top of page
  • CCS

Internal Control Components: The Control Environment


The control environment is the foundation for effective internal control, providing discipline and structure for the entity.


It sets the tone of an organisation, influencing its people's control consciousness or awareness.


The control environment addresses the governance and management functions. It also addresses the attitudes, awareness, and actions of those charged with governance and management concerning the entity’s internal control and importance.


Note: Control-environment controls are generally pervasive in nature.


They will not directly prevent or detect and correct a material misstatement. Instead, they form an important foundation upon which all other controls will be built.

内部控制要素是指内部控制制度的构成要素。内部控制要素包括控制环境、风险评估、控制活动、信息与沟通和监控。


控制环境是有效内部控制的基础,去为实体提供纪律和结构。


控制环境包括治理职能和管理职能,以及治理层和管理层对内部控制及其重要性的态度、认识和措施。控制环境设定了被审计单位的内部控制基调,影响员工对内部控制的认识和态度。良好的控制环境是实施有效内部控制的基础。


注意:控制-环境控制通常具有普遍性。


它们不会直接防止或发现并纠正重大错报。


相反,它们构成了一个重要的基础,所有其他控制都将建立在这个基础上。


Exhibit 5.3-1 outlines the various elements of the control environment that need to be considered. Note that the importance and order (priority) of these elements will inevitably vary from entity to entity.


附表5.3-1概述了需要考虑的控制环境的各种要素。请注意,这些要素的重要性和顺序(优先级)将不可避免地因实体而异。

Control environment controls will influence the auditor’s evaluation of the effectiveness of other control activities that may address specific areas such as sales and purchase transactions.


For example, suppose management has a negative attitude toward control in general. In that case, this will undermine the effectiveness of other controls (such as sales, etc.) no matter how well they were designed.

The auditor’s evaluation of the design of the entity’s control environment would include the elements set out below.


控制环境控制将影响审计师对其他控制活动有效性的评价,这些控制活动可能涉及销售和采购交易等具体领域。


例如,假设管理层对一般的控制抱有消极态度。在这种情况下,这将破坏其他控制(如销售等)的有效性,无论它们的设计有多好。


审计师对该实体控制环境设计的评价将包括以下内容。



Key Elements to Address | 需要解决的关键因素

Communication and Enforcement of Integrity and Other Ethical Values

Integrity and ethical values are essential (foundational) elements which influence the effectiveness of the design, administration, and monitoring of other controls.


诚信和其他道德价值观的沟通和执行

诚信和道德价值观是影响其他控制措施的设计、管理和监测的有效性的基本(基础)要素。


Commitment to Competence

Management’s consideration of the competence levels for particular jobs and how those levels translate into requisite skills and knowledge.


对能力的承诺

管理层对特定工作的能力水平以及这些水平如何转化为必要的技能和知识的考虑。


Participation by Those Charged with Governance

Attributes of those charged with governance, such as

  • Their independence from management;

  • Their experience and stature;

  • The extent of their involvement and the information they receive, the scrutiny of activities; and

  • The appropriateness of their actions, including the degree to which difficult questions are raised and pursued with management, and their interaction with internal and external auditors.

负责管理的人的参与

负责管理的人的属性,例如

  • 他们独立于管理层;

  • 他们的经验和地位;

  • 他们的参与程度和他们收到的信息,对活动的审查;以及

  • 他们行动的适当性,包括向管理层提出和追究困难问题的程度,以及他们与内部和外部审计人员的互动。

Management’s Philosophy and Operating Style

Management’s approach to taking and managing business risks and management’s attitudes and actions toward financial reporting, information processing, accounting functions, and personnel.


管理层的理念和操作风格

管理层承担和管理商业风险的方法,以及管理层对财务报告、信息处理、会计职能和人员的态度和行动。


Organisational Structure

The framework within which an entity’s activities for achieving its objectives are planned, executed, controlled, and reviewed.


组织结构

一个实体实现其目标的活动被计划、执行、控制和审查的框架。

Assignment of Authority and Responsibility

How authority and responsibility for operating activities are assigned, and how reporting relationships and authorisation hierarchies are established.


权力和责任的分配

如何分配经营活动的权力和责任,以及如何建立报告关系和授权等级。


Human Resources Policies and Practices

Recruitment, orientation, training, evaluating, counselling, promoting, compensating, and remedial actions.


人力资源政策和实践

招聘、指导、培训、评估、咨询、晋升、补偿和补救行动。

The controls outlined above are pervasive to the entire entity and are often more subjective to evaluate than the traditional control activities (such as segregation of duties).


Therefore, the auditor will exercise professional judgment in this evaluation. Control-environment strengths can compensate for or even replace weak transactional controls in some situations.


However, control-environment weaknesses can undermine and even negate good design in other components of internal control.


For example, if a culture of honesty and ethical behaviour did not exist, the auditor would have to consider carefully what types of (additional) audit procedures would be effective in finding material misstatements in the financial statements.


In some cases, the auditor may conclude that internal control has broken down to such an extent that the only option is to withdraw.