Chapter10
Internal control :
Management letter / report to management
A letter sent by the auditor at the end of the audit to the management which states
weaknesses identified during the course of the audit, there possible impacts and
regulations.
Things to mention in the audit report/ Format of the management letter
1. Following were the weaknesses identified during the course of the audit which was
primarily performed to express an opinion on the financial statements
2. Report only identifies those weaknesses that were identified during the course of the
audit. Had a more detailed examination taken place we would have identified more
weaknesses.
3. This report is for the sole use of the management and it should not be disclosed to
any third party without our consent.
4. Thankyou to the management for their cooperation.
What is internal control/ internal control systems
Internal control or internal control system is a process designed by the management and
those charged with governance to provide reasonable assurance about achievement of
entity’s objectives with regard to reliability of financial reporting effectiveness and
efficiency of operations etc.
There are 5 components of internal controls
1. Control
2. Control activities
3. Entity’s risk assessment process
4. Information system
5. Monitoring of controls
Limitations of an internal control system:
No matter how strong an internal control system is made, it only provides us with
reasonable assurance not an absolute assurance or guarantee. This is due to the
inherent limitations of internal control for example :
1. Costs of controls not outweighing the benefits
2. Potential for human error
, 3. Collusion between employees
4. Management override of controls
5. The controls are made to cope with routine transactions not non routine transactions
Two types of controls : . Generated controls ( basic controls like locks passwords etc )
. Application controls ( specific to the organisation )
How to document internal controls:
1. Narratives : Essay style full description
2. Flow charts : Diagram view
3. Questionnaires : Ready made questions taken from a software
4. Checklists :
Test of control:
An auditor is required to give an opinion on the financial statements and to give that
opinion he needs to gather evidence for which he performs procedures called audit
procedures. There are 2 types of audit procedures test of controls and substantive
procedures.
Test of controls: A T.O.C is an audit procedure performed by the auditor to verify
weather controls are being operated effectively or not
There are 6 systems of internal control
1. Sales system
2. Purchase system
3. Payroll system
4. Inventory system
5. Capital expenditure system
A case study on this section is usually asked it could require the student to identify and
give weaknesses and impacts of an internal control system along with a recommendation
to improve or fix it with a test control with it.
Internal control :
Management letter / report to management
A letter sent by the auditor at the end of the audit to the management which states
weaknesses identified during the course of the audit, there possible impacts and
regulations.
Things to mention in the audit report/ Format of the management letter
1. Following were the weaknesses identified during the course of the audit which was
primarily performed to express an opinion on the financial statements
2. Report only identifies those weaknesses that were identified during the course of the
audit. Had a more detailed examination taken place we would have identified more
weaknesses.
3. This report is for the sole use of the management and it should not be disclosed to
any third party without our consent.
4. Thankyou to the management for their cooperation.
What is internal control/ internal control systems
Internal control or internal control system is a process designed by the management and
those charged with governance to provide reasonable assurance about achievement of
entity’s objectives with regard to reliability of financial reporting effectiveness and
efficiency of operations etc.
There are 5 components of internal controls
1. Control
2. Control activities
3. Entity’s risk assessment process
4. Information system
5. Monitoring of controls
Limitations of an internal control system:
No matter how strong an internal control system is made, it only provides us with
reasonable assurance not an absolute assurance or guarantee. This is due to the
inherent limitations of internal control for example :
1. Costs of controls not outweighing the benefits
2. Potential for human error
, 3. Collusion between employees
4. Management override of controls
5. The controls are made to cope with routine transactions not non routine transactions
Two types of controls : . Generated controls ( basic controls like locks passwords etc )
. Application controls ( specific to the organisation )
How to document internal controls:
1. Narratives : Essay style full description
2. Flow charts : Diagram view
3. Questionnaires : Ready made questions taken from a software
4. Checklists :
Test of control:
An auditor is required to give an opinion on the financial statements and to give that
opinion he needs to gather evidence for which he performs procedures called audit
procedures. There are 2 types of audit procedures test of controls and substantive
procedures.
Test of controls: A T.O.C is an audit procedure performed by the auditor to verify
weather controls are being operated effectively or not
There are 6 systems of internal control
1. Sales system
2. Purchase system
3. Payroll system
4. Inventory system
5. Capital expenditure system
A case study on this section is usually asked it could require the student to identify and
give weaknesses and impacts of an internal control system along with a recommendation
to improve or fix it with a test control with it.
