pd 9184 and its irr-a.ppt

7/25/2019 PD 9184 and its IRR-A.ppt

1/195

1

TRAINING ON INTERNAL CONTROL

EVALUATION

Learning Objectives:

1. To discuss Internal Control Structure (ICS);

2. To link ICS with Risk Based Audit (RBA), fro the !T" tothe AAR#SC $hase;

%. To de&elo$'i$ro&e the skills of $artici$ants on thee&aluation of internal control; and

. To $ro&ide uidance on the utili*ation of the knowledeo+tained in this seinar in the eecution of audit work inthe #RAR $hase and re$ortin of audit results in theC- $hase.


2/195

2

ISA 315(Internatina! Stan"ar"s n A#"iting$

%Understanding the Entity and Its Environment and

Assessing the Risks of Material Misstatementre/uiresthe auditor to0

1. "+tain an understandin of internal control structure and on

audit risks.

2. !se this understandin to identif t$es of $otentialisstateents.

%. Consider factors affectin the risks of $otential

isstateents.

. esin the nature, tiin and etent of further audit

$rocedures.


3/195

%

IT3RA4 C"TR"4 S5ST3# defined0

All the $olicies and $rocedures ado$ted + anaeent to ensure 0

orderl and efficient conduct of its +usiness;

adherence to anaeent $olicies;

safeuardin of assets;

$re&ention and detection of fraud and error; accurac and co$leteness of accountin records; and

tiel $re$aration of relia+le financial inforation.


4/195

nctins' Interna! Cntr!6 reventive Cntr!s7

are desined to $re&ent ad&erse actions or risks frooccurrin.

6 )etective Cntr!s *

are desined to detect an error or ad&erse e&ent after it

occurred +ut within a reasona+le tie to $erit correction.

6 Crrective Cntr!s *

are desined to reed $ro+les disco&ered with detecti&e

controls.


5/195

8

Objectives ' Interna! Cntr!

1. 9inancial re$ortin control o+:ecti&e0

relates to the relia+ilit of the financial re$ortin $ro&ided+ accountin inforation sste and recordin function.

2. "$erations controls o+:ecti&e0

is intended to enhance the effecti&eness and efficienc

of o$erations.

%. Co$liance controls o+:ecti&e0

relates to co$liance with laws and reulations.


6/195

Interna!Cntr! assertins

There are two assertions of anaeent0

6 internal control and

6 financial stateents.


7/195

1

&stablish 'isk (anagement

)rocess

1

a. efine

Risk anaeent

oals and o+:ecti&es Coon lanuae

+. 3sta+lish risk o&ersiht

structures

!T" Assess Risk #anaeent =rocess

Estab!is0 ris5

,anage,ent .rcessGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

6 Doals and o+:ecti&es

6 Coon 4an)ua)e

6 "&ersi)ht structure

In'r,atin 'r

"ecisin ,a5ing

)esign i,.!e,ent ris5,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk controls

+nitr ris5 ,anage,ent

.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris5 ,anage,ent

ca.abi!ities

Assess agenc/ ris5sGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Identif1 Source #easure

)eve!. ris5

,anage,ent strategiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

A&oid 3,$loit Transfer

Acce$t and reduce

!T" Assess Risk #anaeent =rocess


82/195

>2

Assess Agency 'isk

%dentify

*ource

(easure

a. Chanes in the en&ironent,ke assu$tions, and

o$eration $rocess, and the

i$act of these chanes

+. =rocess or acti&ities to

assess aenc risks and

inforation and inforation

$rocessin (II=)

@

Estab!is0 ris5



6 Coon 4an)ua)e


In'r,atin 'r

"ecisin ,a5ing

)esign i,.!e,ent ris5,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk controls


.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris5 ,anage,ent

ca.abi!ities



)eve!. ris5



Acce$t and reduce

* 'evelop Risk Management &trategies


83/195

>%

*+'evelop Risk Management &trategies

6 Avoid

6 &+ploit6 Transfer

6 Accept and

'educe

Estab!is0 ris5


6 Doals and o+:ecti&es6 Coon 4an)ua)e


In'r,atin 'r

"ecisin ,a5ing

)esign i,.!e,ent ris5

,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGRisk controls


.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris5 ,anage,ent

ca.abi!ities



)eve!. ris5


A&oid 3,$loit TransferAcce$t and reduce

, 'esign-Implement Risk Control %roess


84/195

>

,+ 'esign-Implement Risk Control %roess

a. 3nsure i&ision ead

and $rocess'acti&it

owners0 a&e the re/uisite

skill and e$ertise Assue

res$onsi+ilit andaccounta+ilit foranain sinificantrisk.

+. Assess the tieliness,efficienc andeffecti&eness of thedesin of new or

i$ro&ed risk control$rocesses.

Estab!is0 ris5



6 Coon 4an)ua)e


In'r,atin 'r

"ecisin ,a5ing

)esign i,.!e,ent ris5


Risk ana)eent strate)iesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGRisk controls


.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris5 ,anage,ent

ca.abi!ities



)eve!. ris5



Acce$t and reduce

UTO ? Assess Ris +anage,ent rcess


85/195

>8

(onitor 'isk (anagement )erformance

This includes0

a. !tili*ation of all

a&aila+le Haudit

o$$ortunities

+. Bencharkin aainst

leadin 4D! $ractices,standards set +

o&ernent and, to

the etent a$$lica+le,

international standards

5Estab!is0 ris


6 Doals and o+:ecti&es6 Coon 4anuae

6 "&ersiht structure

In'r,atin 'r

"ecisin ,aing

)esign i,.!e,ent ris,anage,ent .rcessesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk anaeent strateiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk controls

+nitr ris ,anage,ent

.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris ,anage,ent

ca.abi!ities

Assess agenc/ rissGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Identif Source #easure

)eve!. ris


A&oid 3$loit Transfer

Acce$t and reduce



86/195

>

ontinuously %mprove'isk (anagement

apabilities

Estab!is0 ris


6 Doals and o+:ecti&es6 Coon 4anuae

6 "&ersiht structure

In'r,atin 'r

"ecisin ,a5ing

)esign i,.!e,ent ris


Risk anaeent strateiesGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Risk controls

+nitr ris ,anage,ent

.rcesses .er'r,ance

Cntin##s!/ i,.rve

ris ,anage,ent

ca.abi!ities

Assess agenc/ rissGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

Identif Source #easure

)eve!. ris


A&oid 3$loit TransferAcce$t and reduce

3nsure that risk anaeent, control and onitorin

$rocesses'acti&ities are continuousl i$ro&ed throuhout the

4D!.



87/195

>?

Agenc/ Ris +anage,entObjectives


89/195

?@

Objectives

6 *trategic hih7le&el oals, alined with and su$$ortin its

ission

6 perations effecti&e and efficient use of its resources

6 'eporting relia+ilit of re$ortin

6 ompliance co$liance with a$$lica+le laws and

reulations.


90/195

?1

QUESTION


91/195

?2

UTO ? In'r,atin rcess &ra,e9r


92/195

?%

As International Standards on Auditing (ISA) 310 states:

%n performing an audit of financial statements, the auditor

should have or obtain knowledge of the business sufficient to

enable the auditor to identify and understand the events,

transactions and practices that, in the auditors judgment, may

have a significant effect on the financial statements or on the

e+amination or audit report

Un"erstan" t0e O.eratins (UTO$


93/195

?

Tools used in the performance of UTO

I&I&

In'r,atin rcess

&ra,e9r (I&$

A more detailed representation of the operationA more detailed representation of the operation

and information flow with the purpose of-and information flow with the purpose of-

Obtaining an #n"erstan"ing ' t0e '!9 ' transactins 'r,

.eratins events an" 'acts 'r, t0eir ince.tin t t0eir

inc!#sin in t0e 'inancia! state,ents an" "isc!s#res>

rvi"ing a %t. "9n 'c#s t i"enti'/ an" !cate errr riss

re!ate" t ./0 priniples1 .20 estimates1 .*0 ritial information

proesses1 .,0 finanial reporting proessan" .30 dislos#res+



94/195

?8

bjectives

1. "+tain an understandin of the flow of transactions froo$erations, e&ents, and facts fro their ince$tion to their

inclusion in the financial stateents and disclosures.

2. =ro&ide a to$ downJ focus to identif and locate error risks

related to0

$rinci$les

estiates

critical inforation $rocesses

financial re$ortin $rocess

disclosures



95/195

?

'isk

"ocations



96/195

? Un"erstan" j#"g,ents an"

esti,ates an" esti,ate rissD> Un"erstan" critica! in'r,atin

.rcesses an" in'r,atin

.rcessing riss

5> Un"erstan" 'inancia! re.rting

.rcesses an" i"enti'/ an" !cate

'inancia! re.rting .rcess riss

> Un"erstan" "isc!s#res an"

i"enti'/ "isc!s#re riss

1

@

D

3

5



101/195

1@2

1. Accounting )rinciples and )ractices

2. 3udgments and &stimates

4. ritical %nformation )rocesses5. inancial 'eporting )rocess

I"enti'/ Riss

E7.ert

n9!e"ge

C,.!e7ities C0anges (rb!e,s

Are t0ere iss#es

i"enti'ie" b/

acc#nting an"

a#"iting e7.ertst0at in"icate

c#rrent .eri"

ris5s8

Are t0ere

.rcess*re!ate"

ris5s t0at

re:#ire acntr!s*base"

a..rac08

Are t0ere

c0anges in t0e

c#rrent .eri"

t0at in"icatec#rrent .eri"

ris5s8

Are t0ere .rir

r c#rrent

.eri"

.rb!e,s t0atin"icate c#rrent

.eri" ris5s8

Audit Tea Knowled)e

Un"erstan"ing t0e rcess T0r#g0rcess +a..ing


102/195

rcess +a..ing

rcess +a..ing

An activit/ t "c#,ent t0e #n"erstan"ing

' t0e .rcess * taing int cnsi"eratin

t0e activities inv!ve" t0e tas 9ners

t0e '!9 ' transactins an" .rcess,eas#res>

T/.es ' rcess +a.s


103/195

ri,ar/

6 Transactional 9lowcharts

6 =rocess Interfunctional Chart

Secn"ar/

6 9unctional =rocess 9lowchart

6 =hsical 4aout iara


104/195

9acilitates a ore co$rehensi&e identification of $rocess risks

3na+les the identification of $otential $rocess issues such as0

u$lication of effort

Inade/uate or isallocated resources

!nnecessar or non7&alue added acti&ities

9acilitates e&aluation of o&erall effecti&eness of the $rocess

controls

ocuents the audit teas understandin of the $rocess and

ser&es as a continuin audit docuentation for future audits

Transactina! &!9c0art


105/195

6 To $ro&ide a $ictorialre$resentation of each

acti&it in a function

6 To show the se/uence

of tasks for each

acti&it

6 To show the flow of

in$uts and out$uts for

each task in an acti&it

6 To anal*e the

relationshi$ of tasks

in&ol&ed in each acti&it

3asiest to $re$are and u$date #ost coonl used and

understood forat

Dood tool to use for client

$resentations

#r.se

)isa"vantages

A"vantage

s

ifficult to draw in co$le

situations

oes not show inter7functionalrelationshi$s

Transactina! &!9c0art * Sa,.!e


106/195

Enc"es R

#rc0ase Or"er

(O$1

@

3

D

R

1

@

URCASING STA&&

A..rves

O

GENERAL +ANAGER2

RESI)ENT

A..rve" O

1

@

3

D

R

1

URCASING STA&&

A..rve" O

1

@

3

D

R

1

'i!e

T Acc#nting

T )istrib#tin

T Stcr,

)istrib#tes O t

#ser "e.ts>

Sen"s O>

Cn'ir,s

recei.t>

A> T0e Genera! +anager a..rves Os 9it0

va!#e ' 5FFFF an" !ess 90i!e t0e

resi"ent a..rves O abve 5FFFF>

1

@

A..rve" R

1

U."ates O

transactin 'i!e

O

Transactin

&i!e

Generates O

Attac0es R t O

Sen"s R t

Re#esting

)e.t>

1

#rc0ase Or"er

(O$1

@

3

D

URCASING STA&&

T Re#esting

)e.art,ent

A

B

C

rcess Inter*'#nctina! &!9c0art


107/195

Dra$hic de$iction of inter7

functional relationshi$s

Illustrates de$artents in&ol&ed

3as to o&erla tie lines

oes not ha&e set headins and

therefore allows reater flei+ilit

to show all rou$s, sstes ando$erations within functions to +e

a$$ed.

6 To $ro&ide an o&er&iew of the

$rocess to +e a$$ed

6 To show the relationshi$

+etween different di&isions,

de$artents, and sstes that

are $art of the $rocess

6 To show the flow of a:oracti&ities in the $rocess

6 To show the aount of tie

re/uired to $erfor each acti&it

6 To anal*e the $rocess +ein

a$$ed

#r.se

ifficult to draw when se&eral

functions are in&ol&ed

Re/uires lare works$ace

)isa"vantages

A"vantage

s

nctina! rcess &!9c0art * Sa,.!e


108/195

INUT ROCESS OUTUT

Re/uest forCredit #eo

-arit

-alidit

=re$are

C#Fk Sht

T$e

Credit

#eo

=roofs for

Accurac

"+tain

#t..

A$$ro&al

-alid

Accurate

A'2

Credit #eoRe/uest

=ro:ection

Credit

#eo

Credit #eo

Forksheet

iscard

Credit #eo

Forksheet

IITIAT"R

#ARK3TID T3CICIA

S3CR3TAR5

IITIAT"R

#T3C

#T3C

#T3C

#T3C

CR4

1.

2. 5es

8. 5es

%.

.

escri$tion0 The 9unctional =rocess 9lowchart is the for on

which ou show the se/uence of tasks.

rcess +a..ing G#i"e!ines * ri,ar/S/,b!s


109/195

S/,b!s

A#3Acti&it'

=rocessin

ecision

ocuent

3SCRI=TI"

Indicates that an acti&it or task is

+ein $erfored.

Fhen this s+ol a$$ears, the task

se/uence flows to the riht if the

decision is esJ or down if thedecision is noJ.

Re$resents the eneration of a

$hsical docuent. #ulti$le

o&erlain s+ols are used if

ulti$le docuents are enerated.

S5#B"4

S.eci'ic G#i"e!ines in rcess +a..ing


110/195

1. Fhen $re$arin flowcharts at detail le&el, the acti&it +o is

often re$laced + ore s$ecific s+ols, such as0

#anual In$ut Autoated

In$ut

Co$uter

Storae

#anual

9ilin



111/195

2. "abel origins and destinations. Alwas $rint the oriin of in$ut and

destination of out$ut a+o&e the res$ecti&e s+ols.

#rc0ase Re#est

Sales Re$resentati&e



112/195

%. $se flow lines carefully. If the line fro one $rocess to another

crosses o&er an alread eistin flow line, draw the secondar line as

shown +elow0

3istin =rocess

Secondar =rocess



113/195

. 6umber the symbols. u+erin each $rocess s+ol can +e useful

to cross7reference to a sste narrati&e or the sae task nu+er on

a $rocess descri$tion chart.8. 7e sure to connect flows. Alwas use a flowchart connector s+ol

when ou continue a diara to another $ae or carr it o&er to

another $rocess.

Status

re$ort

a$$ro&edE

es Continue flowin the esJ

condition here

D'2@ D'1@

#ake

Chanesto Status

Re$ort



114/195

. 'emember to denote the responsible department or individual. =lace

the de$artent nae or the Res$onsi+le Indi&idual a+o&e each

$rocess s+ol or area of the a$.


115/195

6 Tie $er acti&it

6 elaJ tie

6 u+er of acti&ities

6 u+er of re&iews

6 Cost of each acti&it

6 3rrors

A'ter C,.!eting t0e rcess +a.


116/195

6 T0e A#"itr S0#!" N9:

ave a g" #n"erstan"ing 't0e .rcess

ave a g" vie9 ' t0e e/

in'r,atin ab#t t0e .rcess

ave a better basis 'r

i"enti'/ing .rcess riss an"

re!ate" cntr!s

Tools used in the performance of UTO

Un"erstan" t0e O.eratins (UTO$


117/195

11>

p f f

ARC)s

AO+s

Agenc/ Ris Cntr! )c#,ents (ARC)s$

A#"it Observatin +e,s (AO+s$

A'Ds are the tools used to documentA'Ds are the tools used to document risks identified,risks identified,

prioriti!ed for further considerations and linked to the financialprioriti!ed for further considerations and linked to the financial

statement accountsstatement accounts. A'Ds are grouped based on the type. A'Ds are grouped based on the type

of risks identified. %t also documents further proceduresof risks identified. %t also documents further procedures

performed to reduce the risks identified to acceptable level.performed to reduce the risks identified to acceptable level.

A(s are the tools to communicate issues and observationsA(s are the tools to communicate issues and observations

noted in the course of the audit. These are forwarded to thenoted in the course of the audit. These are forwarded to themanagement as the need arises.management as the need arises.

As International &tandards on

A diti .I&A0 */3 t t


118/195

11?

A#diting .I&A0 */3 states)

8The auditor should determine which ofthe risks identified are, in the auditors

judgment, risks that require special

audit consideration 9such risks aredefined as 8significant risks:;


119/195

12@

QUESTION


120/195

I"enti'/ Ris Cntr!s


121/195

122

C4A5!"& &TAN'AR' AN' %4!IC6

7or eah fail#re risks and ritial informationproesses1 estimation proesses and finanialreporting proesses risk identified1 the a#ditteam sho#ld identify1 eval#ate and test1 as

appropriate1 the a#ditee(s risk managementstrategy and ontrols in order to determine anyresid#al a#dit risks+

Risk #anaeent Strateies and Controls =rocess9raework


122/195

12%

&ig C>

RC&

Assess A#"itee Ris +anage,ent Strategies

Cntr!s


123/195

12

Risk Control =rocess 9raework Assess a)enc1risksAssess a)enc1risks

Sereate controls + co$onent to0

1. effecti&el e&aluate the desin of

risk controls

2. aii*e the etent of control

reliance

%. recoendations for

i$ro&eent


Cntr!s


124/195

128

S$ecific Risk Controls

Assess a)enc1risksAssess a)enc1risks

S$ecific Risk Controls

Initial defense in

$re&entin, detectin and

correctin errors

Address risks fro ca$ture

of facts to inclusion in

financial stateents


Cntr!s


125/195

12

S$ecific Risk ControlsAssess a)enc1risksAssess a)enc1risks


Cntr!s


126/195

12

6 ISA 315 %Understanding The Entity and AssessingRisksstates t0at it is a ,atter ' t0e a#"itr-s .r'essina!j#"g,ent s#bject t t0e re#ire,ents ' t0is ISA 90et0er acntr! in"ivi"#a!!/ r in c,binatin 9it0 t0ers is re!evantt t0e a#"itr-s cnsi"eratins in assessing t0e riss ',ateria! ,isstate,ent an" "esigning an" .er'r,ing '#rt0er.rce"#res in res.nse t assesse" riss> T0e ISA a!sre#ires t0at in e7ercising t0at j#"g,ent t0e a#"itrcnsi"ers t0e circ#,stances t0e a..!icab!e c,.nent an"'actrs s#c0 as t0e a#"itr-s j#"g,ent ab#t ,ateria!it/ si4e' t0e entit/ a..!icab!e !ega! an" reg#!atr/ re#ire,ents

a,ng t0ers.

C"TR"4 CARACT3RISTICS


Cntr!s


135/195

1%

Identif

3&aluate esin

Test

C"TR"4 CARACT3RISTICSC"TR"4 CARACT3RISTICS

=R"LI#IT5 T" RISK S"!RC3=R"LI#IT5 T" RISK S"!RC3

RISK SIDI9ICAC3RISK SIDI9ICAC3

4IK34I"" "9 RISK "CC!R3C34IK34I"" "9 RISK "CC!R3C3

=R3ICTABI4IT5 "9 RISK "CC!R3C3=R3ICTABI4IT5 "9 RISK "CC!R3C3

C"TR"4 R34IABI4IT5C"TR"4 R34IABI4IT5

C"TR"4 -3RI9IABI4IT5C"TR"4 -3RI9IABI4IT5

Eva!#ate an" )c#,ent Ris Cntr!s

)esign


136/195

1%. =hsical securit o&er su$$lies stockroo, o&a+le e/ui$ent and

cash &ault

?. etwork and sstes securit with $assword controls

1@. The accountant &erif that the accountin $rinci$les and $ractices are

in accordance with DAS.

11. Co$arin the $urchase order with the &endors in&oice +efore recei$t

of oods


145/195

1

Testing ' Ris Cntr!s t

Re"#ce Ris t Acce.tab!eLeve!

Testin of Risk Controls


146/195

1



147/195

1>

I&A **81 The A#ditor(s %roed#res inResponse of Assessed Risks1 par+ 2*states) 9hen the a#ditor(s assessmentof risks of material misstatement at the

assertion level inl#des an e:petationthat ontrols are operating effetively1the a#ditor sho#ld perform tests ofontrols to o;tain s#ffiient appropriate

a#dit evidene that the ontrols wereoperating effetively at relevant timesd#ring the period #nder a#dit+



148/195

1?

Fh are tests of controls $erforedE

To o+tain audit e&idence a+out the

effecti&eness of the0

6 esin of the accountin and

internal control sstes;

6 "$eration of the internal controlsthrouhout the $eriod.

Testing of Risk Controls


149/195

18@

Cntr! Re!iance )ecisin Tree

*&O

In case ' vi!atin t r#!es an" reg#!atins

&ra#"

in"icatrt0at9arrantsLAO

'#rt0erinves

tigatin

&ra#"


'#rt0erinves

tigatin


Control Reliance ecision Tree


150/195

181

Duides the audit

tea in deterinin

which controls

reliance strateies

a +e ado$ted to

ost effecti&el

identif and test

rele&ant controlsto

reduce inforation

$rocessin risks to

an acce$ta+le le&el.

Control Reliance ecision Tree

*&O


&ra#"in"icatrt0at9a

rrantsLAO

'#rt0erinvestigatin

&ra#"in"icatrt0at9a

rrantsLAO

'#rt0erinvestigatin



151/195

182

*&O

&ra#"

in"ic

atrt0at9

arrants

LAO

'#rt0erinve

stigatin

&ra#"

in"ic

atrt0at9

arrants

LAO

'#rt0erinve

stigatin

In case ' vi!atins t r#!es an" reg#!atins

Re!iance n Testing ervasive Cntr!s an" +nitring

Activities


If the desin of the s$ecific, $er&asi&e and, $articularl,


152/195

18%

Denerall ost efficient strate.

onitorin controls are effecti&e..

esined to understand the rior and /ualit of risk owner

onitorin acti&ities.

Tests o$eratin effecti&eness of onitorin and $er&asi&e

controls onl.

owe&er, if testin of o$eratin

effecti&eness of onitorin controls

indicate that the onitorin controls are

not o$eratin effecti&el, then the audit

tea should consider testin s$ecific risk

controls.

3tent of work is

relati&el inial and

the tiin is /uite

flei+le.



153/195

18

*&O


&ra#"


'#rt0erinv

estigatin

&ra#"

in"

icatrt0at9arrantsLAO

'#rt0erinvestigatin

Re!iance n Testing ervasive an" S.eci'ic Ris

Cntr!s


If the desin of the s$ecific and $er&asi&e controls are effecti&e

+ut the desin of the onitorin controls are ineffecti&e


154/195

188

Audit tea shouldreconi*e that the lack

of onitorin increases

the risk that a

deficienc in s$ecific

risk controls a not

+e detected andcorrected on a tiel

+asis.

Tests o$eratin effecti&eness of $er&asi&e and s$ecific controls.

+ut the desin of the onitorin controls are ineffecti&e..

=ro&ides a hih deree of

onoin assurance with

onl oderate le&els of

testin.

6 Audit tea should identif onitorin

acti&ities for the auditee to $ut in $lace

for future $eriods.

6 The $ro$osed onitorin acti&ities

a +e included in the ad&isor re$ort

to +e issued to auditee.

owe&er, the a+sence of effecti&e risk

owner onitorin reduces the

confidence the auditor can ha&e

relatin to the consistent a$$lication of

s$ecific risk controls.


I3TI9ICATI" and 3-A4!ATI" of esin of


155/195

18

Controls

Control identification and e&aluation of effecti&eness of desin

of the control can usuall +e carried out at the sae tie.

A walkthro#ghof identified controls with$ersonnel who carr out the controls ensures

that the ha&e +een $laced Hin .eratinH.

It is often efficient to deterine whether

controls are Nin o$erationN concurrentl with

controls identification and e&aluation of desineffecti&eness.


R3SI!A4 A!IT RISK


156/195

18

S,e re.rtab!e cn"itins are as '!!9s:er'r,ance 'ai!#res ?

6 3&idence of intentional isa$$lication of

accountin $rinci$les

6 3&idence of isre$resentation + client

$ersonnel to the auditor

6 3&idence that o&ernent e$loees or

anaeent lack the /ualifications andtrainin to fulfill their assined functions

SU++ARIE AN) REORT RESULTS

O& EVALUATION


184/195

1>8

S,e re.rtab!e cn"itins are as '!!9s:

+isce!!ane#s6 A+sence of a sufficient le&el of control

consciousness within the orani*ation

6 9ailure to follow u$ and correct $re&iousl identifiedinternal control structure deficiencies

6 3&idence of sinificant or etensi&e undisclosedrelated $art transactions

6 3&idence of undue +ias or lack of o+:ecti&it +those res$onsi+le for accountin decisions.


O& EVALUATION


185/195

1>

G#i"ance 'r C,,#nicating Interna! Cntr!ints

6Avi" !ang#age t0at 0as t0e e''ect ' negating t0e .inine7.resse" in COA*LGSH a#"itr-s re.rt>

6)e!iver interna! cntr! .ints t t0e a#"itee at t0ea..r.riate !eve!s ' res.nsibi!it/ an" re.rt t,anage,ent signi'icant "e'iciencies>

6Certain in'r,atin s0#!" be .rvi"e" 'r eac0 interna!

cntr! .int a!t0#g0 brie' "escri.tins are acce.tab!e>


O& EVALUATION


186/195

1>

6 S#ggestins 'r crrecting t0e "e'icienc/>

6 &r a .revi#s!/ re.rte" b#t sti!! #ncrrecte"

"e'icienc/ a re'erence t t0e .revi#s c,,#nicatin>

6 +anage,entHs res.nse t t0e e7tent "ee,e"a..r.riate in t0e circ#,stances>


O& EVALUATION


188/195

1>?

T0e A#"it Observatin +e,ran"#,(AO+$

The A"# will contain sinificant

deficiencies that coe to the attention of

the audit tea in the AAR#SC and

constructi&e suestions or i$ro&eents

in internal control or other suestions forincreased efficienc in o$erations.


O& EVALUATION


189/195

1?@

Objectives ' t0e AO+

6 To coent on the internal control

sste eained as $art of the audit$rocess; and

6 To ad&ise anaeent, on a tiel+asis, areas where econoies or

i$ro&eent could +e ade.


O& EVALUATION


190/195

1?1

A"vantages ' t0e AO+6 It $ro&ides anaeent with the auditors

carefull $re$ared analsis of the $articularsituation and recoendations for action.

6 It can +e referred to when necessar and$assed alon for action without the daner ofdistortion.

6 It is a record of what was said and a

reinder of the ser&ices rendered + theauditor.


O& EVALUATION


191/195

1?2

Iss#es Re!ate" t t0e AO+6 Tieliness =ro$t su+ission of the

A"# to the audited aenc is i$ortant.

6 =lannin =lannin for the A"# should +e

an interal $art of $lannin for the audit.

6 9ollow7u$ =re&ious anaeent letters

should +e filed for reference and

su+se/uent follow7u$ + auditors.


O& EVALUATIONIss#es Re!ate" t t0e AO+


192/195

1?%

Iss#es Re!ate" t t0e AO+

6 =re$arin the 4etter The $riar considerationin $re$arin the A"# is to +e failiar with theintended readers +ackround.

6 #akin Recoendations Brinin the$ro+le to anaeents attention is the real

ser&ice of the A"#. The auditors ser&ice consistsof $ro$osin $ractical suestions for sol&in the$ro+le.

6 =rocessin the #eorandu Before releasinthe A"#, each situation included should +ediscussed with an a$$ro$riate re$resentati&e ofthe audited aenc, one who has the knowledeand res$onsi+ilit for the area under discussion.


O& EVALUATION


193/195

1?

Recoendations on aterialdeficiencies contained in the

A"#, not acted u$on, shall +e

included in the Coents

and "+ser&ationJ $ortion of

the AAR.


194/195

1?8

QUESTION


195/195

T0an /#La"ies an" Gent!e,en

G" )a/ an"G"

pd 9184 and its irr-a.ppt

Documents