Académique Documents
Professionnel Documents
Culture Documents
Application controls
See transaction controls.
Control activities
The component of internal control that includes control actions that
have been established by policies and procedures. They help ensure
that managements directives regarding internal control are carried
out.
Control deficiency
A shortcoming in internal controls such that the objective of reliable
financial reporting may not be achieved.
Control environment
The component of internal control that includes the set of standards,
processes, and structures that provides the basis for carrying out
internal control across the organization. It includes the tone at the
top regarding the importance of internal control and the expected
standards of conduct.
COSOs updated Internal ControlIntegrated Framework
A comprehensive framework of internal control used to assess the
effectiveness of internal control over financial reporting, as well as
controls over operational and compliance objectives.
Detective controls
Controls designed to discover errors that occur during processing.
Edit tests
See input validation tests.
Entity-wide controls
Controls that operate across an entity and affect multiple processes,
transactions, accounts, and assertions.
General computer controls
Pervasive control activities that affect multiple types of information
technology systems and are necessary for automated application
controls to work properly (also referred to as information technology
general controls).
Information and communication
The component of internal control that refers to the process of
identifying, capturing, and exchanging information in a timely fashion
to enable accomplishment of the organizations objectives.
Information technology general controls
See general computer controls.
Relevant assertion
A financial statement assertion, for a given account, is most relevant to
determining whether there is a reasonable possibility that the account
could contain a material misstatement, without considering the effect
of internal controls.
Risk assessment
The component of internal control that is the process for identifying
and assessing the risks that may affect an organization from achieving
its objectives.
Segregation of duties
A control activity that is designed to protect against the risk that an
individual could both perpetrate and cover up a fraud.
Self-checking digits
A type of input test that has been developed to test for transposition
errors associated with identification numbers.
Separate evaluations
Monitoring procedures that are conducted periodically, typically by
objective management personnel, internal auditors, or external
consultants.
Significant account
An account that has a reasonable possibility of containing a material
misstatement, without considering the effect of internal controls.
Significant deficiency in internal control
A deficiency, or a combination of deficiencies, in internal control over
financial reporting that is less severe than a material weakness, yet
important enough to merit attention by
those responsible for oversight of the companys financial reporting.
Transaction controls
Control activities implemented to mitigate transaction processing risk
that typically affect only certain processes, transactions, accounts, and
assertions These are controls that do not have an entity-wide effect.
Transaction trail
Includes the documents and records that allow a user (or auditor) to
trace a transaction from its origination through to its final disposition,
or vice versa.