Chapter 6 Internal Control in a Financial Statement Audit

CHAPTER 6

INTERNAL CONTROL IN A

FINANCIAL STATEMENT AUDIT

Answers to Review Questions

6-1 From management's perspective, the internal control provides a way to meet its stewardship or agency responsibilities. Management also needs a control system that generates reliable information for decision-making purposes.

The importance of internal control to the auditor is rooted in the second standard of fieldwork. The controls that are relevant to the entity's ability to initiate, record, process, and report financial data consistent with management's assertions are the auditor's main concern. The auditor needs assurances about the reliability of the data generated within the entity's internal control system in terms of how it affects the fairness of the financial statements and how well the assets and records of the entity are safeguarded.

6-2 The potential benefits and risks to an entity’s internal control from information technology include (see Table 6-1):

Benefits:

• Consistent application of predefined business rules and performance of complex calculations in processing large volumes of transactions or data.

• Enhancement of the timeliness, availability, and accuracy of information.

• Facilitation of additional analysis of information.

• Enhancement of the ability to monitor the performance of the entity's activities and its policies and procedures.

• Reduction in the risk that controls will be circumvented.

• Enhancement of the ability to achieve effective segregation of duties by implementing security controls in applications, databases, and operating systems.

Risks:

• Reliance on systems or programs that inaccurately process data, process inaccurate data, or both.

• Unauthorized access to data that may result in destruction of data or improper changes to data, including the recording of unauthorized or nonexistent transactions or inaccurate recording of transactions....