l5了解评估控制.pdfVIP

UNDERSTANDING AND ASSESSING INTERNAL CONTROLS BUSN7054 AUDITING ASSURANCE SERVICES LECTURE FIVE S2 2015 Chapter 7: Understanding and assessing internal control Figure 4.6: Audit risk Control risk  Control risk is the risk that a material misstatement could occur in an assertion and not be prevented or detected on a timely basis by the entity’s internal control.  If control risk is assessed at less than high, tests of control need to be performed to gain evidence that specific control activities have been effectively and consistently applied throughout the period under audit. Internal control objectives Internal controls are concerned with ensuring that:  risks are identified and minimised  management decision making is effective and business processes efficient  transactions are carried out in accordance with management’s authorisation  laws, rules and regulations are complied with  transactions are promptly and accura y recorded  access to assets is permitted in accordance with management’s authorisation  asset records are compared with existing assets at reasonable intervals. Types of internal controls  Preventative controls—internal controls that are used to prevent undesirable events or errors.  Detective controls—internal controls that are used to identify events or errors if they have occurred. Figure 7.2 Operation of controls Characteristics of satisfactory internal control  Controls used to monitor and minimise business risks.  Segregation of patible duties and responsibilities.  System of authorisation, recording and procedures adequate to provide control over assets, liabilities, revenues and expenses.  Sound