Premium Essay

Evaluating Internal Controls

In:

Submitted By prin
Words 493
Pages 2
Evaluating Internal Controls
Internal controls are rules and regulations that companies follow to avoid fraud within its company. Evaluating an internal control system in phases helps to understand the process better. The evaluation occurs within 3 phases. Each phase is designed to test the internal controls to ensure performance is working will. By the last phase auditors give recommendations to companies on how to improve on internal controls.
Phase 1
When auditors are “investigating” a company, they are like detectives and phase 1 helps with the foundation of the case. In this stage auditors can as all standard questions of an investigation Who, What, When, Where, and Why. The foundation is set using questionnaires, flowcharts and other standard procedures auditors use when conducting an audit. This is the phase where the company’s culture environment is evaluated. Delegation of duties along with company’s values are questioned and reviewed. Although, Phase 1 and 2 can be performed together for the purpose of this paper, both are discussed in separate selections.
Phase 2
In phase 2 auditors use the information from phase 1 to detect a company’s strengths and weakness. According to the text, Strengths are specific features of good general and application controls. Weaknesses are the lack of controls in particular areas. The auditors’ findings and preliminary conclusions should be written up for the audit files (2007, p568). In this stage systems are tested and graded. Risk is ranked from highest to lowest and auditors conduct different substantive test to ensure the controls work properly and need a little more work. The extra tests ensure the numbers reported are correct. Phase 2 is the preliminary round of the audit. Phase 3 is the testing phase.
Phase 3

By Phase 3 auditors know which controls need testing and at what intensity the

Similar Documents

Premium Essay

Checklist for Evaluating Internal Controls

...Checklist for Evaluating Internal Controls Internal Controls can be easily evaluated by making use of a comprehensive questionnaire containing all pertinent components of the internal control system in place within the company or business unit. The idea of the internal control questionnaires is to provide auditors with wealthy information in regards to the controls in place and possible risky areas. “Internal control questionnaires are designed to help the audit team obtain evidence about the control environment and about the accounting and control procedures that are considered good error-checking routines. Answers to the questions, however, should not be taken as final and definitive evidence about how well control actually functions. Evidence obtained through the interview-questionnaire process is hearsay evidence because its source is the supervisor, not the person who actually performs the control work. This person could give answers that reflect what he or she believes the system should be rather than what it really is. The person can be unaware of informal ways in which duties have been changed or can be innocently ignorant of the system details. Nevertheless, interviews and questionnaires are useful when a manager tells of a weak feature. An admission of weak control is fairly convincing” (Lowers, et. Al 2007). On Appendix A of this paper, an example of an Internal Control Questionnaire is provided. It is general by nature, but it can be easily customized to any company/industry...

Words: 866 - Pages: 4

Premium Essay

Checklist for Evaluating Internal Controls

...Checklist for Evaluating Internal Controls Samy Yaacoub ACC/544 Internal Control Systems Prof. Robert J. Cornett March 26, 2012 University of Phoenix Checklist for Evaluating Internal Controls Abstract An auditor uses a checklist as an efficient toll in performing a review to the organization departments’ internal controls. This report provides a suggested comprehensive checklist to evaluate the organization internal control system in the PowerPoint presentation attached. It is also explains how to use this checklist and how the checklist covers and compound the organization internal control system objectives and its five component in the three phases of the internal control. Using the Checklist in Evaluating Organization Internal Controls The checklist works as an efficient tool to evaluate the organization internal control system through reviewing the organization internal control objectives. The checklist questions examine these objectives in details because it asks to response to topics related to authorization and approval, validity, completeness, recording accuracy, safeguarding, and reconciliation. The response to the checklist questions are including alternative answer “yes, no, not sure, and not applicable.” The “no” reply will designate usually a possible weakness, this can compensate by compensating controls within the unit. Apply the checklist to outline/discuss phases of the control evaluation The checklist beads...

Words: 533 - Pages: 3

Premium Essay

A Checklist for Evaluating Internal Control

...for Evaluating Internal Control ACC/544 January 17, 2011 Professor – Robert Cornett Abstract The Sarbanes-Oxley Act of 2002 requires an audit of management’s assessment of internal controls for publicly traded companies. In addition, the evaluation of a company’s internal control system is to assess control risk to give auditors a basis for planning the audit and to provide information useful to management to meet the company’s control mission. Five basic components of the internal control system and three evaluation phases help auditors to validate the complete internal control system. The data are best quantified with the use of an internal control checklist (Louwers, Ramsey, Sinason, & Strawser, 2007). Internal controls represent safeguards that protect a company’s business operations and financial information. Business owners are typically responsible for developing and implementing internal controls for a company. Owners can use internal or external audits to evaluate the effectiveness of internal controls.  This evaluation normally follows a standard process of measuring the company’s business operations and financial information (Vitez, 2009).  Interview Management Management interviews allow auditors to understand the mindset of business owners and other managers in the company. Interview questions include why the owner created certain internal controls, what the controls are for, do managers understand the purpose of the controls and...

Words: 872 - Pages: 4

Premium Essay

Checklist for Evaluating Internal Controls

...Checklist for Evaluating Internal Controls Darius Perrin ACC/544   Checklist for Evaluating Internal Controls According to Investopedia (2013), internal controls are methods implemented by a company to ensure the organization is meeting their profitability targets efficiently while also keeping the integrity of the company. The following discussion will outline the three phases of the control evaluation which is understanding the documenting the internal control, assessing the control risks, and performing tests of the controls and reassessing control risks. Phase 1: Understand and Document Internal Control Phase 1 allows the auditors to work efficiently by getting a basic understanding of the organizations internal control. There are five components to internal control: control environment, risk assessment, control activities, monitoring, and information and communications. The following checklist will allow the audit team to gather evidence and focus their efforts in reviewing what aspect is at more risk and requires more review (Louwers, 2007). Yes/No Comments Control Environment Evaluation 1. Is there a written code of conduct displayed for employees to view? Yes 2. Are all employees aware for their goals as an individual? Yes 3. Is there a written document describing each employee’s job description? Yes 4. Would you consider your financial reporting attitude to be conservative? Yes 5. Are actions taken when an employee is found acting...

Words: 851 - Pages: 4

Premium Essay

International Good Practice Guidance Evaluating and Improving Internal Control in Organizations.Doc

...Evaluating and Improving Internal Control in Organizations Internal control is a crucial aspect of an organization’s governance system and ability to manage risk. It is also fundamental to supporting the achievement of an organization’s objectives and creating, enhancing, and protecting stakeholder value. High-profile organizational failures typically lead to the imposition of additional rules and requirements, as well as to subsequent time-consuming and costly compliance efforts. However, this obscures the fact that the right kind of internal controls—enabling an organization to capitalize on opportunities while offsetting the threats—can actually save time and money and promotes the creation and preservation of value. Effective internal control also creates a competitive advantage, as an organization with effective controls can take on additional risk. Despite the existence of sound internal control guidelines, it is often the application of such guidelines that fails or could be further improved in many organizations. With the publication, the Professional Accountants in Business (PAIB) Committee aims to provide a practical guide focused on how professional accountants in business can support their organization in evaluating and improving internal control as an integral part of its governance system and risk management. The guidance is complementary to existing internal control guidelines and is based on those internal control matters that often cause difficulties...

Words: 1324 - Pages: 6

Premium Essay

Checklist for Evaluating Internal Controls

...Checklist for Evaluating Internal Controls Control Environment Department:       Preparer:       Date: Please Enter Date here Yes No NS N/A | Checklist Questions | | 1. Are the company shareholder's approved of the project? | | 2. Is the company management approved of the project? | | 3. Has the employee's involved been fully informed of the project? | | 4. Does the project follow or improve the company's mission? | | 5. Does the project have a mission? | | 6. Has accounting reviewed the project? | | 7. Has accounting provided a report on the costs of the project? | | 8. Is the company ready to introduce the project? | | 9. Are the management and employees ready to work on the project till complete? | | 10. Does the project interfere with any Human Resource policies or procedures? | | 11. Are the employee's working on the project knowledgeable about the skills needed? | | 12. Has the Project Manager been chosen? | | 13. Can an internal audit be done on the project later? | | 14. Are all the three phases being followed? | NS = Not Sure N/A = Not Applicable Risk Assessment Department:       Preparer:       Date: Please Enter Date...

Words: 582 - Pages: 3

Free Essay

Checklist for Evaluating Internal Controls

...Checklist for Evaluating Internal Controls Checklist for Evaluating Internal Controls Table of Contents Budgets and Planning 1. Segregation of Duties 2. Procedural Controls Cash 1. Segregation of Duties 2. Procedural Controls Revenues and Receivables 1. Segregation of Duties 2. Procedural Controls 3. Billing and Remittance Verification Capital Assets 1. Segregation of Duties 2. Procedural Controls Procurement and Payables 1. Segregation of Duties 2. Procedural Controls Payroll 1. Segregation of Duties 2. Procedural Controls Electronic Data Processing 1. Segregation of Duties 2. Procedural Controls Financial Reporting 1. Segregation of Duties 2. Procedural Controls Checklist for Evaluating Internal Controls Overview Organizations, whether for profit or non-profit, assess the effectiveness of internal controls. The most efficient way to gather information and evidence about the internal controls of an entity is to conduct an interview with the managers using a checklist form of internal control questionnaire (Louwers, 2007). The preparer of the checklist should include questions about each significant assertion in order to obtain evidence about the control environment. Answers to the internal control questionnaire are in the form of yes or no; no usually indicates some weakness or control deficiency. Policies and Procedures A. Segregation of Duties Yes/No Comments 1. Does your organization have an organizational...

Words: 454 - Pages: 2

Premium Essay

Checklist for Evaluating Controls

...Checklist for Evaluating Internal Controls Lisa Cook ACC 544 October 31, 2011 Bret Mann Checklist for Evaluating Internal Controls Internal Control is to assist companies with reviewing and assessing its accountability within the organization. Internal controls are best practices for an organization that sets the tone and its main purpose is reducing business risk by controlling loss because of the misuse of the company’s assets. Fraud is sure to be detected through internal controls as well as help with the accuracy of its financial reporting. This analysis will provide a comprehensive checklist for evaluating internal controls and show how to apply the checklist to outline phases of the control evaluation. Evaluating Internal Controls Checklists The Committee of Sponsoring Organization (COSO) defines controls as the “process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following three categories: * Reliability of financial reporting. * Effectiveness and efficiency of operations. * Compliance with applicable laws and regulations. Internal control is designed to achieve objectives in various categories” (Louwers, et al, 2007, p. 149). The purpose for an internal control checklist is to analyze the efficiency of the organization’s controls in place, document the controls, and make recommendations and necessary improvements. Management...

Words: 785 - Pages: 4

Premium Essay

Acc 545

...evaluation of an audit client’s internal control? A. The auditor has two primary reasons for conducting an evaluation of a company’s internal control. 1) First, Sarbanes-Oxley (SOX) requires an audit of management’s assessment of internal controls for publicly traded companies. This type of audit is an integrated part of the financial statement audit. In some substances, the auditor issues three opinions: one on the company’s financial statements, one on management’s evaluation of their internal controls over financial reporting, and one on the effectiveness of a company’s internal controls. 2) The second reason for evaluating a company’s internal control is to assess control risk to give the auditors a basis for planning the audit and determining the nature, timing, and extent of audit procedures for the account balance (substantive) audit program. B. For secondary reason for evaluating internal control is to provide information useful to the management and directors for carrying out the company’s control mission. Regulators, Congress, and the public have been concerned about auditors’ communication of internal control and other matters to high levels in public corporations. Another responsibility is to communicate internal control matters noted in an audit to the audit committee of the company’s board of directors and directly to shareholders through their report on management’s assertion of effective internal control in the annual report. (Page#...

Words: 1408 - Pages: 6

Premium Essay

Acc 544

...Controls for IT and Reporting University of Phoenix Internal Controls ACC 544 August 22, 2011 Controls for IT and Reporting As more business processes become streamlined and automated, many companies rely heavily on technology and the support from their Information Technology departments. Information technology has the largest responsibility within an organization. Information technology is responsible for the implementation and maintenance of the hardware and software within a company. Information technology is responsible for ensuring that the hardware and software are secure and align with the company’s needs, business operations, goals and objectives. Information technology serves as a mechanism of supporting internal control systems and reporting. Most information, including financial records, that are generated, circulated, and reported within a company are electronic. Therefore, the threat of information technology being compromised is prevalent. Companies must take precautions to protect their systems and choose proper internal controls for information technology and reporting. This includes evaluating the internal controls system’s effectiveness and answering the following questions: • Is the design and operation of the internal control system up-to-date with technological advancements? • Is the internal control system and reporting in compliance with Sarbanes-Oxley Act of 2002? • Does the current system identify existing controls that are inefficient...

Words: 570 - Pages: 3

Free Essay

Dell Pre and Post Sox

...was a large stepping stone in that movement and has impacted many public companies. SOX requires public companies registered with the Securities Exchange Commission to evaluate the effectiveness of its internal control over financial reporting and disclose this information in its financial statements. For instance, Dell Inc., a large multinational IT corporation, was one of the many large corporations affected by the implications of SOX. First, Section 404 of SOX requires Dell’s management, under the supervision of the CEO and CFO, to establish and maintain adequate internal control in accordance with the rules defined in the Securities Exchange Act. In addition to establishing the controls, they are also required to evaluate the effectiveness of the controls against the criteria established in the Internal Control-Integrated Framework issued by COSO. Second, Section 409 of SOX requires management to disclose material changes in internal control, and the results or potential effects of those changes. Finally, Section 404 of SOX requires Dell’s auditing firm to evaluate management’s assessment of Dell’s internal control and to issue an opinion on the quality and accuracy of the assessment. All in all, SOX raised corporate responsibility to assess and improve internal control over financial reporting. It also...

Words: 1526 - Pages: 7

Premium Essay

Accounting Ch 5 Hw

...Miles Cohen 701465100 Chapter 5 Auditing homework Review Checkpoints (1-17, 19-22, 24-32) 1) The 3 goals of an internal control system according to COSO is (1) Reliability of financial reporting, (2) Effectiveness and efficiency of operations, (3) compliance w/ applicable laws and regulations 2) Human error due to mistakes in judgment, fatigue and carelessness can still occur 3) Reasonable assurance recognizes that the costs of controls should not exceed the benefits that are expected from the controls 4) * Management is responsible for establishing and maintaining adequate internal control over financial reporting, Auditors are responsible for evaluating and finding any risk for the internal control effectiveness 5) Control risk is the probability that an entity’s controls will fail to prevent or detect material misstatement due to error or frauds. 6) To see if the client’s internal control is effective at controlling control risk. 7) Control risk adversely affects all 3 aspects 8) 5 components of management’s internal control (1) control environment, (2) Risk assessment, (3) control activities, (4) Monitoring and (5) information and communication 9) The control environment is the tone set for the organization as the foundation for all other components of internal control 10) Audit committee is a subcommittee of the BOD that is generally composed of 3-6 independt members in the entity’s day-to-day management of the organizations BOD. 11) Risk assessment...

Words: 717 - Pages: 3

Premium Essay

Generally Accepted Auditing Standards

...Generally Accepted Auditing Standards Paper ACC/491 Contemporary Auditing Santos Alarcon January 11, 2015 Describe the elements of GAAS? Generally Accepted Auditing Standards (GAAS) are “sets of standards against which the quality of audits are performed and may be judged” (Generally Accepted Auditing Standards, 2014). According to AU Section 150, there are three general standards, three fieldwork standards, and four reporting standards. In the United States, these standards are developed by the Public Company Accounting Oversight Board since the passage of the Sarbanes-Oxley Act in 2002. The three general standards require the auditor to remain mentally independent in all matters related to the audit, to have technical training that is adequate and proficient to perform the audit, and to exercise professional care while performing the audit, and also while preparing the report. The three fieldwork standards require the auditor to properly plan the work and to supervise assistants, to sufficiently understand the company and its environment, and to obtain enough audit evidence to support a reasonable basis for an opinion regarding the financial statements under audit. The four standards of reporting require the auditor to state in his/her report whether the financial statements are presented in accordance with GAAP, they have to identify when GAAP principles have not been consistently observed, they have to include in the auditor’s...

Words: 929 - Pages: 4

Premium Essay

Internal Control Checklist

...Checklist for Evaluating Internal Controls ACC/544: Internal Control Systems Comprehensive Checklist for Evaluating Internal Controls As defined by the COSO framework, there are five elements that are used to explain an internal control system applied in an organization. These elements include: 1. Control Environment – The control environment is the foundation for the other four components of internal control. It outlines discipline and structure for the internal control method and consists of philosophy, ethical values, operating style, risk appetite, functioning of the board, and organizational structure (Louwers, Ramsay, Sinason, & Strawser, 2007). 2. Risk Assessment - This component evaluates the way in which an organization decides to handle the number of always-evolving external and internal risks. 3. Control Activities - This component seeks to ensure that the directives of management are carried out. These are computerized and manual and serve the purpose of preventing, detecting, and correcting errors (Louwers, Ramsay, Sinason, & Strawser, 2007). 4. Information and Communication – The information and communication component provide managers with the critical information necessary for achieving objectives. This component seeks to provide information that is timely, reliable, and relevant. 5. Monitoring – Assessing the quality of the established controls is essential to motivate continuous progress of the internal control method. ...

Words: 866 - Pages: 4

Free Essay

Nothinh

...Chapter 12 Take Home Quiz |1. Typical controls developed for manual systems which are still important in IT systems include: | |a. proper authorization of transactions. | |b. competent and honest personnel. | |c. careful and complete preparation of source documents. | |d. all of the above. | | | |2. ______ controls prevent and detect errors while transaction data are processed. | |a. Software | |b. Application | |c. Processing | |d. Transaction | | | |3. Which of the...

Words: 501 - Pages: 3