TEST OF CONTROLS
WHAT IS INTERNAL CONTROL
- The process designed, implemented and maintained
- By those charged with governance, management and other personnel
- To provide reasonable assurance about the achievement of an entity’s objectives with
regard to:
o Reliability of financial reporting;
o Effectiveness and efficiency of operations; and
o Compliance with applicable laws and regulations.
COMPONENTS OF INTERNAL CONTROL
Internal control, according to ISA 315, par 14 to 24, consists of the following components:
- The control environment;
- The entity’s risk assessment process;
- The information system, including the related business processes relevant to financial
reporting and communication;
- Control activities relevant to the audit; and
- Monitoring of controls.
LIMITATIONS TO INTERNAL CONTROL
- Cost vs. benefit. Management generally require the cost of internal control not to exceed
the benefit derived from it;
- Internal controls are generally directed at routine transactions as opposed to non-routine
transactions;
- There is always the potential of human error;
- There is always the possibility of circumvention of internal controls through collusion
between individuals;
- There is a possibility that persons responsible for internal controls might abuse their power;
- Internal controls might become inadequate due to changes in conditions at the entity.
TEST OF CONTROLS
In terms of ISA 330 par 4, a test of control is “an audit procedure designed to evaluate the operating
effectiveness of controls in preventing, or detecting and correcting, material misstatements at the
assertion level”.
ISA 315 stipulates that the auditor, as part of his risk assessment, shall obtain an understanding of
the client’s internal control. When the auditor obtains an understanding of internal control, he has
to (ISA 315, par 13) do the following:
WHAT IS INTERNAL CONTROL
- The process designed, implemented and maintained
- By those charged with governance, management and other personnel
- To provide reasonable assurance about the achievement of an entity’s objectives with
regard to:
o Reliability of financial reporting;
o Effectiveness and efficiency of operations; and
o Compliance with applicable laws and regulations.
COMPONENTS OF INTERNAL CONTROL
Internal control, according to ISA 315, par 14 to 24, consists of the following components:
- The control environment;
- The entity’s risk assessment process;
- The information system, including the related business processes relevant to financial
reporting and communication;
- Control activities relevant to the audit; and
- Monitoring of controls.
LIMITATIONS TO INTERNAL CONTROL
- Cost vs. benefit. Management generally require the cost of internal control not to exceed
the benefit derived from it;
- Internal controls are generally directed at routine transactions as opposed to non-routine
transactions;
- There is always the potential of human error;
- There is always the possibility of circumvention of internal controls through collusion
between individuals;
- There is a possibility that persons responsible for internal controls might abuse their power;
- Internal controls might become inadequate due to changes in conditions at the entity.
TEST OF CONTROLS
In terms of ISA 330 par 4, a test of control is “an audit procedure designed to evaluate the operating
effectiveness of controls in preventing, or detecting and correcting, material misstatements at the
assertion level”.
ISA 315 stipulates that the auditor, as part of his risk assessment, shall obtain an understanding of
the client’s internal control. When the auditor obtains an understanding of internal control, he has
to (ISA 315, par 13) do the following:
