Documente Academic
Documente Profesional
Documente Cultură
The processes mentioned, are two different and interrelated things. Accounting
is essential in preparing the Financial Statements (FS) while Auditing is the evaluation
of the FS on its compliance to various standards.
Smaller entities, according to the ISA 315, often have fewer employees which
may limit the extent to which segregation of duties is practicable. However, in a small
owner managed entity, the owner-manager may be able to exercise more effective
oversight than in a larger entity. This oversight may compensate for the generally more
limited opportunities for segregation of duties.
Small businesses, despite its size and easiness to operate, should be required
by the state to undergo auditing by third parties for so many varied reasons.
An entitys system of internal control contains manual elements and often contains
automated elements. The characteristics of manual or automated elements are relevant
to the auditors risk assessment and further audit procedures based thereon.
Controls in IT systems consist of a combination of automated controls (for example,
controls embedded in computer programs) and manual controls. Further, manual
controls may be independent of IT, may use information produced by IT, or may be
limited to monitoring the effective functioning of IT and of automated controls, and to
handling exceptions. When IT is used to initiate, record, process or report transactions,
or other financial data for inclusion in financial statements, the systems and programs
may include controls related to the corresponding assertions for material accounts or
may be critical to the effective functioning of manual controls that depend on IT.
Generally, IT benefits an entitys internal control by enabling an entity to:
Consistently apply predefined business rules and perform complex calculations in
processing large volumes of transactions or data;
Enhance the timeliness, availability, and accuracy of information;
Facilitate the additional analysis of information;
Enhance the ability to monitor the performance of the entitys activities and its
policies and procedures;
Reduce the risk that controls will be circumvented; and
Enhance the ability to achieve effective segregation of duties by implementing
security controls in applications, databases, and operating systems.
But IT doesnt stay as perfect as it sound, IT poses specific risks to an entitys internal
control, including, for example:
Particular risks may arise where multiple users access a common database.
Auditing is necessary for all forms of businesses and organizations, may it be big
corporations or small enterprises. Auditing evaluates and ascertains both managers and
investors, alike, on the accuracy of the companys Financial Reports, whether
automated or not, and whether they are complying on various laws and regulations
imposed on the organization.