Showing posts with label ISA 315. Show all posts
Showing posts with label ISA 315. Show all posts

Friday, July 22, 2016

Audit Method: Internal Control Component: Information Systems

The ISA 315, has divided the entity’s internal control process in to five components. One among these components is the Information Systems. According to ISA 315, while conducting the audit of financial statements, the auditor needs to obtain an understanding of the information system, including the related business processes, relevant to financial reporting, including the following areas:

·         The classes of transactions in the entity’s operations that are significant to the financial statements;
·         The procedures, within both information technology and manual systems, by which those transactions are initiated, recorded, processed, corrected as necessary, transferred to the general ledger and reported in the financial statements;
·         The related accounting records, supporting information and specific accounts in the financial statements that are used to initiate, record, process and report transactions;
·         How the information system captures events and conditions, other than transactions, that are significant to the financial statements;
·         The financial reporting process used to prepare the entity’s financial statements, including significant accounting estimates and disclosures; and
·         Controls surrounding journal entries, including non-standard journal entries used to record non-recurring, unusual transactions or adjustments.

The information system relevant to financial reporting objectives, which includes the accounting system, consists of the procedures and records designed and established to:

·         Initiate, record, process, and report entity transactions (as well as events and conditions) and to maintain accountability for the related assets, liabilities, and equity;
·         Resolve incorrect processing of transactions, for example, automated suspense files and procedures followed to clear suspense items out on a timely basis;
·         Process and account for system overrides or bypasses to controls;
·         Transfer information from transaction processing systems to the general ledger;
·         Capture information relevant to financial reporting for events and conditions other than transactions, such as the depreciation and amortization of assets and changes in the recoverability of accounts receivables; and
·         Ensure information required to be disclosed by the applicable financial reporting framework is accumulated, recorded, processed, summarized and appropriately reported in the financial statements.


Practice


Significant and rapid changes in information systems can change the risk relating to internal control. The extent and nature of the risks to internal control vary depending on the nature and characteristics of the entity’s information system. The entity should respond to the risks arising from the use of IT in internal control by establishing effective controls in light of the characteristics of the entity’s information system.