Lecture 5- Internal control & on site work

One section in which internal control is broken down into in ISA 315 is environment. This includes elements such as & values, to competence ( to embedding this in ), those charged with (involves considering of their roles & how they are as they have got important responsibility), management’s & style (think how they & something), structure (centralised or decentralised), assignment of & (who is responsible) & finally policies & practices (how are staff & how are they )

Another section in which internal control is broken down into in ISA 315 is assessment. ISA 315 says should understand whether entity has process to identify relevant to reporting objectives, significance of , likelihood of & deciding upon to address those

Third section in which internal control is broken down into in ISA 315 is system & related business . This involves looking at system (general ledger so system), system, information, system, (presentations, word-processing etc) & process (consider how all listed above link with this process)

Accounting system- need to obtain an understanding of system sufficient to identify & understand: classes of , how are initiated, significant accounting , supporting & & finally & reporting process (all listed above are into this process which is critical for in understanding system & applying it in process)

Fourth section in which internal control is broken down into in ISA 315 is procedures. This involves reviews (are they & meeting ), processing, physical (security) & of duties (looking at split between between different parts of )

Fifth section in which internal control is broken down into in ISA 315 is of controls. This is process that deals with ongoing of quality of internal performance. This involves thinking about performance, & over time (examining whether it is going to or whether something needs to be )

There is challenge for companies in relation to . This is because there may be involvement of /. This means there may be an ability to or controls. Also, as there are not people in small companies, of duties may be to enforce

Limitations of accounting & control systems include , human (i.e. someone making mistakes as they are not properly), (i.e. may user with financial information), controls being or & controls designed for & not

One classification of control in an IT environment is . These control in which operates

One type of general controls is development/maintenance . Important elements of this control include structure to ensure high standards during , documentation of process complete enough to allow persons to understand how the system works, at critical stages, in writing at each stage, developments including staff training, preparation of forms & file conversions, system for reporting system malfunctions after implementation, steps to ensure changes are not made to programs & finally user agreement at critical points, particularly of user interfaces

Another type of general controls is . This involves organisation (i.e. who has for certain functions so that it is who does what & how they do it), of duties (someone that is going to be undertaking is clear about this), & & finally control

Third type of general controls is . These must determine that assets are safe. It is critical whether looking at , assets or & . Also, company should have policy & identify assets at & likelihood of occurring

Fourth type of general controls is . Need to recognise group of people have responsibility to ensure standards for IT development are in & ( embedded into new developments), people need to be independent of & & in smaller organisation may report to audit

Another classification of control in an IT environment is . These are controls over specific & . This involves thinking about data / controls, data controls, controls over & controls over &

Auditor should rely on internal controls because it avoids need for levels of detailed testing which are & manual work

In compliance tests/tests of control evaluate whether internal & are designed to pick up material & have been operating throughout period

Types of compliance tests/tests of control include / trail, testing/ testing, with company staff, staff at work, of control procedures & of management reviews

Audit process is driven by search for to form an opinion, based on whole series of with regard to & of accounting records, of figures in financial statements & with legislation & accounting & reporting standards

According to ISA 500 & ISA 501 audit evidence is all used by auditor in arriving at on which audit is based & includes contained in accounting underlying financial statements & other

Audit evidence collection procedures include (ask about & system works), , , , , & procedures

One generalisation for assessing audit evidence (ISA 500) is audit evidence is more when it is obtained from sources outside

Another generalisation for assessing audit evidence (ISA 500) is audit that is generated internally is more when related imposed by entity are

Third generalisation for assessing audit evidence (ISA 500) is audit evidence directly by is more than audit evidence indirectly or by

Fourth generalisation for assessing audit evidence (ISA 500) is audit evidence is more when it exists in form

Fifth generalisation for assessing audit evidence (ISA 500) is audit evidence provided by original is more than audit evidence provided by

Sixth generalisation for assessing audit evidence (ISA 500) is evidence created in course of is better than evidence specially to satisfy

Seventh generalisation for assessing audit evidence (ISA 500) is source of audit evidence will be but management’s lack of reduces its value as source of such evidence

Eighth generalisation for assessing audit evidence (ISA 500) is evidence about is difficult to & less than evidence about events

Ninth generalisation for assessing audit evidence (ISA 500) is evidence may be by skilful use of evidence

Audit tests are designed to obtain about financial statement . relate to classes of & , account at period-end, & &

Key assertions for balance sheet include (& ), & , & &

Key assertions for profit & loss include , , , &

Key assertions for notes include & & , , & & &

makes assertions that they have in place to ensure & of all aspects of financial statements at & level. Auditor undertakes of those . Auditor then undertakes testing either via review or of detail to gather to prove that assertions are true or false