This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The top-down approach could indentify those controls which are the most important to test. A top-down approach should be used to audit internal controls over financial reporting. It basically has two steps. First, it starts with financial statement level and the understanding of risks from the financial reporting and second is the entity-level control.
In this approach, the auditor should be able to evaluate and test the entity-level controls which are significant to the conclusion that the auditor is going to make. The entity-level controls are different in precision and nature. Some entity-level controls are important to prevent or detect timely basis. Some entity-level controls are designed to monitor the possible problems in other controls. Timely basis misstatements to relevant assertions could also be detected or prevented by some other entity-level controls.
Entity-level controls consist of eight parts; they are listed as the following: A. controls related to the control environment. B. controls over management override. C. risk assessment process of the company. D. centralized processing and controls, including shared service environments. E. controls to monitor results of operations. F. controls to monitor other controls, including activities of the internal audit function, the audit committee, and self-assessment programs. G. controls over the period-end financial reporting process. H. policies that address significant business control and risk management practices.
The control environment is very important to internal control. In order to evaluate the company's control environment, the auditor should also assess-1st, if operating or philosophy style of the management promote effective internal control. 2nd, if ethical and integrity values are fully understood. 3rd, if the audit committee or Board exerts responsibility.
Period-end Financial Reporting Process is important to the opinions on internal control of the auditor and financial reporting or financial statements. The following procedures are included in period-end financial reporting process-1st, enter transaction totals into the general ledger. 2nd, selection and application of accounting policies. 3rd, initiate, authorize, record, and process journal entries. 4th, record adjustments to the financial statements. 5th, preparing financial statements and related disclosures. The auditor should also assess the following parts for the period-end financial reporting process: (1) The information technology which involved in the period-end financial reporting process. (2) The inputs, procedures performed, and outputs of the processes that the company uses for their financial statements. (3) people who participates from management. (4) Locations related to the period-end financial reporting process. (5) Adjusting and consolidating entries. (6) The nature and extent of the oversight of the process.
The auditor has to identify important accounts, disclosure and assertions that related. There are five assertions that are included in the financial statement: (1) Existence or occurrence; (2) Completeness; (3) Valuation or allocation; (4) Rights and obligations; (5) Presentation and disclosure. There are risk factors that related to identifying significant accounts and disclosures and relevant assertions; they are composition and size of the account; susceptibility to misstatement; volume of activity, complexity, and homogeneity; nature of the account; accounting and reporting complexities; losses in the account; significant contingent liabilities arising; related party transactions; changes from the prior period. The auditor needs to determine the potential misstatements which could cause materially misstate the financial statements. The auditor should evaluate the same risk factors in both the identification of significant accounts and in the audit of the financial statements. Different controls are necessary if a potential significant account or disclosure subject to differing risks. The auditor should use the consolidated financial statements to identify significant accounts and disclosures and their relevant assertions if a company has more than one location or business unit.
In order to understand the sources of misstatements, the following objectives should be achieved: (1) transactions that related to the assertions; (2) confirm the identification within the processes of the company; (3) identify the controls that address potential misstatements; (4) identify the controls that could cause a material financial statement misstatement. The most effective way to understand the sources of potential misstatements is performing walkthroughs. The auditor follows the company's origination transactions till the company's financial reports reflect the transactions.
The selection of the controls to test is very important for the auditor's results regarding the controls effectively address the misstatement's risk of the company. The risk of misstatement to an assertion can be caused by multiple controls. Multiple assertions can be caused by one control whether to select a control for testing is depending on which control relates to assertion instead of how the control is labeled.
A material weakness is a deficiency or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the company's annual or interim financial statements will not be prevented or detected on a timely basis. A significant deficiency is a deficiency, or a combination of deficiencies, in internal control over financial reporting that is less severe than a material weakness; yet important enough to merit attention by those responsible for oversight of the company's financial reporting.
The following are included in indicating of material weaknesses; (1) Identification of fraud; (2) restatement of previous financial statements; (3) the auditor's identification of material misstatements that have not been detected; (4) the company's external and internal financial reporting's ineffective oversight.
The auditor should decide the degree of assurance and level of detail when evaluating the importance of a deficiency (or combination of deficiencies). The auditor could treat the deficiency as a material weakness's indicator, if the determination of the auditor is that a deficiency may prevent prudent officials in their own conducts.
Writing is way that auditor communicates to the audit committee and management for all material weaknesses during the process of auditing. If an ineffective conclusion is made by the auditor from oversight of the company's financial reporting, written communication to the board of directors is required. If there are deficiencies that are identified during audit which are significant deficiencies and need written communication to the audit committee are the auditor's considerations. All deficiencies also need communicate in writing to management. The auditor might become aware of fraud, while auditing internal control over financial reporting.
The following elements must be included in the audit of internal control over financial reporting of the auditor's report: (1) a title which includes the "independent" word; (2) a statement which shows the responsibility of management for assessing the effectiveness and for maintaining effective internal control over financial reporting; (3) identification of management's report; (4) a statement that indicate express an opinion on the company's internal control over financial reporting is the auditor's responsibility; (5) internal control over financial reporting's definition; (6) a statement that provide the audit was conducted with the PCAOB's standards; (7) statement which standards the requirements of PCAOB; (8) statement that includes shows the understanding of internal control over financial reporting of the company, etc. of the process of auditing; (9) statement that provides the reasonable basis; (10) a paragraph stating internal control over financial reporting might not detect or prevent misstatements; (11)if the company maintained effective internal control over financial reporting based on the auditor's idea; (12) the signature of the auditor's firm; (13) the name of city and state that the auditor's report has been issued; (14) the audit report's date.