Please enable JavaScript.
Coggle requires JavaScript to display documents.
Auditing - Internal Control - Coggle Diagram
Auditing - Internal Control
PART A - What is Internal Control?
Designed and operationalized by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of objectives.
Automated Controls - Embedded in company's entity performed automatically
Detective Controls - Detect errors that have occured
Manual Control - carried out by employees subject to human error
Preventative Controls - Prevent error occurring
PART B - COSO Internal Control Framework
1985 Threadway commission formed to investigate financial reporting fraud. COSO was developed for guidance relating to internal controls- published 1992
Control procedures
prevent, detect, correct
Info & communication
understand the controls and financial reporting systems, classes of transactions and procedures
Risk assessment
consider the risk of material misstatement, identity business and audit risks, estimate significance, likelihood, actions to address
Monitoring procedures
Assess effectiveness of ongoing performance, monitoring function within organization -
weak internal control must be responded to
Control environment
Tone at the top
, considers overall culture of compliance, if management do not fully take it on board it will not work
PART C - Internal Control Environment
Identify risks, potential misstatements and enable them to design the nature timing and extent of the audit procedures
Reasonable assurance
can only be provided on controls because of inherent limitations including
:check:testing costs
:check:human error
:check:collussion between employees
:check: risk of over ride
:check: non routine transactions
The better the internal controls the less testing that needs to occur this will save time and money
Stage 3: Assess the internal control system
Stage 2: Ascertain the internal control system
Stage 4: Test
Stage 1: Identify risks and objectives
PART D - Financial Statement Assertions
Assertions are management representations. Categories of assertions are used by auditors to consider the different types of potential misstatements
Classes of transactions e.g., occurrence, completeness, accuracy, classification, cut off
Account balances at period end e.g., existence, completeness, valuation, classification, obligations, disclosure