Following are descriptions of 10 internal controls.
1. The company has an organizational chart that establishes the formal lines of reporting and authorization protocols.
2. Before a cash disbursement can be processed, all payee information must be verified by matching the payee to the company’s approved vendor listing.
3. The company’s computer systems track individual transactions and automatically accumulate transactions to create a trial balance.
4. On a monthly basis, department heads compare a budget to actual performance report and investigate unusual differences.
5. The company must receive university transcripts documenting all college degrees earned before an individual can begin employment with the company.
6. Senior management obtains data about external events that might affect the entity and evaluates the impact of that information on its existing accounting processes.
7. Each quarter, department managers are required to perform a self-assessment of the department’s compliance with company policies. Reports summarizing the results are to be submitted to the senior executive overseeing that department.
The following are general questions about internal control. Choose the best response.
a. Which of the following situations is not an example of an inherent limitation of
internal control?
(1) A programming error in the design of an automated control allows an employee
to give himself an unauthorized pay increase.
(2) Management’s failure to enforce control policies surrounding access to inventory
allows employees to steal assets.
(3) A lack of physical controls over the safeguarding of assets allows an employee to
steal company assets.
(4) A fraud scheme whereby an employee orders personal goods and his supervisor,
who is in on the scheme, signs the checks to pay for those goods.
b. Which of the following factors are included in an entity’s control environment?
Participation of
Those Charged
With Governance
Integrity and
Ethical Values
Organizational
Structure
(1) Yes Yes No
(2) Yes Yes Yes
(3) No Yes Yes
(4) Yes No Yes
c. Which of the following correctly describes an internal control component?
(1) Control activities set the tone of the organization.
(2) Information and communication systems have to do with management’s analysis of risk.
(3) Risk assessment relates to assessing the quality of the internal control structure
over time.
(4) Monitoring relates to ongoing assessment by management to determine whether
controls are operating as intended.
8. The system automatically reconciles the detailed accounts receivable subsidiary ledger to the accounts receivable general ledger account on a daily basis.
9. The company has developed detailed accounting policy and procedures manuals to provide detailed instructions to employees about how controls are to be performed.
10. The compensation committee reviews compensation plans for senior executives to determine whether those plans create unintended pressures that might lead to distorted financial statements.
Indicate which of the five COSO internal control components is best represented by each internal control.
a. Control environment
b. Risk assessment
c. Control activities
d. Information and communication
e. Monitoring
The following are internal controls related to various cycles.
1. Checks are signed by the company president, who compares the checks with the underlying supporting documents.
2. Sales invoices are matched with shipping documents by the computer system and an exception report is generated.
3. Receiving reports are prenumbered and accounted for on a daily basis.
4. The accounts receivable master file is reconciled each month to the general ledger.
5. Sales invoices are independently verified before being sent to customers.
6. Payments by check are received in the mail by the receptionist, who lists the checks and restrictively endorses them.
7. Labor hours for payroll are reviewed for reasonableness by the computer system.
8. Unmatched shipping documents are accounted for on a daily basis.
9. The computer system verifies that all payroll payments have a valid employee identification number assigned by the human resources department at the time of hiring.
a. For each internal control, identify the type(s) of specific control activity (or activi- ties) to which it applies (such as proper authorization and adequate documents and records).
b. For each internal control, identify the transaction-related audit objective(s) to which it applies