Stages of Study and Evaluation of Internal Control
The stages/activities involve in studying and evaluating internal control are: A. Obtaining an understanding of the entity’s internal control structure. B. Assessing the preliminary level of control risk.
C. Obtaining evidential matter to support the assessed level of control risk. D. Evaluating the results of evidential matter.
E. Determining the necessary level of detection risk.
STAGE A. Obtaining an understanding of the entity’s internal control structure. In planning the audit examination, each of the five components of internal control must be studied and understood by the auditor to enable him to (1) identify types of potential misstatements; (2) consider factors that affect the risk of misstatement; and (3) begin to design appropriate testing procedure. Understanding the Control Environment
The auditor should obtain sufficient knowledge of the control environment to understand management’s and the board of director’s attitude, awareness, and actions concerning the control environment. The auditor should concentrate on the substance of management’s policies, procedures, and related actions rather than their form because management may establish appropriate policies and procedures but not act on them.
Understanding Control Procedures
Because some control procedures are integrated in specific components of the control environment and accounting system, as the auditor obtains an understanding of the control environment and accounting system, he is also likely to obtain knowledge about some control procedures. The auditor should consider the knowledge about the presence or absence of the control procedures obtained from the understanding of the control environment and accounting system in determining whether it is necessary to devote additional attention to obtain an understanding of control procedures to plan the audit. Understanding the Accounting and Internal Control Systems
To understand the design of the accounting information system, the auditor determines (1) the major classes of transactions of the entity; (2) how those transaction are initiated; (3) what accounting records exist and their nature; (4) how transactions are processed from initiation to completion, including the extent and nature of computer use; (5) the nature and details of the financial reporting process followed. Typically, this is accomplished and documented by a narrative description of the system or by flowcharting. The operation of the accounting information system is often determined by tracing one or few transactions through the system (called a transaction walk-through). Information controls relating to the accounting system are concerned with achieving objectives such as: Transactions are executed in accordance with management’s general or specific authorization. All transactions and other events are promptly recorded in the correct amount, in the appropriate accounts and in the proper accounting period so as to permit preparation of financial statements in accordance with an identified financial reporting framework. Access to assets and records is permitted only in accordance with management’s authorization. Recorded assets are compared with the existing assets at reasonable intervals and appropriate action is taken regarding any differences. When obtaining an understanding of the accounting and internal control systems to plan the audit, the auditor obtains knowledge of the design of the accounting and internal control systems. When the transactions selected are typical of those transactions that pass through the system, this procedure may be treated as part of tests of control. The nature, timing, and extent of the procedures performed by the auditor to obtain an understanding of the accounting and internal control systems will vary with, among other things: The size and complexity of the entity and of its computer system. Materiality considerations.
The type of...
Please join StudyMode to read the full document