Question

In: Accounting

What is the opinion or perspective on this idea of assessing risk in the internal control...

What is the opinion or perspective on this idea of assessing risk in the internal control process? (See paragraph below to get an idea or answer the question.) Please raise thoughtful questions, analyze relevant issues, build on ideas, synthesize across readings and discussions, expanding the perspective, and appropriately challenging assumptions and perspectives.

Significance of assessing risk in the internal control process: In chapter 3, we learned that the purpose of the internal control process is “to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance.” (Page 38, paragraph 3). One component of the internal control process is “Assessing Risk,” which requires an organization to determine, analyze and mitigate the risks inherent in achieving its goals and objectives. Without identifying, understanding and alleviating the risks involved in accomplishing it mission, an organization will both miss opportunities to improve operations and hinder its ability to achieve its goals and objectives.

According to our text on page 62, paragraph 3, “governments exist to protect the health, safety and welfare of its citizens;” to this definition, I would add the point that governments must also be as accountable and transparent as possible. For a government, therefore, assessing risks involves looking at the operations which allow the government to achieve this mission and assessing the risks inherent in these operations. Once the risks are identified, it is helpful for the government to prioritize resources so that the most significant risks are addressed first.

I work in the finance department of a Town, and the director of Finance is continually looking for risks in our business processes. If any red flags are raised, she will work quickly to adjust business processes to mitigate these risks. For example, we are currently working to reallocate or return a large portion of developer fees that were collected in the early 2000s. These fees are collected from developers to pay for the potential off-site improvements – such as road widening, or traffic lights – needed due to the impact of the new development. By law, these off-site exactions are to be returned to the payer if they are not used for the intended purpose within 6 years. Through lack of internal control –especially the component of assessing risk – the Town ended up holding onto many of these fees passed the 6 year deadline. Recently, with staff turnover, the issue of the developer fees came up and the risk of holding onto these fees any longer – namely litigation, other legal troubles, and bad press – was addressed. We are now in the process of returning the developer fees that should have already been returned. Moreover, new processes were put in place to prevent this from ever happening again, including monthly reporting and better record keeping.

Solutions

Expert Solution

Proper risk assessment can assist an organization managing risk and make decisions. Risk assessment if done thoroughly can help an organization to lead and stay ahead of competitors. In above scenario we are dealing with internal control in which the company has to return the developer fees. If the company has exercised proper internal control then it will be able to assess the probability estimation on the basis of which the company won't be late as it is in above case. The company should assess the risk through internal control. The practices of internal control should be revised from time to time. As in above case, the government's finance Department is late in returning the fees if the required changes in internal control would have been implemented on time then the risk assessment would have been certain and the return of fees would have been on time.

Thus, risk assessment is an integral aspect or part of internal control, and thus must be considered while designing the internal control sysytem of any organization.


Related Solutions

After obtaining an understanding of internal control and assessing control risk of an entity an auditor...
After obtaining an understanding of internal control and assessing control risk of an entity an auditor decided to perform tests of controls. The auditor most likely decided that: A The available evidence obtained through tests of controls would not support an assessment of control risk as high. B It would be inefficient to perform tests of controls given they would not result in reduced substantive tests. C The assessed level of inherent risk exceeded the assessed level of control risk....
If the activity presents an internal control risk, identify the control that is missing and explain...
If the activity presents an internal control risk, identify the control that is missing and explain why. If the activity does not present an internal control risk, identify the control that is being properly used and explain why. (Physical controls, Assignment of responsibilities, Separation of duties, Independent verification,Documentation) 1.The company's buyers are responsible for ordering furniture, receiving orders in the warehouse and paying suppliers. 2.When employees at the store check-in at the store's POS system, they need to enter the...
When assessing the risk associated with an activity, an internal auditor should: a) Determine how the...
When assessing the risk associated with an activity, an internal auditor should: a) Determine how the risk should best be managed. b) Provide assurance on the management of the risk. c) Update the risk management process based on risk exposures. d) Design controls to mitigate the identified risks. 12. In deciding whether to schedule the purchasing or the personnel department for an audit engagement, which of the following would be the least important factor? a. There have been major changes...
What is internal control?
 What is internal control? What are the uses of the internal control?
What is internal control, and what are the objectives of a well-designed internal control structure in...
What is internal control, and what are the objectives of a well-designed internal control structure in an organization?
In risk identification, internal control and internal records of a typical organization are key in facilitating...
In risk identification, internal control and internal records of a typical organization are key in facilitating risk management, as a whole (Vaughan, 1997). In addition, people assigned to manage risks is also important in order to ensure that there is a high level of commitment to minimize risks and losses. a. Discuss four (4) sources of risk identification in order to analyse organizational risks. b. Discuss four (4) important responsibilities of a risk management department in an organisation.
Describe each of the step’s auditors use in assessing control risk and discuss why they are...
Describe each of the step’s auditors use in assessing control risk and discuss why they are important and why they are in the order they are.
Explain how internal control work done by auditors impacts the audit risk equation. Does control risk...
Explain how internal control work done by auditors impacts the audit risk equation. Does control risk change if the auditors are providing an opinion over internal controls? How is detection risk impacted?
‘What are the basic principles of internal control? Why are accountants concerned with internal control?.
‘What are the basic principles of internal control? Why are accountants concerned with internal control?.
‘What are the basic principles of internal control? Why are accountants concerned with internal control?.
‘What are the basic principles of internal control? Why are accountants concerned with internal control?.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT