Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
17 Cards in this Set
- Front
- Back
|
Name the components of IC |
Control Environment Risk Assessment Control Activities Information & Communication Monitoring of controls |
|
|
Control Environemnt |
1. Demonstrates commitment to integrity and values 2. Board demonstrates independence from mgt & oversees the development/performance of IC 3. Mgt w/ Board establishes structures, reporting lines, & appro authorities & responsibilities in pursuit of obj 4. Org demonstraits commitment to attract, devolp, and retain competent individuals aligning with obj 5. Org holds individuals accountable for IC responsibilities in pursuit of obj |
|
|
Risk Assessment |
6. Obj specificied w/clarity to enable the ID & assessment of risks relative to obj 7. Org ID risks to achieve obj across entity & analyze risks relative to obj 8. Considers potential for fraud in assess risk 9. IDes & assess changes that could impact IC |
|
|
Control Activities |
10. Selects & develops control activities contributing to mitigation of risk 11. Selects & supports general control activities over tech for support & achievement of obj 12. Deploys control act through policies establ what is expected and procedures putting these into action |
|
|
Information & communication |
13. Obtains/Generates & uses relevant, quality info to support function of IC 14. Org internally communicates info, including obj, responsibilities of IC, necessary to support IC 15. Org Communicates with ext parties regarding matters affecting functioning of IC |
|
|
Monitoring Of Controls |
16. Selects, develops & preforms onging evaluations to ascertain whether components of IC are present & functioning 17. Eval & comm IC deficiencies in a timely manner to those responsible for taking action |
|
|
Limitations |
Human error Mgt Override Collusion Cost/Benefit Not universal Not enough assurance |
|
|
Flow of IC relation to procedures first three steps |
Develop understandings of IC - Eval design, Determine implementation Document Understanding Relying on controls? |
|
|
Yes relying on controls |
(Relience strat) Plan & preform test of controls Set control risk based on tested Acheived CR = Planned CR Document Level of CR Preform procedures |
|
|
No relying on controls |
Substantive strat Set control risk at max Document level of control risk Preform procedures |
|
|
Assessing CR |
Id specific controls that will be relyed upon Preform Test of controls Conclude on achieved leved of CR |
|
|
Preform test of controls; go into detail |
In order to provide evidence to support lower CR Procedures: Observation, re-preformance, inquire, inspection of docx |
|
|
Intergrated audit explain |
Audit of ICFR & FS Auditor is looking for both material misstatements and material weaknesses |
|
|
Steps of preforming audit of the ICFR |
Plan audit ID controls to test w/top down risk based appro Test design & operating effectiveness Eval IC deficiencies Form opinion |
|
|
Planning audit of ICFR |
Role of risk assessment & risk of fraud (direct relationship between audit work & poss weak) Scaling Audit Using work of others (should eval objectivity) |
|
|
Using top down risk based approach to ID controls to test |
ID entity level controls (Control envir, & period ending FR process) ID significant accts (size, susceptibility, nature) Understand likely source of misstatement Select controls to test |
|
|
Test design & operating effectiveness of controls |
Design - is the control missing Test & eval operating effectiveness a. Nature of control 2. Freq of op 3. importance |
