SlideShare ist ein Scribd-Unternehmen logo

Sppt chap003

Als PPTX, PDF herunterladen
A
Awais Ahmed

Accounting Information System

Internet
1 von 21
Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Chapter 3 Internal Controls
3-2 Outline • Learning objectives • Internal control definition • Internal control purposes • Risk exposures • Risk / control matrix • COSO framework
3-3 Learning objectives 1. Define internal control and explain its importance in the accounting information system. 2. Explain the basic purposes of internal control and its relationship to risk. 3. Describe and give examples of various kinds of risk exposures.
3-4 Learning objectives 4. Prepare a simple risk/control matrix. 5. Summarize and explain the importance of COSO’s 2013 “Internal Control— Integrated Framework.” 6. Critique existing internal control systems and design effective internal controls.
3-5 Internal control definition A process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance. From COSO’s 2013 Internal Control Integrated Framework
3-6 Internal control definition • Key elements of the definition – Process. Internal control is not a list of rules or “boxes to check off.” – Effected by [various groups]. Internal control is the responsibility of the whole organization—not just the accounting function.
3-7 Internal control definition • Key elements of the definition – Reasonable assurance. No internal control ever provides absolute assurance. The benefits of a control must outweigh its costs. – Objectives relating to: • Operations: business processes, such as the sales / collection process. • Reporting: financial, tax, internal. • Compliance: applicable laws & regulations, such as SOX and the Foreign Corrupt Practices Act.
3-8 Internal control purposes • Safeguard assets, such as by depositing cash daily in the bank. • Ensure reliable financial reporting, such as through financial statement audits.
3-9 Internal control purposes • Promote operating efficiency, such as with a procedures manual. • Encourage compliance with management directives, such as by appropriate training & performance reviews.
3-10 Risk exposures • To develop strong internal controls that achieve the four purposes, many organizations think in terms of risk. • By identifying their risk exposures, they can develop and implement internal controls to address them. • “Address” can refer to preventive, detective or corrective controls. Identify risk exposures. Develop internal controls.
3-11 Risk exposures • Brown’s taxonomy provides one good organizing structure for talking about risk. • Four major categories – Financial – Operational – Strategic – Hazard
3-12 Risk exposures • Financial risk – Market risk – Credit risk – Liquidity risk • Operational risk – Systems risk – Human error risk • Strategic risk – Legal & regulatory risk – Business strategy risk • Hazard risk Directors’ & officers’ liability risk
3-13 Risk / control matrix Risk Risk category (Brown) Internal control Internal control purpose Comments* Theft of inventory liquidity risk separation of duties preventive acquisition / payment process Spoiled raw materials liquidity risk establish proper storage conditions preventive conversion process Dividends paid to the wrong shareholders human error risk internal audit of shareholder database detective financing process Disclosure of the database of employees' Social Security numbers systems risk data encryption and firewalls preventive human resource process Granting credit inappropriately credit risk established procedures for granting credit, including a separate credit department preventive sales / collection process Table 3.2
3-14 COSO framework • Committee of Sponsoring Organizations of the Treadway Commission on Fraudulent Financial Reporting • www.coso.org • Original internal control framework: 1995 • Updated framework: 2013
3-15 COSO framework • Five components, all necessary for strong internal control – Control environment – Risk assessment – Control activities – Information and communication – Monitoring
3-16 COSO framework • Control environment – Organization’s overall attitude about internal control – Must be established at the top of the organization (CEO, CFO) – Often called the “tone at the top” or “tone from the top”
3-17 COSO framework • Risk assessment – Organization’s risk exposures – Tools like the Brown framework can help ensure “all the bases are covered” • Control activities – Specific internal controls to address risks – Preventive / detective / corrective – A control may address multiple risks; a single risk may involve multiple controls. Identify risk exposures. Develop internal controls.
3-18 COSO framework • Information and communication – How the entire internal control plan is disseminated throughout the organization – This framework element relates to the plan in its totality. • Monitoring – Ensuring the plan’s ongoing effectiveness – May be entrusted to the internal audit department
3-19 COSO framework example Control environment: Open door policy from CEO / CFO regarding internal control Risk assessment: Wireless network may be compromised. Control activities: Strong network security. Data encryption. Firewalls. Continuous monitoring. Information & communication: Required annual training on internal control for all employees. Monitoring: A cross- functional committee reviews and updates the plan annually based on employee and other input.
3-20 COSO framework • In the 2013 update, COSO added 17 principles to provide more detail about the five components. Control environment. “The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.”
3-21

Empfohlen

ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...
ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...
ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...rahmatmoelyana
 
The Three Lines of Defense Model & Continuous Controls Monitoring
The Three Lines of Defense Model & Continuous Controls MonitoringThe Three Lines of Defense Model & Continuous Controls Monitoring
The Three Lines of Defense Model & Continuous Controls MonitoringCaseWare IDEA
 
mr neeraj - day 1 - compliance
mr neeraj - day 1 - compliancemr neeraj - day 1 - compliance
mr neeraj - day 1 - complianceNeeraj Verma
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
Enterprise risk management february 9th solution training
Enterprise risk management february 9th solution trainingEnterprise risk management february 9th solution training
Enterprise risk management february 9th solution trainingveritama
 
corporate risk management
corporate risk management corporate risk management
corporate risk managementUniversiti Malaysia Pahang
 
Operation Risk Management 03
Operation Risk Management 03Operation Risk Management 03
Operation Risk Management 03Institute of Mgt. and Information Science
 
Operation Risk Management in Banking Sector
Operation Risk Management in Banking SectorOperation Risk Management in Banking Sector
Operation Risk Management in Banking SectorSanjay Kumbhar
 

Empfohlen

ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...
ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...
ISACA Indonesia Special Technical Session feat Erik Guldentops Panelist Widha...rahmatmoelyana
 
The Three Lines of Defense Model & Continuous Controls Monitoring
The Three Lines of Defense Model & Continuous Controls MonitoringThe Three Lines of Defense Model & Continuous Controls Monitoring
The Three Lines of Defense Model & Continuous Controls MonitoringCaseWare IDEA
 
mr neeraj - day 1 - compliance
mr neeraj - day 1 - compliancemr neeraj - day 1 - compliance
mr neeraj - day 1 - complianceNeeraj Verma
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
Enterprise risk management february 9th solution training
Enterprise risk management february 9th solution trainingEnterprise risk management february 9th solution training
Enterprise risk management february 9th solution trainingveritama
 
corporate risk management
corporate risk management corporate risk management
corporate risk managementUniversiti Malaysia Pahang
 
Operation Risk Management 03
Operation Risk Management 03Operation Risk Management 03
Operation Risk Management 03Institute of Mgt. and Information Science
 
Operation Risk Management in Banking Sector
Operation Risk Management in Banking SectorOperation Risk Management in Banking Sector
Operation Risk Management in Banking SectorSanjay Kumbhar
 
GPMI December 2015
GPMI December 2015GPMI December 2015
GPMI December 2015Max van der Klis-Busink
 
9. Basel II Presentation
9. Basel II Presentation9. Basel II Presentation
9. Basel II PresentationElly Quan (Quan Thi Hanh Mai)
 
Operational Risk & Basel Ii
Operational Risk & Basel IiOperational Risk & Basel Ii
Operational Risk & Basel Iijhsiddiqi2003
 
Operational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIOperational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIEneni Oduwole
 
Rm 05-v2
Rm 05-v2Rm 05-v2
Rm 05-v2tomkacy
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Sal Velasco
 
Raising Red Flags - 07/2009
Raising Red Flags - 07/2009Raising Red Flags - 07/2009
Raising Red Flags - 07/2009rogersons
 
Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3Habib Ullah Qamar
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk ManagementManoj Jain
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Phil Agcaoili
 
Iii pillars of basal accords
Iii pillars of basal accordsIii pillars of basal accords
Iii pillars of basal accordsUjjwal 'Shanu'
 
Operational risk management
Operational risk managementOperational risk management
Operational risk managementUjjwal 'Shanu'
 
Coso erm
Coso ermCoso erm
Coso ermHumberto Omar Valverde Taborga
 
COSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORECOSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORENaresh Parandhaman
 
Operational Risk Management under BASEL era
Operational Risk Management under BASEL eraOperational Risk Management under BASEL era
Operational Risk Management under BASEL eraTreat Risk
 
Measuring operational risk
Measuring operational riskMeasuring operational risk
Measuring operational riskUjjwal 'Shanu'
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Enterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample PresentationEnterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample PresentationAlexander Larsen
 
Fixed income
Fixed incomeFixed income
Fixed incomeAYUSHGaur31
 
Week 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-makingWeek 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-makingErfan Ovee Nomaan
 
Sppt chap004
Sppt chap004Sppt chap004
Sppt chap004Awais Ahmed
 

Weitere ähnliche Inhalte

Was ist angesagt?

Operational Risk & Basel Ii
Operational Risk & Basel IiOperational Risk & Basel Ii
Operational Risk & Basel Iijhsiddiqi2003
 
Operational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIOperational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIEneni Oduwole
 
Rm 05-v2
Rm 05-v2Rm 05-v2
Rm 05-v2tomkacy
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Sal Velasco
 
Raising Red Flags - 07/2009
Raising Red Flags - 07/2009Raising Red Flags - 07/2009
Raising Red Flags - 07/2009rogersons
 
Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3Habib Ullah Qamar
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk ManagementManoj Jain
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Phil Agcaoili
 
Iii pillars of basal accords
Iii pillars of basal accordsIii pillars of basal accords
Iii pillars of basal accordsUjjwal 'Shanu'
 
Operational risk management
Operational risk managementOperational risk management
Operational risk managementUjjwal 'Shanu'
 
Operational Risk Management under BASEL era
Operational Risk Management under BASEL eraOperational Risk Management under BASEL era
Operational Risk Management under BASEL eraTreat Risk
 
Measuring operational risk
Measuring operational riskMeasuring operational risk
Measuring operational riskUjjwal 'Shanu'
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Enterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample PresentationEnterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample PresentationAlexander Larsen
 

Was ist angesagt? (20)

GPMI December 2015
GPMI December 2015GPMI December 2015
GPMI December 2015
 
9. Basel II Presentation
9. Basel II Presentation9. Basel II Presentation
9. Basel II Presentation
 
Operational Risk & Basel Ii
Operational Risk & Basel IiOperational Risk & Basel Ii
Operational Risk & Basel Ii
 
Operational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIOperational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel III
 
Rm 05-v2
Rm 05-v2Rm 05-v2
Rm 05-v2
 
Example of fisma compliance analysis.1
Example of fisma compliance analysis.1Example of fisma compliance analysis.1
Example of fisma compliance analysis.1
 
Raising Red Flags - 07/2009
Raising Red Flags - 07/2009Raising Red Flags - 07/2009
Raising Red Flags - 07/2009
 
Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3Lecture 14 fraud and accountant - james a. hall book chapter 3
Lecture 14 fraud and accountant - james a. hall book chapter 3
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk Management
 
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
Archer Users Group / Southern Risk Council 2016 Enterprise Risk Management an...
 
Iii pillars of basal accords
Iii pillars of basal accordsIii pillars of basal accords
Iii pillars of basal accords
 
Operational risk management
Operational risk managementOperational risk management
Operational risk management
 
Coso erm
Coso ermCoso erm
Coso erm
 
COSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORECOSO Vs ERM - NMIMS INDORE
COSO Vs ERM - NMIMS INDORE
 
Operational Risk Management under BASEL era
Operational Risk Management under BASEL eraOperational Risk Management under BASEL era
Operational Risk Management under BASEL era
 
Measuring operational risk
Measuring operational riskMeasuring operational risk
Measuring operational risk
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
 
Enterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample PresentationEnterprise Risk Management & Fraud Sample Presentation
Enterprise Risk Management & Fraud Sample Presentation
 
Fixed income
Fixed incomeFixed income
Fixed income
 

Andere mochten auch

Week 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-makingWeek 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-makingErfan Ovee Nomaan
 
Diseño instruccional
Diseño instruccionalDiseño instruccional
Diseño instruccionalronier25
 
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी है
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी हैसंयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी है
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी हैmohit gupta
 

Andere mochten auch (9)

Week 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-makingWeek 8 relevant costing and short-term decision-making
Week 8 relevant costing and short-term decision-making
 
Sppt chap004
Sppt chap004Sppt chap004
Sppt chap004
 
Diseño instruccional
Diseño instruccionalDiseño instruccional
Diseño instruccional
 
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी है
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी हैसंयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी है
संयुक्त राज्य अमेरिका की संस्कृति मुख्य रूप से पश्चिमी है
 
Sppt chap002
Sppt chap002Sppt chap002
Sppt chap002
 
Sppt chap001
Sppt chap001Sppt chap001
Sppt chap001
 
Sage 50 accounts ppt
Sage 50 accounts pptSage 50 accounts ppt
Sage 50 accounts ppt
 
Clase%201 celula%20vegetal
Clase%201 celula%20vegetalClase%201 celula%20vegetal
Clase%201 celula%20vegetal
 
James hall ch 8
James hall ch 8James hall ch 8
James hall ch 8
 

Ähnlich wie Sppt chap003

Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Understanding Risk Management Through COSO ERM.pdf
Understanding Risk Management Through COSO ERM.pdfUnderstanding Risk Management Through COSO ERM.pdf
Understanding Risk Management Through COSO ERM.pdfMaAnneLuisSarillana1
 
UNCCInternalControls.pptx
UNCCInternalControls.pptxUNCCInternalControls.pptx
UNCCInternalControls.pptxAral20101
 
COSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdfCOSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdfAliehaDhea
 
Kontrol & Audit Sistem Informasi
Kontrol & Audit Sistem InformasiKontrol & Audit Sistem Informasi
Kontrol & Audit Sistem Informasidwiki apsyarin
 
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15Workiva
 
IRM SIG What does the Second Line of Defence look like post SII July 2013
IRM SIG What does the Second Line of Defence look like post SII July 2013IRM SIG What does the Second Line of Defence look like post SII July 2013
IRM SIG What does the Second Line of Defence look like post SII July 2013Susan Young
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasiNur Fatrianti
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainInfosecTrain
 
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSShivamSharma909
 
CISM_WK_1.pptx
CISM_WK_1.pptxCISM_WK_1.pptx
CISM_WK_1.pptxdotco
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management FrameworkTreasury Consulting LLP
 
Chapt 3 - Internal Controls and Conflicts
Chapt 3 - Internal Controls and ConflictsChapt 3 - Internal Controls and Conflicts
Chapt 3 - Internal Controls and ConflictsMOHD GHADAFI SHARI
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
 

Ähnlich wie Sppt chap003 (20)

Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
 
Understanding Risk Management Through COSO ERM.pdf
Understanding Risk Management Through COSO ERM.pdfUnderstanding Risk Management Through COSO ERM.pdf
Understanding Risk Management Through COSO ERM.pdf
 
UNCCInternalControls.pptx
UNCCInternalControls.pptxUNCCInternalControls.pptx
UNCCInternalControls.pptx
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
 
COSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdfCOSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdf
 
Kontrol & Audit Sistem Informasi
Kontrol & Audit Sistem InformasiKontrol & Audit Sistem Informasi
Kontrol & Audit Sistem Informasi
 
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
 
IRM SIG What does the Second Line of Defence look like post SII July 2013
IRM SIG What does the Second Line of Defence look like post SII July 2013IRM SIG What does the Second Line of Defence look like post SII July 2013
IRM SIG What does the Second Line of Defence look like post SII July 2013
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasi
 
CISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrainCISA Domain- 1 - InfosecTrain
CISA Domain- 1 - InfosecTrain
 
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
 
CISM_WK_1.pptx
CISM_WK_1.pptxCISM_WK_1.pptx
CISM_WK_1.pptx
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management Framework
 
Presentation_20110802213554
Presentation_20110802213554Presentation_20110802213554
Presentation_20110802213554
 
Chapt 3 - Internal Controls and Conflicts
Chapt 3 - Internal Controls and ConflictsChapt 3 - Internal Controls and Conflicts
Chapt 3 - Internal Controls and Conflicts
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
 

Mehr von Awais Ahmed

Chapter 2 leadership
Chapter 2 leadershipChapter 2 leadership
Chapter 2 leadershipAwais Ahmed
 
Chp1 The Foundations Of Entrepreneurship
Chp1 The Foundations Of EntrepreneurshipChp1 The Foundations Of Entrepreneurship
Chp1 The Foundations Of EntrepreneurshipAwais Ahmed
 

Mehr von Awais Ahmed (19)

Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Chapter 1
Chapter 1Chapter 1
Chapter 1
 
Chapter 2 leadership
Chapter 2 leadershipChapter 2 leadership
Chapter 2 leadership
 
Chp1 The Foundations Of Entrepreneurship
Chp1 The Foundations Of EntrepreneurshipChp1 The Foundations Of Entrepreneurship
Chp1 The Foundations Of Entrepreneurship
 
Sppt chap017
Sppt chap017Sppt chap017
Sppt chap017
 
Sppt chap016
Sppt chap016Sppt chap016
Sppt chap016
 
Sppt chap015
Sppt chap015Sppt chap015
Sppt chap015
 
Sppt chap014
Sppt chap014Sppt chap014
Sppt chap014
 
Sppt chap013
Sppt chap013Sppt chap013
Sppt chap013
 
Sppt chap012
Sppt chap012Sppt chap012
Sppt chap012
 
Sppt chap011
Sppt chap011Sppt chap011
Sppt chap011
 
Sppt chap010
Sppt chap010Sppt chap010
Sppt chap010
 
Sppt chap009
Sppt chap009Sppt chap009
Sppt chap009
 
Sppt chap008
Sppt chap008Sppt chap008
Sppt chap008
 
Sppt chap007
Sppt chap007Sppt chap007
Sppt chap007
 
Sppt chap006
Sppt chap006Sppt chap006
Sppt chap006
 
Sppt chap005
Sppt chap005Sppt chap005
Sppt chap005
 

Kürzlich hochgeladen

Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxBipin Adhikari
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 

Kürzlich hochgeladen (20)

Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 

Sppt chap003

  • 1. Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education. Chapter 3 Internal Controls
  • 2. 3-2 Outline • Learning objectives • Internal control definition • Internal control purposes • Risk exposures • Risk / control matrix • COSO framework
  • 3. 3-3 Learning objectives 1. Define internal control and explain its importance in the accounting information system. 2. Explain the basic purposes of internal control and its relationship to risk. 3. Describe and give examples of various kinds of risk exposures.
  • 4. 3-4 Learning objectives 4. Prepare a simple risk/control matrix. 5. Summarize and explain the importance of COSO’s 2013 “Internal Control— Integrated Framework.” 6. Critique existing internal control systems and design effective internal controls.
  • 5. 3-5 Internal control definition A process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance. From COSO’s 2013 Internal Control Integrated Framework
  • 6. 3-6 Internal control definition • Key elements of the definition – Process. Internal control is not a list of rules or “boxes to check off.” – Effected by [various groups]. Internal control is the responsibility of the whole organization—not just the accounting function.
  • 7. 3-7 Internal control definition • Key elements of the definition – Reasonable assurance. No internal control ever provides absolute assurance. The benefits of a control must outweigh its costs. – Objectives relating to: • Operations: business processes, such as the sales / collection process. • Reporting: financial, tax, internal. • Compliance: applicable laws & regulations, such as SOX and the Foreign Corrupt Practices Act.
  • 8. 3-8 Internal control purposes • Safeguard assets, such as by depositing cash daily in the bank. • Ensure reliable financial reporting, such as through financial statement audits.
  • 9. 3-9 Internal control purposes • Promote operating efficiency, such as with a procedures manual. • Encourage compliance with management directives, such as by appropriate training & performance reviews.
  • 10. 3-10 Risk exposures • To develop strong internal controls that achieve the four purposes, many organizations think in terms of risk. • By identifying their risk exposures, they can develop and implement internal controls to address them. • “Address” can refer to preventive, detective or corrective controls. Identify risk exposures. Develop internal controls.
  • 11. 3-11 Risk exposures • Brown’s taxonomy provides one good organizing structure for talking about risk. • Four major categories – Financial – Operational – Strategic – Hazard
  • 12. 3-12 Risk exposures • Financial risk – Market risk – Credit risk – Liquidity risk • Operational risk – Systems risk – Human error risk • Strategic risk – Legal & regulatory risk – Business strategy risk • Hazard risk Directors’ & officers’ liability risk
  • 13. 3-13 Risk / control matrix Risk Risk category (Brown) Internal control Internal control purpose Comments* Theft of inventory liquidity risk separation of duties preventive acquisition / payment process Spoiled raw materials liquidity risk establish proper storage conditions preventive conversion process Dividends paid to the wrong shareholders human error risk internal audit of shareholder database detective financing process Disclosure of the database of employees' Social Security numbers systems risk data encryption and firewalls preventive human resource process Granting credit inappropriately credit risk established procedures for granting credit, including a separate credit department preventive sales / collection process Table 3.2
  • 14. 3-14 COSO framework • Committee of Sponsoring Organizations of the Treadway Commission on Fraudulent Financial Reporting • www.coso.org • Original internal control framework: 1995 • Updated framework: 2013
  • 15. 3-15 COSO framework • Five components, all necessary for strong internal control – Control environment – Risk assessment – Control activities – Information and communication – Monitoring
  • 16. 3-16 COSO framework • Control environment – Organization’s overall attitude about internal control – Must be established at the top of the organization (CEO, CFO) – Often called the “tone at the top” or “tone from the top”
  • 17. 3-17 COSO framework • Risk assessment – Organization’s risk exposures – Tools like the Brown framework can help ensure “all the bases are covered” • Control activities – Specific internal controls to address risks – Preventive / detective / corrective – A control may address multiple risks; a single risk may involve multiple controls. Identify risk exposures. Develop internal controls.
  • 18. 3-18 COSO framework • Information and communication – How the entire internal control plan is disseminated throughout the organization – This framework element relates to the plan in its totality. • Monitoring – Ensuring the plan’s ongoing effectiveness – May be entrusted to the internal audit department
  • 19. 3-19 COSO framework example Control environment: Open door policy from CEO / CFO regarding internal control Risk assessment: Wireless network may be compromised. Control activities: Strong network security. Data encryption. Firewalls. Continuous monitoring. Information & communication: Required annual training on internal control for all employees. Monitoring: A cross- functional committee reviews and updates the plan annually based on employee and other input.
  • 20. 3-20 COSO framework • In the 2013 update, COSO added 17 principles to provide more detail about the five components. Control environment. “The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.”
  • 21. 3-21