded the operation and compliance audit
of their company- MALUSOG Inc- a construction company handling heavy equipments
as one of major accounts with a total cost of P10 Million, depreciation are computed on
a straight line method with an estimated useful life of 5 years. With the capital outlay
for equipments, the company has the policy to safeguard its assets through proper
maintenance to include, fuel and oil, repair parts and services, that as of audit date it
reach about P900,000. The employees is around 50 assigned and charged as part of
operating cost. The construction operates for the a period of 2 years now. For this year
internal audit operation and compliance examination the focus is on:
a. the equipment maintenance and vehicle dispatching to sites including preventive
maintenance and inspection; performing regular maintenance and repairs
b, Ordering, receiving, and disbursing fuel and parts and obtaining equipment repairs.
Controls are satisfactorily provided on the activities pertaining to inspections and
preventive maintenance schedule, dispatched log for equipment are properly monitored
as to location and driver involved. Parts received are well inspected as to purchase
requests, purchase order and receiving report; disbursement of parts are done in volume
without specifying the part number, qty pieces, purpose and equipment needing parts.
Receiving and withdrawal of parts, dispatching of vehicles are done by the department
supervisor or any of his staff. However for withdrawal of and surveillance of gas and oil
by vehicle operators are inadequate are inadequate where the vehicle operator serves
himself and records his own withdrawals of gasoline and oil without surveillance thereby
making no assurance that records are maintained accurately Samples of documents such
as preventive maintenance reports and related control records and found to be in order,
likewise the documents for vehicle dispatch log and observation of its operations was
being adequately controlled and performed.
Despite of the weaknesses though, it is concluded that on the basis of the test made that
the functions are being performed in a reasonably satisfactory manner. Sample test on
the fuel pump meter records vs amount of fuel recorded by vehicle operators produce
minimal or tolerable variance.
Findings have been discussed to management team and are responsive to the
recommendations made as crucial for the operation if not given corrective actions.
Recommendation as to proper segregation of duties and must be reviewed by the
management, and of the management to consider some means of surveillance even of a
spot check basis to provide minimum element of control as it danger the operation by
manipulating and misappropriation increases.
Coordinate w/
External Auditor
To develop audit
plan from risk
assessment
RESPONSIBILITIES
OF INTERNAL
AUDIT
Report to
BOD & CEO
Investigate
FRAUD
Do audit in
support of
the plan
RISK PROCEDURES
Needed for audit
plan
Obtain information
Is sufficient
-Procedures:
1.Inquries(governance,employees,legal
counsel, mktg/
sales..
2.Analytical proce
dures
3.Observation, inspection
4.Other procedure relevant to
timing and extent of audit, ie prior
period examination
Obtain
understandin
g
Needed for
audit
eviden
ce
Obtain
information
INTERNAL AND EXTERNAL
AUDITING
The
CONTRAST
Render opinion, & recommend
improvement upon gathering sufficient
appropriate evidence, ie: data analysis,
outside confirmation & other
Audit procedures
Done by exter
Nal audits
Internal audit
Focus on risks,
Effeciveness and
Efficiency of operations
External consultation
Allowed when agreed to by
management & audit committee
Part of org, but report to upper
Management, audit committee,
& operational management for
independency
Involve in risk & control
analysis, information
security, & reliability,
operational efficiency,
compliance reviews, special
& fraud investigation
Consultative assurance
May or may not be certified by
CIA
Report to the BOD-audit
committee, serving outside
stakeholders, stockholders &
regulatory agencies
Gather sufficient & approp
riate evidence to render an
opinion
External audit
Involve in FS audit
Audit of internal
Control, assurance
& reviews
A must for CPA
Certification for
independency
Focus on finan
Cial statements,
report on internal
Control & financial
Reporting processes
Consultation not
Allowed for public
Audit client, only
To non-audit & non
Public clients
Audit Evidence
Information needed by the auditor circles around the
evidences that could support or contradict the assertions or
representations made by the management in the financial
statements, it constitute the bulk of the work of the auditor
in an audit in order to express an opinion on the financial
statements base on the evidences gathered and evaluated
PROCEDURES TO GATHER EVIDENCE
According to purpose:
1. Obtain understanding of the entity and its
environment
1a. Internal control
1b. Assess the risk of material misstatement at the
Financial statement level and assertion level (Risk
assessment procedure
2. Internal control
2a. Effective operating internal control
2b. Substantive procedure do not provide sufficient
appropriate audit evidence
PROCEDURES TO GATHER EVIDENCE
According to purpose:
3. Substantive test detect material misstatement at the
assertion level
3a. Test of transaction, account balances, and
disclosure and substantive analytical procedures
3b. Responsive to related to assessment of risk and
results of internal control
3c. Risk assessment is judgmental, if not precise,
substantive procedures for material classes of
transaction, account balances, and disclosure
3c. And disclosures are always required to obtain
sufficient appropriate audit evidence
PROCEDURES TO GATHER EVIDENCE
According to nature:
1. Inspection- examine records, documents, tangible
assets
1a. Documentary audit evidence held by 3rd parties
(external)
1b. Documentary audit evidence created by 3rd parties
and held by the entity (external-internal)
1c. Documentary audit evidence created and held by
entity (purely internal)
1d. Tangible assets inspection calls for their existence
but not necessarily for their ownership or valueconduct other necessary procedures
PROCEDURES TO GATHER EVIDENCE
According to nature:
Auditor
Observati
Inquiry
on
Confirmation
Inquiry
Transaction
Entity
3rd party
PROCEDURES TO GATHER EVIDENCE
According to nature:
5. Computation or recalculation
6. Reperformance- auditors independent execution of
procedures or controls that were originally performed
as part of entity’s internal control
7. Reconciliation
8. Vouching- tracing back transaction back to supporting
documents
9. Tracing- tracing documents forward through the
accounting records to establish completeness of
transaction processed.
PROCEDURES TO GATHER EVIDENCE
According to nature:
10. Analytical procedures
10a. Comparing relationship
10b. Ratio and trends and resulting investigation, re:
fluctuation, relationship with inconsistency with other
relevant information
10c. As suggested in audit standard, it shall be done
on the planning stage and overall review stage
10d. Can be done but not required as substantive test
to provide evidence as to the reasonableness of the
specified account balances
HIERARCHY OF COMPETENCE- AUDIT EVIDENCE
Direct,
Physical observation
personal knowledge
computation
External
evidence
External-Internal evidence
Internal evidence
Verbal & written representation
Sufficient &
appropriate
Persuasive
QUALITIES
MEASURE
ACTION
Sufficiency of
audit evidence
Quantity- the
To reduce to an
greater the risk of acceptable low
misstatement
level- more
evidence is
required
Similarly, high
quality evidence,
the less evidence
may be required
Reasonable
assurance
Rely on evidence
that is persuasive
rather than
QUALITIES
MEASURE
ACTION
Appropriateness of
evidence
Quality of audit
evidence
Relevance and reliability
supports detect
misstatement in
financial statements
influence by its source
and its nature
Competency of
appropriate evidence
Relevance of the
evidence to the
assertion tested
Objectivity
Qualification of the
provider of evidence
QUALITIES
MEASURE
Appropriateness Competency of
of evidence
appropriate
evidence
ACTION
Timeliness of the
evidence to
provide about an
assertion in time
the evidence is
needed
The logical relationship to the purpose
Of audit procedure or assertion under
consideration
The validity of the evidence that can be relied
Or believability given the source it originated
& who prepares it, and its nature what type
Of evidence obtained
Legally
Qualified
sufficient
More
reliable
Evidence obtained from independent
source outside entity
Evidence generated internally with good internal
control
Evidence observed directly by auditors better than
evidence obtained indirectly or by inference
Evidences in documentary form is better than documents
obtained orally
Evidence of original documents is better than obtained through
facsimile, photocopied, digitalized etc & must be certified original true
copy
Least reliable
Does documents need to be authentic?
The auditor rarely involves authentication of documents, however it is
the responsibility of the auditor to deal with circumstances to believe
that a document may not be authentic, or may have been modified
without proper disclosure to the auditor if it relates to fraud in an
audit of financial statements.
Reliance of document originating from internal source being
the only evidence available should be tested as to its
completeness and accuracy to ascertain whether the
information is sufficiently precise for the auditor’s purpose,
say audit of capitalization policy, the data must be complete as
to its approval, cost, and capitalization policy
a. do it concurrently with the
actual audit procedure
b. do it by testing control over
the
preparation &
maintenance of the
Information
c. do additional audit procedure
audit evidence is doubtful if it is obtained with inconsistency from
different sources, thus, auditor should perform additional audit
procedure to resolve the matter…
This usually arise in gathering evidence through inquiry, evaluation
of internal control against the responses of the management
charged with governance
OBJECTIVES IN GATHERING AUDIT EVIDENCE
For the auditors to establish a procedures on management assertion as to:
1.
2.
3.
4.
5.
EXISTENCE OR OCCURRENCE& CUT OFF
COMPLETENESS & CUT OFF
RIGHTS AND OBLIGATION
VALUATION OR ALLOCATION
PRESENTATION AND DISCLOSURE
To include the COMPLIANCE ASSERTION
ASSERTIONS
BEING MANAGEMENT’S RESPONSIBILITY must be audited
with proper relationship as to the audit evidence to be produced with specific
objectives tailored to specific assertions.
ASSERTIONS
OBJECTIVE
1.Existence and occurrence
1.a- About classes of
transactions
Whether recorded transaction
and events actually occurred
and pertains to entity
Illustration: If management
assert that purchases for the
year reach the mark of P500K
for the current year, the auditor
should do the procedure to
check that P500K of purchases
have actually occurred during
the current year and all valid
transaction
Action; employ procedure to
ASSERTIONS
OBJECTIVE
1.Existence and occurrence
1.b- About account balances
Note: in both case: if
transaction or account are
recorded to ascertain its
existence for
transaction/account that does
not actually occur- the result is
overstatement
2.Completeness
2.a- As to classes of
transaction
Whether assets, liabilities, and
equity exist at the date of
Financial Statements
Illustration: If management
assert the Accounts receivable
with the existing lists of debtors
are collectible accounts
Action: employ audit procedures
to gather evidence to ascertain
collectability and existence
All transaction that should have
been recorded are actually
ASSERTIONS
OBJECTIVE
2.Completeness & cut off
2.a- As to account balances
Note: in both cases, failure to
record transaction/accounts
would result in an
understatement.
3.Accuracy as to class of
transaction
All assets, liabilities, and equity
interests should have been
recorded are recorded.
Illustration: Entity that records
liability has a complete
documents to support and that
the lists of suppliers are readily
payable on its due dates
Appropriate recorded with the
application of GAAP, or in
accordance of the financial
recording standards, both for
ASSERTINONS
OBJECTIVE
5.Rights & obligations-as
to account balances
Entity has the control and
rights over the accounts
reported in the financial
statements- Right and
ownership of fixed assets,
inventory or obligation for
certain loans from the
financing institution..
6.Valuation and
allocation- as to account
balances
Proper values of the
assets, liabilities and
equity interest have been
assigned ie: FIFO, Lower
ASSERTIONS
OBJECTIVE
7.Disclosure & presentationabout account balances
Disclosure must include
occurrence and rights and
obligation, its completeness,
classification and
understandability, accuracy &
valuation..
Illustration:
Occurrence- Cash and cash
equivalents must be free from
restriction, it can be utilized
during the normal operating
cycle, full right on account, &
must be disclosed on the notes
ASSERTIONS
OBJECTIVE
7.Disclosure & presentationabout account balances
Classification and
understandability- Elements of
Balance sheet and Income
statement must be proper and
in order, for example Assets
include an account which
future economic benefits are
expected to flow to the entity.
Resources comes from past
transaction and events
Compliance disclosure is equally important relating to
financial laws and regulations such
as SEC, BIR,
non
Accuracy&
valuationmust
compliance of which will affect the
GAAP.
adhere
to the PFRS, GAAP
What management assertion will you consider for the bank reconciliation
statement by Finance department for internal audit purposes?
How will you do the audit procedure that show relationship on the audit
evidence for specific objectives tailored for specific assertions?
Following are the bank reconciliation that requires audit procedures:
QUEENSTORE COMPANY
BANK RECONCILIATION
RCPSB BANK- GENERAL ACCOUNT
December 31, 2014
Balance per bank statement
P506,100
Add:
Deposit in transit
51,240
Deduct outstanding checks:
Date
No
Payee
12/10/13 842
Uno Supply P 500
11/30/14 1280 Uno Supply
1,800
12/15/14 1372 Eastern Travel 30,76033,060
Bank debit/Credit memos
Balance per book
83,340
P607,620
=======
Sample financial Statements to show
The assertions made by the management
AUDIT RISK
AND
MATERIALITY
Profit!
Is Audit an absolute or reasonable
assurance to detect risk???
Decision makers
Need the reliability
And credibility
Of reports…
Losses!
Audit risk- risk may unknowingly fail to appropriately modify
the opinion on financial statements, and or operation reports,
thus through the nature, timing and extent of audit procedures
plan in the conduct of audit it must be properly plan and
execute right to have a direct control over the risk.
For this reason audit risk is figured to be a reasonable rather
than absolute assurance; reasonable in the sense that it could
not guarantee that information is perfectly right in a given
audit engagement. A fair view of financial or operational info
are prepared and presented
AUDIT RISK
In an overall sense, is the probability that an auditor will give an
inappropriate opinion on financial statements…ie: rendering an
unqualified opinion on financial statements/ or misleading report
because of material error and irregularities the auditor failed to
discover, despite of well planned audit carefully performed; hence,
risk is high if audit performed is poor and carelessly done.
COMPONENTS OF AUDIT RISK
Inherent risk
Control risk
Inherent risk-Vulnerability to material misstatement assumed
that there are no related control hence, account balance and
transactions are susceptible to error, or material misstatement
because of its characteristics
ILLUSTRATION:
1. Sudden increase/decrease on net profit of the organization
2. Count of marketable securities identifying true ownership,
number of shares etc..
Control risk- material misstatement that could occur will not
be prevented or detected on a timely basis by internal controls
due to effectiveness of the design and operation of internal
control, concluded on a preliminary bases for planning
purposes, via evaluation of internal control risk. however 0%
control risk can never be achieved likewise due:
1. to inherent limitation of internal control
2. It circumvent or avoid fulfilling, answering, or performing
duties, questions, or issues
INTERNAL CONTROL CONCLUSION
Condition of transaction After passing internal
control evaluation
Conclusion of internal
control
Error
Error
Ineffective
Correct
Effective
Error
Ineffective/Counter
productive
Correct
Inconclusive/ showing no
certainty
Correct
Attributes:
1. Past audit tract
2. Conditions for the auditor to acknowledge the deterioration of
control
Detection risk- risk that can be controlled or manipulated by
auditor through the nature, timing and extent of audit
procedures as plan in the conduct of audit by the scope of the
procedures used by the auditor and is a function of the
effectiveness of an audit procedure and its application; the
result therefore:
1. It is not detection of misstatement in an assertion per se as
it connote to detection risk,
2. It is an ease of detection misstatement depending on the
effectiveness of design & operation of internal control
Detection Risk-Risk that auditor will not detect a misstatement
that exist in an assertion, or
Audit procedures will fail to produce evidence of
material error and irregularit
AXIOMS ON RISK COMPONENTS
Control risk is low= Detection risk is high
-internal control is very effective; therefore detection of
misstatement is easy
Control risk is high= Detection risk is low
-internal control is ineffective; therefore detection of
misstatement is difficult
“Approach rely entirely on auditor’s professional
judgement”
AUDIT RISK MODEL
Aur= IRxCRxDR
With risk involve are all independent
RISK ASSESSMENT PROCEDURES
1. Inquiries
1.1 Managemen
1.2 Charged with governance
1.3 Employees
1.4 Internal audit findings
1.5 In house legal counsel
1.6 Marketing / sales personnels
RISK ASSESSMENT PROCEDURES
2. Analytical procedure
3. Observation & Inspection
4. Other consideration
How do you assess
materiality???
Magnitude of an
omission or misstatement
of accounting
information , that in the
light of surrounding
circumstances, makes it
probable that the
judgment of a reasonable
Low level of
materiality=increase the
aggregate mistatement
Person relying on the information would
have been changed or influenced by the
omission or misstatement
High level of
materiality= decrease
the aggregate
mistatement
Materiality is relative
& not absolute concept
Circumstancial, Nature of the item or issue,
Uncertainty & cumulative effects
Illustrative data information
How do we identify
materiality in aggregate
misstatement???
STEPS TO ASSESS
1. Identify
2. Assess
3. Relate
4. Consider
potential
misstatement
Leading to fraud, due
To weak control enviro
nment, lack of mgt compeTency...assertion at financial
Statement level.
Assertion level necessary to obtain
sufficient appropriate audit evidence.
Is the auditor’s judgment on RISK of material misstatement
SIGNIFICANT?
JUDGMENT IDENTIFYING SIGNIFICANT RISK
2
1
Comple
x
transact
ion
3
4
5
6
Risk on non routine
transaction
Risk on development
of acctng estimates
Transactions consider unusual and
This concept circles on the estimates the
occur infrequently that require
financial statements require of, and revenue
management attention, ie: GAAP
recognition- subject for interpretation and
treatment & its difficulty to
assumptions of its effectiveness that could
implement,greater manual intervention affect future period.
Substantive procedure may not provide sufficient appropriate
audit evidence for risk relating to inaccurate or incomplete
recording routine & significant classes of transaction or account
balances , characteristic of which often permit highly automated
processing with little of no manual intervention = ENTITY’S
CONTROL OVER SUCH RISK ARE RELEVANT TO THE AUDIT THE
AUDITOR SHALL OBTAIN UNDERSTANDING.
Is there a way for the risk assessment in terms of material
misstatement at financial level and assertion level be revised?
It may change during the course of the audit as
additional evidence is obtained that could result in
inconsistencies with audit evidence previously
obtained, likewise modify the planned audit
procedures
STEPS IN APPLYING MATERIALITY
1. Establish preliminary judgment-maximum amount FS could
be misstated but still not affect the decision of the
reasonable users- a relative approach rather than absolute
concept with the base to consider, i.e:
a. Total assets
b. Total revenues
c. Net income before taxes
d. Net income from continuing
operation
e. Gross profit
f. Average of 3 years; net income
before
taxes
STEPS IN APPLYING MATERIALITY
2. Determine tolerable misstatement-materiality allocated to an
account or class of transaction based on judgment or formal
quantitative approach
3. Estimate likely misstatements and compare totals to the
preliminary judgment about materiality- done near the end
of audit with the auditor evaluates all the evidences
gathered. The greater the preliminary judgment with likely
misstatement, concludes that the FS are fairly stated,
otherwise Adj is necessary, if not issue qualify or adverse
opinion
AUDITING
MATERIALITY
FRAUD
AUDIT-AUDITORS
RESPONSIBILITY
The given example shows the risk as
identified that could be a cause of:
Business related risk or
Financial statement risk in terms of
misstatement relating to Fraud or Error…
Business risks
Financial statement risks
1. Change in org structure, industry
1. Differences that would affect the
general presentation in accordance with
financial reporting..(GAAP)
2. New product line & services or
segments
-amount, classification, account, etc
3. Location
-material disclosure either omitted nor
not presented
4. Introduction of Information tech
-Omission in financial statements
5. Economic stability of the business
situs
6. Government regulation
FINANCIAL RISKS
Unintentional
Misstatement
or omission of
Amounts or disclosure
in the Financial
statements
1.Mistakes in data
Process, acctng prin
Ciples
2.Unreasonable
Estimates
3.Clearical mistakes
Human error, weakness
Intentional
Misstatement
Or omission intended to
deceive users of financial
statments
Financial reporting
Misappropriation of assets
Manipulation/
Falsification/
Forgery/
Alteration
MisrepresentaTion/intentional omission
Intentional
Misapplication
of acctng prin
ciples, amount
account
Record ficti
tious journal
entry close to
acctng report
Management
Override controls
Inappropriate
adjustments/ju
dgment/estima
te
Omit,conceal,
Alter,delay
Recording of
events
Engage in
Complex
trans
Accounting records/documents/reports
Opportunity
Incentive/Pressures
Management monitoring is
not effective
Unstable
organizational
structure
Deficient internal
control
Threatened financial stability
& profitability
Motivating factors to commit
fraudulent financial reporting
Excessive pressures
from 3rd party
requirements
Pressures from
management/personnel
to meet financial
targets
Attitudes
Low morale
Disputes between
shareholders
Impartiality in business
decision
Weak in business relationship
Convince that fraudulent
& dealing w/ the auditor
act is worth the risks
MISAPPROPRIATION OF ASSETS
Stealing
physical assets
or intellectual
property
Embezzling
receipts
Using entity’s
assets for
personal gain
Payment by
acommodation
for
goods/services
not received
Opportunity
Incentive/Pressures
Huge amount of cash on
hand, with inventory highly
in
Demand, weak
Control on
Fixed assts
Personal financial obligation
with direct access to
cash & other
assets susceptible to theft
Motivating factors to commit
misappropriation of assets
Attitudes
Disregard actions to consider about the weaknesses
Noted for misappropriation of assets, the
Degree of tolerance
With the fraud triangle, how would the fraud be accomplished?
CAPABILITY
The knowledge and skill to
Successfully execute it.
FRAUD PREVENTION
PROCESS
1. Installation of corporate governance principles and
practices
2. Execution of transaction- level controls
3. Audit controls and processes
4. Investigation of all alleged improprieties
PREVENTION
1.
2.
3.
4.
5.
6.
7.
8.
Reshaping the role of audit committee
Strengthening the control environment controls
Stricter laws, regulations and governance
Sufficient mechanism for whistle blowing
Hiring only ethical employees
Instill the fear of being caught
Maintain an anti fraud culture
Independent directors who have no material interest in the
company
9. Board& committee meetings regularly held without the
presence of the CEO
10. Effective flow of reports and other
board committee
11. Budgeting controls
12. Internal and compliance audit
information to the
HINTS OF POSSIBLE
FRAUD
REVENUE ACCOUNTS
1. Recognizing as revenue goods not
yet shipped
2. Recognizing as revenue goods shipped but not ordered
3. Channel stuffing (padding)
4. Bill- and- hold technique
5. Recognizing revenue for goods where there is a customer
right to
return goods in the contract
6. Recognizing revenue even if the service is not yet performed
INVENTORY FRAUD
1. Kickbacks on inventory purchases
2. Hollow square
3. Discounts for prompt payments are pocketed by
employees
4. Inventories are written off without authorization
5. Double counting of inventories
6. Consigned goods received are made part of inventory
balance
7. Mislabeling of finished goods
8. Intentional and improper cutoffs
FRAUD ON ASSETS AND EXPENSES
1.
2.
3.
4.
Improper capitalization of expenditures
Non- recording of assets impairment(damaged)
Inadequate allowance for doubtful acccounts
Recording fictitious assets
FRAUD ON ASSETS AND LIABILITIES
1. Increasing an asset’s valuation in the balance sheet
2. Inappropriate estimates such as those used for
depreciation and amortization
3. Unsupported expenses to reduce income tax
4. Expensing an asset to reduce income tax
FRAUD ON LIABILITY ACCOUNTS
1.
2.
3.
4.
5.
6.
Hiding debts off the balance sheet
Intentional non- accrual of expenses
Non- disclosure of contingent liabilities
Undervaluation of debt
Non-recording of finance lease liability
Improperly transferring liability to another entity or related
party
7. Declaring liabilities are paid out on the balance sheet even if
they are still unpaid
AUDIT STRATEGY
OBJECTIVES
1. Deploying resources to specific audit areas such as
assigning experienced team members for high risk areas of
involving experts on complex matters
2. Allocating resources to specific audit areas (timing)
3. Timing of the deployment of such resources (interim/year
end/ key cutoff dates)
4. How such resources are to be managed and supervised
AUDIT OF CASH/ FRAUD ON CASH
1. Fraudulent disbursements
1.1 submission of false invoices
1.2 false reimbursement
Skimming(brushing off)- cash is stolen from the entity before it
is recorded in the accounting records
Cash larceny(taking something unlawful) cash is stolen after it
has been recorded in the accounting books
KITING- fraud that overstate by causing it to be simultaneously
included in two or more bank accounts; it is possible because a
check takes several days to clear the bank on which it is drawn
Procedure to audit kiting
1. Prepare a bank transfer schedule-last week of the audit year
and 1st week of the following year
2. Prepare proof of cash
3. Obtaining a cutoff bank statement for all the banks company
open account
CASH
1.
2.
3.
4.
5.
6.
7.
Cash count on hand at year end
Send confirmation letter to financial institution
Review cut off cash receipts and disbursements
Review passbooks and bank statement
Perform analytical procedures
Obtain cutoff bank statements
Review year end bank reconciliation
RECEIVABLES
Lapping- embezzlement scheme in which cash collection from
customers are stolen and the shortage is concealed by delaying the
recording of subsequent cash receipts
To detect:
1. perform analytical procedure such as calculating receivable
turnover ratios and age of receivables
2. Confirm receivables and investigate all exceptions
3. Obtain authenticated deposit slips from bank and compare
name, dates, and amounts on remittance advices to
information on deposit slips
4. Perform surprise inspection of deposits and compare
deposit
slips with remittance
5. Compare remittances advices with
information recorded
to books
6. Verify propriety of noncash credits to accounts receivable
7. Reconcile individual customer accounts to accounts
receivable control accounts
8. Compare copies of monthly statements with customer
account
Audit procedure for receivables
1. Confirm accounts and notes receivables by direct by
communication with debtors
2. Inspect notes on hand and confirm those not on hand by
direct communication with debtors
3. Vouch receivables to supporting customer orders, sales
orders, invoices shipping documents and others
4. Review sales cut off and cash receipts around year end
5. Perform analytical procedures –receivable turnover
Audit procedure for receivables
6. Examine the adequacy of the allowance for doubtful
accounts
INVENTORY
1. Perform observation of inventory count
2. When a client uses statistical methods in determining
inventory quantities, the auditor must be satisfied that the
sampling plan has statistical validity
3. In case of a first time audit, auditor should observe the
counting
4. Perform analytical procedure- inventory turnover
5. Confirm consigned inventory and inventory in warehouse
6. Make test of observe physical count
INVENTORY
7. Review cutoffs
8. Account for inventory tags and count sheets
9. Test the inventory cost method and pricing
10. Examine inventory quality and condition
INVESTMENT
1.
2.
3.
4.
Perform analytical procedure
Perform simultaneous verification
Confirm securities held by others
Inspect and count securities on hand and compare serial
numbers with those shown on records
5. Vouch purchases and sales of securities during the year
6. Examine dividends and other investment income
7. Examine investment classification for F/S presentation
FIXED ASSETS
1.
2.
3.
4.
Perform analytical procedures fixed asset turnover
Inspect major acquisition of PPE during the year
Examine disposal of PPE including proceeds from sale
Review minutes of meeting to determine authorization of
major PPE transaction
5. Analyze repair and maintenance expenses and vouch
transaction
6. Review depreciation policy and depreciation computation
LIABILITIES
1. Perform analytical procedures
2. Confirm accounts payable with vendors
3. Vouch payable balances to selected vendors by inspecting
purchase orders, receiving reports and invoices
4. Inspect notes and loan agreements
5. Search for unrecorded liabilities
6. Review accruals
7. Perform analytical procedure for long term debts- debt to
equity ratio, interest ratio
8. Review loan covenants and identify possible breach of
covenant
LIABILITIES
9. Confirm long term debt with creditors
10.Trace proceeds of loans to bank account and books
11.Review minutes of meetings for authorization
SHAREHOLDERS’ EQUITY
1. Confirm stocks authorized issued and outstanding with the
independent registrar and stock transfer agent as
appropriate
2. Without an independent registrar and stock transfer agent,
reconcile the stock certificate books to transaction
recorded in the GL
3. Vouch transaction and trace receipts of funds to bank
account and cash register journal
4. Review minutes of meetings
5. Review articles of Incorporation and by laws
SHAREHOLDERS’ EQUITY
6. Perform analytical procedure- reasonableness of dividends
7. Vouch dividend payment
8. Vouch entries affecting retained earnings
9. Examine treasury share transaction
10.Reconcile outstanding shares recorded with the stubs
11.Confirm balances with shareholders as appropriate
REVENUE
1. Review company’s revenue recognition
2. Perform analytical procedures- vertical and horizontal
trend analysis , comparison to industry averages
3. Vouch revenue transaction and determine that they were
recorded at the proper transaction amounts
4. Examine trade arrangements and sales contracts
5. Analyze sales to related parties
6. Perform cutoff procedure
7. Consider economic substance of transaction
EXPENSES
1. Review capitalization policy
2. Perform analytical procedure- same as that of the
REVENUE
3. Obtain or prepare an analysis of selected expense accounts
4. Vouch transactions to supporting documents
5. Perform cutoff procedures
6. Trace selected payroll transactions recorded to the human
resource department to determine whether the employees
were actually employed during the payroll period
7. Test the handling of terminated employees
8. Conduct surprise payroll payoff
EXPENSES
8. Inspect if the company recognize expense for
- Share based compensation
- Deferred tax
- Provisions
- Impairment losses
- Employee benefits
- Lease liability
The audit procedures listed and presented should be guided by
the audit programs to enable the gathering of evidence indicative
of the audit objective to be satisfied i.e: assess the effectiveness
of internal control and financial statement account balances.
Program and objective should be satisfied with the:
1. Existence of assets
2. Rights to assets
3. Completeness
4. Valuation of assets
5. Disclosure.
INTERNAL CONTROL
The process designed and effected by those charged with the
governance, management, and other personnel to provide
reasonable assurance about the achievement of the entity’s
objectives with regard to reliability of financial reporting,
effectiveness and efficiency of operations, and compliance with
laws and regulations
It provides assurance that process is carried out properly, as a tool
not be viewed as a substitute for management
INTERNAL CONTROL
Internal control is the primary responsibility of the
management by putting up a system aided by oversight of
those charged with governance, and the execution and carrying
out of these policies & procedures by employees and other
personnel; hence it involves people; ie:
-Management/ chief exec officer -Board of Directorsin charge of
governance
-Employees and other personnelcarry out
specific controls
implemented
INTERNAL CONTROL
The involvement of people in internal control, must place
awareness that the people involved has a limited understanding,
or short in communication skills, but it is not an exemption that
they will not abide on the responsibilities set forth by the
management; hence, internal control must be well designed as
control environment speaks of it as an effective tool to meet
management objectives and goals.
INTERNAL CONTROL
Internal control process speak of the auditor’s responsibility to
assess the design of the internal control system in the company
implementations with the purpose to:
-to safeguard the assets of the
company
-to check the accuracy and
reliability of
its accounting
data…(Accounting controls)
-to promote operational
efficiency and encourage
adherence to
prescribed
managerial policies
…(Administrative controls)
INTERNAL CONTROL
Internal control provides reasonable assurance, and not an
absolute assurance due to inherent limitation:
1. faulty judgment in decision making
2. Consideration of relative cost benefit
3. breakdowns coming from human failures or simple mistakes
4. Effect by collusion of two or more people
5. Management overrides control system
Control
Environment
Monitoring of
controls
COMPONENTS
OF INTERNAL
CONTROL
Entity risk
assessment
process
Control activities
Info system and related
business process relevant to
Financial reporting &
communication
Administrative
controls
Accounting controls
A plan of organization, which
provide appropriate segregation of
function & responsibilities
Control
environment
A system of
authorization & record
procedures to control
assets,
Liabilities,
Revenue, exp
Mgt with charged governance,
has created and maintained
culture of honesty and ethical
behavior
Communicate & enforce
integrity and ethical values
Governance and mgt function and
the attitudes, awareness, & action;
the foundation for all other
components of internal control
Competence
Mgt participation with
respective to guidance of
responsibilities
Administrative
controls
Accounting controls
Sound practices to be followed
Mgt philosophy & operating
style
Quality of personnel
Organizational structure
Provision for periodic review
Control
environment
Assignment of authority &
responsibility
Governance and mgt function and
the attitudes, awareness, & action;
the foundation for all other
components of internal control
Human resource policies
& practices
Plan of
System of Sound
Quality of
Organizati authorizati practices personnel
on
on
in
performan
ce duties
Provision
for
periodic
review
Simple
Written
Check &
authorizati balances
on for bus
transactio
n
Selection
Continuing
supervisio
n for SOP,
operating
condition,
obsolete,
&
corrective
actions
Flexible
Well
Training
Internal
Acctng
Plan of
Organization
System of
authorization
Sound
practices in
performance
duties
Quality of
personnel
Organization
independence
Procedures for
handling
routine
transacion
Supervision
Lines of
authority
Adequate and
wll kept
accounting
records
Rotation &
vacation
Definition of
duties
Timely,useful,a
ccurate, &
reliable reports
Provision for
periodic review
Plan of
System of
Organization authorizatio
n
Organization Standards of
al chart
performance
Sound
Quality of
practices in
personnel
performance
duties
Provision for
periodic
review
Referring to process that
affect significant account
balances in FS how
- Initiated
- documented
- recorded to
GL
Info system and related
business process relevant
to Financial reporting &
communication
Referring to
individual roles and
responsibilities
pertaining to internal
controls over financial
reporting aided by
policy manuals,
financial reporting
manuals
Policies and procedures that ensures management directives
are carried out
Authorization
Performance review
Information
processing
Physical control
Segregation of duties
Control activities
The control activities help to
assess material misstatement
responsive to assessed risk by
conducting further audit
procedures.- relevance of audit
risk for auditor’s judgment.
Mgt monitor internal control -if it’s operating
-appropriate for changes
-timeliness of reports
-compliance w/
entity’s policies
& business
practices
Monitoring
-Information fr
controls
communication
from external
parties that may indicate problems that needs
improvement
Provides information about the
function of internal control
-focus attention on evaluating
effective internal control
-communicate
information about strenght &
weaknesses & recommendation for
improvement
HOW WE DOCUMENT INTERNAL CONTROL
Understanding obtained of the entity and its environment, identified risks and
material misstatements, and its discussion with the audit team can be
documented through the tool using:
-Procedure manuals and organizational charts
-Narrative description of memoranda
-Internal control questionnaires
-Flowcharts
CARDINAL PRINCIPLES OF INTERNAL CONTROL
1.
2.
3.
4.
5.
6.
7.
Responsibility for the performance of each duty must be fixed
Accounting and financial operations must be made operational as a separate
functions as record keeping and execution of transaction respectively
Proof of accuracy should be utilized in order correctness of operation and
accounting through audit trail
No one person should be in complete charge of a business transaction
Employees must be carefully selected and trained
Employees should be bonded
Employees should be rotated on a job, If possible; vacation for those in
position of trust should be endorsed
CARDINAL PRINCIPLES OF INTERNAL CONTROL
8. Operating instructions for each position should be reduced to writing
9. The protective advantage of a double-entry system of accounting should
not be exaggerated
10.Controlling account should be used extensively as possible
11.Merchandise equipment and/or electronic equipment should be used, if
feasible
INTERNAL CONTROL FOR SMALL COMPANY
1.
2.
3.
4.
5.
6.
7.
8.
Use of double entry system of bookkeeping
Prompt recording of transaction and periodic or regular balancing of
accounts
Maintenance of a carefully prepared chart of accounts
Preparation of monthly comparative financial statements for review by the
owner
Deposit of all cash receipts intact daily, and making all payments by check
signed by the owner
Approval of the owner of business transactions, and scrutiny of invoices
before payments
Use of well designed, serially numbered forms and proper control over these
forms
Employment of accounting proofs and controls.
INTERNAL CONTROL FOR SMALL COMPANY
9. Periodic audits by an independent public accountant
10.Use of mechanical equipments, and physical safeguards
11.Adequate insurance
Related documents
JOB DESCRIPTION
JOB DESCRIPTION
Slide 1
Slide 1
Lesson 7 Marketing Audit
Lesson 7 Marketing Audit
4.2 Marketing Planning
4.2 Marketing Planning
Auditor Senior IT Ad 4 3 2017
Auditor Senior IT Ad 4 3 2017
Audit Committee 18 September 2012
Audit Committee 18 September 2012
A guide for developing a marketing plan
A guide for developing a marketing plan
Electronic Data Processing * Audit Sistem Informasi
Electronic Data Processing * Audit Sistem Informasi
Gynaecology Audits 2010/11
Gynaecology Audits 2010/11
Assessing the Degree of Implementation of SIGN 77:
Assessing the Degree of Implementation of SIGN 77: