Entity level controls Design/implementation 530 Page 1 of 9

Similar documents
Implementation Tool for Auditors

IAASB Main Agenda (December 2008) Page Agenda Item

Auditing Standards and Practices Council

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

The most commonly applied model for designing and auditing internal

ISA 240 (Redrafted), The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements

SA 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL

Audit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

FRAUD SCHEMES. South Carolina HFMA Finance & Reimbursement Forum. November 13, 2012 WITH RELATED INTERNAL CONTROLS

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

FRAUD RISK FACTORS CHECKLIST (Source: New AU Section 240, Appendix A)

Standards for Internal Control in New York State Government 2016 Update

CAAS 104 Cost Audit and Assurance Standard on Knowledge of Business, its Processes and the Business Environment

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

FRAUD AWARENESS UPDATE

6 Assessment of risk Introduction General risk assessment Specific risk assessment Reliability factors 50 6.

Cost Auditing Standard Cost Auditing Standard on Knowledge of Business, its Processes and the Business Environment

REGISTERED CANDIDATE AUDITOR (RCA) TECHNICAL COMPETENCE REQUIREMENTS

COSO Updates and Expectations. IIA San Diego Chapter January 8, 2014

Community Bankers Conference

Anti-Fraud Programs and Control Policy

RELEVANT TO ACCA QUALIFICATION PAPERS F8 (INT), P7 (INT) AND FOUNDATION LEVEL PAPER FAU (INT)

13-A. Fraud Phase II Issues Paper

uaudit Committee Self Assessment

PAS B.2.4 July 30, PAS-014(R)

(Effective for audits of financial statements for periods ending on or after December 15, 2013) CONTENTS

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

BOM/BSD 2/November 1994 BANK OF MAURITIUS. Guideline on Maintenance of Accounting and other Records and Internal Control Systems

Navigating the PCAOB s and SEC s internal control expectations A discussion. June 2015

Seminar Internal Control Identification and Filtering

OPERATIONAL RISK EXAMINATION TECHNIQUES

716 West Ave Austin, TX USA

SRI LANKA AUDITING STANDARD 315 (REVISED)

Your committee: Evaluates the "tone at the top" and the company's culture, understanding their relevance to financial reporting and compliance

INTERNAL CONTROLS FOR NONPROFITS

PART 6 - INTERNAL CONTROL

International Standard on Auditing (Ireland) 315

Minneapolis Public Schools Special School District No. 1 Minneapolis, Minnesota. Communications Letter of the Student Activity Accounts.

An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements

Pre-Engagement Activities and Audit Planning By: Tariq Mahmood FCA, ACMA

Internal Controls: Need Them, Have Them, Love Them

Chapter 06. Audit Planning, Understanding the Client, Assessing Risks, and Responding. McGraw-Hill/Irwin

Bribery in International Business Transactions. World Headquarters the gregor building 716 West Ave Austin, TX USA

COSO What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions

IAASB Main Agenda (March 2005) Page Agenda Item 12-C

An Overview of the 2013 COSO Framework. August 2013

Internal Control Questionnaire and Assessment

Appendix A. Simplified Sample Entity-Level Control Matrices

INTERNAL CONTROLS FOR NONPROFITS

VERSION #1 WRITE ON YOUR SCANTRON!!!

AUDIT RISK ASSESSMENT AND RESPONSES TO ASSESSED RISK BY Geoffrey Byamugisha Partner, Ernst & Young. Lessons on Audit Risk. Responding to fraud risk

Guide to Internal Controls

Institute of Chartered Accountants of India. Standards on Auditing

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Mapping of Original ISA 315 to New ISA 315 s Standards and Application Material (AM) Agenda Item 2-C

Internal Control Questionnaire and Assessment

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

EFFICIENT USE OF AUDIT COMMITTEES

International Standard on Auditing (UK) 315 (Revised June 2016)

Diving into the 2013 COSO Framework. Presented by: Ronald A. Conrad

OVERVIEW 4/19/10. Internal Controls and the Audit Process May 4, 2010 OVERVIEW. Definition and historical perspective of internal auditing

FINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS

CHAPTER 2 THEORETICAL FOUNDATIONS. organization which responsible to record and employs physical resources and other

Financial Statement Close Process

Presented by Ed Williamson and Erica Bailey

IAASB Main Agenda (December 2004) Page Agenda Item

Internal Control Program

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

Internal Controls: Providing an Effective Control Environment. Why This Session Is Needed. Lesson Overview & Module Objectives

STANDING ADVISORY GROUP MEETING

Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment

Internal Audit Appendix: IIA Standards

Consideration of Fraud in a Financial Statement Audit

Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment

LeiningerCPA, Ltd. INTERNAL CONTROL PROCEDURE STATEMENT

and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment

9/17/2017. An Overview of COSO s New Framework and Implementation Guidance SPEAKER. Laura Harden, CPA History

Internal Control in Higher Education

Consideration of Fraud in a Financial Statement Audit (Redrafted) *

The Basics of Internal Controls & Segregation of Duties

MSD Internal Control Policy 01/16/08. Metropolitan Sewerage District of Buncombe County Internal Control Policy

INTERNAL CONTROLS FOR NONPROFITS

BARBADOS DAIRY INDUSTRIES LIMITED AUDIT COMMITTEE CHARTER

FRONTERA ENERGY CORPORATION CORPORATE GOVERNANCE POLICY

ACFE FRAUD PREVENTION CHECK-UP ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

Understanding Internal Controls Office of Internal Audit

Policy on Financial Accountability & Control

What Else Is There to Know About External Audits?

NOGDAWINDAMIN FAMILY AND COMMUNITY SERVICES

MANAGING FRAUD RISK. Teresa D. Thamer, CPA, CFE Brenau University

38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud

Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)

[RELEASE NOS ; ; FR-77; File No. S ]

Corporate Governance Statement. APN Property Group August 2017

REPORT 2016/033 INTERNAL AUDIT DIVISION

Session 7: Corporate Governance

OFFICE OF INTERNAL CONTROLS

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

Transcription:

Page 1 of 9 Entity Period ended Objective: To document the design and implementation of the following elements of internal control: Environment Assessment Financial Reporting (part of information systems) Fraud Prevention Monitoring In smaller entities, there will be less documentation available to support entity level controls. Consequently, the attitudes, awareness and actions of management (owner-manager) will often form the basis for evaluating control design and implementation. Consider the impact of weaknesses identified on the planned audit strategy and procedures. Environment (HB 5141 and CAS 315.14) 1. : No emphasis is placed on need for integrity and ethical values a) Management continually demonstrates, through words and actions, a commitment to high ethical standards. b) Management removes or reduces incentives or temptations that might cause personnel to engage in dishonest or unethical acts. c) A code of conduct or equivalent exists that sets out expected standards of ethical and moral behaviour. d) Employees clearly understand what behaviour is acceptable and unacceptable and know what to do when they encounter improper behaviour. e) Employees are always disciplined for improper behaviour. f) Other (explain). Describe the nature of any 2. : Incompetent employees may be hired or retained a) Company personnel have the competence and training necessary for their assigned duties. b) Management specifies the requisite knowledge and skills required for employee positions. c) Job descriptions exist and are effectively used. d) Management provides personnel with access to training programs on relevant topics. e) Adequate staffing levels are maintained to effectively perform required tasks. f) Initial and ongoing matching of staff skills to their job descriptions.

Page 2 of 9 Environment (HB 5141 and CAS 315.14) Describe the nature of any g) Staff are compensated and rewarded for good performance. h) Other (explain). 3. : Ineffective management oversight provided by those charged with governance (where applicable) a) A majority of board members are independent of management. b) There is appropriate experience, stature and financial expertise on the board (and the audit committee) to provide the necessary oversight. c) Significant issues and other information (financial results, etc.) are communicated to the board in a timely manner. d) The board provides effective oversight over management s activities. This includes raising difficult questions and pursuing answers. e) The board of directors meets on a regular basis and minutes of meetings are circulated on a timely basis. f) Where an audit committee exists, A charter outlining duties and responsibilities exists. Discussions take place about the risk of management override and the effectiveness of internal controls over financial reporting. Deficiencies identified in internal control are addressed on a timely basis. The scope of activities of the external auditors is reviewed at least annually. g) Other (explain):

Page 3 of 9 Environment (HB 5141 and CAS 315.14) Describe the nature of any 4. : Management has a poor attitude toward internal controls and/or managing business risks a) Management demonstrates positive attitudes and actions toward: The establishment and maintenance of sound internal control over financial reporting, (including management override and other fraud), Appropriate selection/application of accounting policies, Information processing controls, and The treatment of accounting personnel. b) Management emphasizes appropriate behaviour to operating personnel. c) Management has established procedures to prevent unauthorized access to, or destruction of assets, documents and records. d) Management analyzes business risks and takes appropriate action. 5. : Ineffective/inappropriate organizational structure for planning, controlling and achieving objectives a) There is appropriate organizational structure to facilitate achievement of entity objectives, operating functions and regulatory requirements. b) Management clearly understands its responsibility and authority for business activities and possesses the requisite experience and levels of knowledge to properly execute its positions. c) The entity structure facilitates the flow of reliable and timely information to the appropriate people for planning and controlling activities. d) Incompatible duties are segregated to the extent possible.

Page 4 of 9 Environment (HB 5141 and CAS 315.14) Describe the nature of any 6. : Unclear lines of accountability/reporting leading to poor decision-making and possible errors in the financial statements a) There are policies and procedures for authorization and approval of transactions. b) Appropriate lines of reporting exist, appropriate to the entity s size and nature of activities. c) There is a process for assigning ownership of information and who is authorized to initiate or change transactions. d) Job descriptions include control-related responsibilities. e) The board of directors and/or audit committee considers how management identifies, monitors and controls business/financial risks affecting the entity. f) Other (explain). 7. : No policies/procedures exist to ensure effective HR management a) Management establishes/enforces standards for hiring the most qualified individuals, with emphasis on education, prior work experience and evidence of integrity and ethical behaviour. b) Recruiting practices (particularly for employees with access to assets susceptible to misappropriation), include in-depth employment interviews, background checks and presentations on entity s culture, expected behaviours and operating style. c) Job performance is periodically evaluated, reviewed with each employee and appropriate action taken. d) Training policies address prospective roles and responsibilities and expected levels of performance and evolving needs.

Page 5 of 9 Assessment (HB 5141, CAS 315.15 and Appendix 1) 1. : Management is often surprised by events (including internal and external events, transactions or circumstances) that were not previously identified/assessed or is continually reacting to events rather than planning ahead a) Management has established and communicates the company's mission, strategy and objectives to employees. b) s are regularly identified/assessed and updated as part of the business planning process. c) Management identifies/assesses: Business risks (that prevent achievement of objectives), business process risks and fraud risk factors, including management override. New/emerging risk factors such as new operations, acquisitions/divestitures, changes in IT and control systems, new financial reporting requirements and changes in key personnel. Financial reporting risks that result from operations and compliance with laws and regulations. d) Management develops a business plan/budget which is compared to actual results on a regular basis, variances explained and appropriate action taken. e) Changes in risks are identified in a timely manner. f) Management develops plans to mitigate significant identified risks. g) Other (explain).

Page 6 of 9 Financial Reporting (HB 5141, CAS 315.18 -.19 and Appendix 2) 1. : Transactions, events and conditions that are significant to the financial statements may not be captured or recorded a) Management has a good attitude regarding the disclosure of events and conditions that could be significant to the financial statements. b) Staff is expected to communicate bad news to management on a timely basis. c) Financial staff regularly reviews legal invoices, minutes and other similar types of documents for unrecorded events and conditions. d) Management has implemented procedures for identifying certain events and conditions (amortization, recoverable amounts, FMVs, etc.) that could be significant to the financial statements. 2. : Poor oversight/control over financial reporting, journal entries and preparation of significant estimates/disclosures that could result in material misstatements in the financial statements a) Management employs competent personnel or hires appropriate specialist to prepare the financial reports (including estimates and accruals). b) Accounting applications used for financial reporting utilize the standard control features found in most commercial software packages. c) Spreadsheets used in F/S preparation are passwordprotected, kept in a central location, backed up and regularly checked for logic and calculation errors. d) Procedures are in place to ensure that all transactions are recorded in accordance with GAAP. e) All subsidiary ledgers are reconciled to the general ledger. These reconciliations are signed and dated by the preparer/reviewer and supporting documentation attached.

Page 7 of 9 Financial Reporting (HB 5141, CAS 315.18 -.19 and Appendix 2) f) All account balances are reconciled prior to closing the books, including confirming that balances agree with related parties (including reconciling subsidiary balances to GL balances). g) A procedure exists that details how significant estimates and accruals are prepared. This would include calculations, assumptions, reliability of underlying information, use of specialists (if any) management review and consistency in application. h) Period-end close procedures include definitions of account classifications, assignment of responsibilities and due dates. i) With regard to journal entries: A checklist exists of standard closing entries, Journal entry input is restricted to authorized personnel, and Manual entries are adequately supported and approved by management. j) Management reviews and initials: Calculations of estimates and accruals, Reports of all journal entries posted, and The financial reports produced, and inquires into variances and unusual amounts. k) Access/authorization controls are in place to maintain the integrity of the chart of accounts. l) Other (explain). 3. : Significant matters relating to financial reporting may not be communicated to the board of directors or external parties such as bankers or regulators a) Management prepares a monthly financial reporting package (comparing actual results to budget) for review by those charged with governance. b) Regular financial reports are prepared for key stakeholders such as financial institutions, investors, funders and regulators. c) Other (explain).

Page 8 of 9 Fraud Prevention (HB 5145 and CAS 240.16-.24) 1. : Management has not considered or assessed the risks of fraud occurring (including management override) a) A positive workplace environment exists which minimizes employees sense of feeling abused, threatened, or ignored. b) Management reacts to and deals with acts of fraud, or suspected fraud, in a manner that sends a strong message to others that fraud will not be tolerated or quietly ignored. c) Management has a formal process for identifying and documenting fraud risk which: Explicitly considers potential fraud schemes and scenarios, Addresses fraudulent financial reporting and misappropriation of assets by senior management, and Assesses the likelihood and the impact (significance) of fraud. d) Those charged with governance regularly consider the potential for management override of controls. e) Management has a policy of informing the auditor on a timely basis about actual, suspected or alleged fraud affecting the entity. f) Where appropriate a whistleblower program is in place where reports are communicated directly to the audit committee. g) Other (explain).

Page 9 of 9 Monitoring (HB 5141 and CAS 315.22-.23) What inquiry/observations made to ensure 1. : No procedures exist to monitor whether internal controls are operating as intended or to correct identified control weaknesses on a timely basis a) Ongoing monitoring activities (such as exception and IT reports, etc.) are in place to address the operation of significant internal controls. b) Procedures are in place to monitor when controls are overridden and to determine if appropriate. c) Periodic evaluations of controls are conducted on key control systems by skilled personnel. d) Management takes appropriate action on: Exceptions to policies/procedures, Correcting deficiencies in internal control (including those identified by the auditor), and Complaints of improper financial matters by external parties. Overall Conclusions (may effect the risk assessment at F/S level) Yes/No Explanations, comments and impact (if any) on audit procedures a) Management, with the oversight of those charged with governance, has created and maintained a culture of honesty and ethical behaviour. b) The strengths in the control environment elements collectively provide an appropriate foundation for the other components of internal control? (i.e., the other components of internal control are not undermined by control environment weaknesses). Prepared by Date Reviewed by Date

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback