Study Guides (290,534)
CA (139,006)
Concordia (2,222)
ACCO (74)
Midterm

ACCO 450 Study Guide - Midterm Guide: Fraud, Internal Audit, Internal ControlPremium

13 pages77 viewsFall 2015

Department
Accountancy
Course Code
ACCO 450
Professor
Stanley Schulman
Study Guide
Midterm

This preview shows pages 1-3. to view the full 13 pages of the document.
CHAPTER 7 & 9
INTERNAL CONTROLS ASSESSMENT AND TESTING
Internal Control System
Purpose
Policies & procedures designed to provide management with reasonable assurance that company achieves its
objectives & goals
Objectives
1. Reliability of financial reporting
2. Efficiency and effectiveness of operations
3. Compliance with laws and regulations
Perspective
Client
Maintain reliable control system
Safeguard assets
Optimize use of resources
Prevent and detect errors and fraud
Auditor
Evaluation of internal controls and associated control risk
Auditor considers only parts of internal control system that are relevant to audit (CAS 315)
Reliability of financial reporting
Safeguard assets
Fraud detection & prevention
Focus on transactions (input in financial reporting system)
COSO Internal Framework
Components
Description
Sub-Components
1. Control
Environment
Actions, policies & procedures that reflect overall
philosophy of top management/owners about control
“Umbrella” of other 4 components
Effective communication of control objectives
Supervision of personnel activities
“Tone at the top”
Role of corporate governance (BoD & Audit Committee)
2. Risk
Assessment
Identification and analysis of risks by management
Evaluation of significance and likelihood of these risks
Development of action plans to reduce risks to acceptable
level
3. Control
Activities
3a.
General
Organizational features
that have pervasive
impact on accounting
process & applications
along with impact on
effectiveness of
application level
control procedures
Examples of General Controls include
Capable personnel Performance reviews Supervision
Controlled access Periodic Comparison IT Controls
Segregation of responsibilities, where separate…
custody of assets from accounting
operational responsibilities from data recording
reconciliation from data entry
system/software development, maintenance &
modification from accounting
3b.
Application
Control procedures
performed at
application level
relating to input,
processing, and output
of accounting
information system
Application controls
Revenues/Receivables/Receipts ▪ Production & Payroll
Purchases/Payables/Payments ▪ Investment & Finance
System functions to be controlled
Transaction input & processing
Transactions, balances & disclosures output
***Control objectives (see table below)
4.
Information
System
This system has procedures for transactions to…
1. Identify and record all valid ones
2. Describe them for proper classification
3. Measure value of each one
4. Determine time period they belong to
5. Present them properly in F/S
5.
Monitoring
of Controls
Ongoing or periodic assessment of internal controls
Internal audit department providing independent assessments
Controls modified when necessary for
improvements
accommodating change in business conditions
You're Reading a Preview

Unlock to view full version

Subscribers Only

Only half of the first page are available for preview. Some parts have been intentionally blurred.

Subscribers Only
***Control Objectives***
Objective
Description
Related Management Assertions
Validity
Recorded transactions valid and documented
Existence • Ownership
Proper-period
Transactions recorded in proper period
• Existence • Completeness • Ownership • Presentation
Completeness
All valid transactions recorded, and non omitted
Completeness • Ownership
Accuracy
Transaction dollar amounts properly calculated
• Valuation
Classification
Transaction properly classified in accounts
Valuation • Presentation
Authorization
Transactions authorized according to company policy
Existence • Valuation • Ownership
Accounting
Transaction accounting complete
Valuation • Presentation
Assessment of Control Risk
Auditor must obtain understanding of client’s internal controls
Assessment must be
Sufficient to
…conduct initial assessment of controls
…plan audit work
Procedures for
Understanding Internal
Controls
Perform transaction walk through
Inquire about personnel (management, supervisor & staff)
Review prior year working papers
Inspect documents such as policy and system manuals (code of conduct, accounting manuals, records etc.)
Observe activities and procedures
Documentation methods
Method
Description
Components
Narrative (N)
Written description of client’s internal controls
Includes the following 4 components
Origin of every document and record in system
All processing that takes place
Disposition of every document and record in system
Indication of controls relevant to assessment of control risk
Flow Charts (FC)
Symbolic, diagrammatic representation of client’s
documents and sequential flow of organization
Includes 4 components from N
Concise overview of client’s system as analytical tool in evaluation
Use of FC & N dependent on relative…
…understanding by current & subsequent year auditors
…cost of preparation
Internal Control
Questionnaires
Series of questions about controls in each audit
area, including control environment, as means of
indicating to auditor aspects of internal control
potentially inadequate
Advantage
Ability to cover each audit area thoroughly and quickly at audit start
Disadvantage
Unable to provide overall view of client system; only individual parts
Internal control documentation software can overcome this
Initial Effectiveness & Assessment and Audit Decision
Design Effectiveness
1. Assess if internal controls are present for each audit objective
2. Identify key controls
3. Examine potential weaknesses and existence of compensating controls for those weaknesses
Assessment
• Maximum (100%) • High • Moderate • Low
Testing of Controls (ToC)
Auditor’s Decision
Must decide on trade-off between cost of tests of controls and substantive tests
If too costly for tests of controls Assume CR is 100%, thus do not rely on and test internal controls
If CR moderate to low Plan to rely on effectiveness of controls will have to be tested (tests of controls)
ToC Procedures
Obtain evidence to cover all (or most) of the period of audit
Inquiries Inspections (docs) Observation Transaction walkthrough (sample) Re-performance client procedures
Yearly Testing
Required?
Main Considerations
Effectiveness of general IT controls
Results of tests of controls in prior audit
Significant changes in internal controls compared to prior audit (M&A, new IT system, high turnover in internal audit)
Other Considerations
Establish relevance of previous audit evidence (inquiry & observation)
If high RMM for given audit objective, corresponding control MUST be tested during current period
If no significant change, test individual controls every 3rd year and test subsample of controls yearly
Communicating
about Internal
Controls (IC)
If auditor identifies
material IC weakness Send Internal Control Letter to audit committee; if none, to BoD/owner-manager
less significant IC matters and opportunities for IC improvements Send Management Letter to management
You're Reading a Preview

Unlock to view full version

Subscribers Only

Only half of the first page are available for preview. Some parts have been intentionally blurred.

Subscribers Only
CHAPTER 10 AUDIT SAMPLING
Chapter 10 Part 1
Audit Sampling
Method of estimating value or quality of a population by examining only a portion of it
Used when time and cost to audit entire population would be too great
Nearly impossible for auditor to look at everything
Representative Sampling
When characteristics of sample are approximately same as those of population
Non-Representative Sampling
Occurs when working with samples
Sampling Risk
Non-Sampling Risk
Definition
Risk that sample does not represent population
Risk that audit test will not uncover errors in sample
Components
1. Alpha Risk
Auditor concludes population is worse than it is
Issue with efficiency
2. Beta Risk
Auditor concludes population is better than it is
Issue with effectiveness
Primary concern for auditors
1. Lack of professional skepticism
2. Accounting risk
• Related to use of F/S estimate • Cannot Estimate
3. Use of ineffective audit procedures
• Insufficient/Incomplete testing • Execution mistake
• Poor choice of procedures
4. Wrong interpretation of findings (not-recognized)
Measurable?
Measurable when using statistical sampling
Cannot be measured
How to Reduce
Unavoidable, but reduced by
Increase sample size
Use appropriate method for sample selection
Carefully planning & design audit procedures
Proper supervision and review
Types of Sampling
Statistical Sampling
Non-Statistical Sampling
Definition
Sampling that uses laws of probability for selecting and
evaluating a sample from a population
Sampling that uses professional judgement to select most
useful items to form sample
Advantages
Provides quantitative evaluation of sampling error
Provides more rigorous test results
Allows auditor to use judgement to determine sample size
and selection process to audit items of high value & risk
Can be designed equally effective and efficient as statistical
sampling, while being less costly
Disadvantages
Requires random sample selection (time consuming)
Requires additional training for audit team members
Cannot draw objectively valid statistical inferences from
results
Cannot quantitatively measure and express sampling risk
Selection
Methods
1. Unrestricted random selection
Random numbers (e.g. software generated numbers)
2. Systematic sample selection
Use of number intervals (select item every kth interval
with in population/sample size)
3. Monetary unit sampling (MUS) sample selection
Use dollar intervals; “one $” is a sampling unit
1. Direct sample selection
Items most likely to contain errors (at risk transactions) or
containing selected characteristics
Large dollar items
2. Block sample selection
Select block of transactions spanning both sides of year-
end date to test cut-off
3. Haphazard sample selection (manual "unbiased” selection)
Application of Sampling Audit Procedures
Audit Procedure
Purpose
Sampling Type
Tests of Controls
Evaluate if internal controls are effective
Attribute Sampling
Substantive tests
Gather direct evidence about year-end balances
Variables Sampling
You're Reading a Preview

Unlock to view full version

Subscribers Only

Loved by over 2.2 million students

Over 90% improved by at least one letter grade.