Unit 2

Internal control refers to the processes, policies, and procedures put in place
by an organization to ensure the reliability of financial reporting, compliance
with laws and regulations, operational effectiveness and efficiency, and the
safeguarding of assets. Internal control systems are designed to help
organizations achieve their objectives while minimizing the risk of errors,
fraud, and inefficiencies.

In the context of auditing, internal control plays a crucial role in determining

how an auditor assesses the risk of material misstatement in the financial
statements and the overall reliability of the organization’s financial reporting.
Auditors evaluate internal control systems to gather evidence, assess risks, and
design audit procedures.

The framework outlines five essential components of internal control:

1. Control Environment:
- The control environment sets the tone for the organization, influencing the
overall attitude toward internal control and ethical behavior. It includes the
integrity, ethical values, and competence of the organization’s people.
- Key elements include:
- Management's philosophy and operating style.
- Organizational structure and assignment of authority and responsibility.
- Human resources policies and practices.

2. Risk Assessment:
- Risk assessment involves identifying and analyzing relevant risks to
achieving the organization’s objectives, considering both external and internal
factors that could affect the business.
 - This process helps management to understand potential threats to its
financial reporting, operations, and compliance and take steps to mitigate
these risks.

3. Control Activities:
- Control activities are the policies and procedures that help ensure that
management’s directives are carried out. These activities are designed to
prevent or detect errors and fraud.
- Common control activities include:
- Segregation of duties (e.g., different people handle different aspects of a
transaction).
- Authorization and approval processes.
- Physical controls (e.g., locks, safes).
- Reconciliation of accounts.
4. Information and Communication:
- Information systems must provide timely, accurate, and relevant data for
effective decision-making and to ensure the proper functioning of other
internal control components.
- Effective communication ensures that information flows both internally and
externally in a way that promotes efficient and coordinated action.

5. Monitoring Activities:
- Monitoring involves regularly assessing the quality of the internal control
system over time. It ensures that the internal control system is functioning as
intended and allows for adjustments when necessary.
- Monitoring can be performed through ongoing activities or separate
evaluations, such as internal audits.
Internal check and internal audit
What is an internal check?
An internal check can be described as a systematic arrangement of operations
within an office, warehouse, factory, store, etc. In this system, the tasks of one
employee undergo automatic scrutiny by another employee. This arrangement
aims to reduce the risks associated with errors and fraud. The design is such
that committing fraud requires collusion between employees.
An internal check is implemented in a firm to ensure that no single individual is
allowed to oversee and manage every aspect of financial transactions. It is
integral to the internal control system. Consequently, tasks are
compartmentalized, and each segment is given to a different worker. This
structure ensures that one employee’s work is subject to the examination of
another, reducing the likelihood of errors and fraudulent activities.

What is an internal audit?

An internal audit is a systematic and ongoing evaluative activity conducted
within a company. In this process, a group of auditors reviews accounting and
financial operations, providing both constructive and protective services to the
company’s management. The primary objectives of internal audit are to
ensure:
1. Accurate and appropriate recording of business transactions.
2. Systematic maintenance of account books in accordance with relevant
provisions.
3. Prevention of misappropriation of business property and manipulation
of accounts.
An internal audit serves as a control mechanism, aiming to appraise and
measure the efficacy of other control measures. This involves the verification
of company operations by a specially appointed staff for this purpose.
The main goal of an internal audit is to assist management in efficiently
fulfilling their responsibilities by offering recommendations, logical analysis,
and suggestions related to the examined operations.

Key Differences Between Internal Audit and Internal Check

1. Nature and Purpose


 Internal check is a system within the organization where one staff

member’s work is checked by another to minimize errors or fraud.
 Internal Audit is an internal examination of the organization’s
account books conducted by a dedicated audit team.
2. Design and Control


 Internal check logically divides work to prevent absolute control

by any one person.
 Internal Audit involves a separate group of auditors cross-verifying
employees’ work.
3. Starting Point


 Internal check starts when a transaction is entered.

 Internal audit begins after the transaction is documented in the
books.
4. Focus of Examination


 Internal check verifies clerical and accounting accuracy.

 Internal audit checks the scope and efficacy of management
control.
5. Executors


 Internal check is conducted by existing employees.

 Internal audit is carried out by a specially appointed group of
auditors.
6. Cost Implications


 Internal check involves no additional cost as it is performed by

existing employees.
  Internal audit is relatively expensive as it requires a dedicated
team.
7. Error and Fraud Handling


 Internal check prevents frauds and errors.

 Internal audit detects frauds and errors.
8. Function


 Internal check involves the arrangement and design of work.

 Internal audit focuses on examining and evaluating work.
9. Timing


 Internal check is performed at the same time as the work,

catching mistakes early on.
 Internal audit takes place after the transactions are recorded.
10.Reporting


 Internal check reports are daily transaction summaries provided to

supervisors.
 Internal audit reports are submitted to the management by
auditors.
Internal check objectives
1. Prevention of Error or Fraud: To prevent errors or fraud within the
organization.
2. Minimization of Misappropriation: To reduce goods or cash being
misappropriated by staff members.
3. Reliable Accounting System: To make sure that the firm’s accounting
system offers complete, reliable, up-to-date, and correct information for
each business transaction.
 4. Early Detection and Correction: To identify fraud or errors early on and
promptly correct them.
5. Protection of Resources: To protect the firm’s resources against
carelessness, theft, and inefficiency.
6. Comprehensive Delegation: To assign work in a manner that ensures no
business segment remains unrecorded or unchecked.
7. Timely Detection through Independent Checking: To identify frauds and
errors when they occur, via independent checking.
Internal audit objectives
1. Verification of Accounting Records: To substantiate the authenticity and
accuracy of the accounting records provided to the management.
2. Compliance with Accounting Policies: To ensure compliance with
standard accounting practices and policies.
3. Early Detection of Errors and Frauds: To enable the early detection of
errors and frauds within the organization.
4. Analysis of Internal Check System: To analyze the internal check system
at regular intervals, recommending improvements and conducting
special investigations for management.
5. Verification of Liabilities: To confirm that liabilities have been sustained
for legitimate and valid activities.
6. Authorization and Compliance: To ensure that transactions are
performed by authorized personnel and under the appropriate
authority.
Internal check advantages
1. Appropriate division of work
2. Error and fraud prevention
3. Boosts efficiency
4. Convenience for auditor
5. Account accuracy
6. Increased profits
Internal audit advantages
1. Fraud and error detection
2. Quick presentation of reports and accounts
3. Management advisory services
4. Proper coordination and control

Audit Notebook:
Definition and Purpose

An audit notebook is a document or tool used by auditors to record their

observations, findings, and procedures during the course of an audit. It serves
as a comprehensive record of the auditor's work, providing details of the audit
process, evidence obtained, and conclusions drawn. The audit notebook is
typically used to ensure that the audit is conducted in accordance with
auditing standards and that all necessary steps are properly documented.

An audit notebook is essential for both the auditor's reference during the audit
and for providing evidence of the audit work performed, especially when
reviewing and finalizing the audit. It can also be used in case of future review
or inquiries, such as those by regulatory bodies or external stakeholders.

Key Purposes of an Audit Notebook:

1. Documentation of Audit Procedures: It helps auditors document the steps

taken during the audit process, including planning, risk assessment, testing,
and conclusions.

2. Evidence of Audit Work: The notebook provides a detailed record of the

auditor's work and evidence collected, ensuring that all procedures are
properly executed and that the findings can be traced back to the evidence.
3. Communication: It serves as a tool to communicate the progress of the audit
to other team members or to supervisors. It can include memos or notes
related to issues encountered, questions raised, or areas that need further
investigation.

4. Compliance and Quality Control: It helps auditors ensure compliance with

auditing standards and internal audit procedures. It acts as a quality control
tool to verify that the audit is thorough and consistent with professional
standards.

5. Review and Supervision: The audit notebook can be reviewed by senior

auditors or managers to ensure that the audit is progressing as planned and
that key areas are being addressed.

6. Legal and Regulatory Purposes: The audit notebook can be used as evidence
in case of disputes, legal proceedings, or regulatory investigations. It ensures
that the auditor's work is well-documented and defensible.

Contents of an Audit Notebook

An audit notebook typically includes the following sections or types of

information:

1. Audit Planning
- Objective and Scope of the Audit: A brief statement of the audit’s objectives
and the scope of the work to be performed.
- Audit Team: Names of the audit team members and their respective roles
and responsibilities.
- Audit Program: A detailed list of audit procedures and tests to be performed,
based on the audit plan.
- Risk Assessment: Identification of significant risks, including areas with high
potential for material misstatement or fraud.
 - Timeline: The estimated timeline for completing various stages of the audit.

2. Audit Evidence and Procedures

- Procedures Performed: Detailed descriptions of the audit procedures
performed, including sampling methods, tests of controls, and substantive
tests.
- Evidence Collected: Notes on the evidence obtained during the audit, such
as documents, invoices, contracts, or electronic data. This can also include the
auditor’s evaluation of the quality of evidence.
- Work Papers: References to specific working papers that support the audit
findings (e.g., bank reconciliations, financial statements, etc.).

3. Findings and Observations

- Audit Findings: Observations regarding the client's financial records, internal
controls, and compliance with accounting standards. Any discrepancies, errors,
or irregularities discovered during the audit are recorded.
- Control Weaknesses: Any weaknesses in internal controls identified during
the audit, with a description of their potential impact on financial reporting.
- Issues Requiring Further Attention: Notes on issues that require further
investigation or clarification, including unresolved queries, discrepancies, or
concerns raised during the audit.
- Recommendations: Suggestions for improving internal controls, financial
reporting practices, or operational processes, if applicable.

4. Communication with Management

- Meetings with Management: Notes from discussions with the client’s
management team, including any concerns raised, decisions made, and any
significant management representations.
- Management Responses: Documentation of management’s responses to
audit findings, including corrective actions or disagreements with the findings.
 - Audit Adjustments: A record of any audit adjustments proposed by the
auditor and whether the client agrees to make these adjustments in the
financial statements.

5. Audit Conclusions
- Conclusions on Financial Statements: A summary of the auditor’s
conclusions regarding the accuracy and fairness of the client’s financial
statements.
- Opinion: If applicable, a draft of the audit opinion (e.g., unqualified,
qualified, adverse, or disclaimer of opinion).

Benefits of an Audit Notebook

- Documentation of Audit Work: It provides a record of the audit procedures,

evidence, and conclusions that can be referenced later or reviewed by others.
- Legal Protection: An audit notebook can serve as evidence in case of legal
disputes, regulatory investigations, or inquiries by external stakeholders.
- Quality Control: It ensures that audits are performed systematically and
consistently, and that the auditor is following professional standards and
guidelines.
- Efficient Audit Process: A well-maintained audit notebook helps auditors stay
organized and track the progress of the audit, ensuring nothing is overlooked.
- Communication Tool: It serves as a tool for communicating findings and
observations to other members of the audit team, management, or the audit
committee.
Working papers
Working papers (also known as audit working papers or audit documentation)
are the records, documents, and evidence that auditors compile and maintain
during the audit process. They serve as a detailed record of the audit
procedures performed, the evidence obtained, and the conclusions drawn.
Working papers are essential for supporting the auditor’s opinion on the
financial statements and for providing a clear and organized trail of the audit
process.
In essence, working papers are the foundation of an audit, providing the
necessary documentation that auditors need to substantiate their findings,
judgments, and conclusions. They also serve as evidence in case of regulatory
reviews, peer reviews, or legal inquiries into the audit work.

Purpose and Importance of Working Papers

1. Support for the Auditor's Opinion: The working papers provide the
documentation necessary to support the auditor's opinion on the financial
statements. They show how the auditor gathered evidence, tested controls,
and arrived at conclusions.
2. Evidence of Compliance with Auditing Standards: Working papers
demonstrate that the auditor has followed the auditing standards and
procedures. They serve as proof that the audit was conducted in accordance
with established guidelines (such as GAAS - Generally Accepted Auditing
Standards, or ISA - International Standards on Auditing).

3. Internal Control Evaluation: Working papers include documentation on the

assessment of internal controls and their effectiveness. This helps auditors
determine the level of reliance that can be placed on the client’s internal
controls.

4. Facilitate Review and Supervision: Supervisors and managers can use the
working papers to review the audit process and findings. Working papers help
ensure that the audit has been conducted thoroughly and that all key areas
have been addressed.

5. Legal and Regulatory Evidence: In case of disputes, regulatory scrutiny, or

legal challenges, working papers provide the necessary documentation to
defend the audit process and conclusions.
6. Audit Efficiency: Working papers help the audit team stay organized,
ensuring that the audit is completed efficiently and systematically. They also
allow future auditors to understand the approach taken in previous audits,
which can improve consistency.
- If necessary, they may also include recommendations for improving internal
controls or business practices.

7. Correspondence and Communications:

- This section may include correspondence with the client, such as
management letters, representations from management, and communication
regarding audit issues or concerns.

8. Signatures and Approval:

- The working papers should include the signatures of the auditors who
performed the work, as well as the dates of completion and review. This helps
ensure accountability and allows for the review of the audit process by
supervisors.

Types of Working Papers

Working papers can be categorized into several types, depending on their

content and purpose. Some common types include:

1. Lead Schedules:
- These are summary schedules that provide an overview of key financial
statement balances (e.g., cash, accounts receivable, accounts payable). They
link to the underlying detailed working papers and help the auditor organize
and summarize the audit evidence.

2. Supporting Schedules:
 - Detailed documentation supporting the figures in the financial statements,
such as calculations of depreciation, inventory counts, or accounts receivable
aging reports. These schedules provide evidence for the auditor’s conclusions.
3. Test of Controls:
- Working papers documenting the auditor's tests of the client’s internal
controls. This may include evaluating how controls over cash handling,
authorization of transactions, or safeguarding assets are designed and
operating in practice.

4. Substantive Testing:
- Documentation of substantive procedures performed to test the accuracy
and completeness of the financial statements. This could include procedures
such as examining transaction details, confirming balances with third parties,
or recalculating figures.

5. Journal Entries and Adjustments:

- Documentation of any journal entries or adjustments made by the auditor
or management during the audit process. This includes correcting entries,
reclassifications, and adjustments made to align the financial statements with
generally accepted accounting principles (GAAP).

6. Audit Conclusion and Opinion:

- A summary of the audit conclusions, including the auditor’s opinion on the
financial statements. This section ties together the audit findings and provides
the basis for the audit opinion (unqualified, qualified, adverse, or disclaimer).
Audit working papers are often maintained in digital or paper formats. In
modern auditing, most working papers are maintained electronically for ease
of access, sharing, and storage. Common formats include:

- Spreadsheets: Excel or other spreadsheet software is often used for

organizing financial data, calculations, and supporting schedules.
- Word Documents: Used for detailed notes, explanations, and audit findings.
- PDF Files: Used for scanned copies of documents such as bank statements,
contracts, or invoices that support audit evidence.
- Audit Software: Many firms use specialized audit software to maintain
working papers, track progress, and organize audit documentation.

Best Practices for Audit Working Papers

1. Clarity and Organization: Working papers should be well-organized and easy

to follow, with clear references to the specific audit objectives, procedures,
and evidence.
2. Sufficiency of Evidence: Ensure that the working papers contain sufficient
evidence to support the auditor’s opinion, including detailed documentation of
procedures performed and conclusions reached.
3. Consistency: Follow consistent formats and standards to ensure that all
relevant information is documented systematically and can be easily reviewed.
4. Timeliness: Complete working papers promptly to ensure that the audit
process is well-documented and up-to-date.
5. Confidentiality: Ensure that working papers are kept confidential, as they
contain sensitive financial information about the client.