Internal Controls

Internal controls lessen the probability that fraud or errors will occur. Controls are often created after an error or a theft is detected. Why? To make sure the misstatement or fraud doesn’t happen again.

Strong internal controls help ensure that financial statements are materially correct. Controls can be preventive or detective. That is, they can assist in keeping mistakes or fraud from happening or they can detect issues after they occur. Preventive controls tend to be more expensive and labor intensive as compared to the detective controls.

Auditors gain an understanding of internal controls in order to design their audit procedures. So, auditors usually perform walkthroughs of significant transaction cycles and account balances to see if controls are designed appropriately and that they have been implemented, that is, that they are in use.

If controls are properly designed and implemented, auditors can test them for effectiveness and use the test to support a lower control risk. Lower controls risk can lessen the risk of material misstatement for an account balance or transaction area.

Auditors are required to report significant deficiencies and material weaknesses in internal controls. That communication must be in writing.

Accounting and Auditing Asset Misappropriation Fraud

Understand Segregation of Duties and How to Create It

What is segregation of duties and how can you achieve it? In this post, I answer these two questions….

Read More Understand Segregation of Duties and How to Create It
Risk Assessment

Vetting Information Technology Controls in Risk Assessment: SAS 145

Information technology controls (IT controls) are getting increased attention with the implementation of SAS 145, Understanding the Entity and…

Read More Vetting Information Technology Controls in Risk Assessment: SAS 145
Auditing Fraud

Five Powerful Ideas to Test for Fraudulent Payments

Are you looking for ways to test for fraudulent payments? Here are five ideas.

Read More Five Powerful Ideas to Test for Fraudulent Payments
Auditing

Reporting Duties When No Internal Control Issues are Noted

This article tells you what to report when there are no internal control issues. I discuss AICPA and Yellow Book guidance.

Read More Reporting Duties When No Internal Control Issues are Noted
Asset Misappropriation

Preventing Church Theft: Tips and Best Practices

Church theft happens, and it’s not uncommon–though I wish it was. Pastors, deacons, church members, priests, and even nuns…

Read More Preventing Church Theft: Tips and Best Practices
Auditing

See Why a Test of Controls Can be Helpful or a Waste of Time

Auditors sometimes waste precious time testing controls when it may not be necessary. But in some engagements, it may be needed.

Read More See Why a Test of Controls Can be Helpful or a Waste of Time
Auditing

Internal Control Weakness Reporting

Auditors often fail to capture and communicate internal control weaknesses, even though such communications are required by the audit…

Read More Internal Control Weakness Reporting
Auditing Risk Assessment

See How Control Risk Affects Financial Statement Audits

Control risk continues to create confusion in audits. Some auditors assess control risk at less than high when they…

Read More See How Control Risk Affects Financial Statement Audits
Auditing Fraud Risk Assessment

See How Management Override of Controls is Dangerous

Management can override internal controls, resulting in fraudulent financial reporting. Below I provide examples of management override of internal…

Read More See How Management Override of Controls is Dangerous