CHAPTER 6

avatar
Created by
マライア

Cards (33)

  • Internal control
    What we do to ensure that the things we want to happen will happen and the things that we don't want to happen won't happen
    View source
  • Things we want to happen
    • Reliable financial statements
    • Minimizing spoilage of materials in the factory
    • Collections are safeguarded from theft and are deposited the next banking day
    • Inventories are protected from damage and destruction
    • Compliance with applicable laws and regulations
    • Ensuring the continuous processing of transactions
    View source
  • Things that must not happen include fraud, errors, and noncompliance with laws and regulations among others
    View source
  • Internal control (formal definition)

    A process effected by the board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievements of business objectives
    View source
  • Internal control
    • It is a process, not an isolated procedure
    • It is comprised of an interrelated sets of policies, procedures and activities that work together for the achievement of business objectives
    • It must be put into effect by people from all levels within the company
    • It is a means toward achieving the objectives of the company, not an end in itself
    View source
  • COSO
    Committee of Sponsoring Organizations comprised of the American Institute of Certified Public Accountants (AICPA), American Accounting Association (AAA), Institute of Management Accountants (IMA), Institute of Internal Auditors (IIA), and the Financial Executives International (FEI)
    View source
  • COSO published the original internal control framework in 1992 and revised it in 2013 to reflect changes in the business, operating, regulatory, and economic environment
    View source
  • Categories of internal control objectives
    • Effective and efficient operations
    • Reliability of financial and nonfinancial reporting
    • Compliance with applicable laws and regulations
    View source
  • Effective operations
    Revenue and operating cash flow targets are achieved
    View source
  • Efficient operations
    The company is able to minimize operating costs and avoid operational inefficiencies
    View source
  • Achieving effective and efficient operations
    • Engineering controls and proper factory layout to achieve smooth operation in the production process and minimize spoilage of raw materials
    • Cash accounts safeguarded from theft through physical controls like cash vaults, locks, CCTV cameras
    • All collections from customers remitted, recorded in the books, and deposited the next banking day
    • Segregation of incompatible duties so no person is in complete control of a transaction
    • Business continuity plans to assure transaction processing in the event of calamities
    • Insurance to safeguard assets from destruction
    View source
  • Reliability of financial and nonfinancial reporting
    Financial statements need to be accurate and free from errors or fraudulent reporting to be useful to users
    View source
  • Ensuring reliability of financial and nonfinancial reporting
    • Accounting staff reviews and reconciles accounts, corrects discrepancies
    • Periodic inventory counts to detect shortages or pilferage
    • Reliable nonfinancial reports like environmental and sustainability reports
    View source
  • Compliance with applicable laws and regulations
    Assurance that the company complies with taxation, labor, environmental, anti-money laundering, and corporation laws among others
    View source
  • Compliance function

    Established within the company, usually headed by a chief compliance officer, to monitor adherence to laws and regulations
    View source
  • Components of internal control (COSO framework)

    • Control environment
    • Risk assessment
    • Control activities
    • Information and communication
    • Monitoring activities
    View source
  • Control environment
    • It is the foundation of internal control, comprised of integrity and ethical values, management's philosophy and operating style, organizational structure, commitment to competence, human resource policies and procedures, and functioning of the board of directors
    View source
  • Risk assessment
    Setting objectives, identifying risks that could prevent achievement of objectives, assessing likelihood and impact of risks, determining appropriate risk responses
    View source
  • Types of control activities
    • Performance reviews
    • Information processing controls
    • Physical controls
    • Segregation of duties
    View source
  • Information and communication
    Obtaining, generating, and using relevant and quality information from both internal and external sources to support the functioning of internal control, and continually providing, sharing, and obtaining necessary information within the organization and with external parties
    View source
  • Monitoring activities

    Evaluating the condition of internal control over time as it is subject to obsolescence, and ensuring that internal control remains effective
    View source
  • In-bound communication
    Correspondences from government agencies such as the Bureau of Internal Revenue, Securities and Exchange Commission, and other government regulators are properly received by management
    View source
  • Outbound communication

    Management must reply in a timely manner to letters from government agencies
    View source
  • Monitoring activities
    Monitoring of internal control is essential because internal control that is effective today may no longer be effective months or a year from now
    View source
  • Types of monitoring
    • Ongoing monitoring
    • Separate evaluations
    View source
  • Ongoing monitoring
    Built into business processes at different levels of the entity, provide timely information
    View source
  • Separate evaluations
    Conducted periodically, will vary in scope and frequency depending on assessment of risks, effectiveness of ongoing evaluations, and other management considerations
    View source
  • COSO requirements for effective internal control

    Each of the five components must be present and functioning<|>The five components must "operate together" in an integrated manner
    View source
  • If a component is missing, the internal control system is not effective
    View source
  • The components of internal control are not to be treated in isolation; rather, they need to be operated in an integrated manner
    View source
  • Link between risks and control activities

    After setting business objectives, management must identify specific risks, assess them, and select control activities to mitigate significant risks
    View source
  • Internal control can only provide reasonable assurance, not absolute assurance
    View source
  • Limitations of internal control
    • Possibility of collusion
    • Management override
    • Human factors
    • Cost-benefit considerations
    View source