[go: up one dir, main page]
Scribd
Upload
773 views21 pages

Chapter 1 Auditing and Internal Control PDF

This document discusses different types of audits including external, internal, and fraud audits. It provides details on: - External audits being required for public companies and regulated by various standards organizations. - Internal audits examining activities within an organization and representing its interests. - Fraud audits investigating anomalies and gathering evidence of fraud. The roles of audit committees and standards that auditors must follow are also summarized.

Uploaded by

Denmarc John Aragos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
773 views21 pages

Chapter 1 Auditing and Internal Control PDF

This document discusses different types of audits including external, internal, and fraud audits. It provides details on: - External audits being required for public companies and regulated by various standards organizations. - Internal audits examining activities within an organization and representing its interests. - Fraud audits investigating anomalies and gathering evidence of fraud. The roles of audit committees and standards that auditors must follow are also summarized.

Uploaded by

Denmarc John Aragos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

AUDITING &

INTERNAL CONTROL
PIQUERO|MAGATAO|COMPENDIO
• Information Technology (IT) developments
have had a tremendous impact on auditing.
• Business organizations undergo different
types of audits for different purposes.
• Most common are external (financial) audits,
internal audits and fraud audits.

AUDITING
• Independent attestation performed by and expert
(i.e., CPA) who expresses and opinion regarding
the fair presentation of financial statements.
• Required by SEC for ALL public companies.
• Basis of public confidence in financial
statements.
• Strict rules must be followed.
– Defined by SEC, FASB, AICPA and SOX.

EXTERNAL AUDITS
• SOX greatly restricts the types of non-audit
services auditors may render to audit clients.
– Unlawful to provide many accounting,
financial, internal audit, management, human
resource or legal services unrelated to the
audit.

ATTEST SERVICE VS. ADVISORY


SERVICE
• Internal auditing is an independent appraisal function to
examine and evaluate activities within, and as a service
to, an organization. (Institute of Internal Auditors)
• Internal auditors perform a wide variety of activities
including financial, operational, compliance and fraud
audits.
• Auditors may work for the organization or task may be
outsourced.
– Independence is self-imposed, but auditors represent
the interests of the organization

INTERNAL AUDITS
• External auditors represent outsiders while internal
auditors represent organization’s interests.
• Internal auditors often cooperate with and assist external
auditors in some aspects of financial audits.
– Extent of cooperation depends upon the independence
and competence of the internal audit staff.
• External auditors can rely in part on evidence gathered by
internal audit departments that are organizationally
independent and report to the board of director’s audit
committee.

EXTERNAL VS. INTERNAL


AUDITORS
• Recent increase in popularity as a corporate
governance tool.
• Objective to investigate anomalies and gather
evidence of fraud that may lead to criminal
convictions.
• May be initiated by management who
suspect employee fraud or the board of
directors who suspect executive fraud

FRAUD AUDITS
• Subcommittee of the board of directors
– Usually three members who are outsiders.
– SOX requires at least one member must be a
“financial expert”
• Serves as independent “check and balance” for the
internal audit function.
• SOX mandates that external auditors report to the
audit committee;
– Committee hires and fires auditors and resolve
disputes.

ROLE OF THE AUDIT COMMITTEE


(I)GENERAL QUALIFICATION
(II)FIELD WORK
(III)REPORTING.
• Specific guidance provided by AICPA
Statements on Auditing Standards (SASs)as authoritative
interpretations of GAAS.
– First one issued in 1972.
– If recommendations are not followed, auditor must be able to
show why a SAS does not apply to a given situation.
• Conducting and audit is a systematic and logical process that
applies to all forms of information systems.

AUDITING STANDARDS
GENERALLY ACCEPTED AUDITING
STANDARDS (TIPPIEGIDO)
• Auditors develop audit objectives and design audit
procedures based on these assertions.
• Auditors seek evidential matter that corroborates
assertions.
• Auditor must determine whether internal control
weaknesses and misstatements are material.
• Auditors must communicate the results of
their tests, including an audit opinion.

AUDITING STANDARDS
AUDIT OBJECTIVES AND AUDIT
PROCEDURES BASED ON MANAGEMENT
ASSERTIONS
AUDIT RISK MODEL: AR = IR x CR x DR
• The stronger the internal control structure, the
lower the control risk and the less substantive
testing the auditor must do.
• Substantive tests are labor intensive and time
consuming, which drives up audit costs and cause
disruption.
– Management’s best interests are served by a strong
internal control structure.

AUDIT RISK
THE IT AUDIT
• Management required by law to establish and maintain
adequate system of internal controls.

INTERNAL CONTROL
• Sarbanes-Oxley Act of 2002 (SOX) requires
management of public companies to implement adequate
internal control system over their financial reporting
process.
• Under Section 302:
– Managers must certify organization’s internal controls
quarterly and annually.
– External auditors must perform certain procedures
quarterly to identify any material modifications that may
impact financial reporting
• Section 404 requires management of public companies
to access the effectiveness of their internal control in an
annual report
• Internal control system comprises policies, practices,
and procedures to achieve four broad objectives:
Safeguard assets of the firm.
Ensure accuracy and reliability of accounting records
and information.
 Promote efficiency in the firm’s operations. –
Measure compliance with management’s prescribed
policies and procedures.

INTERNAL CONTROL SYSTEM


THE PDC MODEL
• The control environment is the foundation for the other four
control components and includes:
 Management integrity and ethical values, organizational
structure, board of director participation and management’s
philosophy and operation style.
• A risk assessment must be performed to identify, analyze and
manage financial reporting risks.

COSO INTERNAL CONTROL


FRAMEWORK
• An effective accounting information system will:
Identify and record all valid financial
transactions, provide timely information and
adequately measure and record transactions.
• Monitoring is the process by which the quality of
internal control design and operation can be assessed.
• Control activities are policies and procedures to ensure
actions to deal with identified risk.
Physical controls relate primarily to human activities
employed in accounting systems.
Information technology controls

You might also like