[go: up one dir, main page]
Scribd
Upload
62 views2 pages

Audit Internal Control Guide

The document discusses the importance of studying a company's internal controls when conducting an audit. It defines the components of internal control and explains how auditors assess control risk and how that assessment impacts the audit approach. The document also outlines the steps auditors take to understand internal controls, techniques for documenting that understanding, and how to communicate issues found in internal controls to a company's management.

Uploaded by

Yogun Bayona
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
62 views2 pages

Audit Internal Control Guide

The document discusses the importance of studying a company's internal controls when conducting an audit. It defines the components of internal control and explains how auditors assess control risk and how that assessment impacts the audit approach. The document also outlines the steps auditors take to understand internal controls, techniques for documenting that understanding, and how to communicate issues found in internal controls to a company's management.

Uploaded by

Yogun Bayona
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

IX.

Module for: Study and Evaluation of Internal Control


Schedule: Week 10 – Week 11

Overview
Auditing process requires that internal control be considered in the evaluation of the client. In studying
the internal control, it is necessary that the auditor knows the different components of the internal
control which is necessary in the planning of the audit. It is also important that control risk be assessed
and its implication to the rest of financial audit. Any deficiencies identified in the internal control need to
be considered for proper disposition and changes in the audit plan.

Failure to understand the topics contained in this module can hamper the understanding and
comprehension of the succeeding topics, as this module contains the basic information and knowledge
to link all the succeeding topic as a whole body of knowledge for Assurance Engagement, which
encompasses the attestation, audit, and other related assurance services.

Learning Outcome
At the end of this module, the students should be able to:
● Define the internal control.
● Discuss the importance of internal control system and identify is components.
● Describe how control risk is assessed, and the implications of the result of the assessment to the
rest of the audit.
Activities/ Tasks

Topic: Study and Evaluation of Internal Control

The Internal Controls


Technically, the internal controls are the processes and procedures that are designed and affected by those
charged with governance, management, and other personnel to provide reasonable assurance about the achievement
of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and
the compliance to laws and regulations.

The importance of an internal control system


Every organization has its own vision, mission statements that guides the objectives that it wants to achieve
and strategies for achieving them. The objectives maybe set for an entity as a whole, or be targeted to specific
activities within the entity. Internal controls ensure, with reasonable assurance, that the objectives for operations,
financial reporting, and compliance are met.

The component of the internal control


Based on (Committee of Sponsoring Organizations of the Treadway Commission) COSO Integrated
Framework, there are five components of an internal control:
● Control Environment.
● Entity’s Risk Assessment Control.
● Control Procedure and Activities.
● Information System and Related Business Processes Relevant to Financial Reporting and
Communication.
● Monitoring of Controls

The basic approach to planning an audit based on an understanding of internal control.


The Study and evaluation of an internal control maybe summarized into five steps
● Obtain an understanding of the clients’ internal control.
● Make preliminary assessment of the control risk.
● Make the appropriate responses to the assessed risk of material misstatement.
● Reassess control risk.
● Determine the nature, extent and timing of substantive tests.
Know the techniques that may be used to document the auditor’s understanding of an entity’s internal control.
Narrative memorandums, internal control questionnaires, and flow charts maybe used. PSAs do not
prescribed a particular format for documenting the auditors’ understanding of an entity’s internal control.

How control risk is assessed, and the implications of this assessment to the rest of the financial statement audit
process.
The control risk may be assessed as HIGH (if the relevant internal control are deemed to be ineffective) or
LOW (if the control measures are deemed to be potentially reliable). As the assessed level of control risk increases, the
amount of the substantive tests should also increase.

The responses to the combined assessment of inherent risk and control risk.
Basically, there are two responses: an overall response and a response at the assertion level. Overall
responses may include the addition of more experienced members into the team, or the inclusion of more elements
of unpredictability in the auditrs procedures, or the ise of more professional skepticism, Responses at the assertion
level include the performance of tests of controls and the revision of audit programs for substantive tests after
reassessment of control risk is finished.

The different way to test the effectiveness of internal controls.


The test of controls may be performed by using inquiry, inspection, observation, and/or reperformance.

The proper disposition of significant deficiencies in internal control.


An auditor is required to communicate in writing any significant deficiencies in internal control identified
while performing an audit.

Risk Management by the enterprise as part of their integrated framework.


The Enterprise Risk Management (ERM) COSO framework emphasizes the importance of identifying and
managing risks across the enterprise. Enterprise risk management encompasses: aligning risk appetite and strategy,
enhancing risk responses decisions, reducing operational surprises and losses, identifying and managing multiple and
cross-enterprise risks, seizing opportunities, and improving deployment of the capital.

Post Assessment
1. Why is it important to study and evaluate the internal control of the client?
2. How does a high control risk assessment affect the conduct of the audit process?
3. How should the auditor communicate his/her findings to the clients (those charged with governance)
regarding the internal control?
Rating will be based on the following
Rate Description
50% Content/Idea development The discussion should be comprehensive and direct to the point.
Properly organized in presenting the flow of discussion
30% Originality Avoid plagiarism or copy-paste from the work of other students; at
least 75% original based on internet-based Plagiarism Checker. Example
Bibme.com
15% Grammar and Language Proper use of technical terms and construct of discussion
05% Format The writ-up should follow specific format indicated in the instructions.
Plus Factor: 05% for submitting the work on time.

You might also like