CHAPTER FIVE
Control Activities
IN THIS CHAPTER we examine the type of internal controls that well predated the Framework. Here we examine the controls over transactions and accounting processes. Here also is where experienced accountants and auditors feel the most comfortable—testing the operation of specific transaction controls to establish a basis for reliance. The Framework expands thinking to consider whether the risks identified that relate to stated business and financial reporting objectives have been mitigated by controls (Principle 10). In Principle 11 the important role played by information technology general controls (ITGCs) is assigned its own principle, Principle 12. Finally the transaction controls, including the financial statement close process and final accruals, are examined through Principle 13. This latter principle is comprised of numerous assessments and tests of accounts, estimates, and valuations, and that belies the assignment of just one principle to this characteristic. A great deal of time will be spent with Principle 13, so careful planning and consideration of the best way to define, walk through, and test each element will pay dividends. For those previously using the earlier frameworks, it is likely that Principle 12 will map well to the past controls assessments and tests.
PRINCIPLE 10. SELECTS AND DEVELOPS CONTROL ACTIVITIES TO MITIGATE RISK ...
Get Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.