Chapter 2 Internal Controls PDF

Summary

This chapter reviews internal controls and the COSO framework, outlining key concepts and responsibilities related to financial reporting and internal control. It provides details on the components of internal control, risk assessment, and monitoring. The document also discusses scenarios of embezzlement.

Full Transcript

Internal Control and COSO Framework
===================================


Describe the three primary objectives of effective internal control
-------------------------------------------------------------------


Management and Auditor Responsibilities for Internal Control
------------------------------------------------------------

- Management, not the auditor, must establish and maintain the
entity's internal

- ### Two key concepts underlie management's design and implementation of

- Reasonable assurance

- Inherent limitations

Management*'*s Section 404 Reporting Responsibilities
-----------------------------------------------------

### Management of all public companies is to issue an internal control report

- A statement that management is responsible for establishing and
maintaining an adequate internal control structure and procedures
for financial reporting

- An assessment of the effectiveness of the internal control structure
and procedures for financial reporting as of the end of the
company's fiscal year.


Auditor Responsibilities for Understanding Internal Control
-----------------------------------------------------------

### Auditors are required to:

- Obtain an understanding of internal control relevant to the audit on
every audit engagement.

- Report on the effectiveness of internal control over financial

### Auditors are primarily concerned about:

- Controls over the reliability of financial reporting.

- Controls over classes of transactions.

Example Section 404 Management Report on Internal Control over Financial Reporting
----------------------------------------------------------------------------------


- Describe the three broad objectives management
has when designing effective internal control.

- Identify the specific Section 404(a) reporting requirements for
management.

- Describe which of the three categories of broad
objectives for internal controls are considered by the auditor in an
audit of both the financial statements and internal control over
financial reporting.

- What two aspects of internal control must the auditor assess when
performing procedures to obtain an understanding of internal
control?

COSO Model
==========

to be

financial

9


COSO Components of Internal Control
-----------------------------------

- ### Control environment

- Consists of the actions, policies, and procedures that reflect
the overall attitudes of top management, directors, and owners
of an entity about internal control and its importance to the
entity.

- ### Risk assessment

- Involves a process for identifying and analyzing risks that may
prevent the organization from achieving its objectives.

- ### Control activities

- Policies and procedures that help ensure that necessary actions
are taken to

COSO Components of Internal Control
-----------------------------------

- ### Information and communication

- To initiate, record, process, and report the entity's
transactions and to

- ### Monitoring

- Deal with ongoing or periodic assessment of the quality of
internal control by management to determine that controls are
operating as intended and that they are modified as appropriate
for changes in conditions.

College of Banking and Financial Studies

-- -- -- -- -- -- --

-- -- -- -- -- -- --

Eli powerIng Yo‹ir Fut« e /x Ac


- What are the five components of internal control in the COSO
internal

- What is the relationship among these five components?

- How do the COSO principles help an organization assess whether
internal controls are designed and operating effectively?


- What major factors permitted the embezzlement to take place?