SESSION 1: Foundations of Internal Controls: Understanding and Evaluating Control Environments
This foundational session explores the crucial role internal controls play in the prevention and detection of material misstatements caused by error or fraud. Participants will gain a clear understanding of the auditor’s responsibilities regarding internal controls under ISA 315 (Revised), ISA 330 and ISA 240. The session covers how to obtain and document an understanding of the entity and its control environment, including IT controls. Practical guidance and examples are included to improve audit quality and professional scepticism.
The session explains how auditors identify significant classes of transactions, major business cycles, and relevant internal controls. Delegates will learn how to assess control design and implementation using walkthroughs, inquiries, inspection and observation procedures. The module also explores the impact of IT systems, automated controls and general IT controls (GITCs) on risk assessment and audit planning.
Key Topics Covered:
• Purpose of internal controls under COSO framework
• ISA 315 (Revised) – understanding the entity and its environment
• Control components: control environment, risk assessment, information systems
• Design vs implementation of controls
• Documenting system processes and controls
• Control walkthrough techniques
• IT controls and system-generated evidence
• Identifying deficiencies during risk assessment
• Link between controls and fraud risks
• External auditors
• Internal auditors
• Compliance and risk officers
• Accounting professionals transitioning to audit
• IT audit beginners
