35
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7 Chapter Seven Auditing Internal Control over Financial Reporting

Powerpoints Chapt. 07 (902.0K)

  • Upload
    mricky

  • View
    1.882

  • Download
    2

Embed Size (px)

DESCRIPTION

 

Citation preview

  • 1. Chapter Seven Auditing Internal Controlover Financial Reporting

2. Management Responsibilities under Section 404 Section 404 of the Sarbanes-Oxley Act requires managements of publicly traded companies in the United States to issue an internal control report that explicitly accepts responsibility for establishing and maintaining adequate internal control over financial reporting. 3. Management Responsibilities under Section 404 Management must comply with the following in order for its public accounting firm to complete an audit of internal control over financial reporting.

  • Accepts responsibility for the effectiveness of the entitys internal control over financial reporting.
  • Evaluate the effectiveness of the entitys internal control over financial reporting using suitable control criteria.
  • Support its evaluation with sufficient evidence, including documentation.
  • Present a written assessment of the effectiveness of the entitys internal control over financial reporting as of the end of the entitys most recent fiscal year.

4. Auditor Responsibilities under Section 404 The entitys independent auditor must audit and report on managements assertion about the effectiveness of internal control. The auditor is required to conduct an integrated audit of the entitys internal control over financial reporting and its financial statements. 5. Internal Control over Financial Reporting Defined Internal control over financial reporting is defined as a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements in accordance with generally accepted accounting principles (GAAP). Controls include procedures that:

  • Pertain to the maintenance of records that fairly reflect the transactions and dispositions of the assets of the company.
  • Provide reasonable assurance that transactions are recorded in accordance with GAAP.
  • Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the companys assets.

6. Internal Control Deficiencies Defined Material Consequential Inconsequential Remote More than remote Material weakness Significant deficiency Insignificant deficiency L I K E L I H O O D M A G N I T U D E 7. Managements Assessment Process

  • Management must:
  • Design and implement an effective system of internal control. This process involves determining whether a necessary control is missing or an existing control is not properly designed.
  • Develop an ongoing assessment process for the internal controls in place. Management must assess the likelihood that failure of a control could result in a misstatement.
  • Management must decide which business units to include in the assessment process.

8. Managements Documentation Management must develop sufficient documentation to support its assessment of the effectiveness of internal control. This documentation may take many forms, such as paper, electronic files, or other media. It also includes policy manuals, job descriptions, flowcharts, and process models. 9. Framework Used by Management to Conduct Its Assessment Most entities use the framework developed by COSO. This framework identifies three primary objectives ofinternal control: (1) reliable financial reporting; (2) efficiency and effectiveness of operations; and (3) compliance with laws and regulations. COSO 10. Performing an Audit of Internal Control over Financial Reporting Plan the engagement. The auditor typically obtains his or her understanding of managements assessment process through inquiry of management and others. Evaluate managements assessment process. 11. Performing an Audit of Internal Control over Financial Reporting Plan the engagement. As part of gaining this understanding the auditor must:

  • Understand and assess company-level controls.
  • Evaluate the effectiveness of the audit committee.
  • Identify significant accounts.
  • Identify relevant financial statement assertions.
  • Identify significant processes and major classes of transactions.
  • Understand the period-end financial reporting process.
  • Perform walkthroughs.
  • Identify controls to test.

Evaluate managements assessment process. Obtain and document an understanding of internal control. 12. Performing an Audit of Internal Control over Financial Reporting Plan the engagement. Controls are effectively designed when they prevent or detect errors or fraud that could result in material misstatements in the financial statements. Evaluate the managements assessment process. Obtain and document an understanding of internal control. Evaluate the design effectiveness of internal control. 13. Performing an Audit of Internal Control over Financial Reporting Plan the engagement. In testing the effectiveness of controls, the auditor needs to consider thenature ,timing , andextentof testing. Evaluate the managements assessment process. Obtain and document an understanding of internal control. Evaluate the design effectiveness of internal control. Test and evaluate the operating effectiveness of internal control. 14. Performing an Audit of Internal Control over Financial Reporting Plan the engagement. The auditor should evaluate all evidence before forming an opinion on internal control, including (1) the adequacy of managements assessment, (2) the results of the auditors evaluation, (3) the negative results of substantive procedures performed, (4) any control deficiencies. Evaluate the managements assessment process. Obtain and document an understanding of internal control. Evaluate the design effectiveness of internal control. Test and evaluate the operating effectiveness of internal control. Form an opinion of the effectiveness of internal control. 15. Written Representations In addition to the management representations obtained as part of a financial statement audit, the auditor also obtains written representations from management related to the audit of internal control over financial reporting. Failure to obtain written representations from management, including managements refusal to furnish them, constitutes a limitation on the scope of the audit sufficient to preclude an unqualified opinion. 16. Auditor Documentation Requirements The auditor must properly document theprocesses ,procedures ,judgments , andresultsrelating to the audit of internal control. When an entity has effective internal control over financial reporting, the auditor should be able to perform sufficient testing of controls to assess control risk for all relevant assertions at alow level . 17. Reporting on Internal Control Sarbanes-Oxley requires managements description of internal control to include:

  • A statement of managements responsibility for establishing and maintaining adequate internal control.
  • A statement identifying the framework used by management to conduct the required assessment of the effectiveness of the companys internal control.
  • An assessment of the effectiveness of the companys internal control as of the end of the most recent fiscal year, including an explicit statement as to whether internal control is effective.
  • A statement that the public account firm that audited the financial statements included in the annual report has issued an attestation report on managements assessment of internal control.

18. The Auditors Report on Internal Control over Financial Reporting Once the auditor has completed the audit of internal control, he or she must issue an appropriate report to accompany managements assessment, published in the companys annual report. 19. Types of Reports Relating to the Audit of Internal Control The auditors report contains opinions on two separate items:(1)managements assessment of the effectiveness of internal control over financial reporting, and(2)the effectiveness of internal control over financial reporting based on the auditors independent audit work. 20. Types of Reports Relating to the Audit of Internal Control Opinion Anunqualifiedopinion signifies that the clients internal control is designed and operating effectively. Aqualifiedopinion is issued when there is a limitation on the scope of the auditors work.A serious scope limitation requiresthe auditor todisclaiman opinion.Anadverseopinion is required if a material weakness is identified. 21. Types of Reports Relating to the Audit of Internal Control Report Modification Based on Control Deficiencies Likelihood of Misstatement Type of Audit Report Inconsequential deficiency Significant deficiency Material weakness Unqualified opinion Adverse opinion 22. Types of Reports Relating to the Audit of Internal Control Report Modification Based on Scope Limitation Reason for Scope Limitation Type of Audit Report Minor effect Management imposed/ more than minor effect Sever limitation Unqualified opinion Disclaim opinion or withdraw Qualified opinion 23. Elements of the Auditors Report

  • A title that includes the word independent.
  • An identification of managements conclusion about the effectiveness of the companys internal control over financial reporting.
  • A definition of internal control over financial reporting.
  • A statement that the auditor planned and performed the audit to obtain reasonable assurance about whether effective internal control is maintained.
  • A statement that an audit includes obtaining an understanding of internal control, valuating managements assessment of testing the design and effectiveness of internal control and any other procedures.
  • A paragraph stating that internal control may not prevent or detect misstatements because of inherent limitations.
  • The auditors opinion on whether managements assessment of the effectiveness of internal control is fairly stated.
  • The auditors opinion on whether the company maintained effective internal control.

24. Integrating the Audits of Internal Control and Financial Statements An integrated audit is composed of the audits of internal control and the financial statements. The control testing impacts the planned substantive procedures. Also, the results of the substantive procedures are considered in the evaluation of internal control. Tests ofinternal control Substantive audit procedures 25. Effect of the Audit of Internal Control on the Financial Statement Audit If the auditor performs an integrated audit, he or she will have access to a large amount of information about the clients controls. This information can make the financial statement audit more efficient and result in reduced substantive procedures. Regardless of the level of control risk in connection with the audit of the financial statements, auditing standards require the auditor to perform some substantive procedures for all significant accounts and disclosures. 26. Effect of the Financial Statement Audit on the Audit of Internal Control The effectiveness of the audit of internal controls should lead the auditor to determine the implications of these findings on the financial statement audit. The auditors evaluation should include:

  • Misstatements detected.
  • The auditors risk evaluations in connection with the selection and application of substantive procedures, especially those related to fraud.
  • Findings with respect to illegal acts and related party transactions.
  • Indications of management bias in making accounting estimates and in selecting accounting principles.

27. Special Considerations for an Audit of Internal Control Special consideration by management and the auditor Using the work of others. Multi-locations and business units. Service organizations. Safeguarding assets. 28. Using the Work of Others In determining the extent to which the auditor may use the work of others, the auditor should:

  • Evaluate the nature of the controls subjected to the work of others.
  • Evaluate the competence and objectivity of the individuals who performed the work.
  • Test some of the work performed by others to evaluate the quality and effectiveness of their work.

29. Testing Multi-location Total number of units = 150 Is unit individually important? Are there specific significant risks? Are there units that are not important even when aggregated? Are there documented company-level controls over this group? No No No No 135 Evaluate documents and test controls over significant accounts at each location. 15Yes 130 Evaluate documents and test controls over specific risks. 5Yes No further action required. 70 60Yes Evaluate documents and test company-level controls over group. Some testing of controls at individual locations. Yes 30. Safeguarding of Assets Safeguarding of assets is defined as policies and procedures that provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the companys assets that could have a material effect on the financial statements. 31. Computer-Assisted Audit Techniques

  • Computer-assisted audit techniques include:
  • Generalized audit software packages.
  • Custom audit software.
  • Test data.

32. Generalized Audit Software 33. Custom Audit Software Custom audit software is generally written by auditors for specific audit tasks. It may be required when the clients computer system is not compatible with the auditors generalized audit software.

  • Custom software:
  • Is expensive to develop.
  • Requires extendeddevelopment time.
  • Is limited in scope of functions.

34. Test Data This is data developed by the auditor to test the application controls in the clients computer programs. The technique can be used tocheck(1)data validation controls and error detection routines,(2)processing logic controls,(3)arithmetic calculations, and(4)the inclusion of transactions in records, files, and reports. 35. End of Chapter 7


EGEO Powerpoints

EGEO Powerpoints

Documents
ch14 powerpoints

ch14 powerpoints

Documents
Effective PowerPoints

Effective PowerPoints

Documents
Of the Old Testament © John Stevenson, 2010. Book 1 Chapt. 1-41 Book 2Book 3Book 4Book 5 Chapt. 42-72 Chapt. 73-89 Chapt. 90-106 Chapt. 107-150 Written

Of the Old Testament © John Stevenson, 2010. Book 1 Chapt. 1-41 Book 2Book 3Book 4Book 5 Chapt. 42-72 Chapt. 73-89 Chapt. 90-106 Chapt. 107-150 Written

Documents
Chapt. 32 Chapt. 34 Chapt. 33 Chapt. 32 Chapt. 35 - …Chapt. 32 Chapt. 33 Chapt. 32 Chapt. 35 Chapt. 34 Chapt. 33 Chapt. 32 Chapt. 32 Chapt. 34 Chapt. 35 “But Esau ran to meet him,

Chapt. 32 Chapt. 34 Chapt. 33 Chapt. 32 Chapt. 35 - …Chapt. 32 Chapt. 33 Chapt. 32 Chapt. 35 Chapt. 34 Chapt. 33 Chapt. 32 Chapt. 32 Chapt. 34 Chapt. 35 “But Esau ran to meet him,

Documents
SDB Powerpoints

SDB Powerpoints

Documents
SM-07-new CHAPT 7

SM-07-new CHAPT 7

Documents
Revision powerpoints

Revision powerpoints

Documents
PowerPoints Gamepiece

PowerPoints Gamepiece

Documents
Powerpoints effectivity

Powerpoints effectivity

Devices & Hardware
Chapt 07 KIP Irvine

Chapt 07 KIP Irvine

Documents
Powerpoints periodicos

Powerpoints periodicos

Documents
Revelation Powerpoints

Revelation Powerpoints

Documents
SOCIAL3 Powerpoints

SOCIAL3 Powerpoints

Documents
MOVIES PowerPoints

MOVIES PowerPoints

Documents
Chapt 1 GPS Fundamentals 07.PDF-1

Chapt 1 GPS Fundamentals 07.PDF-1

Documents
ecg powerpoints

ecg powerpoints

Documents
Chapt . 11

Chapt . 11

Documents
Chapt . 10

Chapt . 10

Documents
Problem Set Assignments/2009 May 12 class: Chapt 1 #1,2; Chapt 2#6,8,18; Chapt 3 #3; Chapt 5 #26,30; Chapt 9# 1,14; Chapt 12#1,18 May 14 class: Chapt 6

Problem Set Assignments/2009 May 12 class: Chapt 1 #1,2; Chapt 2#6,8,18; Chapt 3 #3; Chapt 5 #26,30; Chapt 9# 1,14; Chapt 12#1,18 May 14 class: Chapt 6

Documents
Kensuke powerpoints

Kensuke powerpoints

Education
Chapt. 16 Eukaryotic Cell cycle; Chapt. 17 Stem cells

Chapt. 16 Eukaryotic Cell cycle; Chapt. 17 Stem cells

Documents
Enviro Chapt

Enviro Chapt

Documents
Powerpoints Chapt. 17 (2996.0K)

Powerpoints Chapt. 17 (2996.0K)

Documents
Chapt 07 Par Ti Solve

Chapt 07 Par Ti Solve

Documents
Chapt Three

Chapt Three

Documents
Botswnaa Powerpoints

Botswnaa Powerpoints

Documents
Chapt 07 New

Chapt 07 New

Documents
Poseidon powerpoints

Poseidon powerpoints

Documents
Powerpoints Hypolipidemics

Powerpoints Hypolipidemics

Health & Medicine