P1 Acca Chapter 11

C10

1. Benefits of Internal Control

C10

1. Internal Control consists of?

C10

1. Importance of internal control and risk management?

C10

1. Limitations of internal control?

C10

Control Environment: Awareness of and attitude to internal control. Therefore, it comprises of corporate culture, management style and employees attitudes to control procedures.

Control Procedures: the control procedures and policies w/in internal control systems are known as internal controls. They are devised and enforced to ensure, as far as practicable in given circumstances, the orderly and efficient conduct of business.

C10

1. Effectiveness and efficiency of operations
2. Reliability of financial Reporting
3. Compliance with law and regulations

C10

1. Internal control can be passed by collusion and management override.
2. Controls are only designed to cope w routine transactions and events.
3. There are resources constraints in provisions of ICs limiting their effectiveness.
4. Costs overweighing the benefits
5. Potential for human error and fraud
6. Poor judgement in decision making.
7. Good Ics cannot turn a poor manager into a good one.
8. The systems can only provide reasonable assurance regarding the achievement of objectives. All ICs are at risks from misstatements or errors.

C10

They include measures to :

1. Manage risks that are significant to the fulfilment of company’s business objectives.
2. Facilitate the effectiveness and efficiency of operations.
3. Help ensure the reliability of internal and external reporting.
4. Assist compliance w laws and regulations and also with internal policies w respect to the conduct of the business.
5. Timely preparation of reliable financial information.
6. Help ensure that the company is not unnecessarily exposed to avoidable financial risks and that financial information used within the business and for publication is reliable
7. Safeguard the assets, including the prevention and detection of fraud

C10

1. Challenges in developing ICs?

C10

1. Are expensive control systems effective?

C10

1. Controls vital to mitigating risks to the integrity of financial reporting?

C10

The board’s annual assessment should consider?

C10

1. Design of control (rather than cost)

A wrongly/inappropriately designed control regardless of the cost will be ineffective – no direct relationship between design and cost. A highly effective control can be very simple and inexpensive.

1. A control can be over specified

The control is more robust and more expensive than required. Cost effectiveness is a key criterion of any control and a control disproportionately more is poor TVM.

1. Almost any control can be corrupted, circumvented or ignored

An employee or service user can act against a control. A technical failure (loss of power or computer failure

0 can render the well designed control to be less effective.

C10

1. Insufficient staff/resources ($) for segregation of duties.
2. Dominations of activities by management and opportunities for management override of control.
3. Inability to recruit directors w requisite financial reporting and other expertise.
4. Inability to recruit and retain staff w sufficient knowledge and experience in financial reporting.
5. Management have a wide range of responsibilities and thus insufficient time to focus on accounting and financial reporting.

C10

1. Changes since the last annual assessment in the nature and extend of significant risks, and company’s ability to respond to the changes in its business and external environment.
2. Scope and quality of management’s ongoing monitoring of risks and the system of ICs.
3. Where applicable, the work of IA or other providers of assurance.
4. The extend and frequency of reports received. Reviews of regular reports allow the boards to build up cumulative assessment of the state of control w/in the company.
5. In evidences of significant control failings/weaknesses identified during the period or extend to which resulted in unforeseen outcomes or contingencies that had/ could have had, a material impact on the company’s financial performance/conditions.

C10

1. Segregation of duties.
2. IT controls- restricted access to data and programs
3. Full documentations of assets, liabilities and transactions.
4. Matching source of documents and accounting records.
5. Confirmations- from suppliers, customers and banks
6. Reconciliation of information – different sources.
7. Completeness check – documents and accounting records
8. Reperformance of accounting calculations.  

C10

1. Benefits of compulsory reporting?

C10

1. IC Reporting per SOX (s404)?

C10

1. Elements of sound system of internal controls?*

C10

1. Categorizing ICs?

C10

SOX requires the company’s management to provide ICS report in annual report on:

1. The responsibility of management for establishing and maintaining adequate ICs over financial reporting.
2. An assessment of the effectiveness of the ICs over financial reporting.
3. Identifying the framework used by management to evaluate effectiveness of company’s ICs over financial reporting.  

C10

1. Improved shareholder confidence – they may assured that the BOD are managing risks responsibly an in excessive.
2. Reinforces confidence in the quality of the information
3. Stimulus to the director – they know that they will held accountable if controls are poor as investors will read reports and seek info on areas of weak controls.
4. Directors are held accountable to the stakeholders w power – market regulators and II
5. Removes the probability of companies w poor controls being able to hide.

C10

PAPAMOSS

1. Personnel
2. Authorization and approval
3. Physical
4. Arithmetic and accounting
5. Management
6. Organization
7. Supervision
8. Segregation of duties

C10

Turnbull Report (1999) describes sound system as including control activities, communications process and process of monitoring the continued effectiveness of the system. It should:

1, be embedded in the operations of the company and form part of its culture.

2. be capable of responding quickly to risks to the business as they emerge and develop

3. Include procedures and reporting immediately to the management responsible any control failings that have been identified and any corrective action that has been undertaken.

C10

1.  Board’s roles in risk management?

In determining policies, the board’s deliberations should consider :

1. The nature and extend of the risks facing the company.
2. The extend and categories of risk which it regards as acceptable for the company to bear.
3. The likelihood of the risks concerned materializing.
4. The company’s ability to reduce the incidence and impact on the business of risks that do materialize

C10

1. The management’s role

For effective monitoring:

1. Regularly receive and review reports on ICs
2. Undertake an annual assessment for the propose of making public its statement on ICs

C10

According to Turnbull Report,

1. Should set appropriate policies on ICs
2. Seek regular assurance that will enable it to satisfy itself that the system is functioning effectively.
3. Ensure the system of ICs is effective in managing risks.
4. Effective monitoring on continuous basis.
5. Ensure ICs adapts itself to changing circumstances.

C10

1. Implement board policies on risk and control.
2. Identify and evaluate risks faced by company.
3. Design, operate and monitor suitable system of ICs which implements the policies adopted by the board.
4. Provide reports to the board that cover :

1. A balanced assessment of significant risks
2. The effectiveness of ICs in managing those risks
3. Significant control failings or weakness identified
4. Impact that they have
5. Actions being taken to rectify them