Please enable JavaScript.
Coggle requires JavaScript to display documents.
SU6. CONTROLS: APPLICATION (6.3.MANAGEMENT CONTROLS (10. Reporting…
SU6. CONTROLS: APPLICATION
6.1.FLOWCHARTS & PROCESS MAPPING
Uses of flowcharts
a. graphical representations of step-by-step progression of information --> allow IA to analyse system & identify S&W, areas of audit emphasis
b. used in preliminary survey to gain understanding of client's processes & controls
Flowchart
symbols
3. Horizontal Flowcharts
(system flowcharts):
areas of responsibility
4. Vertical Flowcharts
(program flowcharts)
successive steps in a top-to-bottom format
6. Process Mapping
simple form of flowchart to depict a process
5. Data Flow Diagrams
show how data flow
lower-level details or higher level processes
6.2. ACCOUNTING CYCLES & ASSOCIATED CONTROLS
1. Internal controls
properly designed system of IC to reduce risk of errors & prevent individual fraud
organization structure & assignment of job duties: segregate functions
cost-benefit criteria must be considered
2. Segregation of duties
3 functions be performed by separate
individuals in different parts
Authorisation of transaction
Recording of transaction
Custody of assets associated with transaction
IC system designed to detect fraud by 1 person but NOT FRAUD BY COLLUSION OR MANAGEMENT OVERRIDE
**
3. Organizational hierarchy
refer to "adequate segregation of duties" in CIA review book
4. Accounting cycles
5 cycles
Sales on credit & receivables
Collection of cash from AR
Purchases on credit & AP
Payment (disbursement) to satisfy AP
Payment of employees for work & allocation of costs
b. Some duties may combined
REFER TO DETAILED FLOWCHARTS IN BOOKS (VERY IMPORTANT)
6.3.MANAGEMENT CONTROLS
1. Roles & responsibilities
a. Management
CEO: set the tone at the top
CAO: crucial role to play
b. BODs
reflect integrity & ethical values
capable of objective judgement, knowledge in industry, question management's decision
important subcommittee: Audit/Compensation/Finance/Risk
c. Internal Auditors
consulting & advisory role
evaluate soundness of IC
independent in conducting review
d. Other personnel
must be involved in IC & perform control activities
expected to inform higher when controls are not functioning as intended
2. Imposed control & Self-control
Imposed control
:
traditional, mechanical approach
measure performance against standards --> take corrective action
drawback: come after performance
Self-control
evaluate entire process of management and functions
Help to improve process instead of correcting
3. Alternative definition of control
Sawyer's difinition
4. Organization
approved intentional structuring of roles assigned --> it can achieve objectives efficiently and economically
Responsibilities: none controls all phases
Managers: authority to take action
Individual responsibilities: clearly defined
Effective system of follow up for delegation
Delegated person: authority without close supervision
Responsible for discharged parts
Organization: flexible enough
Organizational structures: as simple as possible
Organizational structures and manuals: should be prepared
5. Policies
stated principle that requires, guides, restricts actions
Clearly stated in writing in systematically organized handbooks, manuals...
Communicated to all offcials & appropriate employees
Conform with applicable laws & regulations
Designed to promote conduct of authorized activities
Periodically reviewed
6. Procedures
methods used to carry out activities in conformity with prescribed policies
Same principles as Policies
To reduce possibility of frauds & errors --> in procedures: 1 employee's work is automatically checked by other independent person
Non-mechanical operations: not be so details
as simple and inexpensive as possbile
no overlapping, conflicting, duplicative
Periodically reviewed and improved
Personnel
New employees: honesty & reliability
Given training, keep informed new polcies & procedures
Given information on duties & responsibilities of other segments --> better understanding their jobs
Performance should be reviewed periodically
8. Accounting
Fit needs of managers for rational decision making
Based on lines of responsibility
Financial reports should parallel organizational units of operations
Should permit controllable costs to be identified
9. Budgeting
Who are responsible for meeting budget should participate
Those responsible for meeting budget should be provided adequate information (compares budgets & actual events, reason for variances)
Subsidiary budget should tie into overall budget
Budgets should set measurable objectives
Budgets help sharpen organizational structure
10. Reporting
Reports made in accordance with assigned responsibilities
Individuals/units: required report on their responsibilities only
Cost-benefit must be considered
Reports should be as simple as possible
Performance reports should show comparisons with predetermined standards of cost, quality & quantity. Controllable costs be segregated
When performance can not be quantified, reports should mention exceptions require management attention
Report must be timely
Report recipients should be reviewed periodically