10) Internal Control

Question 1

what must the auditor do if they discover deficiencies in internal controls?

Answer 1

if significant, address them and report to mgmt

Question 2

how can mgmt respond to inefficient controls?

Answer 2

developing and implementing new controls

Question 3

what are the two internal control objectives?

Answer 3

• integrity of information
• operational objectives

Question 4

what are the integrity of info objectives?

Answer 4

• validity
• accuracy
• completeness

Question 5

which controls will the auditors usually look at?

Answer 5

controls regarding misstatement of info in the FS

Question 6

what are the operational objectives?

Answer 6

• safeguarding of assets
• confidentiality
• compliance with laws
• economy, efficiency and effectiveness
• continuity of operations
• preventing fraud

Question 7

when is info valid?

Answer 7

when the underlying transaction is valid and ito mgmt policy

Question 8

when is info accurate?

Answer 8

when it has been calculated correctly and is in the correct account

Question 9

when is info complete?

Answer 9

when all info is recorded / none is omitted and in the a timely manner

Question 10

what is a business risk?

Answer 10

risks resulting from significant conditions/events that could adversely impact the business’s ability to achieve its objectives and achieve strategy

Question 11

what are two components of business risk?

Answer 11

• risk factor (from scenario)
• impact on objectives

Question 12

what are the two components of controls in a computerized environment?

Answer 12

• ITGC
• application controls

Question 13

what are all the ITGC?

Answer 13

• control environment
• systems development and implementation controls
• access controls
• continuity of operations
• systems software and operations
• documentation

Question 14

what are the three categories of application controls?

Answer 14

• manual independent
• manual dependent
• automated

Question 15

when do activity application controls occur?

Answer 15

• input
• processing
• output
• for masterfiles

Question 16

what is the purpose of internal control?

Answer 16

to provide reasonable assurance about the org’s ability to achieve its objectives

Question 17

what are the components of internal control?

Answer 17

• control environment
• risk assessment process
• information systems
• control activities
• monitoring of controls

Question 18

what are some of the risks for controls?

Answer 18

• mgmt override
• cost > benefit
• human error
• lose effectiveness over time