Training delivered to assisting audit staff as part of their continuing professional development/education (CPE/CPD). Provided in a 60 minute session with substantial discussion and interaction.

1. Audit Team Training
26 March 2013
System Notes
and
Internal Controls

2. This document contains information in summary form and is therefore intended
for general guidance only. It is not intended to be a substitute for detailed
research or the exercise of professional judgement. It does not purport to be
comprehensive or to render professional advice. The reader should not act on
the basis of any matter contained in this publication without first obtaining
specific professional advice.
We believe that the statements made by us in this document are accurate but no
warranty of accuracy or reliability is given. Our conclusions are based on
interpretations of accounting standards and other relevant professional
pronouncements and legislation current as at the date of this document. Should
the interpretations, accounting standards, other relevant professional
pronouncements or legislation change, our conclusions may not be valid. We are
under no obligation to update the matters considered in this document after its
publication.
© Hanrick Curran, February 2013
All rights reserved
Disclaimer
Liability limited by a scheme approved under
professional Standards Legislation

3. Your Presenters
Matthew Green CA
Contact details:
matthew.green@hanrickcurran.com.au
(+61)(0) 447 724 595
(+61)(0) 7 3218 3900
Twitter: @matthewjgreenca
LinkedIn: http://au.linkedin.com/in/matthewjgreenca
Wendy Low CA
Contact details:
wendy.low@hanrickcurran.com.au
(+61)(0) 7 3218 3900
Topic Date

4. About Hanrick Curran
Our client base is mainly located in South East
Queensland, but also extends to Northern New
South Wales, Western Queensland, Sydney,
Melbourne, Darwin, Townsville and Mackay as well
as other regional areas.
We have a strong position with clients in Papua
New Guinea and we also serve a growing Asian
business sector. While these international
connections may not be of immediate interest but
we believe they are important in enabling us to
effectively serve our clients.
Hanrick Curran’s Client Base

5. Agenda
1) Purpose and Component of Internal controls
2) System notes
3) Fun time…
4) Angela Winton

6. Aim of this training
Objective
A brief understanding of internal controls.
Audit team members should have an understanding on the questions to
ask and the ability to write up on system notes
Why?
Effective internal controls are important for financial reporting.
System notes will assist with risk assessments and planning for the job.
At the end of the session
Audit team members will have basic understanding of internal controls
and will be able to efficiently prepare system notes.

7. Purpose and Components of
Internal Controls
ASA 315: Identifying and Assessing the Risks of
Material Misstatement through Understanding the
Entity and its Environment.
Internal control objectives – 4 broad categories:
- Strategic, high level goals
- Financial Reporting
- Operations
- Compliance with laws and regulations

8. Control
Environment
Risk
Assessment
Information
System
Control
Activities
Monitoring
5 components of Internal Controls
Internal
Control

9. Component 1: Control Environment
What is the control environment?
• Foundation for effective internal control
• Addresses the governance and management functions
• Controls are usually pervasive in nature
Question: What does pervasive mean?
Why is it important for auditors?
• Influences the evaluation of effectiveness of specific areas

10. Component 1: Control Environment
(cont.)
Key Elements
• Communication and enforcement of integrity
• Commitment to competence
• Participation by those charged with governance
• Management’s philosophy and operating style
• Organisational structure
• Assignment of authority and responsibility
• Human resources policies and practices

11. Component 2: Risk Assessment
What is the Risk Assessment?
• Provides management with the information needed to
determine what business/fraud risks should be
managed and action to be taken
Why is it important for auditors?
• An absence of a documented risk assessment process
may represent a significant deficiency in internal
control

12. Component 2: Risk Assessment
(cont.)
Possible conditions and events that may indicate
risk of material misstatement
• Volatile markets
• Going concern and liquidity issues
• Constraints on availability of capital and credit
• Lack of accounting personnel
• Changes in key personnel (departure)
• Litigation

13. Component 3: Information System
“ASA 315.18-19”
What is information system?
• Identifies, captures, processes and distributes
information supporting the achievement of financial
reporting and internal control objectives
• Communication of financial reporting roles and
responsibilities
Why is it important for auditors?
• Business processes and the links to accounting
systems captures financial information which is
relevant to financial reporting

14. Component 3: Information System
(cont.)
Understanding the information system
• Sources of information used?
• How information is captured and processed?
• How the information produced is used?
Communication
• Key component for successful information system
• Information needed for decision making needs to be
communicated in a timely manner
• Can be done verbally or through policies

15. Component 4: Control Activities
“ASA 315.20-21”
What are control activities?
• Policies and procedures that help ensure that
management’s directives are carried out
• It is designed to mitigate risks involved in everyday
activities such as transactional processing
Question: What is transactional processing?

16. Component 4: Control Activities
(cont.)
“Business Processes : set of activities designed
to produce a specific output”
Controls Classification Description
Preventive controls Avoid errors or irregularities
Detective controls Identify errors or irregularities
Compensating controls Provide some assurance where
resource limitations per
preclude other more direct
controls
Steering controls Guide action towards desired
objectives

17. Component 4: Control Activities
(cont.)
Typical controls will include the following:
1. Segregation of duties
2. Authorisation controls
3. Account reconciliations
4. IT Application Controls
5. Actual results review
6. Physical controls

18. Component 5: Monitoring
“ASA 315: 22-24”
What is monitoring?
- Assesses the effectiveness of internal control’s performance over
time.
- To ensure that controls are working properly
Sources of Information used for monitoring
- Periodic monitoring (Internal audit)
- Hiring external consultants
- Complaints from customers
- External auditors

19. Audit Training - Materiality - April 2013
Thank you
www.hanrickcurran.com.au
Hanrick Curran
t. (07) 3218 3900
f. (07) 3218 3901
Level 11
307 Queen Street
Brisbane Qld 4000
GPO Box 2268
Brisbane Qld 4001