Scribd
Upload
47 views4 pages

Chapter 3

Chapter 3 discusses the meaning and importance of internal control, highlighting its role in achieving organizational objectives such as reliable financial reporting and compliance with laws. It also outlines the inherent limitations of internal control, including human error and collusion, and emphasizes the benefits of understanding internal control for statutory auditors. Additionally, the chapter details the components of internal control, including the control environment, risk assessment, control activities, monitoring, and the information system relevant to financial reporting.

Uploaded by

bikisarkar1823
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
47 views4 pages

Chapter 3

Chapter 3 discusses the meaning and importance of internal control, highlighting its role in achieving organizational objectives such as reliable financial reporting and compliance with laws. It also outlines the inherent limitations of internal control, including human error and collusion, and emphasizes the benefits of understanding internal control for statutory auditors. Additionally, the chapter details the components of internal control, including the control environment, risk assessment, control activities, monitoring, and the information system relevant to financial reporting.

Uploaded by

bikisarkar1823
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

chapter 3 RISK ASSESSMENT AND INTERNAL CONTROL

1. Meaning Of internal control

As per SA 315 internal control can be defined as a process Policies and procedures Set of
activities that is Design, implemented and maintained by tcwg, management and other personal
to provide resonable assurance about the achievement of entities objectives

2. Exemple of objectives for which control can be design


A. reliability of entities financial reporting,
B. effectiveness and efficiency of entities operations,
C. safeguarding of assets, and
D. compliance with applicable laws and regulations.

2. Inherant limittion of internal control

Internal control no matter how effective they are they only provide resonable assurance
about achevement of entities objective due to certain inherant limitation

A. Human judgement involve in decision making, it can be an intentional or unintentional


human error that may break down the entire internal control

B. Lack of understanding about the purpose of internal control some times employees
incharge may not be aware the reasons or purpose for which control are design it may
Lead to in effectiveness of internal control

C. Collusion among people- sometimes entities employes may colluted together to overide the
entities internal control system for example having side aggrement with suuplier or customer

D. Limitation in case of small entities- if an organistion has very few employes it may be
difficult to ensure segregation of duties. However in such organization owner / manager may
be able to exercise more effective oversight (that is supervision) than in case of a larger
entitiy

E. Managemet is expected to use there judgement for desigine and implementing entities
internal control, their judgement may not always be appropriated

4. Benefits of understanding internal control for the statutory auditors

A. it will help in desiging nature and timing and extend of further audit procedure
B. It will help to identifying types of potential misstatement
C. It will help in identifying and analysing those factor which may result into risk of
matterial misstatement

5. Components of internal control

A. Control environment
B. Entities risk assessment process ( includes risk identification also)
C. Control activities
D. Information sysytem which includes related business process that are relevant to
financial reporting and comunication
E. Monitoring of controls

1. Control environment-

(a) It includes the governanc and management function


(b) it includes the attitude, awarenence and action with tcwg along with management
(c)Control management sets the tone of an organisation that is making people aware or
consciousness about the relevance of internal control

ELEMENTS OF CONTROL ENVIRONMENT

Participation by TCWG to ensure that entities control environment is appropriately design

Management philosophy and operating style has a significant impact on entities overall
control environment

Comunication and enforcement of intregity and ethical values to the people working in the
organisation for example revolt and punishment mechanism for compliance and non compliance
of internal controls

Designing an appropriate organisation stucture depending upon the size and nature of
business activities

human resource policies and procedure such as recruitment, training, counselling ,


performance evaluation, promotion etc impacts the overall control environment of the
organisation.
▪⚫

Note - Existance of satisfactory control environment is not an absolute deterrent


to fraud

The existance of a satisfactory control environment can be a positive factor


while assessing ROM this will also help in reducing the overall risk of fraud but
its not an absolute deterrent to fraud

Deficiency in control environment may significantly undermine or negatively


affect the the efectiveness of internal control

Control environment by itself does not prevent or detect and correct a matterial
misstatement. For prevention detection and correction appropriatel control will be
needed however control environment may influence the auditors evolution of the
effectiveness of internal control

2.Entity’s risk assessment process

a. Auditor should uderstand the entities process of identifying business risk related to
there financial reporting objectives

b. how do they estimate the significance of risk

c. How do they assess the likelihood of there occurance

d. How do they decide about action to address those risk

Note - Risk managemnt process include identification of those event or conditions


which will not allow the organisation to achieve their objectives. Organisation shoud
analyse these event or conditions to understand their likehood and potential impact
on the business. After such assessment organisation may choose any of the
following responses to address these risk

Accept the risk


Avoid the risk
Share or reduce the risk

3. CONTROL ACTIVITIES

A. Control activities are policies and procedures that help the management to ensure
that there business objective can be achieved
B. Control activities may include the following
seggregation of duties( all activities in the process should not be carry out by
one person)
physical excess controls for safeguarding the assets
performance reviews i.e. comparision of actual data against budgeted data or
standard data

4. Monitoring of control

A. Monitoring of control is a process to assess the effectiveness of intrnal controls


performance over a period of time

B. Management may accomplished monitoring of control through ongoing evaluation ,


separate evaluation or combination of both

5. The information system

A. Auditor should understand the entities information system which includes all important
business process related to financial reporting

B. Information system may include identification of class of transaction that are


significant to financial statement for example any activity related to purchase, sales etc

C. Information system should include a detail process regarding a transaction that how
transaction are initiated, recorded, processed, corrected if necessary and reported

D. The financial reporting process used to prepare the financial statement should be part
of entities information system

E. There should be control around all types of journal entries

You might also like