Control Testing and Control Risk
Control Testing and Control Risk
Control Testing and Control Risk
Operations Objectives
related to the effectiveness and efficiency of the
entity’s operations, including operational and
financial performance goals, and safeguarding assets
against loss.
INTERNAL CONTROL - Objectives
Reporting Objectives
elated to internal and external financial and non-
financial reporting to stakeholders, which would
encompass reliability, timeliness, transparency, or
other terms as established by regulators, standard
setters, or the entity’s policies.
INTERNAL CONTROL - Objectives
Compliance Objectives
related to adhering to laws and regulations that the
entity must follow.
Major Components of Internal Control
Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring
Major Components of Internal Control
Control Environment
“The control environment is the set of standards,
processes, and structures that provide the basis for
carrying out internal control across the organization.
The board of directors and senior management
establish the tone at the top regarding the importance
of internal control and expected standards of
conduct.”
Control Environment – Five Principles
NARRATIVES
A narrative is a written description of a client’s
internal controls. A proper narrative of an accounting
system and related controls describes four things:
1. The origin of every document and record in the
system. For example, the description should state
where customer orders come from and how sales
invoices are generated.
The Auditor’s Consideration of Internal Control
NARRATIVES
2. All processing that takes place. For example, if
sales amounts are determined by a computer program
that multiplies quantities shipped by standard prices
contained in price master files, that process should be
described.
The Auditor’s Consideration of Internal Control
NARRATIVES
3. The disposition of every document and record in
the system. The filing of documents, sending them to
customers, or destroying them should be described.
FLOWCHART
An internal control flowchart is a diagram of the
client’s documents and their sequential flow in the
organization. An adequate flowchart includes the same
four characteristics identified for narratives.
The Auditor’s Consideration of Internal Control
FLOWCHART
Flowcharts have two advantages over narratives:
typically they are easier to read and easier to update. It
is unusual to use both a narrative and a flowchart to
describe the same system because both present the
same information.
The Auditor’s Consideration of Internal Control