Textbook Notes (280,000)
CA (170,000)
SFU (6,000)
BUS (1,000)
BUS 426 (30)
Chapter 8

BUS 426 Chapter Notes - Chapter 8: Audit Risk, Internal Control, Internal Audit


Department
Business Administration
Course Code
BUS 426
Professor
Craig Emby
Chapter
8

This preview shows pages 1-2. to view the full 6 pages of the document.
Chapter 8
Internal Control and Control Risk
Internal Control
- The policies and procedures instituted and maintained by the management of an entity in order to
provide reasoale assurae that aageet’s ojetives are et
- Management designs systems of internal control to accomplish the following broad objectives
o Strategic, high-level goals that support the mission of the entity
o Reliability of financial reporting
o Efficiency and effectiveness of operations
o Compliance with laws and regulations
Management Responsibilities
- Different between management and auditor
o Maageet ust estalish ad aitai the etit’s iteral otrol
o Management is required to publicly report on the operating effectiveness of internal controls over
financial reporting (NI 52-109)
Auditor’s Responsibilities
- Resposile for uderstadig the etit’s iteral otrol relevat to the audit
- Sequence
1. Otai a uderstadig of the liet’s iteral otrol sste eistee
2. Decide on whether it would warrant reliance if it works as advertised
If yes, test it (effectiveness and continuity)
Entity-Level Controls
- Controls that are implemented for multiple transaction cycles or for the entire organization
- Controls that are pervasive in nature and do not address particular transaction cycles, but may prevent
or detect and correct misstatement in several cycles
o Written policy manuals
Transaction Controls
- Controls that are implemented for specific transaction risks
- Are designed to specifically prevent or detect and correct misstatement in classes of transactions,
account balances, or disclosures and their related assertions
o Prenumbered sales invoices
Transaction Related Audit Objectives and Assertions
- Indicates that five audit objectives must be met before the auditor can conclude that the total of any
given class of transaction is fairly stated
o Occurrence, completeness, accuracy, cutoff, and classification
find more resources at oneclass.com
find more resources at oneclass.com

Only pages 1-2 are available for preview. Some parts have been intentionally blurred.

- The internal control system should serve the objectives of supporting the management assertions, as
stated above
- The study of internal control focuses on transactions rather than balances
Five Components of Internal Control
- Defined by CAS 315
o Control environment
The foundation of effective internal control
Addresses governance and management functions, as well as the attitudes, awareness,
and actions, concerning internal control and its importance
o Risk assessment
The process of identification and analysis of risk relevant to the preparation of the
financial statements in conformity with an applicable financial reporting framework
o Control activities
Actions established by policies and procedures to mitigate risks for everyday activities
related to transaction processing and safeguarding assets
o Information and communication
Etit sstes that are used to iitiate, reord, proess, ad report the etit’s
transactions, events, and conditions and to maintain accountability for the related assets
o Monitoring
Maageet’s ogoig ad periodi assesset of the quality of internal control
performance to determine that controls are operating as intended and modified when
needed
Control Activities
- Transaction controls
o Control activities implemented to mitigate transaction processing risk for specific business
processes
o Should be a combination of preventive and detecting controls
Preventive controls designed to avoid errors or irregularities
Detective controls that identify errors or irregularities after they have occurred, so
corrective action can be taken
Control over the Business Process
- Business process (application system)
o The set of manual and/or computerized procedures that collect, record, and process data and
report the resulting output
- Typical controls of the business processes would include
o Adequate segregation of duties
o Proper authorization of transactions and activity
o Adequate documents and records
o Physical and logical control of assets and records
find more resources at oneclass.com
find more resources at oneclass.com
You're Reading a Preview

Unlock to view full version