We have now addressed each of the five components of internal control.
Some of these controls are pervasive in nature (financial statement-level risks).
They only indirectly serve to prevent a misstatement from occurring or to detect and correct it after it has occurred.
Other controls relate to particular transaction (assertion level) risks (such as payroll, sales, and purchases) and are designed specifically to prevent or detect and correct misstatements.
The following exhibit shows the interaction of the two levels of control over transactions as they journey from initiation and processing (transactional level) through the accounting records (financial statement level) and finally to the financial statements.
Notice that at least three of the five internal control components consist primarily of pervasive controls.
The above illustration is a general guide. In some instances, pervasive controls can be designed to operate at a level of precision that would prevent or detect specific misstatements at the business process level. For example, a detailed budget approved by those charged with governance may be used by management to detect unauthorised administration expenditures. In other instances, control activities and parts of the information system may relate to financial statement-level activities.
Pervasive controls relating to the entity as a whole (such as the commitment to competence) may be less tangible than those at the business process level (such as matching goods received to a purchase order) but are just as critical in preventing and detecting fraud and error.
The period-end financial reporting process includes procedures to
Enter transaction totals into the general ledger; • Select and apply accounting policies;
Initiate, authorise, record, and process journal entries in the general ledger;
Record recurring and non-recurring adjustments to the financial statements; and
Prepare the financial statements and related disclosures.
General information technology (IT) controls are pervasive to the entity as a whole, focusing on how IT operations (such as organisation, staffing, and data integrity) are managed across the entity.
IT application controls are similar to transaction controls. They relate to how specific transactions are processed at the business process level.
Pervasive controls (at the financial statement level) form the basis or foundation upon which specific assertion-level (transactional) controls can be built.
They set the “tone at the top” and establish expectations for the organisation’s control environment in general.
Poorly designed pervasive controls may encourage all types of error and fraud. For example, an entity may have a highly controlled and effective sales process.
However, if senior management has a poor attitude toward control and has sometimes overridden these controls, a material error could still occur in the financial statements. Management override and poor “tone at the top” are common themes in corporate wrongdoing.
Pervasive controls also include monitoring controls that assess whether the actual tone at the top is what was intended and how well control expectations are being fulfilled. The pervasive controls (that pertain to the financial statements as a whole) could include
Controls related to the control environment;
Controls over management override;
The entity’s risk assessment process;
Controls to monitor results of operations and other controls;
Controls over the period-end financial reporting process; and
Policies that address significant business control and risk management practices.
In smaller entities, the lack of specific business process controls (due to limited staff and resources) is often offset by a high degree of involvement by management (such as the owner-manager) in performing controls.
In fact, some pervasive controls in smaller entities can often operate at a level of precision that actually serves to prevent or detect specific misstatements.
However, the increased involvement of senior management also increases the risk of management override. This could be addressed through further audit procedures or the design of suitable anti-fraud controls.
Pervasive Control Deficiencies
Although weaknesses in pervasive controls do not generally result in an immediate deficiency or errors in the financial statements, they still significantly influence the likelihood of misstatements resulting at the business process control level.
The absence of good pervasive controls may seriously undermine other business process controls; consequently, significant deficiencies in these controls would be reported to management and those charged with governance.
将交易总额输入总账； - 选择和应用会计政策。
管理层的凌驾和不良的 "高层语气 "是企业错误行为的常见主题。
Our website's articles, templates, and material are solely for you to look over. Although we make every effort to keep the information up to date and accurate, we make no representations or warranties of any kind, either express or implied, regarding the website or the information, articles, templates, or related graphics that are contained on the website in terms of its completeness, accuracy, reliability, suitability, or availability. Therefore, any reliance on such information is strictly at your own risk.
Keep in touch with us so that you can receive timely updates |
6. LinkedIn ✍ https://www.linkedin.com/company/74734209/admin/