Term
| Internal Control Objectives |
|
Definition
| Compliance with laws and regulations, reliability of financial reporting, efficiency and effectiveness of operations |
|
|
Term
| Sarbanes-Oxley Section 404 |
|
Definition
Management of all public companies must issue an internal control report (seperate from audit report) that include...
- Acknwledgement of responsibility for internal controls
- Results of an annual internal control assesment
|
|
|
Term
|
Definition
Integrity and ethical values
Commitment to competence
Board of director or audit committee partcipation
Managemet's philosophy and operating style
Organizational structure
Human resource policies and practices |
|
|
Term
| Components of Internal Control |
|
Definition
Control Environment
- Risk Assessment, control activites, information and communications, monitoring
|
|
|
Term
|
Definition
- Identify factors that may increase risk
- Estimate the significance of the risk
- Assess the likelihood of the risk occurring
- Determine actions necessary to manage the risk
|
|
|
Term
|
Definition
- Adequate separation of duties
- Proper authorization of transacations and activities
- Adequate documents and records
- Physical control over assets and records
- Independent checks on performance
|
|
|
Term
| Information and Communication |
|
Definition
| All invoices are related to sales, all sales are related to invoices. |
|
|
Term
|
Definition
| Monitoring activites, typically performed by the internal audit department, deal with the management's ongoing and periodic assessment to determine whether contorls are operating as intended |
|
|
Term
| Evaluating Internal Controls |
|
Definition
- Obtain and document understanding of internal control design and operation
- Assess control risk
- Design, perform, and evaluate tests of controls
- Determine nature, timing and extent of substantive tests
|
|
|
Term
| Obtain and Document an Understanding of Internal Controls through... |
|
Definition
- Inquiries of client employees
- Review of policy and procedure manuals
- "walkthroughs" of transactions - going through all sales transactions
Document understanding through
- Narratives
- Flowcharts
- Questionnaires
|
|
|
Term
| Assess Control Risk Based on Design of the System |
|
Definition
Evaluate overall control environment
- Board of directors and audit committee
- Internal audit department
- Training and competence of personnel
- Budgeting procedures
|
|
|
Term
| Perform Tests of Controls |
|
Definition
See if controls are working as designed
- Inquiries
- Observation
- Review of documents
- Reperformance
|
|
|
Term
|
Definition
Assesments below maximum must be documented
- Control deficiences must be identified
- Significant deficiences or material weakness will impeded the auditor's ability to rely oncontorls in substantive testing.
|
|
|
Term
| Evaluating Control Deficiencies |
|
Definition
- Identify existing controls
- Identify the absense of key controls
- Consider the possibility of compensating controls
- Decide whether there is a significant deficiency or material weakness
- Determine potential misstatements that could result
|
|
|
Term
Evaluating Control Deficiences
|
|
Definition
Control Deficiency
- The design or operation of controls does not prevent or detect misstatemnts on a timely basis
Significant Deficiency
- One or more control deficienes exist that are less severe than a material weakness, but important enough to merit attention by the board
Material Weakness
- A significant deficiency, by itself or in combo with others, results in a reasonable possibility that internal contorls will not prevent or detect material misstatements on a timely basis.
|
|
|
