An organization’s inner controls are comprised of five components, that include: the control environment, risk assessment, control activities, monitoring, and details and conversation. The five components of inner control are viewed as to be conditions for assessing an company financial revealing controls as well as the bases to get auditors’ evaluation of control risk since it relates to an organization’s monetary statements (Lowers, et. approach., 2007). “Thus, auditors must consider the five pieces in terms of (1) understanding a client’s monetary reporting controls and creating that understanding, (2) preliminarily assessing the control risk, and (3) testing the controls, reassessing control risk, and applying that assessment to plan the remainder of the audit work (Lowers, ain.
ing., 2007, s. 161).
Phase i treatment ” Understanding
Throughout the course of Phase I an audit team will work to obtain a clear comprehension of a company’s internal control environment and management’s risk assessment. The audit group will review the stream of orders through the provider’s accounting program, and the type of some client controlprocedures (Lowers, et.
approach., 2007). In this step the audit staff will carry out their tests in a top-down risk-based fashion that 1st examines company-level controls (CLCs) and then settings of significant business units within the company (Lowers, et. al., 2007). Regulates within the control environment and companywide courses include:
¢ Management’s risk assessment
¢ Centralized processing and controls which include shared service environments ¢ Period-end economic reporting method
¢ Controls to monitor outcomes of operations
¢ Controls to monitor other controls
¢ Board-approved policies that address significant business control and risikomanagement practices (Lowers, et. approach., 2007, s. 161). Once the audit staff has finished their examination of CLCs the audit staff will then doc their understanding through the use of narrative descriptions or perhaps flowcharts. The audit crew will then employ one of those equipment to design an initial program of substantive types of procedures for auditing assertions linked to the company’s consideration balances, which can be conducted in Phase 2 (Lowers, ain. al., 2007).
Phase II ” Assessment
After the audit team features completed Phase I the review team will move into Stage II or perhaps the preliminary analysis of the industry’s control hazards. Throughout the course of Phase 2 the audit team is going to analyze the control strengths and weaknesses of the business. A industry’s strengths are considered as particular features of great general and application controls while its weak points are considered as being a lack of controls in particular areas (Lowers, ainsi que. al., 2007). The review team’s conclusions and preliminary conclusions should then be written up and written about in taxation files known as the bridge workpapers.
In Stage II the audit staff will strive to answer the subsequent questions through its examination. Can control risk end up being low or perhaps less than optimum? Is decrease of the control risk evaluation cost-effective? As soon as the audit group arrives at the answers of the people questions it can then identify the handles to be tested and the degree of compliance necessary. “The distinction between the understanding and creating phase as well as the preliminary control risk analysis phase is useful for understanding theaudit function. However , the majority of auditors used do the two together, much less separate and distinct audit tasks (Lowers, et. ing., 2007).
Period III ” Testing
In the third and final period the audit team will likely then perform tests of controls of the specified controls and reassess control risk. Throughout the testing stage the examine team is going to seek to answer the question of how the actual degree of company compliance compares with the required level of compliance with the company’s control policies and procedures. The audit group will then doc the basis for assessing you can actually control risks, which are less than 100% or perhaps assess the business high or maximum control risk and design an audit software for the corporation with more successful substantive techniques. The audit team will likely then perform a test on the planned or modified substantive procedures.
A powerful evaluation of your company’s internal controls provides the company having a reasonable peace of mind regarding the achievement of its objectives in the following three categories: reliability of financial reporting; effectiveness and efficiency of its operations; and conformity with appropriate laws and regulations.
Lowers, T. M., Ramsay, R. J., Sinason, D. L., Strawser, J. R. (2007). Internal Control and Analysis. Auditing and Assurance Companies. 2nd ed. The McGraw-Hill Companies.
New York City, BIG APPLE.