Question

5. What is the control environment? What are the elements that comprise the control environment?

6. What is meant by risk assessment process?

7. What is an information system?

8. What are control activities?

9. Give the different types of control activities.

10. Why is it necessary to monitor controls?

11. What are the inherent limitations of internal controls?

12. Enumerate, in chronological order, the steps followed in the study and evaluation of internal controls. Explain each step briefly.

13. What is a transaction walkthrough?

14. What are the different ways by which an understanding of controls is documented?

15. When is the control risk assessment High? Less than high?

16. How does a high control risk assessment affect the planned audit approach?

17. Give examples of responses to the assessed risk of material misstatement.

18. What is the relationship of a less than high control risk assessment to the nature, extent, and timing of substantive tests?

19. May substantive tests be eliminated?

20. How are audit matters related to internal control communicated to management and to those charged with governance?

Answer 1

QUESTION NO: [5] WHAT IS THE CONTROL ENVIRONMENT ? WHAT ARE THE ELEMENTS

• MEANING OF CONTROL ENVIRONMENT

Control environment refers to the overall attitudes , awarness and actions taken by the management regarding the internal control system and it's importance to the organization. It is also called "internal control environment". Internal environment consists of all policies and procedures taken by the management to deals with issues and the values they adopt. It is the foundations of an effective internal control structure, which influences the control consciousness of its people.

• ELEMENTS OF CONTROL ENVIRONMENT

- Integrity and ethical values : Managrial policies and rules are to be set in such a manner, that includes both ethical and value concepts.

- Commitment to competence : Employee selection will be based on certain qualification standards, trainning etc. to maintain skilled and competent employees in the organization.

- Human resource policies and practices : Management has specific and clear standards on hiring of employees, trainning, evaluating, coaching, promoting , compensating and disciplinning the employess.

- Leadership philosophy and operating : Management always clearly communicates its philosophy and operating style to employees throgh the mission statements, goals and objectives of organization.

- Assignment of authority and responsibility : Management defines the assignment of authority and responsibility also establishes appropriate lines of reporting.

QUESTION NO: [6] WHAT IS MEANT BY RISK ASSESSMENT PROCESS ?

Meaning of risk assessment process

Risk assessment process is the activity of analyzing the potential events and situations that harm particularly for a person or causes loss of asset, investment or loan. It is the process done by companies, governments and investors before selecting a new project/ business. The main purpose of such assessment process is to understand the hazards and determine the inherent risk associated with such hazards.

QUESTION NO: [7] WHAT IS AN INFORMATION SYSTEM ?

• INFORMATION SYSTEM

It is an formal and organizational tachnique used to collect , process , store and distribute datas and for providing information , knowledge and digital products. Business organizations are depends on such systems to manage their operations and to communicate with customers, suppliers and to compete in the market. There are several types of information systems, some of them are :

• management information system
• decision support system
• executive information systems.
• operations supporting systems.