This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Chapter 06 - Internal Control In a Financial Statement Audit CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT Answers to Review Questions 6-1 From management's perspective, the internal control provides a way to meet its stewardship or agency responsibilities. Management also needs a control system that generates reliable information for decision-making purposes. The importance of internal control to the auditor is rooted in the second standard of fieldwork. The controls that are relevant to the entity's ability to initiate, record, process, and report financial data consistent with management's assertions are the auditor's main concern. The auditor needs assurances about the reliability of the data generated within the entity's internal control system in terms of how it affects the fairness of the financial statements and how well the assets and records of the entity are safeguarded. 6-2 The potential benefits and risks to an entity’s internal control from information technology include (see Table 6-1): Benefits : • Consistent application of predefined business rules and performance of complex calculations in processing large volumes of transactions or data. • Enhancement of the timeliness, availability, and accuracy of information. • Facilitation of additional analysis of information. • Enhancement of the ability to monitor the performance of the entity's activities and its policies and procedures. • Reduction in the risk that controls will be circumvented. • Enhancement of the ability to achieve effective segregation of duties by implementing security controls in applications, databases, and operating systems. Risks : • Reliance on systems or programs that inaccurately process data, process inaccurate data, or both. • Unauthorized access to data that may result in destruction of data or improper changes to data, including the recording of unauthorized or nonexistent transactions or inaccurate recording of transactions. • Unauthorized changes to data in master files. • Unauthorized changes to systems or programs. • Failure to make necessary changes to systems or programs. • Inappropriate manual intervention. • Potential loss of data. 6-1 Chapter 06 - Internal Control In a Financial Statement Audit 6-3 Internal control structure is composed of five components: 1. Control Environment : The control environment sets the tone of the organization, influencing the control consciousness of its people. It is the foundation of all other components of internal control, providing discipline and structure. 2. The Entity’s Risk Assessment Process : The process for identifying and responding to business risks and the results thereof. For financial reporting purposes, the entity’s risk assessment process includes how management identifies risks relevant to the preparation of financial statements that are fairly presented in conformity with generally accepted accounting principles, estimates their significance, assesses the...
View Full Document