Essay About Risk Management And C10Importance Of Internal Control

P1 Acca Chapter 11
C10Benefits of Internal ControlC10Internal Control consists of?C10Importance of internal control and risk management? C10 Limitations of internal control?                                                  C10Control Environment: Awareness of and attitude to internal control. Therefore, it comprises of corporate culture, management style and employees attitudes to control procedures.Control Procedures: the control procedures and policies w/in internal control systems are known as internal controls. They are devised and enforced to ensure, as far as practicable in given circumstances, the orderly and efficient conduct of business. C10Effectiveness and efficiency of operationsReliability of financial ReportingCompliance with law and regulationsC10Internal control can be passed by collusion and management override.Controls are only designed to cope w routine transactions and events.There are resources constraints in provisions of ICs limiting their effectiveness.Costs overweighing the benefitsPotential for human error and fraudPoor judgement in decision making.Good Ics cannot turn a poor manager into a good one.The systems can only provide reasonable assurance regarding the achievement of objectives. All ICs are at risks from misstatements or errors.C10They include measures to : Manage risks that are significant to the fulfilment of company’s business objectives.Facilitate the effectiveness and efficiency of operations.Help ensure the reliability of internal and external reporting.Assist compliance w laws and regulations and also with internal policies w respect to the conduct of the business. Timely preparation of reliable financial information.Help ensure that the company is not unnecessarily exposed to avoidable financial risks and that financial information used within the business and for publication is reliableSafeguard the assets, including the prevention and detection of fraud                                                  C10Challenges in developing ICs?C10Are expensive control systems effective?C10Controls vital to mitigating risks to the integrity of financial reporting?C10The board’s annual assessment should consider?                                                  C10Design of control (rather than cost)A wrongly/inappropriately designed control regardless of the cost will be ineffective – no direct relationship between design and cost. A highly effective control can be very simple and inexpensive.A control can be over specified The control is more robust and more expensive than required. Cost effectiveness is a key criterion of any control and a control disproportionately more is poor TVM.Almost any control can be corrupted, circumvented or ignoredAn employee or service user can act against a control. A technical failure (loss of power or computer failure0 can render the well designed control to be less effective. C10Insufficient staff/resources ($) for segregation of duties.Dominations of activities by management and opportunities for management override of control.Inability to recruit directors w requisite financial reporting and other expertise.Inability to recruit and retain staff w sufficient knowledge and experience in financial reporting.Management have a wide range of responsibilities and thus insufficient time to focus on accounting and financial reporting. C10 Changes since the last annual assessment in the nature and extend of significant risks, and company’s ability to respond to the changes in its business and external environment.Scope and quality of management’s ongoing monitoring of risks and the system of ICs.Where applicable, the work of IA or other providers of assurance.The extend and frequency of reports received. Reviews of regular reports allow the boards to build up cumulative assessment of the state of control w/in the company.In evidences of significant control failings/weaknesses identified during the period or extend to which resulted in unforeseen outcomes or contingencies that had/ could have had, a material impact on the company’s financial performance/conditions.C10Segregation of duties.IT controls- restricted access to data and programsFull documentations of assets, liabilities and transactions.Matching source of documents and accounting records.Confirmations- from suppliers, customers and banksReconciliation of information – different sources.Completeness check – documents and accounting recordsReperformance of accounting calculations.  C10 Benefits of compulsory reporting?C10IC Reporting per SOX (s404)?C10Elements of sound system of internal controls?*C10Categorizing ICs?                                                  C10SOX requires the company’s management to provide ICS report in annual report on:The responsibility of management for establishing and maintaining adequate ICs over financial reporting.An assessment of the effectiveness of the ICs over financial reporting.Identifying the framework used by management to evaluate effectiveness of company’s ICs over financial reporting.  C10Improved shareholder confidence – they may assured that the BOD are managing risks responsibly an in excessive.Reinforces confidence in the quality of the informationStimulus to the director – they know that they will held accountable if controls are poor as investors will read reports and seek info on areas of weak controls.Directors are held accountable to the stakeholders w power – market regulators and IIRemoves the probability of companies w poor controls being able to hide.C10PAPAMOSSPersonnel Authorization and approvalPhysical Arithmetic and accountingManagementOrganization SupervisionSegregation of dutiesC10Turnbull Report (1999) describes sound system as including control activities, communications process and process of monitoring the continued effectiveness of the system. It should:1, be embedded in the operations of the company and form part of its culture.2. be capable of responding quickly to risks to the business as they emerge and develop3. Include procedures and reporting immediately to the management responsible any control failings that have been identified and any corrective action that has been undertaken.                                                  C10 Board’s roles in risk management?In determining policies, the board’s deliberations should consider : The nature and extend of the risks facing the company.The extend and categories of risk which it regards as acceptable for the company to bear.The likelihood of the risks concerned materializing.The company’s ability to reduce the incidence and impact on the business of risks that do materialize C10The management’s role                                                   For effective monitoring:Regularly receive and review reports on ICsUndertake an annual assessment for the propose of making public its statement on ICsC10According to Turnbull Report,Should set appropriate policies on ICsSeek regular assurance that will enable it to satisfy itself that the system is functioning effectively.Ensure the system of ICs is effective in managing risks. Effective monitoring on continuous basis.Ensure ICs adapts itself to changing circumstances.C10Implement board policies on risk and control.Identify and evaluate risks faced by company.Design, operate and monitor suitable system of ICs which implements the policies adopted by the board.Provide reports to the board that cover :A balanced assessment of significant risksThe effectiveness of ICs in managing those risksSignificant control failings or weakness identifiedImpact that they haveActions being taken to rectify them