36336510 acca f8 audit internal controls slides
TRANSCRIPT
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
1/223
Internal Control Is
A Process Not Merely
Policies, Procedures and Forms
Affected by People
Directed Toward theAchievement of Objectives
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
2/223
Internal ControlAs Defined by COSO Is (Committee of Sponsoring Organizations)
A process, affected by an entitys board of directors, management, and other personnel,
designed to provide reasonable assuranceregarding the achievement of objectives in thefollowing categories:
Reliability of financial reporting;
Effectiveness and efficiency of operations; and
Compliance with applicable laws and regulations
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
3/223
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
4/223
Perfect Internal Control?
Inherent Limitations
Misunderstanding of Instructions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
5/223
Perfect Internal Control?
Inherent Limitations
Mistakes of Judgment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
6/223
Perfect Internal Control?
Inherent Limitations
Personal Carelessness
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
7/223
Perfect Internal Control?
Inherent Limitations
Distraction
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
8/223
Perfect Internal Control?
Inherent Limitations
Fatigue
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
9/223
Perfect Internal Control?
Inherent Limitations
Management Override
Can Lead to Cover Ups
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
10/223
Perfect Internal Control?
Inherent LimitationsCollusion Among Individuals
Circumvent Control Procedures Whose
Effectiveness Depends on Segregation of Duties
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
11/223
Perfect Internal Control?
Inherent Limitations
Staff Size Limitations
May Obstruct Efforts to Properly
Segregate Duties
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
12/223
If Staff Size is Limited Compensating Controls Should Be
Implemented to Ensure Objectives Are Met
A Compensating Control is used to Counter-
balance an Internal Control Weakness
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
13/223
Perfect Internal Control?
Summary Inherent Limitations
Misunderstanding of Instructions
Mistakes of Judgment
Personal Carelessness
Distraction
Fatigue
Management Override
Staff Size Limitations
Collusion Among Individuals
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
14/223
Perfect Internal Control?
Level of Assurances
As a Result of Inherent
Limitations and CostLimitations, the InternalControl Structure Can ProvideOnly Reasonable, NotAbsolute Assurances, ThatGoals and Objectives Will BeAccomplished
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
15/223
Perfect Internal Control?
R
easonable Assurance
The concept of reasonable assurancerecognizes that the cost of an entitys
internal control structure should notexceed the benefits that are expected tobe derived. Although the cost-benefit
relationship is a primary criterion thatshould be considered in designing aninternal control structure, the precise
management of costs and benefits
usually is not possible.
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
16/223
Internal ControlF
ailures ResultF
rom
Lack of Integrity
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
17/223
Internal ControlF
ailures ResultF
rom
Weak Control Environment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
18/223
Internal ControlF
ailures ResultF
rom
Inconsistent Objectives
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
19/223
Internal ControlF
ailures ResultF
rom
Poor Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
20/223
Internal ControlF
ailures ResultF
rom
Inability to Understand & React
to Changing Conditions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
21/223
Internal ControlSummary - Failures ResultFrom
Lack of Integrity
Weak Control Environment Inconsistent Objectives
Poor Communication
Inability to Understand and React
to Changing conditions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
22/223
Internal ControlP
rimary Objectives
Compliance with policies, plans, laws,procedures, regulations, contracts, etc.
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
23/223
Internal ControlP
rimary Objectives
Accomplishmentof goals and objectives
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
24/223
Internal ControlP
rimary Objectives
Reliability and integrity of information
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
25/223
Internal ControlP
rimary Objectives
Economicaland efficientuse of
resources
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
26/223
Internal ControlP
rimary Objectives
Safeguardingof assets
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
27/223
Internal Control
SummaryP
rimary Objectives
Compliance
Accomplishment of Goals & Objectives
Reliability & Integrity of Information
Economical & Efficient Use ofResources
Safeguarding of Assets
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
28/223
Internal Control Isnt Always Good
When it
Is Excessive
Has a cost that outweighs the derivedbenefits
Tries to obtain the unobtainable, i.e.
absolute assurance Violates the Golden Rule of Internal
Control
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
29/223
Control is Excessive When
It unnecessarily increases the
complexity of transaction processing
The control steps merely increasethe processing time and do not addvalue to the activity being controlled
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
30/223
Internal ControlGolden Rule
There is no greater waste thandoing with great efficiency that
which should not be done at
all!
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
31/223
Internal ControlTraits Present When Poor I/C
Bureaucracy Increased
In the best case scenario,
Productivity Decreased
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
32/223
Internal ControlTraits Present When Poor I/C
In the best case scenario,
Complexity Increased
Transaction Processing Time Increased
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
33/223
Internal ControlTraits Present When Poor I/C
In the best case scenario,
Non-value Adding Activities Increased
Going Nowhere Fast
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
34/223
Internal ControlTraits Present When Poor I/C
In the worst case scenario,
Interfere with goal accomplishment
Allow for abuse of assets
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
35/223
Internal Control Components
Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
36/223
Internal Control Components
Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
37/223
Internal Control Components:Control Environment
Is the attitude and actions of
the boardand managementregarding the significance of
control within theorganization
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
38/223
Internal Control Components:Control Environment
Provides the discipline and structure forthe overall system of internal controls
Established and maintained bymanagement
Should foster control conscientiousness
Includes the overall tone at the top setby people in positions of authority
Based on the attitudes and habits of those inauthority
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
39/223
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority & Responsibility Human Resource Policies & Practices
Competence of Personnel
Control EnvironmentIncludes
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
40/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority & Responsibility Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
41/223
Institutional objectives, and how they are
achieved, are based on preferences, value
judgments and management styles
Control EnvironmentIntegrity and Ethical Values
Ethical values must be clearly
communicated
Codes of conductmust be defined inwritten policy & procedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
42/223
Control EnvironmentIntegrity and Ethical Values
Ethics may be transmitted by example, i.e.people tend to imitate their leadership
Realmanagement concerns can often be
evaluatedin terms ofhow violators aredealt with, i.e. the messages sent byleaders actions in such situations quicklybecome accepted behavior
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
43/223
Organizational values cannot
rise above the integrity andethics of the people who
create, administerand
monitorthem
Control EnvironmentIntegrity and Ethical Values
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
44/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority & Responsibility Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
45/223
Factors affecting leaderships philosophy
and operating style:
Control EnvironmentManagements Philosophy & Operating Style
Delegation of Authority (Empowerment)
Risk Taking Reliance on Policies & Procedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
46/223
Control EnvironmentManagements Philosophy & Operating Style
Administrators should promotecompliance through their own actions
Administrators must support adherenceto policies and procedures if theyexpect employees to have that attitude
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
47/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority & Responsibility Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
48/223
Provides the framework for achievementof objectives, through proper planning,executing, controlling, and monitoring
Control EnvironmentOrganizational Structure
Depends on the administrationsphilosophy
The appropriateness of depends onvarious factors, such as size and type ofactivities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
49/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority & Responsibility
Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
50/223
Control EnvironmentAssignment of Authority & Responsibility
Determines the degree to whichindividuals & departments are
encouraged to use initiative in addressingissues and problem solving, as well as thelimits of their authority
Delegation of Authority (Empowerment)Placing control for certain decisions atlower levels of the organization, toindividuals closest to everyday activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
51/223
Control environment is greatly influencedby the degree to which individuals areheld accountable
Control EnvironmentAssignment of Authority & Responsibility
Critical challenge is to delegate to the
extent required to achieve objectives
Always remember that One Can
Delegate Authority, Not Responsibility
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
52/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority &
R
esponsibility Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
53/223
Control EnvironmentHuman Resource Policies & Responsibilities
Human resource practices
send messages to employees
regarding expected levels of
integrity, ethical behaviorand competence
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
54/223
Control EnvironmentHuman Resource Policies & Responsibilities
Integrity, ethics, and competence must beexercised in
HIRING
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
55/223
Integrity, ethics, and competence must beexercised in
TRAINING
Control EnvironmentHuman Resource Policies & Responsibilities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
56/223
Control EnvironmentHuman Resource Policies & Responsibilities
Integrity, ethics, and competence must beexercised in
EVALUATING
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
57/223
Control EnvironmentHuman Resource Policies & Responsibilities
Integrity, ethics, and competence must beexercised in
PROMOTING
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
58/223
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
59/223
Control EnvironmentHuman Resource Policies & Responsibilities
Disciplinary action should beconsistently applied to all
employees
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
60/223
Control EnvironmentIncludes
Integrity and Ethical Values
Managements Philosophy & OperatingStyle
Organizational Structure
Assignment of Authority &
Responsibility
Human Resource Policies & Practices
Competence of Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
61/223
Control EnvironmentCompetence ofPersonnel
Lines of authority and responsibility
clearly established, documented in
written job descriptions andprocedures manuals
Competent people must be hired
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
62/223
Control EnvironmentCompetence ofPersonnel
Job descriptions should be periodically
updated to ensure that employees areaware of the duties they are expected to
perform
Organizational charts provide a visual
presentation of lines of authority
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
63/223
Internal Control Components
Control Environment
Risk Assessment Control Activities
Information & Communication
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
64/223
Internal Control Components:Risk Assessment
Is the identification and analysis ofrelevantrisks associated with the achievement ofobjectives
Is an ongoing process that is a critical
component of an effective internal control
system
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
65/223
Internal Control Components:Risk
Riskis the uncertainty of an event
occurring that could have an impact onthe achievement of objectives.
Riskis measured in terms ofconsequences and likelihood.
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
66/223
Internal Control Component:Risk Assessment
Risk can pertain to external & internal
factors
External risk factors are outside of the
university, usually beyond managements
span of control
Internal risk factors are within the university,
usually within managements control
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
67/223
Risk AssessmentExternal RiskFactors
Economic Changes
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
68/223
Risk AssessmentExternal RiskFactors (cont.)
Changing Student & Community
Needs and/or Expectations
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
69/223
Risk AssessmentExternal RiskFactors (cont.)
New or Changed Legislation or
Regulations
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
70/223
Risk AssessmentExternal RiskFactors (cont.)
Technological Developments
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
71/223
Risk AssessmentExternal RiskFactors (cont.)
Natural Catastrophes
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
72/223
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
73/223
Economic changes
Changing student & community needs
New/changed legislation & regulations
Technological developments
Natural catastrophes
Competitive conditions
Risk AssessmentSummary - External RiskFactors
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
74/223
Risk AssessmentInternal RiskFactors
New Personnel
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
75/223
Risk AssessmentInternal RiskFactors (cont.)
Low Morale
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
76/223
Risk AssessmentInternal RiskFactors (cont.)
Competence, Adequacy & Integrity
of Personnel
i A
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
77/223
Risk AssessmentInternal RiskFactors (cont.)
New or Revamped Information Systems
Ri k A
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
78/223
Risk AssessmentInternal RiskFactors (cont.)
Size of Organization
Can be measured in terms of
Assets LiquidityTransaction
Volume
Ri k A
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
79/223
Risk AssessmentInternal RiskFactors (cont.)
Complexity & Volatility of Activities
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
80/223
Risk AssessmentInternal RiskFactors (cont.)
Geographical Dispersion of Operations
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
81/223
Risk AssessmentInternal RiskFactors (cont.)
Changes in Management Responsibilities
For, Example Climbing The Ladder of Success
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
82/223
New Personnel
Low Morale
Competency & Integrity of Personnel
New or Revamped Information Systems
Size of Organization
Complexity & Volatility of Activities Geographical Dispersion of Operations
Changes in Management Responsibilities
Risk AssessmentSummary Internal RiskFactors
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
83/223
After the risk factors
have been identified, they
must be evaluated or
analyzed in terms of risk
Risk AssessmentRisk Analysis
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
84/223
Risk AssessmentRisk Analysis Includes
Estimating the Significance of the Risk
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
85/223
Risk AssessmentRisk Analysis Includes (cont.)
Assessing the Likelihood (or Frequency)
of the Risk Occurring
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
86/223
A determination must be made
on how to manage risk, i.e. an
assessment of actions that can
be taken and their relative cost
Risk AssessmentRisk Analysis
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
87/223
What can go wrong
What areas have the most risk
What assets are at risk
Who is in a position of risk
Risk AssessmentRisk Analysis
Administrators must determine
Ri k A t
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
88/223
Risk AssessmentRisk Analysis (cont.)
When determining risk levels, administratorsmust consider
Governmental
MandatesThe
Unexpected Obstacles
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
89/223
Public Scandal
Risk AssessmentRisks May Include Such Things As
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
90/223
Risk Assessment
Risks May Include Such Things As
Revenues Not Received
or Not Recorded Properly
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
91/223
Risk Assessment
Risks May Include Such Things As
Assets Not Used Efficiently
FinancesPersonnel
Space
Efficient Performance accomplishes objectives and goals
in an ACCURATE and TIMELY FASHION with
MINIMAL USE ofRESOURCES
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
92/223
Risk Assessment
Risks May Include Such Things As
Assets Not Used Effectively
Effective Control is present when management directs systems in
such a manner as to provide REASONABLE ASSURANCE that the
organizations OBJECTIVES and GOALS will be ACHIEVED
FinancesPersonnelSpace
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
93/223
Risk Assessment
Risks May Include Such Things As
Assets Diverted to Personal Use
Space
FinancesPersonnel
All Break and No Work
Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
94/223
Risk Assessment
Risks May Include Such Things As
When Information Used For Decision Is
Making Not Reliable, Available or Timely
Reliable Available Timely
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
95/223
In assessing risk, the potential
loss associated with any
exposure or risk is weighed
against the cost to
control it
Internal Control Component:Risk Assessment
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
96/223
Internal Control Components
Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
97/223
Control activities are the
policies and procedures that
help ensure that management
directives are carried out
Internal Control Component:Control Activities
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
98/223
Internal Control Component:Control Activities
Generally, control activities (procedures)
fall within five broad categories
Authorizations
Segregation of Duties
Recording
Safeguarding
Reconciliations
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
99/223
Internal Control Component:Control Activities
Authorizations
Segregation of Duties
Recording
Safeguarding
Reconciliations
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
100/223
Control ActivitiesAuthorizations
Transactions must be authorizedand executed in accordance with
managements intent
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
101/223
Authorization to initiate or approve
transactions should be limited to specific
personnel
Control ActivitiesAuthorizations (cont.)
Authorizations can be limited by type oftransaction (e.g. timesheets) or amount oftransactions (e.g. under a certain dollar
amount)
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
102/223
Authorizations
Segregation of Duties
Recording
Safeguarding
Reconciliations
Internal Control Component:Control Activities
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
103/223
Segregation of duties is adequatewhen no one person is a positionto both initiate and conceal
errors and/or irregularities inthe normal course of their dutieswithout detection
Segregation of Duties
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
104/223
Provide that one employee does not haveresponsibility for all phases of a transaction
Different people should be responsibility
for:
Control ActivitiesSegregation of Duties (cont.)
Authorizing Transactions
Recording Transactions
Maintaining Custody of the Assets
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
105/223
Generally, an employee with
physical access to an asset should
not also be responsible for theaccounting records for that asset
Control ActivitiesSegregation of Duties (cont.)
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
106/223
Authorizations
Segregation of Duties Recording
Safeguarding
Reconciliations
Internal Control Component:Control Activities
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
107/223
Documents and records must beproperlydesignedto provide reasonable assurance
that
Control ActivitiesRecording
Assets are properly controlled
Transactions are properly recorded in the
correct account, amount, and period
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
108/223
Control ActivitiesRecording (cont.)
Proper design may include such things as
Pre-numbered documents, which can beused to detect missing documents and
for tracking purposes
NCR documents, which can be used for
authenticity and control purposes
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
109/223
Control ActivitiesRecording (cont.)
Transactions should be properly documented
Records should be retained in an organized
manner
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
110/223
Authorizations
Segregation of Duties Recording
Safeguarding
Reconciliations
Internal Control Component:Control Activities
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
111/223
Measures should be taken to safeguard
the access to and use ofboth assets and
records
Achieved through physical security &
reconciliation of assets to records
Co t o ct v t esSafeguarding
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
112/223
Safeguarding
Assets should be physically secured
Access to assets should be limited todesignated authorized personnel
Internal Control Component:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
113/223
Authorizations
Segregation of Duties Recording
Safeguarding
Reconciliations
pControl Activities
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
114/223
Are independentchecks and internal
verificationprocedures designed tohelp provide assurance
that the other fourcontrol procedures are
achieved
Reconciliations
Control Activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
115/223
Reconciliations (cont.)
The person performing
the reconciliation (orverification procedures)
should be independent
from the individualsoriginally responsible
for preparing the data
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
116/223
Internal Control Components
Control Environment
Risk Assessment Control Activities
Information & Communication
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
117/223
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
118/223
pInformation & Communication
The information &
communication system must
provide administrators with
reports containing
operational, financial, and
compliance information forprogress monitoring and
decision making
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
119/223
pInformation & Communication
Pertinent information must be identified,captured and communicated to
appropriate personnel on a timely basis
The quality of information received and/or
given influences the quality of decisions
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
120/223
pInformation & Communication
Once information is identified,
captured, and processed it is reported
formally and informally through bothmanual and computerized information
systems
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
121/223
Information Systems Include
Universitys Written Policies andProcedures
Budget Units Goals and Objectives
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
122/223
Systems Include (cont.)
Budget Units Documented Policies andProcedures
Organizational Charts
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
123/223
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
124/223
Systems Include (cont.)
Training Programs
Periodic Progress Reports (Goals &
Objectives Accomplishment)
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
125/223
pInformation & Communication
Employees must know what theyare supposed to accomplish and
how they are to do it
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
126/223
pInformation & Communication
Communication must flow
Up and down the organization
Across organizational lines
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
127/223
Information Systems Effectiveness
Strategic Plan
Necessary Resources
Targeted Audience
Timeliness of Sufficient DetailedInformation
Accuracy and Relevancy of Information
Depends Largely on FollowingFactors:
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
128/223
Information Systems Effectiveness (cont.)
Information Systems should be developedand revised based on a strategic plan
The strategic plan must be congruent with
university-wide and activity-level objectives
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
129/223
Information Systems Effectiveness (cont.)
Management must commit the
necessary resources (human andfinancial) to information
systems development
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
130/223
Information Systems Effectiveness (cont.)
Information must reach the rightpeople, i.e. the targeted audience
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
131/223
Information Systems Effectiveness (cont.)
Information must be in sufficient
detailand timely enough to allow foran appropriate response
Information & Communication
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
132/223
Information Systems Effectiveness (cont.)
Reports must be accurate andprovide information relevantto
established objectives
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
133/223
Internal Control Components
Control Environment
Risk Assessment Control Activities
Information & Communication
Monitoring
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
134/223
Monitoring includes the following:
Monitoring
Supervising
Observing
Testing
Reporting to Responsible Individuals
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
135/223
Is a process that assesses the qualityof the systems performance over
time
Monitoring
Ensures that the internal control systemis operating as expected and that theorganizations goals and objectives areachieved
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
136/223
Monitoring
Should be performed by supervisorypersonnel and be focused on high-
risk areas
Internal Control Components:
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
137/223
Monitoring
Can be ongoingmonitoring activities, separateevaluations or a combination of the two
Ongoing monitoring occurs in the normal course
of operations, inclusive of regular supervisory
activities
The scope andfrequency ofseparate evaluations
depend primarily on risk assessmentand the
effectiveness of the ongoing monitoring
procedures
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
138/223
Reviews of financial reports such as ..
Monitoring Activities Include
Comparisons of budgeted to actual
revenues and/or expenditures
Comparisons of current to prior months
and/or years activities
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
139/223
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
140/223
Monitoring Activities Include
Evaluation of Trends
Review of Supporting Documentation
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
141/223
Monitoring Activities Include
Documentation of Software Licenses
Surprise Cash and Other Asset Counts
Monitoring
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
142/223
Monitoring Activities Include
Follow-up on Complaints
Internal Control Components:M i i
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
143/223
Monitoring
Internal control systems change over time.Once effective procedures can become less
effective due to
New Personnel
Varying Effectiveness of Training andSupervision
Time and Resource Constraints
Internal Control Components:M i i
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
144/223
Monitoring
When changes occur, the internalcontrol system must change to
meet those changes
Remember Time & Change Waits For No One
Internal Control Components:M i i
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
145/223
Monitoring
If management does not make thenecessary changes, the organization may,
in most cases, be left behind
Internal Control vs. ControlsC d
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
146/223
Internal control is a process, affectedby people, directed toward the
achievement of goals
Compared
Controls are a part of the internalcontrol process
Internal Control vs. ControlsC t l
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
147/223
Controls
Controls are any action taken by management,the board, and other parties to enhance risk
management and increase the likelihood thatestablished goals and objectives will be achieved
Control is the result of
proper planning,
organizing, and directing
by management
Internal Control vs. ControlsAd t C t l
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
148/223
Adequate Control
Is present when management has planned
and organized (designed) in a manner that
reasonable assurance that the
Organizations risks have been managed
effectively
Organizations goals and objectives will be
achieved efficiently and economically
Internal Control vs. Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
149/223
Adequate Control & Reasonable Assurance
Reasonable Assurance implies that
material errors and irregularities willbepreventedor detected / corrected
within a timely period by employees
during the normal course ofperforming their assigned duties
Internal ControlsE D fi d
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
150/223
Errors Defined
An error is an unintentional mistake
Examples of errors include
Mathematical error
Unintentional omission of events ortransactions
Internal ControlsIrregularities Defined
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
151/223
Irregularities Defined
An irregularity is an intentional act; a
fraud
Examples of irregularities include
Manipulation, falsification, or alteration of
accounting records or supporting
documentation
Misrepresentation or intentional omission
of events or transactions
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
152/223
Types of Controls
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive
EDP Application Controls
Preventive, Detective or Directive
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
153/223
Types of Controls
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive EDP Application Controls
Preventive, Detective or Directive
Types of ControlsPreventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
154/223
Preventive Controls
Deter undesirable events
from occurring
Should be designed to discourage
errors or irregularities
Types of ControlsExamples of Preventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
155/223
Examples ofPreventive Controls
A computer application which checks validity
prevents the entry ofinvalid account numbers
Shred documents containing confidential
information (SSN, grades, addresses, etc.)
Types of Controls
Examples of Preventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
156/223
Examples ofPreventive Controls
Reading and understanding policy and
procedures manuals
Managers approval of a purchase requisition
for expenditure appropriateness
Read Sign
Departmental University
Types of Controls
Examples of Preventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
157/223
Examples ofPreventive Controls
Restrict access to data to only authorized
users
Physically restricting access to assets
Types of Controls
Examples of Preventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
158/223
Examples ofPreventive Controls
Keep food and drinks away from computerhardware
Back-up your work periodically on your
personal computer length of intervaldepends on importance of the data
Types of Controls
Examples of Preventive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
159/223
Examples ofPreventive Controls
Protect your password
Run updated anti-virus software on your
personal computer
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
160/223
Types of Controls
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive EDP Application Controls
Preventive, Detective or Directive
Types of ControlsDetective Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
161/223
Detective Controls
Detect and correctundesirable events which
have occurred
Should be designed to
identify an error orirregularity after it has
occurred
Types of Controls
Examples of Detective Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
162/223
Exception reports which list incorrect or
invalid entries or transactions
Examples of Detective Controls
A review of long distance telephone charges
to check for improper or personal calls
Types of Controls
Examples of Detective Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
163/223
Reconciliations
Examples of Detective Controls
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
164/223
Types of Controls
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive
EDP Application Controls
Preventive, Detective or Directive
Types of ControlsDirective Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
165/223
Directive Controls
Cause or encourage a
desirable event to occur
Should be designed to aid in
the accomplishment of goalsand objectives
Types of Controls
Examples of Directive Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
166/223
Examples of Directive Controls
Written, distributed policy and
procedures
Training seminars
Well defined job descriptions
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
167/223
Types of Controls
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive EDP Application Controls
Preventive, Detective or Directive
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
168/223
EDPGeneral Controls
Ensure that the programmedprocedures within a computerized
system are appropriatelyimplemented, maintained, and
operated and that only authorized
changes are made to programs anddata
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
169/223
EDPGeneral Controls
Programmed procedures
include the preciseinstructions to the computer
to perform specific steps to
achieve a particular task
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
170/223
EDPGeneral Controls
There are two types of programmed
procedures Accounting and Control
Programmed Accounting Procedures are
simply accounting procedures performed by the
computer
Programmed Control Procedures ensure
the completeness, accuracy, and authorization of
processed and stored data
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
171/223
EDPGeneral Controls
Examples of Programmed Accounting
Procedures include
Calculating and producing student
bills
Updating master files
Generating data within the computer
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
172/223
EDPGeneral Controls
Examples of Programmed Control
Procedures include
Matching student identification numbers
against a master file containing student
information
Exception reports generated when there are
instances when the computer is unable to
complete the prescribed operation
Types of ControlsEDP General Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
173/223
EDPGeneral Controls
There are seven categories of EDP GeneralControl Procedures
Implementation File Conversion
Maintenance
Computer Operations
Data File Security
Program Security
System Software
EDP General ControlsImplementation ControlProcedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
174/223
p
Help guard against financially
significant errors in new applications
Ensure that programmed procedures
for new systems or majorenhancements to existing systems are
effectively designed and implemented
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
175/223
EDP General ControlsMaintenance Control Procedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
176/223
Maintenance ControlProcedures
Cover same areas as implementationprocedures, but relate to program
amendments rather than entirelynew applications
Ensure that changes to programmedprocedures are effectively designedand implemented
EDP General ControlsComputer Operations Control Procedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
177/223
Computer Operations ControlProcedures
Ensure the continuity of processing
and the consistent application of
programmed procedures
Ensures that the correct data files
are used, including their correct
version, and that recovery
procedures for processing failures
are provided
EDP General ControlsData File Security Control Procedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
178/223
Data File Security ControlProcedures
Protect data from unauthorizedaccess that could result in their
modification, disclosure ordestruction
Are designed to prevent or detect
unauthorized changes to stored data Are designed to prevent or detect the
initiation ofunauthorized transaction
EDP General ControlsProgram Security ControlProcedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
179/223
g y
Are designed to prevent or detect
unauthorized amendments toprograms
EDP General ControlsSystem Software ControlProcedures
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
180/223
y f
Are designed to ensure that systemsoftware is effectively implemented,
maintained, and protected fromunauthorized changes
System software includes such things
as operating systems, utilities, sorts,compilers, file management systems,security software packages, etc.
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
181/223
g y
Is access to programs and data adequately
secured?
Are only authorized changes made toprograms and data files?
Program and Data File Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
182/223
g y
Is the access level granted to employees
consistent with the duties that theyperform (need-to-know basis)?
Program and Data File Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
183/223
g y
Is access to programs and dataterminated when employees separate
from the university?
Program and Data File Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
184/223
g y
Are unauthorized attempts to access thesystem monitored?
Followed-up on?
Program and Data File Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
185/223
g y
Is access to file servers, computers, etc.
physically restricted?
Are the hinges on doors on the inside oroutside?
Physical Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
186/223
g y
Are there any water pipes or sprinkler
systems located above sensitive computer
equipment?
Physical Security
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
187/223
g y
Is there a Business Continuity Plan
(Disaster Recovery Plan)?
Is it up-to-date?
Has it been tested recently?
Ever been tested?
Continuity of Operations
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
188/223
EDP General ControlsThings Commonly Looked At
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
189/223
How fast does the vendor respond to the
needs of the university?
Is the vendor dependable?
Vendor Relations
Types of Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
190/223
Preventive
Detective
Directive
EDP General Controls
Preventive, Detective or Directive
EDP Application Controls
Preventive, Detective or Directive
Types of ControlsEDPApplication Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
191/223
pp
Are the programmed controlprocedures in application software
(e.g. SCT products), and relatedmanual procedures, designed tohelp ensure the completeness,
accuracy, and authorization ofdata processed and stored
Types of ControlsEDPApplication Controls
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
192/223
Completeness and Accuracy of Input
Completeness and Accuracy of Updates
Authorization
Maintenance
Security
There are five categories of EDP ApplicationControl Procedures
EDP Application ControlsExamples Include
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
193/223
Computerized edit checks for data input into
the system, i.e. No ID for term selected
Matching sales orders against a master filecontaining credit information, such ascredit line limitations
Manual procedures to follow-up on itemslisted in exception reports
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
194/223
Everyone at Northwestern has a role in
regard to internal controls
Roles will vary depending on level of
responsibility and the nature ofinvolvement by the individual
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
195/223
A weak linkin the organizationalstructure can create a weakness in
the control system
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
196/223
The management board is responsible forproviding important oversight
Dr. Sally Clausen, President ULS
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
197/223
The President is responsible for providingleadership and direction to Vice Presidents and
Administrators
Dr. Randall J. Webb, President NSU
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
198/223
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
199/223
The President, along with Vice Presidents
and other senior administrators, are
responsible for establishing majoroperating policies that form the
foundation of the internal control system
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
200/223
Vice Presidents are responsible for
providing direction and oversight to
senior administrators in major
functional areas (e.g. colleges,
departments, auxiliary operations and
support services)
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
201/223
Deans, directors, and
department heads areresponsible for executing
those major institution-
wide control policies andprocedures
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
202/223
Deans, directors, and
department heads are
responsible for designingand implementing control
systems at detailed levels
within their specific units
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
203/223
Managers and other
supervisory personnel are
responsible for executing
control policies and
procedures at detailed
levels within their specific
units
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
204/223
Each individual within a
unit is responsible forbeing cognizant ofproper internal controlprocedures associatedwith their specific job
responsibilities
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
205/223
Internal auditors areresponsible for examining
the adequacy andeffectiveness of theUniversitys internalcontrols, and making
recommendations wherecontrol improvements are
needed
Internal ControlsResponsibility For
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
206/223
Internal auditors contribute to theeffectiveness of the controls, but they are
not responsible for establishing ormaintaining them
Internal Controls And Internal Auditors
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
207/223
Internal auditors are a part of the
internal control system, not the whole
system
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
208/223
Internal Auditing is an independent,
objective assurance and consultingactivity designed to add value and
improve an organizations
operations.
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
209/223
Assurance Services
An objective examination of evidencefor the purpose of providing an
independent assessment on risk
management, control, or governanceprocesses for the organization.
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
210/223
Financial Engagements
Performance Engagements
Compliance Engagements
System Security Engagements
Due Diligence Engagements
Assurance ServicesExamples Include
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
211/223
Consulting Services
Advisory and related client serviceactivities, the nature and scope of
which are agreed upon with the clientand which are intended to add value
and improve the organizationsoperations.
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
212/223
Consulting ServicesExamples Include
Counsel Advice
Facilitation
Process Design
Training
Internal Controls And Internal Auditing
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
213/223
Internal Auditing helps an organization
accomplish its objectives by bringing a
systematic, disciplined approach to evaluateand improve the effectiveness of
Risk management
Control
Governance Processes
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
214/223
Appraise the adequacy of the internal
control system
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
215/223
Verify the existence of University
assets, noting whether or not the assets
are properly safeguarded
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
216/223
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
217/223
Perform agreed-upon procedures forclients (departments) that add value
and improve operations of the overallorganization
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
218/223
Act as an in-house consultant on
internal control matters
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
219/223
Submit timely audit reports tomanagement, encompassing audit
findings and recommendations forcorrective action
Internal Controls And Internal AuditorsTypical Internal Audit Functions
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
220/223
Perform special projects
or investigations as
requested by managementand board staff or as
mandated by internal
audit charter and IIACode of Ethics
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
221/223
Internal Controls And Internal Auditors
Internal Auditors Should NOT
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
222/223
Direct personnel to take
corrective action to
audit recommendations
The adoption of audit recommendations is encouraged;
however, acceptance of audit suggestions is the
responsibility of operating management
-
8/8/2019 36336510 ACCA F8 Audit Internal Controls Slides
223/223
THE END