![Page 1: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/1.jpg)
Chapter 4Transaction Processing and the
Internal Control ProcessThis organization looks like it has weak internal
controls.
![Page 2: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/2.jpg)
Presentation Outline
I. Business Exposures
II. Fraud and White-Collar Crime
III. The Internal Control Process
IV. The Sarbanes-Oxley Act of 2002
V. Classifying Transaction Processing Controls
VI. Analysis of Internal Control Processes
![Page 3: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/3.jpg)
I. Business Exposures
A. The Meaning of Exposure
B. Examples of Common Business Exposures
![Page 4: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/4.jpg)
A. The Meaning of Exposure
Potential FinancialEffect of Event x
Probability ofOccurrence
(Risk)
=
Exposure
![Page 5: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/5.jpg)
B1. Common Business Exposures
Deficient revenues due to decreases in
earnings resulting from things like
excessive bad debts, incorrect billing, and returns from unhappy
customers.
![Page 6: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/6.jpg)
B2. Common Business Exposures
Loss of assets due to theft, acts of violence,
or natural disaster
![Page 7: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/7.jpg)
B3. Common Business Exposures
Inaccurate accounting causes decisions to be made using inaccurate
information.
![Page 8: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/8.jpg)
B4. Common Business Exposures
Business interruption from things like acts
of violence and natural disaster can damage or destroy a
business.
![Page 9: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/9.jpg)
B5. Common Business Exposures
Statutory sanctions interrupting business
due to regulatory agency penalties.
![Page 10: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/10.jpg)
B6. Common Business Exposures
Competitive disadvantage resulting from
ineffective management
decisions.
![Page 11: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/11.jpg)
B7. Common Business Exposures
Fraud (perverting truth to obtain something of
value) and embezzlement
(fraudulent appropriation of assets
for one’s own use).
![Page 12: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/12.jpg)
II. Fraud and White-Collar Crime
A. Three Types of White Collar Crime
B. Fraudulent Financial Reporting
C. Corporate Crime
D. Certified Fraud Examiners
E. KPMG Survey
![Page 13: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/13.jpg)
A. Three Types of White-Collar Crime
White-collar crime occurs when assets are deceitfully diverted from proper use or deceitfully misrepresented by an act or series of acts that are nonviolent in nature.
Employee theft – involves diversion of assets by an employee for personal gain.
Employee-outsider theft – involves diversion of assets by an employee in collusion with an outsider for
personal gain.Management fraud – concerns diversion of assets or
misrepresentation of assets by management.
![Page 14: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/14.jpg)
B. Fraudulent Financial Reporting
White-collar crime may result in fraudulent financial reporting. This is intentional or
reckless conduct, whether by purposeful
act or by omission, that results in
materially misstated financial statements.
![Page 15: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/15.jpg)
C. Corporate Crime
Corporate crime is white-collar crime that benefits a company or
organization rather than the individuals who perpetrate the
fraud. Such individuals may
benefit indirectly.
![Page 16: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/16.jpg)
D. Certified Fraud ExaminersForensic accounting is a term used to describe the activities of persons who are concerned with preventing and detecting
fraud.The National Association of Certified Fraud Examiners (NACFE) is a professional organization that provides bona fide qualifications for certified fraud examiners
(CFEs) through the administration of the
Uniform CFE examination.
![Page 17: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/17.jpg)
E. KPMG Survey
KPMG surveyed the 2,000 largest companies in the United States.
Fifty-nine percent cited internal control as the most frequent reason that frauds were discovered.
Fifty-six percent stated that poor internal controls were the most frequent reason that fraud occurred.
The survey results …
![Page 18: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/18.jpg)
III. The Internal Control Process
A. Purpose of Internal ControlB. Two Premises of Internal Control
C. The Foreign Corrupt Practices Act of 1977D. Elements of Internal Control
Internal controls keep a close eye on employee
activities when management can’t. This
helps employees stay honest.
![Page 19: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/19.jpg)
A. Purpose of Internal Control
Internal control is designed to provide reasonable assurance regarding:Reliability of financial reporting.Effectiveness and efficiency of operations.Compliance with laws and regulations.
Don’t go astray!
![Page 20: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/20.jpg)
B. Two Premises of Internal Control
Responsibility – Management and the board of directors are responsible for establishing and maintaining the internal control process.Reasonable assurance – A control should not cost more than the potential benefit of the control.
![Page 21: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/21.jpg)
C. The Foreign Corrupt Practices Act (FCPA) of 1977
The FCPA requires that all organizations subject to the Securities Act of 1934:Keep an adequate system of records.Devise and maintain an appropriate system of internal accounting controls.
![Page 22: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/22.jpg)
D. Elements of Internal Control
Control environment – Overall values and integrity of organization.Risk assessment – Identification and evaluation of risks.Control activities – Activities undertaken to reduce probability of loss due to significant risks.Information and communication – Communicating information about the control environment and control activities.Monitoring – Keeping watch over and changing internal controls so that they function effectively and efficiently.
![Page 23: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/23.jpg)
IV. The Sarbanes-Oxley Act of 2002
A. Creation of the Public Company Accounting Oversight Board (PCAOB)
B. Restrictions on Nonaudit ServicesC. Role of the Audit Committee
D. Corporate Responsibility for Financial Reports
E. Management Assessment of Internal Controls
Note: This Act currently applies to only publicly-traded companies.
![Page 24: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/24.jpg)
A. Creation of the PCAOBCreated to oversee the auditing of public companies.
The SEC will have “oversight and enforcement authority over the Board.” No rule of the Board shall become
effective without prior approval of the commission. (Sec. 107)
The Board will:register public accounting firms,
establish the standards for the audit of public companies,conduct inspections of public accounting firms,
investigations and disciplinary hearings and have the power to impose sanctions.
(Sec. 101)
![Page 25: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/25.jpg)
B. Restrictions on Nonaudit ServicesPublic company auditors may not also provide the following
services to their audit clients: Bookkeeping
Financial information systems design and implementation Appraisal or valuation services
Actuarial services Internal audit outsourcing
Management or human resource services Broker or dealer
Legal and expert services unrelated to audit Other services determined by the PCAOB
![Page 26: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/26.jpg)
C. Role of the Audit Committee
Public companies must maintain must
maintain an independent audit
committee composed of members of the
board of directors who receive no
compensation from the company except for
services on the board.
![Page 27: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/27.jpg)
D. Corporate Responsibility for Financial Reports
The CEO and CFO must prepare a statement to accompany the audit
report. This statement certifies to the fairness of the presentation of
the financial statements and accompanying
disclosures.
![Page 28: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/28.jpg)
E. Management Assessment of Internal Controls
The Sarbanes-Oxley Act requires the annual report to contain an internal control report that:
states the responsibility of management for establishing and maintaining an adequate internal control structure
and procedures for financial reporting and
contains an assessment, as of the end of the company’s fiscal year, of the effectiveness of the internal control structure and procedures of the company for financial
reporting.
Note: The external auditor must attest to and report on the above assessment as a part of the audit process.
![Page 29: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/29.jpg)
V. Classifying Transaction Processing Controls
A. General and Application Controls
B. Preventive, Detective, and Corrective Controls
![Page 30: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/30.jpg)
A. General and Application Controls
General controls affect all processing transactions.
Application controls are specific to individual applications. They include input, processing, and output controls.
![Page 31: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/31.jpg)
B. Preventive, Detective, and Corrective Controls
Preventive controls – Prevent errors and fraud before they happen.
Detective controls – Uncover errors and fraud that have occurred.
Corrective controls - Correct errors
![Page 32: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/32.jpg)
VI. Analysis of Internal Control Processes
A. Internal Control Questionnaire
B. Applications Control Matrix
![Page 33: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/33.jpg)
A. Internal Control QuestionnaireQuestionnaires are available
for the review of certain application areas. Some
weaknesses may be compensated for by other
strengths. Testing of controls is also necessary
since responses to a questionnaire are not considered conclusive evidence about internal
controls.
![Page 34: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/34.jpg)
B. Applications Control Matrix
Columns represent processes under review while rows represent the
presence/rating for a control feature. Some use x’s to indicate the
presence or absence of a control. Others provide ratings to indicate the
assessed reliability of the control. (See p. 133)
![Page 35: Chapter 4 Transaction Processing and the Internal Control Process This organization looks like it has weak internal controls](https://reader036.vdocument.in/reader036/viewer/2022062421/56649c8a5503460f94944027/html5/thumbnails/35.jpg)
Summary
The meaning of exposure
The cause of exposure
The concept of internal control
General and application controls
Preventive, detective, and corrective controls
Internal control questionnaires
Applications control matrix.