Page 64 - DCOM509_ADVANCED_AUDITING
P. 64

Unit 4: Internal Control




              Controls to prevent unauthorised amendments to data files                        Notes
              Controls to ensure continuity of operation, for example, storing extra copies of programs
               and data files off-site, protection of equipment against fire and  other hazards, backup
               power sources, disaster recover procedures or maintenance agreements and insurance.

               !

             Caution  Internal control can provide only reasonable assurance – not absolute assurance –
             regarding the achievement of an organization’s objectives.
          Use of Internal Control Systems by Auditors: An internal control can only provide, at best, a
          reasonable assurance that objectives are being reached because of inherent limitations, such as,
          human error and  potential for fraud. These inherent limitations  demonstrate why  auditors
          cannot obtain all their evidence from tests of the systems of internal control.

          Self Assessment

          State whether the following statements are True or False:
          6.   General control and application controls in a computerised environment.
          7.   The proxy disclosure rules create opportunities for internal auditors to  report on and
               provide their opinions about  their organization’s compliance with its own governance
               and risk assessment requirements.

          8.   In particular, auditors may need to express opinions in the areas of corporate governance,
               risk management, and internal controls.
          9.   Internal controls help safeguard funds, provide efficient and  effective management  of
               assets, and permit accurate financial accounting.
          10.  Internal  controls  cannot  eliminate  all  errors  and  irregularities,  but  they  can  alert
               management to potential problems.
          11.  Effective controls reduce the risk of asset loss and help ensure that plan information is
               complete and accurate, financial statements are reliable, and laws  and regulations are
               complied with.

          4.5 Basic principles governing Internal Control

          Following are given, in a summarized form, some of the important basic principles governing
          internal  control:
          1.   A proper system, preferably in writing, must be implemented in the entity, in such a way
               that  origination,  recording  and accounting  of business  transactions  take  place  in  a
               standardized way.
          2.   The authorities and responsibilities of every official should prefix and must be in writing.
          3.   Accounting entries should not be allowed without a supporting document.

          4.   A standard system of internal check should be established in such a way that no person
               alone handles a transaction completely from beginning to end  and the  work of every
               person  is  in the  ordinary course  checked by  another person  in the  same  or  another
               department.
          5.   Responsibility for the custody and control  of  assets  should be segregated  from the
               responsibility of accounting for the assets. In other words, persons having the custody or



                                           LOVELY PROFESSIONAL UNIVERSITY                                   59
   59   60   61   62   63   64   65   66   67   68   69