Internal Control Systems

Similar documents
The most commonly applied model for designing and auditing internal

PART 6 - INTERNAL CONTROL

Guide to Internal Controls

e. inadequacy or ineffectiveness of the internal audit program and other monitoring activities;

Community Bankers Conference

Internal Control at OSU COSO & Enterprise Risk Management. Oregon State University Board of Trustees Executive & Audit Committee Educational Session

Master Document Audit Program. Version 9.6, dated November 2017 B-1 Planning Considerations. Purpose and Scope

UNIVERSITY OF TOLEDO INTERNAL AUDIT DEPARTMENT MANAGE FIXED ASSETS

Understanding Internal Controls. Federal Highway Administration New Mexico Division

INTERNAL CONTROLS FOR NONPROFITS

SUGGESTED SOLUTIONS/ ANSWERS EXTRA ATTEMPT EXAMINATIONS, MAY of 11 AUDIT & ASSURANCE [P2] PROFESSIONAL LEVEL

Understanding Internal Controls Office of Internal Audit

Internal Controls: Need Them, Have Them, Love Them

Company LOGO C B T. An Educational Computer Based Training Program

Financial Controls Checklist

INTERNAL CONTROLS FOR NONPROFITS

BSc (Hons) Accounting with Finance. Cohort: BACF/13/FT/Aug & BACF/13/PT Jan & BACF/12B/FT. Examinations for Semester I / 2014 Semester II

LeiningerCPA, Ltd. INTERNAL CONTROL PROCEDURE STATEMENT

Auditing Standards and Practices Council

AUDIT FIELD WORK Laws and Regulations. Presenter: Errol Gardner

Diocese of Covington Policies & Procedures Manual Section: Compliance Accounting Policy: Internal Control & Segregation of Duties

Chapter 21 Audit of the Payroll and Personnel Cycle. Copyright 2014 Pearson Education

OPERATIONAL RISK EXAMINATION TECHNIQUES

evidence explained Chapter 6 The search for

Financial Statement Close Process

INTERNAL CONTROLS FOR NONPROFITS

(MARK-UP ALL CHANGES AGREED AT SEPT 2011 IAASB MEETING) CONTENTS

VIRGINIA STATE UNIVERSITY RISK ANALYSIS SURVEY OPERATIONAL. 1. Operating Concerns of the Assessable Unit and/or Business Process

of Financial Statements

covered member immediate family impaired not a covered member close relative not impaired

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

RELEVANT TO ACCA QUALIFICATION PAPERS F8 (INT), P7 (INT) AND FOUNDATION LEVEL PAPER FAU (INT)

Dutchess County Department of Planning and Community Development Division of Mass Transit January 2007 December 2008

Private Company Services. Private companies: are your internal controls supporting your business strategy?*

SRI LANKA AUDITING STANDARD 300 PLANNING AN AUDIT OF FINANCIAL STATEMENTS CONTENTS


Implementation Tool for Auditors

INTERNAL CONTROLS AUDITOR JOHN BYRD, SENIOR AUDITOR TONYA CARRIGAN, SENIOR AUDITOR

Master Document Audit Program

VERSION #1 WRITE ON YOUR SCANTRON!!!

POLICY. Number: Title: Internal Control Responsible Office: USF System Audit I. PURPOSE AND INTENT

Protecting Fixed Assets: Internal Controls for Non Profits

Audit of Travel and Hospitality

Strengthening Business Practices:

Internal Audit Appendix: IIA Standards

STATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE

An Overview of the 2013 COSO Framework. August 2013

Internal Audit How the Internal Audit Function Facilitates Internal Controls. Office of the City Auditor City of Tallahassee

CHAPTER -10 CIS AUDIT

CHAPTER 9 TESTS OF CONTROLS

1. Corporate management (including the CEO) must certify monthly and annually their organization s internal controls over financial reporting.

The Development of Public Internal Financial Control in Albania And His Role in Strengthening the Managerial Accountability

Private Client Services Are your internal controls supporting your business strategy?*

AT Assertions, Audit Procedures and Audit Evidence Red Sirug Page 1

WATCH WORDS FROM THE PEER REVIEW PROCESS

AUDIT RESPONSIBILITIES AND OBJECTIVES

REGULATIONS AUDIT COMMITTEE ACCELL GROUP N.V.

ORGANIZATIONAL INTEGRITY & AUDIT SERVICES ANNUAL WORK PLAN DEVELOPMENT RISK ASSESSMENT FACTORS

Internal Control and the Computerised Information System (CIS) Environment. CA A. Rafeq, FCA

1. Definition & Mission

White Paper. Effective and Practical Deployment of COSO: Entity Level Control and Lessons Learned. July 10, 2008 THE ROBERTS COMPANY, LLC

CHAPTER 2 THEORETICAL FOUNDATIONS. organization which responsible to record and employs physical resources and other

Finance Committee, Board of Health Elizabeth Bowden, Interim Director of Administrative Services FINANCIAL CONTROLS CHECKLIST

PLEASE complete #1-25 on your green scantron and the rest of them in your blue book.

Internal Control Monitoring Tool

BFSv9 Internal Controls Guidance

GATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA

2013 PUBLIC ENTITIES OVERVIEW FOR KNOWLEDGE COACH USERS

Entity level controls Design/implementation 530 Page 1 of 9

The COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II

WATCH WORDS FROM THE PEER REVIEW PROCESS

Presenter: CPA CATHERINE MUEMA

Innovation and Internal Controls

Lecture Notes Internal Controls

By CPA Alfred Lagat Tullon Audit Consulting Ltd 11 th August 2015

Memo. Date: October 2018 INTRODUCTION

Internal Audit Charter

Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function

Detailed competency map

Internal Control Questionnaire and Assessment

Presented by Ed Williamson and Erica Bailey

Practices in Enterprise Risk Management

SRI LANKA AUDITING STANDARD 300 PLANNING AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

PLANNING AN AUDIT OF FINANCIAL STATEMENTS

INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS

Internal Audit Charter

An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements

QuickBooks Premier 2018 Level 1

Corporate Governance Update. SOX 404 and Internal Controls

Alyssa G. Martin, CPA Brandon Tanous, CIA, Using the COSO CFE, CGAP, CRMA Framework to Develop a Strong and Preventive Control Environment

Risk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009

SUGGESTED SOLUTIONS Audit and Assurance. Certificate in Accounting and Business II Examination March 2014

Investment Analysis and Monitoring, Ex-post. Wm. Ross Willis Public Utilities Commission of Ohio Chief, Rates Division

Single Audit Update: Internal Control over Compliance and the GAO s Green Book. MSBO s 80 th Annual Conference April 19, 2018

MSD Internal Control Policy 01/16/08. Metropolitan Sewerage District of Buncombe County Internal Control Policy

Chapter 2 (new version)

Transcription:

Internal Control Systems

What are Internal Controls? Internal Controls are a set of rules, policies, and procedures a municipality can implement to provide reasonable assurances that: its financial reports are reliable, its operations are effective and efficient, and that its activities comply with applicable laws and regulations.

These objectives can be classified as the main objectives of an Internal Control System

Who is responsible for Internal Control Systems? The governing body and staff.

What is a Control Environment? A control environment sets a municipality s tone, which influences the control consciousness of staff. It provides discipline and structure upon which other components of internal control are built. Control environment includes: o Integrity and ethical behavior, o A commitment to competence, o Governing body and finance participation, o Management philosophy and operating style, o Organizational structure, o Assignment of authority and responsibility, and o Human resource policies and practices.

How is risk assessment involved in internal controls? Risk assessment identifies and analyzes risks associated with the municipality achieving its objectives. Risk assessment forms the basis for determining what risks need to be controlled and the controls requires to manage the risks. For municipalities, risk assessment can be influenced by federal, state, and local laws.

What are control activities? Control activities refer to policies and procedures the municipality uses to ensure actions are taken to minimize risks associated with the municipality s objectives. Control activities have various objectives and can be applied at all levels of an organization. Preventative controls focus on preventing errors or irregularities. Detective controls focus on identifying when an error or irregularity has occurred. Corrective controls focus on recovering from, repairing damages, or minimizing the costs of an irregularity.

What are control activities? Physical controls include security over assets, limiting access to assets by authorized people, and periodic reconciling quantities on hand with quantities on the municipality s records. Information processing controls are used to check accuracy, completeness, and authorization of transactions. They can be general to cover data center operation, system software application, acquisition and maintenance, access security, and applications systems development and maintenance or they can be specific applications, for example, running a computer software program for payroll.

Performance reviews are reviews of an entity s performance and is a control activity. Comparing actual data to budgeted data or prior period data, operating data to financial data, and data within and across functional areas of the organization are types of reviews.

A municipality s information system consists of methods and records used to record, maintain, and report events of a municipality as well as to maintain accountability for related assets, liabilities, equity and functions.

Information and communication systems should : Identify and record events timely Describe each event in sufficient detail Measure proper monetary value for the event Determine a time period in which the event occurs Present properly the events and related disclosure of financial statements

Communication deals with providing an understanding of rules and responsibilities pertaining to internal controls. This includes staff understanding how their activities relate to the work of others and how exceptions should be reported to management. Communication channels must be open and communications can include policy manuals, accounting manuals, and financial recording manuals.

Monitoring is the process of assessing the quality of your internal control performance over time. Ongoing monitoring activities by management to determine where corrective action is needed is part of monitoring.

Traditional internal control environment Control Environment Sub-Elements of a Control Environment Management philosophy and operating style Organizational structure Audit Committee Methods to communicate the assignment of authority and responsibility Management control methods Internal Audit function Personnel Policies and procedures Accounting System Objectives That Must Be Satisfied Validity Authorization Completeness Valuation Classification Timing Posting and summarization Control Procedures Categories of Control Procedures Adequate separation of duties Proper authorization of transactions and activities Adequate documents and records Physical control over assets and records Independent checks on performance

Traditional Control Philosophy Extensive use of hard copy documents to capture information and frequent printouts of intermediate processes as accounting transactions flow through the process A separation of duties and responsibilities so one person checks the work of another person Duplicate recording of data and extensive reconciliation of duplicate data

Traditional Control Philosophy Accountants with a role viewed as being independent, reactive, and detective Heavy reliance on year-end review of financial statements and checklists of required controls Emphasis more on internal control and operational efficiency and avoidance of tolerance toward advances in information technology

Updated control philosophies Finance or accounting must become control consultants with real time, proactive control philosophy that focuses on preventing business risks more than detecting and correcting errors and irregularities.

Modern information technology should be used to achieve objective of recording, maintaining and producing accurate, complete, and timely outputs of information by: Evaluating risks associated with the updated mode of collecting, storing, and reporting data Designing specific control procedures that help control the risks applicable to the new design

Control procedures must be tailored to the municipality s practices or processes so as to improve quality of the system while enhancing organizational effectiveness.

Finance and accountants must become familiar with IT capabilities and risks and recognize the opportunities IT can provide to prevent, detect, and correct errors and irregularities.

Recognize that processes that make extensive use of paper inputs and outputs in visible records of intermediate processes are not less risky than more complex systems if they are properly constructed with the proper controls built into them.

An electronic audit trail can be as effective as or more effective than a paper audit trail and if designed properly, can be less complicated than a traditional paper trail.

Those in finance and IT must be actively involved during design and development of information systems.

Small organizations can have strong internal control systems by integrating controls into information systems and using information technology to monitor and control business information processes.

Questions? Mark Harris WAM Legal Council

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback