Rely on Internal Controls
Why?
To identify entity-level & transaction controls
Assess effectiveness of IC…what is the risk that they are not operating well?
Rely on Internal Controls
How
Thoroughly understand client operations, industry, economy
Interview client, tour operations
Identify ICs within Business Processes by creating or reading documentation
Evaluate IC – strength or weakness
3 phases of Control valuation
- Understand client’s internal control system
Identify what controls exist at the entity-level and transactional level - Assess control risk by identifying controls strengths & weaknesses in the AIS.
- Testing controls to prove control risk.
Entity vs. Transactional Controls
Entity
Throughout the entire organization
Transaction
Affect a particular transaction
Respond to WCGW with transactions
Must be sensitive enough to prevent or detect
Classes of Transactions
Companies make money by creating value
- Making products
- Providing a service
Companies do this via a series of activities (business process) in the value chain
These activities are reported in the f/s
- Purchase inventory: dr inventory cr cash
- Sell inventory: dr COGS cr inventory
Classes of transactions is the grouping of routine transactions
Prevent vs. Detect Controls
Prevent
Applies to each transaction
Before / during the transaction
Evidence of the effectiveness may not be available
Dependent on IT controls
Prevent vs. Detect Controls
Detect
Applies to a group of transactions After the transaction Vary greatly Need to be sensitive, consistent and timely Dependent on prevent controls
Types of Internal Controls
Manual
IT General Controls
Automated
Combination
IT General Controls to ensure:
Effective Management of the IT Department
- Governance - personal practices, how department is run
- Segregation of duties
- Contracts are signed with qualified 3rd party service providers
Accurate Processing of Data
- Access to programming & applications is limited
- Formal change management procedures for program changes
- Training of Staff & input controls
- Testing of applications
Prevent Unauthorized Access to Data
- Physical environment and physical security of the system
- Logical security
- Business Continuity
Types of Application Controls
Input Controls
Processing Controls
Output Controls
Input Controls
Ensure information is reliable
Mandatory fields
Checks – range, validity
Observation by competent staff
Processing Controls
Ensure correctly classified & summarized
Logic is working as intended
Batch Totals
Programs tested
Exception reports
Output Controls
Ensure completeness & security of information
Reconciliations
Output is Limited
Performance reviews
Strengths of IC
Successfully prevents errors from occurring
Sensitive enough to detect errors & correct them
Operates consistently throughout the year
Weaknesses of IC
Absence of a control
Not operating consistently throughout the year
Not being performed by a competent person, or one with skepticism
Objectives of IC for Financial Reporting
Completeness
Recorded – omission of transactions will be prevented or detected
Accuracy
Classified – transactions are recorded in the right account
Summarized – transactions are summarized & totaled correctly
Posted – accumulated totals in special journals are transferred to the Sub-ledger and G/L correctly
Timely – transactions are recorded in the correct accounting period
Valuation
Valued – correct amounts are assigned to transactions
Existence
Real – fictitious or duplicate transactions are not included
-
Week 121
-
Week 225
-
Week 313
-
Week 412
-
Week 515
-
Week 614
-
Chapter 147
-
Chapter 247
-
Chapter 337
-
Chapter 433
-
Chapter 537
-
Learning Outcomes13
-
Possible test questions20
-
Extra22
-
Last minute3
-
Week 88
-
Week 916
-
Week 1011
-
Chapter 743
-
Chapter 627
-
Chapter 825
-
Chapter 1054
-
Week 1219
-
Chapter 1140
-
Week 1314
-
Week 1115
-
Assertions33
-
Final Exam30
