金融 : CFA - FRM - PRM     财务: (全部免费开放) ACCA - CMA - CPA - AICPA    从业资格: (全部免费开放) 会计 - 证券 - 基金 - 银行




2018 FRM Part I 全部课程:知识模块精讲+复习强化+模拟题讲解    √ 2018 FRM Part II 全部课程:知识模块精讲+复习强化+模拟题讲解
上一主题:Control Environment Risk Assessment Process
下一主题:联合利华(北亚) 财务副总裁:绿色雪球
返回列表 发帖
2018 CFA LEVEL 1 2 3 高清精华课程

Internal Control Documentation

ACCA F8 考试:Internal Control Documentation
Auditors use flowcharting systems, narrative notes, internal control questionnaires (ICQs) and internal control evaluation questionnaires (ICEQs) as a framework for understanding the design of internal controls.
ICQs are composed of a series of questions for each control cycle (e.g. sales, purchases, wages) and are designed to identify whether particular internal controls exist (and if they do not, to identify a possible area of weakness). For example:
Is the customer credit limit checked before an order is accepted?
Are goods received agreed to the authorised purchase order?
Is the price charged by the supplier on the purchase invoice agreed to an authorised price list?
Is each amendment to the standing payroll database reviewed to original input and authorisation and approved by an independent official?
Questions are framed such that a "No" answer indicates a weakness and would highlight potential problems in segregation of duties, controls or management supervision.
ICQs must be:
Comprehensive to ensure all controls are covered and to highlight key and supporting controls.
Easy to complete with reference to flowcharts, narrative notes, walk-throughs and enquiries of client staff.
Completed by competent members of the audit team.
Weaknesses include the following:
Clients may be able to mislead the auditor, as they know a "Yes" answer is required (so answers must be verified).
ICQs may contain questions on controls that are not relevant.
Actual controls operated by the client may not be included in the ICQ.
ICQs may become a "tick box" exercise.
ICEQs go further than ICQs in that they are designed to assess whether errors or fraud are possible. The questions asked are more open and principles-based than the closed form (rulesbased) questions of ICQs. They are also closely related with control objectives. For example:
How does the client ensure that goods are sent only to customers who can pay?
How does the client ensure that goods are accepted only if the correct ordering procedures have been followed?
How does the client ensure that payments are made only for goods and services received and required by the company?
How does the client ensure that amendments to the standing payroll data are relevant and accurate?
Advantages include the following:
The questions in an ICEQ can be concentrated (targeted) on the possibility of error and fraud in each cycle and therefore specifically designed to cover such possibilities, reducing the number of questions and increasing their relevance.
Each question can relate to more than one client, as questions are open and each client may have different relevant controls that meet the question requirement.
At the same time, an ICEQ can be specifically tailored to each client.
The answers will describe the nature and extent of the controls in operation. The auditor can then assess the control design and decide whether or not to rely on them (i.e. they can then form the basis of the control testing programme).
Completing the ICEQ requires a higher level of understanding, in order to be able to link the controls to each question. An ICQ may be completed first to aid such understanding.*

上一主题:Control Environment Risk Assessment Process
下一主题:联合利华(北亚) 财务副总裁:绿色雪球