Chapter 06 - Internal Control In a Financial Statement Audit
CHAPTER 6
INTERNAL CONTROL IN A
FINANCIAL STATEMENT AUDIT
Answers to Review Questions
6-1
From management's perspective, the internal control provides a way to meet its
stewardship or agency responsibilities.
Management also needs a control system that
generates reliable information for decision-making purposes.
The importance of internal control to the auditor is rooted in the second standard of
fieldwork.
The controls that are relevant to the entity's ability to initiate, record, process,
and report financial data consistent with management's assertions are the auditor's main
concern.
The auditor needs assurances about the reliability of the data generated within
the entity's internal control system in terms of how it affects the fairness of the financial
statements and how well the assets and records of the entity are safeguarded.
6-2
The potential benefits and risks to an entity’s internal control from information technology
include (see Table 6-1):
Benefits
:
•
Consistent application of predefined business rules and performance of complex
calculations in processing large volumes of transactions or data.
•
Enhancement of the timeliness, availability, and accuracy of information.
•
Facilitation of additional analysis of information.
•
Enhancement of the ability to monitor the performance of the entity's activities and its
policies and procedures.
•
Reduction in the risk that controls will be circumvented.
•
Enhancement of the ability to achieve effective segregation of duties by
implementing security controls in applications, databases, and operating systems.
Risks
:
•
Reliance on systems or programs that inaccurately process data, process inaccurate
data, or both.
•
Unauthorized access to data that may result in destruction of data or improper
changes to data, including the recording of unauthorized or nonexistent transactions
or inaccurate recording of transactions.
•
Unauthorized changes to data in master files.
•
Unauthorized changes to systems or programs.
•
Failure to make necessary changes to systems or programs.
•
Inappropriate manual intervention.
•
Potential loss of data.
6-1
This
preview
has intentionally blurred sections.
Sign up to view the full version.
Chapter 06 - Internal Control In a Financial Statement Audit
6-3
Internal control structure is composed of five components:
1.
Control Environment
:
The control environment sets the tone of the organization,
influencing the control consciousness of its people.
It is the foundation of all other
components of internal control, providing discipline and structure.
2.
The Entity’s Risk Assessment Process
: The process for identifying and responding to
business risks and the results thereof.
For financial reporting purposes, the entity’s risk
assessment process includes how management identifies risks relevant to the
preparation of financial statements that are fairly presented in conformity with
generally accepted accounting principles, estimates their significance, assesses the
likelihood of their occurrence, and decides upon actions to manage them.
This is the end of the preview.
Sign up
to
access the rest of the document.
