Please enable JavaScript.
Coggle requires JavaScript to display documents.
Nature of Audit Work (Responsibilities of different role-players:…
Nature of Audit Work
Responsibilities of different role-players:
Overall responsibility for internal control:
Board of Directors
:
Executive
has management responsibilities
works at the company on a daily basis ( full-time employee).
Non- executive
usually only present at the company for board/committee meetings (not full-time employee).
cannot take on management responsibilities (not there on a daily basis).
delegates
authority for internal control to management
responsibility of internal control to management.
Management
:
Designs & implements the internal control.
Have to keep in mind, whilst designing:
Objectives of Internal Control
COSO framework,it will be helpful in this regard.
Design should be adequate
Functioning should be effective
External Auditor
:
Expresses opinion
Reasonableness of Annual Financial Statements
Only examines controls related to AFS
Focuses on the evaluation of financial & accounting records
Internal Auditors:
Assess the adequacy, and
Tests the effectiveness of all internal control activities
Assist an organisation to evaluate & improve effectiveness & efficiency.
Controls in an information technology (IT) environment:
1.General Controls
relate to the IT environment as a whole.
these controls are software (application) specific
control the environment in which system and application software operates.
defined as having pervasive effects.
Example include:
organisational controls related to IT personnel
standard operating procedures for systems
system documentation controls
system development and program change controls
hardware & software controls
security controls related to IT
2.Application controls
relate to specific software programs and systems in the organisation .
these controls are designed to ensure:
completeness
accuracy
authorisation
validity of data captured and processed.
functioning of application controls relates directly to general controls being in place, to create an environment conductive to compliance with controls .
Edit checks
( important application controls for the structure).
checks programmed into a system or software program to ensure that errors in data will be detected.
Examples:
reasonableness tests
limit tests
check digits
value tests
alphanumerical tests
Divided into:
Input controls
Processing controls
Output controls
Advantages of internal control
:
Internal control can assist an organisation to:
promote reliable financial reporting
ensure compliance with legislation and regulations
prevent resource losses
prevent the reputation of the organisation becoming tarnished and the related results.
achieve its goals for profitability and outputs
internal control can assist the organisation to attain its goals - to get where it wants to be - and at the same time avoid surprises and threats along the way.
Limitations of internal control:
Internal control cannot do either of the following:
Ensure an organisations success
Internal control can assist an organisation to be successful,but cannot ensure success.
Internal control can identify weaknesses,but cannot change management from good to bad.
Factors such as, government policy & economic factors are beyond the scope of internal control activities.
Ensure the reliability of financial reporting & compliance with legislation and regulations
A system of internal control ,no matter how well it has been designed , can only give reasonable ,but not absolute assurance concerning the attainment of goals.
Certain limitations are inherent to all structures of IC,such as:
ordinary errors being made
collusion between two or more persons invalidating the structure of internal control
faulty judgement being applied in the decision making process
management having the ability to override the structure
the design of a system of internal control being limited by available resources.