Your PresentersMatthew Green CAContact details:firstname.lastname@example.org(+61)(0) 447 724 595(+61)(0) 7 3218 3900Twitter: @matthewjgreencaLinkedIn: http://au.linkedin.com/in/matthewjgreencaWendy Low CAContact details:email@example.com(+61)(0) 7 3218 3900Topic Date
About Hanrick CurranOur client base is mainly located in South EastQueensland, but also extends to Northern NewSouth Wales, Western Queensland, Sydney,Melbourne, Darwin, Townsville and Mackay as wellas other regional areas.We have a strong position with clients in PapuaNew Guinea and we also serve a growing Asianbusiness sector. While these internationalconnections may not be of immediate interest butwe believe they are important in enabling us toeffectively serve our clients.Hanrick Curran’s Client Base
Agenda1) Purpose and Component of Internal controls2) System notes3) Fun time…4) Angela Winton
Aim of this trainingObjectiveA brief understanding of internal controls.Audit team members should have an understanding on the questions toask and the ability to write up on system notesWhy?Effective internal controls are important for financial reporting.System notes will assist with risk assessments and planning for the job.At the end of the sessionAudit team members will have basic understanding of internal controlsand will be able to efficiently prepare system notes.
Purpose and Components ofInternal ControlsASA 315: Identifying and Assessing the Risks ofMaterial Misstatement through Understanding theEntity and its Environment.Internal control objectives – 4 broad categories:- Strategic, high level goals- Financial Reporting- Operations- Compliance with laws and regulations
ControlEnvironmentRiskAssessmentInformationSystemControlActivitiesMonitoring5 components of Internal ControlsInternalControl
Component 1: Control EnvironmentWhat is the control environment?• Foundation for effective internal control• Addresses the governance and management functions• Controls are usually pervasive in natureQuestion: What does pervasive mean?Why is it important for auditors?• Influences the evaluation of effectiveness of specific areas
Component 1: Control Environment(cont.)Key Elements• Communication and enforcement of integrity• Commitment to competence• Participation by those charged with governance• Management’s philosophy and operating style• Organisational structure• Assignment of authority and responsibility• Human resources policies and practices
Component 2: Risk AssessmentWhat is the Risk Assessment?• Provides management with the information needed todetermine what business/fraud risks should bemanaged and action to be takenWhy is it important for auditors?• An absence of a documented risk assessment processmay represent a significant deficiency in internalcontrol
Component 2: Risk Assessment(cont.)Possible conditions and events that may indicaterisk of material misstatement• Volatile markets• Going concern and liquidity issues• Constraints on availability of capital and credit• Lack of accounting personnel• Changes in key personnel (departure)• Litigation
Component 3: Information System“ASA 315.18-19”What is information system?• Identifies, captures, processes and distributesinformation supporting the achievement of financialreporting and internal control objectives• Communication of financial reporting roles andresponsibilitiesWhy is it important for auditors?• Business processes and the links to accountingsystems captures financial information which isrelevant to financial reporting
Component 3: Information System(cont.)Understanding the information system• Sources of information used?• How information is captured and processed?• How the information produced is used?Communication• Key component for successful information system• Information needed for decision making needs to becommunicated in a timely manner• Can be done verbally or through policies
Component 4: Control Activities“ASA 315.20-21”What are control activities?• Policies and procedures that help ensure thatmanagement’s directives are carried out• It is designed to mitigate risks involved in everydayactivities such as transactional processingQuestion: What is transactional processing?
Component 4: Control Activities(cont.)“Business Processes : set of activities designedto produce a specific output”Controls Classification DescriptionPreventive controls Avoid errors or irregularitiesDetective controls Identify errors or irregularitiesCompensating controls Provide some assurance whereresource limitations perpreclude other more directcontrolsSteering controls Guide action towards desiredobjectives
Component 4: Control Activities(cont.)Typical controls will include the following:1. Segregation of duties2. Authorisation controls3. Account reconciliations4. IT Application Controls5. Actual results review6. Physical controls
Component 5: Monitoring“ASA 315: 22-24”What is monitoring?- Assesses the effectiveness of internal control’s performance overtime.- To ensure that controls are working properlySources of Information used for monitoring- Periodic monitoring (Internal audit)- Hiring external consultants- Complaints from customers- External auditors