2. Internal Controls
Primary Objectives of Internal Controls
Accurate Financial Information
Compliance with Policies and Procedures
Safeguarding Assets
Efficient Use of Resources
Accomplishment of Objectives and Goals
3. Internal Controls
Why are Internal Controls Important?
Internal controls are designed to provide reasonable
assurance regarding the achievement of objectives in the
following categories:
Effectiveness and Efficiency of Operations
Reliability of Financial Reporting
Compliance with Laws and Regulations
4. Internal Controls
Why are Internal Controls Important?
Effectiveness and Efficiency of Operations
cost-effectiveness of business aims
safeguarding of resources.
Reliability of Financial Reporting
preparation of reliable published financial statements, including
interim and condensed financial statements.
Compliance with Laws and Regulations
internal.
external.
6. Internal Controls
Creating the Control Environment
Create environment that encourages internal controls
Expect Ethical Behavior
Hire qualified staff
Get to know your staff
Clear assignment of responsibility/Job Description
Supervision
Clear Communication
7. Internal Controls
Risk Assessment
A risk assessment is not about creating huge amounts
of paperwork, but rather about identifying sensible
measures to control the risks in your workplace.
8. Internal Controls
Types of Risks for an organization
Business Risks
Capital Risks
Credit Risks
Market Risks
Liquidity Risk
Environment Risks
Operational Risks
Control Risks
Internal Control Risks
Management Risks (Corporate Governance)
Compliance Risks
Organizational Risks
10. Internal Controls
Key Components – Control Activities
This component includes those activities that are traditionally
associated with the concept of internal control. These activities
include:
approvals,
responsibilities
authorities,
separation of duties,
Documentation, written policies, procedures, processes,
reconciliation,
competent and honest personnel,
internal check,
and internal auditing.
11. Separation of Duties
Divide responsibilities between different employees
so one individual doesn’t control all aspects of a
transaction.
Reduce the opportunity for an employee to commit
and conceal errors (intentional or unintentional) or
commit fraud.
12. Separation of Duties
A fundamental element of internal control is the segregation of
certain key duties. In general, the principal incompatible duties to
be segregated are:
Custody of assets.
Authorization or approval of related transactions
affecting those assets.
Recording or reporting of related transactions.
13. Documentation
Document & preserve evidence to substantiate:
Critical decisions and significant events...typically
involving the use, commitment, or transfer of
resources.
Transactions…enables a transaction to be traced
from its inception to completion.
Policies & Procedures…documents which set forth
the fundamental principles and methods that
employees rely on to do their jobs.
14. Authorization & Approvals
Management documents and communicates which
activities require approval, and by whom, based on the
level of risk to the organization.
Ensure that transactions are approved and executed only
by employees acting within the scope of their authority
granted by management.
15. Security of Assets
Secure and restrict access to equipment, cash, inventory,
confidential information, etc. to reduce the risk of loss or
unauthorized use.
Perform periodic physical inventories to verify existence,
quantities, location, condition, and utilization.
Base the level of security on the vulnerability of items
being secured, the likelihood of loss, and the potential
impact should a loss occur.
16. Reconciliation & Review
Examine transactions, information, and events to verify
accuracy, completeness, appropriateness, and
compliance.
Base level of review on materiality, risk, and overall
importance to organization’s objectives.
Ensure frequency is adequate enough to detect and act
upon questionable activities in a timely manner.
17. Internal Controls
Key Components-Control Activities
Adequate Transaction Documentation
A record of (paper or electronic)
for Revenue
Receipt
Transfer
Deposit
for Expense
Purpose
Authorization
for Other
Delegation of Signature Authority
Monthly Account Status Report Reconciliation
Annual Property Inventory
Properly Designed Documentation
Unique numbering
Independent Verification
18. Internal Controls
Why Monitoring is Important:
Inherent Risks
Complexity
Decentralization – many hands, need
accountability
Repeat Problems
Unresponsive to prior weaknesses
19. Internal Controls
Types of Controls
Preventive Controls
Predict errors and thereby avoid the cost of
correction
Discourage fraud
Detective Controls
Measure the effectiveness of preventive controls
Find errors and misappropriations
Provide the resources to establish accountability
20. Cash Receipts Internal
Controls
Objective
Ensure that all funds are timely deposited in the
bank and are properly recorded in the appropriate
account.
Risks
Theft/fraud.
Mismanagement of funds.
Mis-statement of revenue and expenditures.
Noncompliance with companies and govt. policies.
21. Cash Receipts Internal
Controls
Audit Check List
Verifying monthly cash receipts Status of persons
whether process on a timely basis.
Timely and adequate restrictive confirmation of
checks
Documentation and procedures are sufficient so that
loss or misappropriation of funds can be traced to
the responsible individual(s).
22. Procurement and Accounts
Payable Internal Controls
Objectives
Expenses charged are reasonable and allowable.
Expenses are properly coded.
Unallowable charges are separately designated.
Purchase order processing is completed promptly and
accurately.
Risks
Misappropriation of funds.
Disallowance of costs.
Noncompliance with company regulations.
Delay of future funding.
Delay of delivery of goods and services.
Delay of payments to vendors.
Make vulnerable relationships with vendors.
23. Procurement and Accounts
Payable
Procurement
Purchase requests may be generated electronically or
manually from the department.
Purchase requests should be limited to items that can be
supplied by vendors.
When formal quotations are needed:
Complete as much of the Purchase Request Form as
possible.
Forward the departmental copy (blue) directly to the
Procurement Office for use in obtaining quotations.
Place a note on the face of the purchase request providing
the reason for using this procedure.
All check requests must be accompanied by an original
of the invoice for payment.
24. Procurement and Accounts
Payable
Accounts Payable
The Accounts Payable Department is responsible for:
examining all accounts, claims, and demands
against any purchase, and
making payment of all the obligations
No payments are to be made:
Unless there is money in the account for such
payments.
Until the Accounts Payable Department has been
presented with supporting documents.
Purchase Authorization
Original Invoice
Receiving Report
25. Procurement and Accounts
Payable Internal Controls
Audit Check List
Transactions are properly approved and the stated purpose
is reasonable.
Invoices are submitted to Accounts Payable timely.
Account Status Reports are independently reviewed for
accuracy of inconveniencies and charges.
26. Management assertions
Management assertions fall into the following three classifications:
Transaction-level assertions
Account balance assertions
Presentation and disclosure assertions
27. Transaction-level assertions
Accuracy: The assertion is that the full amounts of all
transactions were recorded, without error.
Classification: The assertion is that all transactions have
been recorded within the correct accounts in the general
ledger.
Completeness: The assertion is that all business events to
which the company was subjected were recorded.
Cut off: The assertion is that all transactions were recorded
within the correct reporting period.
Occurrence: The assertion is that recorded business
transactions actually took place.
28. Account balance assertions
Completeness: The assertion is that all reported asset,
liability, and equity balances have been fully reported.
Existence: The assertion is that all account balances exist
for assets, liabilities, and equity.
Rights and obligations: The assertion is that the entity
has the rights to the assets it owns and is obligated under its
reported liabilities.
Valuation: The assertion is that all asset, liability, and
equity balances have been recorded at their proper
valuations.
29. Presentation and disclosure
assertions
Accuracy: The assertion is that all information disclosed is
in the correct amounts, and which reflect their proper
values.
Completeness: The assertion is that all transactions that
should be disclosed have been disclosed.
Occurrence: The assertion is that disclosed transactions
have indeed occurred.
Rights and obligations: The assertion is that disclosed
rights and obligations actually relate to the reporting entity.
Understandability: The assertion is that the information
included in the financial statements has been appropriately
presented and is clearly understandable.
30. Audit Techniques
Audit techniques are tools, methods, or processes by means
of which an auditor collects necessary evidence to support his
opinion in respect of the propositions or assertions submitted
by the client to him for his examination.
31. Kinds of audit techniques
Inspection
Observation
Management representation
Enquiry
Computations
Compliance test
Substantive test
Analytical review
Use of computer-assisted audit techniques
32. Kinds of audit techniques
Inspection
Arrange an inspection of the client’s office, plant, branches
etc.
To obtain the understanding of plant layout, manufacturing
processes, product, control and safeguard of inventories etc.
Should inspect before examination and review.
33. Kinds of audit techniques
Observation
Observe the various policies and procedures or plans
followed by the entity.
Management representation
Important evidence in form of:
Summary of oral discussions with management
Written representation from management
Should be addressed to the auditor contain specified
information
34. Kinds of audit techniques
Compliance test
Compliance test are the procedures designated to obtain
reasonable assurance of the internal control, that it is
effective and reliable.
These tests include procedures requiring inspections of
documents supporting transactions to gain evidence that
control have operated properly.
35. Kinds of audit techniques
Substantive test
Substantive test are those tests of transactions and balances
and other procedures which provides audit evidence as to the
completeness, accuracy and validity of the information
contain in the accounting records or in the financial
statements, like analytical review.