financial audit autonomous bodies internal control and risk assessment session 1.8 1 internal...
TRANSCRIPT
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
1
Internal Control and Risk Assessment
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
2
Session overview
• Auditing is a responsible job. Users of financial information depend on the Auditor’s professional judgment that information contained in them can be relied upon.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
3
Session overview
In order to be sure that all the transactions are portrayed in the financial statements, the Auditor can check cent percent transactions. While this is possible, the exercise can be expensive and time consuming. Instead, the Auditor usually select a sample, from out of a given population of transactions, subject the sample to detailed check and from his observations, arrive at his audit conclusions. This not only reduces the audit cost but also reduces the time required for audit, and at the same time give a sufficient assurance to the Auditor.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
4
Session overview
The problem that Auditor’s face is the selection of the size of the sample. Bigger the sample size, closer will be his observations to the entire population, but it will result in higher audit cost and longer time requirement. A smaller sample size will involve lower audit cost and lesser time requirement but the assurance level from such a sample may be lower.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
5
Session overview
• With a view to keep the audit costs and time for audit within reasonable limits, the Auditor, while selecting a sample size, makes a risk assessment of the entity or of a particular class of transactions and has a closer look at the available internal controls in place and operating in the entity.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
6
Session Coverage
During this session we will discuss internal controls in an entity and risk assessment for
audit purposes.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
7
Learning Objective
• At the end of this session the learner will be able to state the various internal controls in place in an entity and basis of risk assessment made by an Auditor during his audit work, to the extent that he can apply these principles as an Auditor while conducting Financial Audit.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
8
Internal Controls-Types
• Organization
• Key personnel
• Segregation of duties
• Physical
• Internal audit
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
9
Components of Internal Control
• Authorization and approval
• Arithmetical and accounting
• Personnel
• Supervision
• Management
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
10
Components of Internal Control
• Documented rules, regulations and procedures • Financial Reporting including Management
Information Systems • Accounting estimates • Selection and application of accounting
principles • Management’s overall financial statement
presentation
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
11
Assessing the entity’s overall control environment
• Understanding the Control Environment
• Understanding Risk Assessment
• Understanding the Control Activities
• Understanding Information and Communication
• Understanding Monitoring
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
12
Identify Key Controls
• Preventive Controls
• Detective Controls
• Organizational Controls
• Supervisory Controls
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
13
Controls over the Completeness and Accuracy of
Transactions • Sequence Checking
• Comparison
• Control Totals
• Reperformance
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
14
Authorization Controls
• General Authorization
• Specific Authorization
• Controls Designed to Safeguard Assets
• System Development Controls
• Documentation Controls
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
15
Limitations of Internal Control
• Individual deceit;
• Collusion;
• Overriding higher management;
• Human error
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
16
Techniques for Documenting Internal control
• Internal control - Narrative Description ;
• Internal control system - flow chart
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
17
Internal Controls-Testing
• Characteristics of a Good Test :• be drawn up for each system to be
evaluated ;• have its tests cross-referenced to the
specific controls in the systems to which they relate.
• be revised after any major changes in the controls.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
18
Internal Controls-Testing
• Characteristics of a Good Test :• be drawn up for each system to be
evaluated ;• have its tests cross-referenced to the
specific controls in the systems to which they relate.
• be revised after any major changes in the controls.
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
19
Risk Assessment
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
20
Basic Concepts
• Inherent Risk-
• Internal Control Risk-
• Detection Risk
• Overall Audit Risk
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
21
Risk Model
• The risk model can be expressed by the equation:• OAR = IR x CR x DR,• where: OAR = overall audit risk ;• IR = inherent risk ;• CR = internal control risk; and• DR = detection risk.• OAR is sometimes called as “Desired Audit Risk
(DAR).
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
22
Inherent Risk - Assessment
• -significance of audit adjustments and differences waived during the audits of prior years;
• - complexity of underlying calculations of accounting principles;
• - the susceptibility of the asset to material fraud or misappropriation;
• - experience and competence of accounting personnel responsible for the component;
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
23
Inherent Risk - Assessment
• - judgement involved in determining amount;• - mix and size of items subject to the audit test;
and • - the degree to which the financial circumstances
of the company may motivate the entity’s management to misstate the component in regard to this assertion
• - integrity and behavior of management• -management turnover and reputation
Assess
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
24
Internal Control Risk- Assessment
• affected by the strength and the effectiveness of internal control;
• Prepare and check narrative descriptions, questionnaires, check lists, flow charts, inspection, inquiries, observation and re-performance of internal controls;
• During the preliminary assessment of control risk, we should evaluate both the control environment and the control systems.
• 24
Financial Audit Autonomous Bodies Internal Control and Risk Assessment Session 1.8
25
Preliminary Systems Examination
• Questions are designed to obtain fundamental information to give a broad assessment as to:
whether the activities undertaken by the audited body are in accordance with statutory and other authorities
whether the audited body’s structure is likely to ensure adequate internal control
the adequacy of general financial controls whether employees in areas critical to
internal controls are competent