Académique Documents
Professionnel Documents
Culture Documents
02. What are the reasons/ objectives of internal control? [P- 89]
The reasons for internal controls can be seen in the example. They include:
Minimising the business risks
Effective functioning of the company
Complies with relevant laws and regulations
Develop and maintain reliable financial and management date
Safeguard resources against loss
Ensure the confidentiality, integrity and availability of data
Control overall management of the company
06. What are the Categories of controls that auditor category? [P- 90]
Discuss about Auditors Categorization of controls.
Auditor categories the control into the following four groups:
a) Preventive Controls:
Preventive controls are designed to prevent an error, omission or malicious act occurring.
b) Detective Controls:
Detective Controls are designed to detect errors, omissions or malicious acts that occur & report the
occurrence.
08. What are the terms of reference of audit committee? [P- 91]
What are the activities of audit committee?
The Code requires the committee to have written terms of reference which are likely to include the following:
To review the integrity of the financial statements and announcements of performance
To review internal financial controls and risk management systems
To monitor and review the effectiveness of internal audit function
To recommend the board to the external auditor
To monitor the independence of the external auditor
To implement policy on the provision of non-audit services by the external auditor
09. What is Entitys risk assessment process and Business risk? [P- 92]
Entity's risk assessment process: The process by which management in a business identifies business
risks relevant to financial reporting objectives and decides what actions to take to address those risks (for
example, implementing internal controls).
Business risk: The risk inherent to the company in its operations. It is risks at all levels of the business.
10. What are the elements of entity's risk assessment process? [P- 92]
The risk assessment process will involve the following elements:
Identify relevant Estimate the impact Assess the likelihood
business risks of risks of occurrence
Decide upon actions (internal controls, insurances, changes in operations) to manage them
Figure : Entity's risk assessment process
11. What is information system relevant to financial reporting objectives? [P- 93]
Information system relevant to financial reporting objectives includes the procedures and records
designed to initiate, record, process and report entity transactions and to maintain accountability for the related
assets, liabilities and equity.
18. Which application controls the auditors may test? [P- 97]
The auditors may wish to test the following application controls.
Manual controls exercised by the user
Controls over system output
Programmed control procedures
19. What are the processes of recording of internal controls? [P- 98]
There are broadly three types of document which are used for recording the understanding of the business:
i. Narrative notes:
These are good for things like:
Short notes on simple systems
Background information
They are less good when things get more complex when diagrams tend to take over.
ii. Questionnaires and checklists:
These are:
Good as aide memoires to ensure you have all the bases covered but
Can lead to a mechanical approach so that an important extra question is never asked
Tick boxes often get ticked whether the brain is engaged or not
iii. Diagrams:
Things like:
Flowcharts
Organisation charts
Family trees
Records of related parties
***Others:
14. [P- 94]
Segregation should take place in various ways:
Segregation of function. The key functions that should be segregated are the carrying out of a
transaction, recording that transaction in the accounting records and maintaining custody of assets that
arise from the transaction.
The various steps in carrying out the transaction should also be segregated. We shall see how this works
in practice when we look at the major control cycles in the following chapters.
The carrying out of various accounting operations should be segregated. For example, the same staff
should not record transactions and carry out the related reconciliations at the period-end.