Date post: | 01-Apr-2015 |
Category: |
Documents |
Upload: | madeline-barns |
View: | 236 times |
Download: | 5 times |
10 - 1©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Section 404 Audits of Section 404 Audits of Internal Control and Internal Control and Control RiskControl Risk
Chapter 10Chapter 10
10 - 2©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 1Learning Objective 1
Describe the three primaryDescribe the three primary
objectives of effectiveobjectives of effective
internal control.internal control.
10 - 3©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Compliance with laws and regulationsCompliance with laws and regulations
Efficiency and effectiveness of operationsEfficiency and effectiveness of operations
Reliability of financial reportingReliability of financial reporting
Internal Control ObjectivesInternal Control Objectives
10 - 4©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 2Learning Objective 2
Contrast management’sContrast management’s
responsibilities for maintainingresponsibilities for maintaining
and reporting on internal controlsand reporting on internal controls
with the auditor’s responsibilitieswith the auditor’s responsibilities
for understanding, testing, andfor understanding, testing, and
reporting on internal controls.reporting on internal controls.
10 - 5©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Management and Auditor Management and Auditor Responsibilities RelatedResponsibilities Relatedto Internal Controlto Internal Control
Management’s responsibilityManagement’s responsibilityfor establishing internal controlfor establishing internal control
Reasonable assuranceReasonable assurance
Inherent limitationsInherent limitations
10 - 6©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Management and Auditor Management and Auditor Responsibilities RelatedResponsibilities Relatedto Internal Controlto Internal Control
Management’s Section 404Management’s Section 404reporting responsibilitiesreporting responsibilities
Design of internal controlDesign of internal control
Operating effectiveness of controlsOperating effectiveness of controls
10 - 7©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Management and Auditor Management and Auditor Responsibilities RelatedResponsibilities Relatedto Internal Controlto Internal Control
Auditor responsibilities forAuditor responsibilities forunderstanding internal controlunderstanding internal control
Control over classes of transactionsControl over classes of transactions
Auditor responsibilities for testingAuditor responsibilities for testing and reporting on internal controland reporting on internal control
10 - 8©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Sales Transaction-Related Audit Sales Transaction-Related Audit ObjectivesObjectives
Sales Transaction-RelatedSales Transaction-RelatedAudit ObjectivesAudit Objectives
Sales are for shipmentsSales are for shipmentsto existing customers.to existing customers.
Transaction-Related AuditTransaction-Related AuditObjective – General formObjective – General form
Recorded transactionsRecorded transactionsexist (existence).exist (existence).
Existing sales transactionsExisting sales transactionsare recorded.are recorded.
Existing transactions areExisting transactions arerecorded (completeness).recorded (completeness).
Transactions are statedTransactions are statedcorrectly (accuracy).correctly (accuracy).
Sales for goods shippedSales for goods shippedare correctly billed.are correctly billed.
10 - 9©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Sales Transaction-Related Audit Sales Transaction-Related Audit ObjectivesObjectives
Transactions are properlyTransactions are properlyclassified (classification).classified (classification).
Sales transactions areSales transactions areproperly classified.properly classified.
Transactions are recordedTransactions are recordedon correct dates (timing).on correct dates (timing).
Sales are recorded onSales are recorded onthe correct dates.the correct dates.
Transactions are properlyTransactions are properlyfiled (posting andfiled (posting andsummarization).summarization).
Sales transactions areSales transactions areproperly included in theproperly included in themaster files.master files.
Transaction-Related AuditTransaction-Related AuditObjective – General formObjective – General form
Sales Transaction-RelatedSales Transaction-RelatedAudit ObjectivesAudit Objectives
10 - 10©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 3Learning Objective 3
Explain the five componentsExplain the five components
of the COSO internalof the COSO internal
control framework.control framework.
10 - 11©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Five Components of Internal Five Components of Internal ControlControl
RiskRiskassessmentassessment
ControlControlactivitiesactivities
Information andInformation andcommunicationcommunication
MonitoringMonitoring
10 - 12©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
The Control EnvironmentThe Control Environment
Integrity and ethical valuesIntegrity and ethical values
Commitment to competenceCommitment to competence
Board of directors or audit committee participationBoard of directors or audit committee participation
Management’s philosophy and operating styleManagement’s philosophy and operating style
10 - 13©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
The Control EnvironmentThe Control Environment
Organizational structureOrganizational structure
Assignment of authority and responsibilityAssignment of authority and responsibility
Human resources policies and practicesHuman resources policies and practices
10 - 14©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Risk AssessmentRisk Assessment
Identify factors that may increase risk.Identify factors that may increase risk.
Assess the likelihood of the risk.Assess the likelihood of the risk.
Determine actions necessary to manage the risk.Determine actions necessary to manage the risk.
Estimate the significance of the risk.Estimate the significance of the risk.
10 - 15©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Control ActivitiesControl Activities
1. Adequate separation of duties1. Adequate separation of duties
2. Proper authorization of transactions and activities2. Proper authorization of transactions and activities
3. Adequate documents and records3. Adequate documents and records
4. Physical control over assets and records4. Physical control over assets and records
5. Independent checks on performance5. Independent checks on performance
10 - 16©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Adequate Separation of DutiesAdequate Separation of Duties
Custody of assetsCustody of assets AccountingAccounting
AuthorizationAuthorizationof transactionsof transactions
The custody ofThe custody ofrelated assetsrelated assets
OperationalOperationalresponsibilityresponsibility
Record-keepingRecord-keepingresponsibilityresponsibility
IT dutiesIT duties User departmentsUser departments
10 - 17©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Proper Authorization of Proper Authorization of Transactions and ActivitiesTransactions and Activities
General authorizationGeneral authorization
Specific authorizationSpecific authorization
10 - 18©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Adequate Documents and Adequate Documents and RecordsRecordsPrenumbered consecutivelyPrenumbered consecutively
Prepared at the time of transactionPrepared at the time of transaction
Designed for multiple useDesigned for multiple use
Constructed to encourage correct preparationConstructed to encourage correct preparation
Simple enough to ensure understandingSimple enough to ensure understanding
10 - 19©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Physical Control over AssetsPhysical Control over Assetsand Recordsand Records
The most important type of protectiveThe most important type of protectivemeasure for safeguarding assets andmeasure for safeguarding assets andrecords is the use of physical precautions.records is the use of physical precautions.
10 - 20©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Independent Checks on Independent Checks on PerformancePerformance
The need for independent checks arisesThe need for independent checks arisesbecause internal control tends to changebecause internal control tends to changeover time unless there is a mechanismover time unless there is a mechanismfor frequent review.for frequent review.
10 - 21©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Information and CommunicationInformation and Communication
The purpose of an accounting informationThe purpose of an accounting informationand communication system is to…and communication system is to…
initiate, record, process, and reportinitiate, record, process, and reportthe entity’s transactions and to maintainthe entity’s transactions and to maintainaccountability for the related assets.accountability for the related assets.
10 - 22©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
MonitoringMonitoring
Monitoring activities deal with management’sMonitoring activities deal with management’songoing and periodic assessment of theongoing and periodic assessment of thequality of internal control performance…quality of internal control performance…
to determine whether controls are operatingto determine whether controls are operatingas intended and modified when needed.as intended and modified when needed.
10 - 23©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
How the Size of the Business How the Size of the Business Affects Internal ControlAffects Internal Control
In general the SEC believes that smallIn general the SEC believes that smallbusinesses should be expected to adherebusinesses should be expected to adhereto the same internal control standards thatto the same internal control standards thatapply to larger public companies.apply to larger public companies.
The SEC has also stated that the burden toThe SEC has also stated that the burden tosmaller companies can be disproportionate.smaller companies can be disproportionate.
10 - 24©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 4Learning Objective 4
Obtain and document anObtain and document an
understanding of internal control.understanding of internal control.
10 - 25©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Four Phases of a Financial Four Phases of a Financial Statement AuditStatement Audit
Phase 1Phase 1
Obtain anObtain anunderstanding ofunderstanding ofinternal control:internal control:design anddesign andoperationoperation
Phase 2Phase 2Assess controlAssess controlrisk.risk.
Phase 3Phase 3Design, perform,Design, perform,and evaluate testsand evaluate testsof controlsof controls
Phase 4Phase 4
Decide plannedDecide planneddetection riskdetection riskand substantiveand substantivetests.tests.
10 - 26©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Obtain and Document Obtain and Document Understanding of Internal ControlUnderstanding of Internal Control
SAS 55 and PCAOB Standard 2 SAS 55 and PCAOB Standard 2 both requireboth requirethe auditor to obtain an understandingthe auditor to obtain an understandingof internal control for every auditof internal control for every audit..
Procedures to obtain an understanding:Procedures to obtain an understanding:• Design of internal controlsDesign of internal controls• Whether placed in operationWhether placed in operation• Uses this information as a basis for theUses this information as a basis for the integrated audit.integrated audit.
10 - 27©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Methods UsedMethods Used
NarrativeNarrative
FlowchartFlowchart
InternalInternalcontrolcontrol
questionnairequestionnaire
10 - 28©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
NarrativeNarrative
1. The origin of every document1. The origin of every document and record in the systemand record in the system
2. All processing that takes place2. All processing that takes place
3. The disposition of every document3. The disposition of every document and record in the systemand record in the system
4. An indication of the controls relevant4. An indication of the controls relevant to the assessment of control riskto the assessment of control risk
10 - 29©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Evaluating Internal Control Evaluating Internal Control OperationOperation
Update and evaluate auditor’s previousUpdate and evaluate auditor’s previousexperience with the entity.experience with the entity.
Make inquiries of client personnel.Make inquiries of client personnel.
Examine documents and records.Examine documents and records.
Observe entity activities and operations.Observe entity activities and operations.
Perform walkthroughs of the accounting system.Perform walkthroughs of the accounting system.
10 - 30©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 5Learning Objective 5
Assess control risk by linking keyAssess control risk by linking key
controls, significant deficiencies,controls, significant deficiencies,
and material weaknesses toand material weaknesses to
transaction-related audittransaction-related audit
objectives.objectives.
10 - 31©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Assess Control RiskAssess Control Risk
Assess whether the financial statementsAssess whether the financial statementsare auditable.are auditable.
Determine assessed control risk supportedDetermine assessed control risk supportedby the understanding obtained assumingby the understanding obtained assumingthe controls are being followed.the controls are being followed.
Use of a control risk matrix to assess control riskUse of a control risk matrix to assess control risk
10 - 32©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Control Risk MatrixControl Risk Matrix
Auditors use the Auditors use the control risk matrixcontrol risk matrix to toidentify both controls and weaknessesidentify both controls and weaknessesand to assess control risk.and to assess control risk.
10 - 33©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Control Risk MatrixControl Risk Matrix
Identify transaction-related audit objectives.Identify transaction-related audit objectives.
Identify existing controls.Identify existing controls.
Associate controls with transaction-relatedAssociate controls with transaction-relatedaudit objectives.audit objectives.
Identify and evaluate control deficiencies,Identify and evaluate control deficiencies,significant deficiencies, and material weaknessessignificant deficiencies, and material weaknesses
10 - 34©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Evaluating Significant Control Evaluating Significant Control DeficienciesDeficiencies
MaterialMaterialWeaknessWeakness
LIKELIHOODLIKELIHOOD
SIGNIFICANCESIGNIFICANCE
MaterialMaterial
ImmaterialImmaterial
ProbableProbableRemoteRemote
10 - 35©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Communicate Internal Control Communicate Internal Control Deficiencies and Related MattersDeficiencies and Related Matters
Management lettersManagement letters
Audit committee communicationsAudit committee communications
10 - 36©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 6Learning Objective 6
Describe the process of designingDescribe the process of designing
and performing tests of controls.and performing tests of controls.
10 - 37©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Tests of ControlsTests of Controls
The procedures to test effectiveness of controlsThe procedures to test effectiveness of controlsin support of a reduced assessed controlin support of a reduced assessed controlrisk are called risk are called tests oftests of controlscontrols..
10 - 38©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Procedures for Tests of ControlsProcedures for Tests of Controls
1. Make inquiries of client personnel.1. Make inquiries of client personnel.
2. Examine documents, records, and reports.2. Examine documents, records, and reports.
3. Observe control-related activities.3. Observe control-related activities.
4. Reperform client procedures.4. Reperform client procedures.
10 - 39©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Extent of ProceduresExtent of Procedures
Reliance on evidence from prior year’s auditReliance on evidence from prior year’s audit
Testing less than the entire audit periodTesting less than the entire audit period
10 - 40©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Relationship of Assessed ControlRelationship of Assessed ControlRisk and Extent of ProceduresRisk and Extent of Procedures
InquiryInquiryDocumentationDocumentation
ObservationObservation
ReperformanceReperformance
Yes–extensiveYes–extensiveYes–with transactionYes–with transaction
walk-throughwalk-throughYes–with transactionYes–with transaction walk-throughwalk-throughNoNo
Yes–someYes–someYes–using samplingYes–using sampling
Yes–at multiple timesYes–at multiple times
Yes–using samplingYes–using sampling
Type ofType ofprocedureprocedure
High level:High level:Procedures to obtainProcedures to obtain
an understandingan understandingLower level:Lower level:
Tests of controlsTests of controls
Assessed control riskAssessed control risk
10 - 41©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Decide Planned Detection Risk Decide Planned Detection Risk and Design Substantive Testsand Design Substantive Tests
The auditor uses the results of the control riskThe auditor uses the results of the control riskassessment process and tests of controls toassessment process and tests of controls todetermine the planned detection risk anddetermine the planned detection risk andrelated substantive tests.related substantive tests.
The auditor links the control risk assessmentsThe auditor links the control risk assessmentsto the balance-to the balance-related audit objectives.related audit objectives.
10 - 42©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 7Learning Objective 7
Understand Section 404Understand Section 404
requirements for auditorrequirements for auditor
reporting on internal control.reporting on internal control.
10 - 43©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Section 404 Reporting on Internal Section 404 Reporting on Internal ControlControl
The auditor’s opinion on whether management’sThe auditor’s opinion on whether management’sassessment of the effectiveness of internalassessment of the effectiveness of internalcontrol over financial reporting as of thecontrol over financial reporting as of theend of the fiscal period is fairly stated, end of the fiscal period is fairly stated, in all material respects.in all material respects.
11
10 - 44©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Section 404 Reporting on Internal Section 404 Reporting on Internal ControlControl
The auditor’s opinion on whether the companyThe auditor’s opinion on whether the companymaintained, in all material respects, effectivemaintained, in all material respects, effectiveinternal control over financial reportinginternal control over financial reportingas of the specified date.as of the specified date.
22
10 - 45©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Types of OpinionsTypes of Opinions
UnqualifiedUnqualified
AdverseAdverse
Qualified or disclaimer of opinionQualified or disclaimer of opinion
10 - 46©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Learning Objective 8Learning Objective 8
Describe the differences inDescribe the differences in
evaluating, reporting, andevaluating, reporting, and
testing internal control fortesting internal control for
nonpublic companies.nonpublic companies.
10 - 47©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Evaluating, Reporting, and Testing Internal Evaluating, Reporting, and Testing Internal Control for Nonpublic CompaniesControl for Nonpublic Companies
1. Reporting requirements1. Reporting requirements
2. Extent of required internal controls2. Extent of required internal controls
4. Assessing control risk4. Assessing control risk
5. Extent of tests of controls needed5. Extent of tests of controls needed
3. Extent of understanding needed3. Extent of understanding needed
10 - 48©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
Differences in Scope of Controls Differences in Scope of Controls Tested: Nonpublic CompanyTested: Nonpublic Company
Internal controls over financial reportingInternal controls over financial reporting
Internal controls used to assessInternal controls used to assesscontrol risk below maximumcontrol risk below maximum
Controls that must be tested inControls that must be tested inan audit of financial statementsan audit of financial statements
Controls that must be tested inControls that must be tested inan audit of internal controlsan audit of internal controls
10 - 49©2006 Prentice Hall Business Publishing, ©2006 Prentice Hall Business Publishing, Auditing 11/e,Auditing 11/e, Arens/Beasley/Elder Arens/Beasley/Elder
End of Chapter 10End of Chapter 10