《《精编》内部控制和审计风险》由会员分享,可在线阅读,更多相关《《精编》内部控制和审计风险(17页珍藏版)》请在金锄头文库上搜索。
1、n内部控制与审计风险(英)Chapter 1 General provisionsArticle 1This standard is prepared in accordance with the General Independent Auditing Standard to establish standards for Certified Public Accountants (“CPAs”) on the study and evaluation of an entitys internal controls in the audit of financial statements,
2、to assess audit risk, to improve audit efficiency and to ensure a high standard of professional work.Article 2The term “internal controls” in this standard refers to the policies and procedures formulated and implemented by an entity with a view to ensuring the efficient conduct of the business acti
3、vities, safeguarding assets, preventing, detecting and correcting error and fraud, and ensuring the truthfulness, legitimacy and completeness of accounting information.Internal controls include the control environment, accounting systems and control procedures.Article 3The term “audit risk” in this
4、standard refers to the possibility of the CPA expressing an inappropriate audit opinion after performing an audit, when the financial statements contain material misstatements or omissions. Audit risk includes inherent risk, control risk and detection risk.Article 4Unless otherwise specified, CPAs s
5、hould refer to this standard in performing audit work other than the audit of financial statements.Chapter 2 General principlesArticle 5When preparing the audit plan, the CPA should study and evaluate the entitys internal controls.Article 6The CPA should perform compliance tests on any internal cont
6、rols, which are intended to be relied upon, to determine the impact on the nature, timing and extent of the substantive tests.Article 7The CPA should maintain professional scepticism, apply professional judgement reasonably to assess the audit risk and to design and perform relevant audit procedures
7、 in order to reduce the audit risk to an acceptable level.Article 8The CPA should document the work carried out and the results of the study and evaluation of the internal controls and the assessment of the audit risk in the audit working papers.Chapter 3 Internal controlsArticle 9It is the accounti
8、ng responsibility of the entitys management to establish sound internal controls. The relevant internal controls should generally:(1) ensure that business activities are conducted in accordance with appropriate authorization;(2) ensure that all transactions and events are promptly recorded at the co
9、rrect amount, in the appropriate accounts and in the proper accounting period, to enable preparation of financial statements in accordance with the relevant requirements of the accounting standards;(3) ensure that access to and handling of assets and records are permitted only in accordance with app
10、ropriate authorization; and(4) ensure that assets recorded are reconciled with the physical assets at regular intervals.Article 10When determining the reliability of internal controls, the CPA should maintain professional scepticism and pay adequate attention to the following inherent limitations of
11、 internal controls:(1) The design and implementation of internal controls are restricted by the principle of cost and benefit;(2) Internal controls tend to be directed at routine business activities;(3) Even perfectly designed internal controls may not operate effectively due to human carelessness,
12、distraction, mis-judgement and the misunderstanding of instructions;(4) Internal controls may be circumvented through the collusion by relevant persons with parties inside or outside the entity;(5) Internal controls may be circumvented when a person responsible for exercising an internal control abu
13、ses that responsibility or submits to external pressure; and(6) Internal controls may deteriorate or become ineffective due to changes in the operating environment and the nature of the business.Article 11When preparing the audit plan, the CPA should understand the design and operating conditions of
14、 the entitys internal controls.When determining the nature, timing and extent of the audit procedures which should be performed to understand the internal controls, the CPA should mainly consider the following factors:(1) the size and business complexity of the entity;(2) the type and complexity of
15、the entitys data processing system;(3) audit materiality;(4) the type of relevant internal controls;(5) the documentation of relevant internal controls; and(6) the result of the assessment of inherent risk.Article 12In understanding the internal controls, the CPA should make reasonable use of previous audit experience. With regard to significant internal controls, generally the CPA may also perform the following procedures:(1) make enquiries of the entitys relevant persons and inspect the relevant internal control documentation;(2) inspect the documents and records generated by the i
