Scribd
Upload
55 views20 pages

Ethics, Fraud and Internal Control

This document discusses internal controls and their components. It describes the objectives of internal controls as safeguarding assets, ensuring accurate records, promoting operational efficiency, and ensuring compliance. It then explains the five major components of internal controls: control environment, risk assessment, information/communication, monitoring, and control activities. Control activities include both IT and physical controls, with examples provided of each type.

Uploaded by

Angel Ybanez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
55 views20 pages

Ethics, Fraud and Internal Control

This document discusses internal controls and their components. It describes the objectives of internal controls as safeguarding assets, ensuring accurate records, promoting operational efficiency, and ensuring compliance. It then explains the five major components of internal controls: control environment, risk assessment, information/communication, monitoring, and control activities. Control activities include both IT and physical controls, with examples provided of each type.

Uploaded by

Angel Ybanez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

Module 4

Ethics,
Fraud
And
Internal Control
Part 2
Internal Control Objectives

⦿ Safeguard assets of the firm

⦿ Ensure accuracy and reliability of accounting


records and information.

⦿ Promote efficiency of the firms operations.

⦿ Measure compliance with management’s


prescribed policies and procedure.
Modifying Assumption to the Internal
Control
⦿ Management Responsibility
- the establishment and maintenance of a system
of internal control is the responsibility of
management.
⦿ Reasonable Assurance
- the cost of achieving the objectives of internal
control should not outweigh its benefits.
⦿ Methods of Data Processing
- the technique of achieving the objectives will
vary with different types of technology.
Limitations of Internal Control

⦿ Possibility of honest errors


⦿ Circumvention via collusion
⦿ Management override
⦿ Changing conditions –especially in companies
with high growths.
Exposures of Weak Internal Control

⦿ Destruction of an asset.
⦿ Theft of an asset.
⦿ Corruption of information.
⦿ Disruption of the information system.
Five Internal Control Components
“CRIME”
• Control Activities
• Risk Assessment
• Information and Communication
• Monitoring
• Control Environment
Control Environment
⦿ Integrity and ethics of management
⦿ Organizational Structure
⦿ Role of the board of directors and the audit
committee
⦿ Management’s policies and philosophy
⦿ Delegation of responsibility and authority
⦿ Performance evaluation measures
⦿ External Influences – regulatory agencies
⦿ Policies and practices managing human resources.
Risk Assessment
⦿ Identify, analyze and manage risks relevant to
financial reporting:
● changes in external environment
● risky foreign markets
● significant and rapid growth that strain internal controls
● new product lines
● restructuring, downsizing
● changes in accounting policies.
Information and Communication
⦿ The AIS should produce high quality
information which:
● identifies and records all void transactions
● provides timely information in appropriate detail to permit
proper classification and financial reporting
● accurately measures the financial value of transactions
● accurately records transactions in the time period in which
they occurred
Monitoring

⦿ The process for assessing the quality of


internal control design operation

● Separate procedures – test of control by internal auditors.


● On going monitoring:
● computer modules integrated into routine operations
● management from normal performance.
Control Activities
⦿ Policies and procedures to ensure that the
appropriate actions are taken in response to
identified risks.
⦿ Fall into two distinct categories:
● IT Controls – relate specifically to the computer
environment.
● Physical Control – primarily pertain to human activities.
Two Types of IT Control
⦿ General Controls – pertains to the entity wide
computer environment.
● Examples: control over the data center, organization
database, systems development, and program maintenace.

⦿ Application Controls – ensure the integrity of


specific systems.
● Examples: control over sales order processing, accounts
payable, and payroll applications.
Six Types of Physical Control

⦿ Transaction Authorization
⦿ Segregation of Duties
⦿ Supervision
⦿ Accounting Records
⦿ Access Control
⦿ Independent Verification
Physical Control

⦿ Transaction Authorization
● used to ensure that employees are carrying out only
authorized transactions.
● general (everyday procedures) or specific (non-routine
transactions) authorizations
⦿ Segregation of Duties
● in manual systems, separation between:
● Authorizing and processing a transaction
● custody and recordkeeping of the assets
● subtasks
• In computerized system, separation between:
● program coding
● program processing
● program maintenance
⦿ Supervision
• a compensation for lack of segregation; some may be
built into computer system.

⦿ Accounting Records
• provide an audit trail
⦿ Access Control
• help to safeguard assets by restricting physical access
to them.

⦿ Independent Verification
• reviewing batch totals or reconciling subsidiary
accounts with control accounts.
END
THANK
YOU

You might also like