The document discusses internal control as a process designed to provide reasonable assurance regarding fair financial reporting, compliance with laws, and efficient operations. It outlines the objectives, components, limitations, and importance of internal control, emphasizing the relationship between internal control and audit evidence. Additionally, it highlights the role of management in establishing effective controls and includes considerations for evaluating internal control effectiveness.

1. AUD 390
INTERNAL CONTROL
Prepared by:
•Mohd Hisyamuddin bin Mohd Ismail
•Mohamad Shahrin bin Mohd Jaafar

2. What is Internal Control?
Definition:
By SAS (Statement of Auditing Standard):
Integrated framework publish by COSO (
Committee of Sponsoring Organisation) .

3. Definition (cont):
Process affected by “entity” designed to provide
reasonable assurance in ensuring:- “FARREGEBO”
1. FAR- Fair and accurate financial accounting
and reporting
2. REG- Comply with laws & regulations
3. EBO – Helps the company get effective &
efficient with business operations

4. Objectives of Internal control
Objectives:
1. FAR- Fair and accurate financial accounting
and reporting
2. REG- Comply with laws & regulations
3. EBO – Helps the company got effective &
efficient with business operations

5. Side objectives:
• To safeguard the assets – ensure they are
optimally utilised and protected from misuse,
fraud or theft.
• To prevent and detect fraud – controls are
necessary to show up any operational or
financial disagreement that might be result of
the theft or fraud.

6. Characteristics/ components of
Internal Control
“CRIME” to management not to have proper
internal control
• Control environment
• Risk Assessment
• Information & communication
• Monitoring
• Existing control activities

7. Limitations of Internal Control
• A good internal control system cannot turn a
poor manager into a good one
• Controls are only designed to cope with
routine transactions and events.
• The system can only provide reasonable
assurance regarding the achievement of
objectives

8. Inherent Limitation of Internal Control
- Human error; mistakes in judgement
- Management may override the control set
up by them
- Cost constraints (cost > benefits)
- Lack of personal quality of staff i.e. integrity
& independent
- Inadequate/ inefficient of ICS due to
changes in company size or activities

9. Importance of Internal control
• Control – reduce the risk of assets loss, help
& ensure that plan information is complete &
accurate
• To minimize opportunity for unintentional
errors or intentional errors that may harm the
plan (Preventive control)
• To discover small errors before they become
big problem (Detective control)

10. Relationship of IC & Audit
evidence
Audit evidence – “information” used by the
auditor to determine which audit opinion to
issue.
• To ensure that management has provide
reasonable assurance with are met reliability
of financial reporting, the effectiveness &
efficiency of operation & compliance with
laws & regulations. So that enable the auditor
to give opinion on the audit evidence.

11. Review & Documentation of IC
Documentation of the computer software programs
is crucial to both the audit client and the auditor.
This software includes the system & controls of:
• Input of information
• Information processing
• Output of information
• Report processing
• Logic of the software program
• Operator instructions

12. IC’s compliance test in
transaction cycle
• Auditors could obtain evidence about the
effectiveness of a control at an interim date &
not test its operation at year end.
• Auditors must evaluate the operating
effectiveness of control involving all relevant
significant accounts & disclosure each year.
• Auditors can use the work of others (Internal
auditors, other company personnel) to
evaluate/test internal control.

13. Strengths & weakness of IC
Strengths Weakness
Computer can display all is available Large number of accounting records are
not recorded on a timely basis
Orders directly go to the customer order
database
Anyone can perform a credit check
Sales order is filed in chronological order Internal control can be by-passed by
management override.

14. Management Letter
Def : Management letter includes suggestions to improve the
effectiveness or efficiency of the client’s operations & the
internal control procedures.
• Acknowledge management’s responsibility for establishing
& maintaining effective internal control over financial
reporting
• State that management has assessed the effectiveness of
internal control over financial reporting & specify the
control criteria used
• State management’s conclusion about the effectiveness of
internal control over financial reporting based on the
control criteria as of a specific date

15. Thank you…