Internal Controls (Audit Perspective)
Internal controls are processes designed by management to provide reasonable assurance about the reliability of financial reporting, effectiveness of operations, and compliance with laws.
Explanation
Auditors are required to obtain an understanding of internal controls relevant to the audit in every engagement. For integrated audits of public companies (under PCAOB standards), the auditor must also express an opinion on the effectiveness of internal control over financial reporting (ICFR). The COSO framework is the most widely used model, comprising five components: control environment, risk assessment, control activities, information and communication, and monitoring.
Key Points
- •Five COSO components: control environment, risk assessment, control activities, information and communication, monitoring
- •Understanding of controls is required in all audits
- •Integrated audits (public companies) require an opinion on ICFR effectiveness
Exam Tip
The control environment is the foundation of COSO — it sets the tone at the top and influences the control consciousness of the organization.
Frequently Asked Questions
Related Topics
Fraud Risk Assessment
Fraud risk assessment is the auditor's responsibility to identify and assess risks of material misstatement due to fraud, including fraudulent financial reporting and misappropriation of assets.
Substantive Procedures
Substantive procedures are audit procedures designed to detect material misstatements at the assertion level, including tests of details and substantive analytical procedures.
Test your knowledge
Practice scenario-based questions on this topic with detailed explanations.