8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 1/27

What are internal controls?

The Institute of Internal Auditors defines internal control as follows:Internal controls are processes, Procedures & system within an organization, which are designedto provide reasonable assurance regarding the achievement of the following objectives:

• The reliability and integrity of information

• Compliance with policies, plans, procedures, laws, and regulations.• The safeguarding of assets & avoid fraud and error.• The economical and efficient use of resources.

• The accomplishment of established objectives

• Effectiveness and efficiency of operations.• Reliability of financial and operational reporting.• timely feedback on the achievement of operational or strategic goals

Internal controls help assure that operations are conducted according to plan. They are toolsused every day by managers, from the unit levels to the Officeholders, Judges, ExecutiveDirector’s, and Superintendent’s of the County, which include written policies and procedures,organizational design, and physical barriers.

Through careful design, internal controls can help your department operate efficiently andeffectively and provide a reasonable level of assurance that the processes, services, or productsfor which you are responsible are adequately protected.

Internal control can provide only reasonable assurance - not absolute assurance - regarding theachievement of an organization's objectives. Effective internal control helps an organizationachieve its objectives; it does not ensure success. There are several reasons why internal controlcannot provide absolute assurance that objectives will be achieved: cost/benefit realities,collusion among employees, and external events beyond an organization's control to providemanagement with the appropriate balance between risk of a certain business practice and thelevel of control required to ensurebusiness objectives are met. The cost of a control should not exceed the benefit to be

Derived from it.

When business controls are found to contain weaknesses, we must choose among the followingalternatives:

• Increase supervision and monitoring;

• Business additional or compensating controls; and/or 

• Accept the risk inherent with the control weakness (assuming management approval).

In short, a control is any action taken by the administration/management to enhance thelikelihood that established objectives and goals will be achieved. Implementation of internalcontrols is the prime responsibility of County administrators and supervisors.

What is managements responsibility regarding internal controls?

Management is responsible for ensuring that internal controls are established and functioning toachieve the missions and objectives of their department. Management must respond to anychanges that may cause the effectiveness of a control to deteriorate by creating additionalcontrols or altering existing controls to protect against loss.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 2/27

TYPES OF INTERNAL CONTROL:

Internal controls can be detective, corrective, or preventive by nature.1 1. Detective controls are designed to detect errors or irregularities that may have

occurred.

2 2. Corrective controls are designed to correct errors or irregularities that have beendetected.3. Preventive controls, on the other hand, are designed to keep errors or irregularities fromoccurring in the first place

Internal Control Process

Internal control consists of five interrelated components as follows:• Control (or Operating) environment• Risk assessment• Control activities• Information and communication•

MonitoringAll five internal control components must be present to conclude that internal control is effective.

Control Environment:

The control environment is the control consciousness of an organization; it is the atmosphere inwhich people conduct their activities and carry out their control responsibilities.An effective control environment is an environment where competent people understand their 

responsibilities, the limits to their authority, and are knowledgeable mindful, and committed todoing what is right and doing it the right way. They are committed to following an organization'spolicies and procedures and its ethical and behavioral standards.

The control environment encompasses technical competence and ethical commitment; it is anIntangible factor that is essential to effective internal control. A governing board and managementenhance an organization's control environment when they establish and effectively communicatewritten policies and procedures, a code of ethics, and standards of conduct.

Who is Responsible?

Management is responsible for "setting the tone" for their organization. Management shouldfoster a control environment that encourages:

• the highest levels of integrity and personal and professional standards

• a leadership philosophy and operating style which promote internal control throughout the organization

• assignment of authority and responsibility

Control Environment Tips

Effective human resource policies and procedures enhance an organization's controlenvironment. These policies and procedures should address hiring, orientation, training,

evaluations, counseling, promotions, compensation, and disciplinary actions. In the event that anemployee does not comply with an organization's policies and procedures or behavioralstandards, an organization must take appropriate disciplinary action to maintain an effectivecontrol environment. The control environment is greatly influenced by the extent to whichindividuals recognize that they will be held accountable.

Listed below are some tips to enhance a department's control environment. This list is not all-inclusive, nor will every item apply to every department; it can, however, serve as a starting point.

Make sure that the following policies and procedures are available in your department(hard copy or Internet access):

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 3/27

• Administrative Procedures

• Business and Finance Bulletins

• Employee Handbook

• Purchasing Manual

• Personnel Memorandum

• Make sure that the department has well-written departmental policies and procedures manualwhich addresses its significant activities and unique issues Employee responsibilities, limits toauthority, performance standards, control procedures, and reporting relationships should be clear.

• Make sure that employees are well acquainted with the University’s policies and proceduresthat pertain to their job responsibilities,

• Discuss ethical issues with employees, If employees need additional guidance, issuedepartmental standards of conduct.

• Make sure that employees comply with the Conflict of Interest policy and disclose potential

conflicts of interest (e.g., ownership interest in companies doing business or proposing to dobusiness with the Organization).

• Make sure that job descriptions exist, clearly state responsibility for internal control, andcorrectly translate desired competence levels into requisite knowledge, skills, and experience;make sure that hiring practices result in hiring qualified individuals.

• Make sure that the department has an adequate training program for employees,

• Make sure that employee performance evaluations are conducted periodically, goodperformance should be valued highly and recognized in a positive manner.

• Make sure that appropriate disciplinary action is taken when an employee does not complywith policies and procedures or behavioral standards.

R isk Assessment 

I. Determine Goals and Objectives

The central theme of internal control is (1) to identify risks to the achievement of an organization'sobjectives and (2) to do what is necessary to manage those risks. Thus, setting goals and objectives is a precondition to internal controls.

At the highest levels, goals and objectives should be presented in a strategic plan that includes amission statement and broadly defined strategic initiatives. At the department level, goals andobjectives should support the organization's strategic plan. Goals and objectives are classified inthe following categories:

• Operations objectives: These objectives pertain to the achievement of the basic mission(s) of adepartment and the effectiveness and efficiency of its operations, including performancestandards and safeguarding resources against loss.

• Financial reporting objectives: These objectives pertain to the preparation of reliable financialreports, including the prevention of fraudulent public financial reporting.

• Compliance objectives: These objectives pertain to adherence to applicable laws andregulations.

 

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 4/27

A clear set of goals and objectives is fundamental to the success of a department. Specifically adepartment or work unit should have (1) a mission statement, (2) written goals and objectives for the department as a whole, and (3) written goals and objectives for each significant activity in thedepartment (see diagram below). Furthermore, goals and objectives should be expressed interms that allow meaningful performance measurements.

Department Department Activities to Activity Level

Mission Goals and Achieve Goals Goals andObjectives and Objectives Objectives

There are certain activities which are significant to all departments: budgeting, purchasing goodsand services, hiring employees, evaluating employees, accounting for vacation/sick leave, andsafeguarding property and equipment. Thus, all departments should have appropriate goals andobjectives, policies and procedures, and internal controls for these activities.

II. Identify Risks after Determining Goals

Risk assessment is the identification and analysis of risks associated with the achievement of operations, financial reporting, and compliance goals and objectives. This, in turn, forms a basis

for determining how those risks should be managed .

Who is responsible? 

To properly manage their operations, managers need to determine the level of operations,financial and compliance risk they are willing to assume. Risk assessment is one of management's responsibilities and enables management to act proactively in reducing unwantedsurprises. Failure to consciously manage these risks can result in a lack of confidence thatoperation, financial and compliance goals will be achieved.

Risk Identification. A risk is anything that could jeopardize the achievement of an objective. For 

each of the department's objectives, risks should be identified. Asking the following questionshelps to identify risks:

•   What could go wrong?

• How could we fail?• What must go right for us to succeed?• Where are we vulnerable?• What assets do we need to protect?• Do we have liquid assets or assets with alternative uses?• How could someone steal from the department?

• How could someone disrupt our operations?

• How do we know whether we are achieving our objectives?.

• On what information do we most rely?• On what do we spend the most money?• How do we bill and collect our revenue?• What decisions require the most judgment?• What activities are most complex?• What activities are regulated?• What is our greatest legal exposure?•

It is important that risk identification be comprehensive, at the department level and at the activityor process level, for operations, financial reporting, and compliance objectives. Both external and

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 5/27

internal risk factors need to be considered. Usually, several risks can be identified for eachobjective.

Higher Risk   Below are some types of transactions that may pose higher risks toTransaction  departments/colleges:Types Petty cash (if high volumes are processed)

Assets with Alternative UsesCash Receipts (continuing education programs, gifts, endowments,

special events, bookstore, athletic programs, performances, etc)Consultant Payments and Other Payments for ServicesTravel ExpendituresScholarshipsPayments to Non-VendorsEquipment Delivered Directly to DepartmentPurchase Exemptions (sole source)Payroll (rates, changes, terminations)EquipmentEquipment Moved Off-LocationSoftware Licensing IssuesIntellectual Property

Confidential InformationGrants (meeting terms, not overspending)

These are transaction types that deserve a conscious risk review.

III. Risk Analysis

After risks have been identified, a risk analysis should be performed to prioritize those risks:

• Assess the likelihood (or frequency) of the risk occurring.

• Estimate the potential impact if the risk were to occur; consider both quantitative andqualitative costs,

• Determine how the risk should be managed; decide what actions are necessary.

Prioritizing helps departments focus their attention on managing significant risks (i.e., risks withreasonable likelihood of occurrence and large potential impacts).

Risk Assessment Tips

Listed below are tips to guide a department through its risk assessment:

• Make sure the department has a mission statement and written goals and objectives.

• Assess risks at the department level.

• Assess risks at the activity (or process) level.

• Complete a Business Controls Worksheet (refer to the Appendix A) for each significantactivity (or process) in the department; prioritize those activities (or processes) which are mostcritical to the success of the department and those activities (or processes) which could beimproved the most.

• Make sure that all risks identified at the department level are addressed in the BusinessControls Worksheet.

Control Activities

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 6/27

Control activities are actions, supported by policies and procedures that, when carried out  properly and in a timely manner, manage or reduce risks.

Who is Responsible?

 In the same way that managers are primarily responsible for identifying the financial andcompliance risks for their operations, they also have line responsibility for designing,implementing and monitoring their internal control system.

 Preventive and Detective Controls: Controls can be either preventive or detective. The intent of these controls is different. Preventive controls attempt to deter or prevent undesirable events fromoccurring. They are proactive controls that help to prevent a loss. Examples of preventive controlsare separation of duties, proper authorization, adequate documentation, and physical control over assets.

Detective controls, on the other hand, attempt to detect undesirable acts. They provide evidencethat a loss has occurred but do not prevent a loss from occurring. Examples of detective controlsare reviews, analyses, variance analyses, reconciliations, physical inventories, and audits. Bothtypes of controls are essential to an effective internal control system.From a quality standpoint, preventive controls are essential because they are proactive andemphasize quality. However, detective controls play a critical role providing evidence that the

preventive controls are functioning and preventing losses.

Control activities include approvals, authorizations, verifications, reconciliations, reviews of performance, security of assets, segregation of duties, and controls over information systems.

Approvals, Authorizations, and Verifications (Preventive): Management authorizes employees to perform certain activities and to execute certaintransactions within limited parameters. In addition, management specifies those activities or transactions that need supervisory approval before they are performed or executed byemployees.A supervisor’s approval (manual or electronic) implies that he or she has verified and validatedthat the activity or transaction conforms to established policies and procedures.

Reconciliations (Detective): An employee relates different sets of data to one another, identifies and investigates differences,and takes corrective action, when necessary.

Reviews of Performance (Detective): Management compares information about current performance to budgets, forecasts, prior periods, or other benchmarks to measure the extent to which goals and objectives are beingachieved and to identify unexpected results or unusual conditions that require follow-up.

Security of Assets (Preventive and Detective): Access to equipment, inventories, securities, cash and other assets is restricted; assets areperiodically counted and compared to amounts shown on control records.

Segregation of Duties (Preventive):

Duties are segregated among different people to reduce the risk of error or inappropriate action.Normally, responsibilities for authorizing transactions, recording transactions (accounting), andhandling the related asset (custody) are divided.

 Controls over Information Systems (Preventive and Detective): Controls over information systems are grouped into two broad categories-general controls andapplication controls. 

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 7/27

General controls commonly include controls over data center operations, system softwareacquisition and maintenance, access security, and application system development andmaintenance.Application controls such as computer matching and edit checks are programmed steps withinapplication software; they are designed to help ensure the completeness and accuracy of transaction processing, authorization, and validity. General controls are needed to support thefunctioning of application controls; both are needed to ensure complete and accurate informationprocessing.

Control activities must be implemented thoughtfully, conscientiously, and consistently; aprocedure will not be useful if performed mechanically without a sharp continuing focus onconditions to which the policy is directed. Further, it is essential that unusual conditions identified

as a result of performing control activities be investigated and appropriate corrective action betaken.

Control Activities - Approvals (Preven t i ve)

• Written policies and procedures

• Limits to authority

•

Supporting documentation• Question unusual items

• No “rubber stamps”

• No blank signed forms

An important control activity is authorization/approval. Authorization is the delegation of authority;it may be general or specific. Giving a department permission to expend funds from an approvedbudget is an example of general authorization. Specific authorization relates to individualtransactions; it requires the signature or electronic approval of a transaction by a person withapproval authority. Approval of a transaction means that the approver has reviewed thesupporting documentation and is satisfied that the transaction is appropriate, accurate andcomplies with applicable laws, regulations, policies, and procedures.

 Approvers should review supporting documentation, question unusual items, and make sure that 

necessary information is present to justify the transaction-before they sign it. Signing blank formsshould never be allowed.

Approval authority may be linked to specific dollar levels. Transactions that exceed the specified

dollar level would require approval at a higher level. Under no circumstance should an

approver tell someone that they could sign the approver's name on behalf of the approver.Similarly, under no circumstance should an approver with electronic approval authority

share his password with another person. To ensure proper segregation of duties, the personinitiating a transaction should not be the person who approves the transaction. A department'sapproval levels should be specified in a departmental policies and procedures manual.

Control Activities - Reconciliations (Detec t i ve

)

•  A reconciliation is a comparison of different sets of data to one another, identifying 

and investigating differences, AND taking corrective action, when necessary .

• For example, verifying charges in the general ledger to file copies of approved invoices.

Broadly defined, reconciliation is a comparison of different sets of data to one another, identifyingand investigating differences, and taking corrective action, when necessary, to resolve differences.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 8/27

Reconciling monthly financial reports from the Accounting Department (e.g., Statement of Accounts, Ledger Sheets, etc.) to file copies of supporting documentation or departmentalaccounting records is an example of reconciling one set of data to another. This control activityhelps to ensure the accuracy and completeness of transactions that have been charged to adepartment's accounts. To ensure proper segregation of duties, the person who approvestransactions or handles cash receipts should not be the person who performs thereconciliation.

 Another example of reconciliation is comparing vacation and sick leave balances per 

departmental records to vacation and sick leave balances per the payroll system.A critical element of the reconciliation process is to resolve differences. It does no good tonote differences and do nothing about it. Differences should be identified, investigated, andexplained--corrective action must be taken. If an expenditure is incorrectly charged to adepartment's accounts, then the approver should request a correcting journal entry; the reconciler should ascertain that the correcting journal entry was posted. Reconciliations should bedocumented and approved by management.

Control Activities - Reviews (Detective)

• Budget to actual comparison

• Current to prior period comparison

• Performance indicators

• Follow-up on unexpected results or unusual items

Reviewing reports, statements, reconciliations, and other information by management is animportant control activity; management should review such information for consistency andreasonableness. Reviews of performance provide a basis for detecting problems. Managementshould compare information about current performance to budgets, forecasts, prior periods or other benchmarks to measure the extent to which goals and objectives are being achieved and toidentify unexpected results or unusual conditions which require follow-up. Management's reviewof reports, statements, reconciliations, and other information should be documented as well asthe resolution of items noted for follow-up

Control Activities – Asset Security (Preventive and Detective)

• Security of physical and intellectual assets

• Physical safeguards

• Perpetual records are maintained

• Periodic counts/physical inventories

• Compare counts to perpetual records

• Investigate/correct differences

Liquid assets, assets with alternative uses, dangerous assets, vital documents, critical systems,

and confidential information must be safeguarded against unauthorized acquisition, use, or disposition. Typically, access controls are the best way to safeguard these assets. Examples of access controls are as follows: locked door, key pad systems, card key system, badge system,locked filing cabinet, guard, terminal lock, computer password, menu protection, automaticcallback for remote access, smart card, and data encryption.Departments with capital assets or significant inventories should establish perpetual inventorycontrol over these items by recording purchases and issuances. Periodically, the items should bephysically counted by a person who is independent of the purchase, authorization and assetcustody functions, and the counts should be compared to balances per the perpetual records.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 9/27

Missing items should be investigated, resolved, and analyzed for possible control deficiencies;perpetual records should be adjusted to physical counts if missing items are not located.

Control Activities – Segregation of Duties (Preventive and Detective)

• No one person should...

• Initiate the transaction

• Approve the transaction

• Record the transaction

• Reconcile balances

• Handle assets

• Review reportsAt least two sets of eyes

Segregation of duties is critical to effective internal control; it reduces the risk of both erroneous

and inappropriate actions. In general, the approval function, the accounting/reconciling

function, and the asset custody function should be separated among employees. Whenthese functions cannot be separated, due to small department size, a detailed supervisory reviewof related activities is required as a compensating control activity. Segregation of duties is adeterrent to fraud because it requires collusion with another person to perpetrate a fraudulent act.Specific examples of segregation of duties are as follows

• The person who requisitions the purchase of goods or services should not be theperson who approves the purchase.

• The person who approves the purchase of goods or services should not be theperson

who reconciles the monthly financial reports.

• The person who approves the purchase of goods or services should not be able toobtain custody of checks.

• The person who maintains and reconciles the accounting records should not be ableto obtain custody of checks.

• The person who opens the mail and prepares a listing of checks received should notbe the person who makes the deposit.

• The person who opens the mail and prepares a listing of checks received should notbe the person who maintains the accounts receivable records.

Control Activities – Information Systems

Organization employees use a variety of information systems: mainframe computers, local areaand wide area networks of minicomputers and personal computers, single-user workstations andpersonal computers, telephone systems, video conference systems, etc. The need for internalcontrol over these systems depends on the criticality and confidentiality of the information and the

complexity of the applications that reside on the systems. There are basically two categories of controls over information systems:

General ControlsGeneral controls apply to entire information systems and to all the applications that reside on thesystems.General Controls Include:

•   Access Security, Data & Program Security, Physical Security

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 10/27

•   Software Development & Program Change Controls

•   Data Center Operations

•   Disaster Recovery

General controls consist of practices designed to maintain the integrity and availability of information processing functions, networks, and associated application systems. These tobusiness application processing in computer centers by ensuring complete and accurate

processingThese controls ensure that correct data files are processed, processing diagnostics and errorsare noted and resolved, applications and functions are processed according to establishedschedules, file backups are taken at appropriate intervals, recovery procedures for processingfailures are established, software development and change control procedures are consistentlyapplied, and actions of computer operators and system administrators are reviewed.Additionally, these controls ensure that physical security and environmental measures are takento reduce the risk of sabotage, vandalism and destruction of networks and computer processingcenters.Finally, these controls ensure the adoption of disaster planning to guide the successful recoveryand continuity of networks and computer processing in the event of a disaster. 

Information and Communication

Information and communication are essential to effecting control; information about anorganization's plans, control environment, risks, control activities, and performance must

be communicated up, down, and across an organization.Reliable and relevant information from both internal and external sources must be identified,captured, processed, and communicated to the people who need it--in a form and timeframe thatis useful. Information systems produce reports, containing operational, financial, and compliance-related information that makes it possible to run and control an organization.Information and communication systems can be formal or informal.Formal information and communication systems--which range from sophisticated computer technology to simple staff meetings-should provide input and feedback data relative tooperations, financial reporting, and compliance objectives; such systems are vital to anorganization's success. Just the same, informal conversations with faculty, students, customers,

suppliers, regulators, and employees often provide some of the most critical information neededto identify risks and opportunities.

 When assessing internal control over a significant activity (or process), the key questions to askabout information and communication are as follows:

• Does our department gets the information it needs from internal and externalSources in a form and timeframe that is useful?

• Does our department get information that alerts it to internal or external risks(e.g. legislative, regulatory, and developments)?

• Does our department get information that measures its performance-information that tells the department whether it is achieving its operations,

financial reporting, and compliance objectives?

• Does our department identify, capture, process, and communicate theInformation that others need (e.g., information used by our customers or other departments)-in a form and timeframe that is useful?

• Does our department provide information to others that alerts them to internalor external risks?

• Does our department communicates effectively--internally and externally?

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 11/27

 Information and communication are simple concepts. Nevertheless, communicating with peopleand getting information to people in a form and timeframe that is useful to them is a constantchallenge. When completing a Business Controls Worksheet for a significant activity (or process)in a department, evaluate the quality of related information and communication systems.

Monitoring

Monitoring is the assessment of internal control performance over time; it is accomplishedby ongoing monitoring activities and by separate evaluations of internal control such asself-assessments, peer reviews, and internal audits. The purpose of monitoring is to determine whether internal control is adequately designed,properly executed, and effective. Internal control is adequately designed and properly executed if all five internal control components (Control Environment, Risk Assessment, Control Activities,Information and Communication, and Monitoring) are present and functioning as designed.

Internal control is effective if management and interested stakeholders have reasonableassurance that:

• They understand the extent to which operations objectives are being achieved.• Published financial statements are being prepared reliably.

• Applicable laws and regulations are being compiled.

While internal control is a process, its effectiveness is an assessment of the condition of theprocess at one or more points in time.

Just as control activities help to ensure that actions to manage risks are carried out, monitoringhelps to ensure that control activities and other planned actions to effect internal control arecarried out properly and in a timely manner and that the end result is effective internal control.

Ongoing monitoring activities include various management and supervisory activities thatevaluate and improve the design, execution, and effectiveness of internal control. Separateevaluations, on the other hand, such as self-assessments and internal audits, are periodicevaluations of internal control components resulting in a formal report on internal control.

Department employees perform self-assessments; internal auditors who provide an independent

appraisal of internal control perform internal audits.

Management's role in the internal control system is critical to its effectiveness. Managers, likeauditors, don't have to look at every single piece of information to determine that the controls arefunctioning and should focus their monitoring activities in high-risk areas. The use of spot checksof transactions or basic sampling techniques can provide a reasonable level of confidence thatthe controls are functioning as intended.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 12/27

Limitations of Internal Controls

 No matter how well the internal controls are designed, they can only provide a reasonableassurance that objectives will be achieved. Some limitations are inherent in all internalcontrol systems. These limitations include:

1 • Judgment - the effectiveness of controls will be limited by decisions made with human

 judgment under pressures to conduct business based on the information available at hand.

23 • Breakdowns - even well designed internal controls can break down. Employees

sometimes misunderstand instructions or simply make mistakes. Errors may also resultfrom new technology and the complexity of computerized information systems. 

4 • Management Override - high level personnel may be able to override prescribed policies or 

 procedures for personal gains or advantages. This should not be confused with management

intervention, which represents management actions to depart from prescribed policies and procedures for legitimate purposes. 

56 • Collusion - control system can be circumvented by employee collusion. Individuals acting

collectively can alter financial data or other management information in a manner that cannot beidentified by control systems.

Why is segregation of duties important?

A lack of segregation of duties is a significant contributing factor in almost all occurrences of fraud. When duties are properly segregated the potential for loss or inappropriate use of SummitCounty assets is minimized.Supervisory review of work is always important, but it does not replace the need for segregation

of duties. Proper segregation of duties will assure that the County's assets are properly used andsafeguarded.

What is Internal Audit?

A systemic, objective appraisal by internal auditors of the diverse operations and controls withinan organization to determine whether:

• Financial and operating information is accurate and reliable,

• Risks to the enterprise are identified and minimized,

• External regulations and acceptable internal policies and•  procedures are followed,

• Satisfactory standards are met,

• Resources are used efficiently and economically,

• The organization's objectives are effectively achieved.

According to the Institute of Internal Auditors, "Internal auditing is an

independent, objective assurance and consulting activity designed to add value and improve an

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 13/27

organization's operations. It helps an organization accomplish its objectives by bringing asystematic, disciplined approach to evaluate and improve the effectiveness of risk management,control, and governance processes."

What is the difference between an internal audit and the annual external

audit?

External audit is a statutory requirement which checks that the County’s accounts present a trueand fair view of the financial position. The internal auditors report to the Audit Committee on thecontrol systems used within the County. They should have a more detailed knowledge of systemsthan is required for external audit. Sometimes, the differences between the internal and externalauditors can be confusing. In Summit County, internal and external auditors have an agreedunderstanding of how to work together and this is detailed below. This approach includes:A. Regular meetingsB. Sharing planning informationC. Consulting each other on risk assessmentsD. Where appropriate, consulting on audit testing programsE. Sharing audit findings

Internal Conflict 

Inner conflict occurs when one is confronted with a problem that presents difficultchoices. One must make a decision one way or another. Think about the events in your life and try to recall a time when you experienced an inner conflict.

A. What was the problem? 

B. You had to choose between what two difficult choices? 

C. What decision did you make?D. What happened as a result of your decision?

External Conflict

A. External conflict occurs when one faces someone else or some situation that is workingagainst one's own desires or goals.

B. What do you want?C. What is working against you? What stands in the way between you and your goal?

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 14/27

Bank reconciliation

This is a statement explaining any difference between bank book balance kept by the business and the bank statement issued by the banker.

is the process of comparing and matching figures from the accounting records againstthose shown on a bank statement. The result is that any transactions in the accountingrecords not found on the bank statement are said to be outstanding.

Bank reconciliation allows companies or individuals to compare their account records tothe bank's records of their account balance in order to uncover any possible discrepancies.

Discrepancies could include: cheques recorded as a lesser amount than what was presented to the bank; money received but not lodged; or payments taken from the bank account without the business's knowledge. A bank reconciliation done regularly canreduce the number of errors in an accounts system and make it easier to find missing purchases and sales invoices.

The process of comparing and reconciling accounting records with the records presentedon the bank statement. Sometimes disrepancies between the records might occur due tothe timing differences when the data is recorded in the accounting and in the bank books.

The purpose of bank reconciliation is to check whether the disrepancies are due to timingrather than error.

Financial leverage:

Refers to the use of debt to acquire additional assets, Financial leverage is also known as trading

on equity. Below are two examples to illustrate the use of financial leverage, or simply leverage.

Mary uses $400,000 of her cash to purchase 40 acres of land with a total cost of $400,000. Mary

is not using financial leverage.Sue uses $400,000 of her cash and borrows $800,000 to purchase 120 acres of land having a

total cost of $1,200,000. Sue is using financial leverage. Sue is controlling $1,200,000 of land

with only $400,000 of her own money.

If the properties owned by Mary and Sue increase in value by 25% and are then sold, Mary will

have a $100,000 gain on her $400,000 investment, a 25% return. Sue’s land will sell for 

$1,500,000 and will result in a gain of $300,000. Sue’s $300,000 gain on her $400,000

investment results in Sue having a 75% return. When assets increase in value leverage works

well.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 15/27

When assets decline in value the use of leverage works against you. Let’s assume that the

properties owned by Mary and Sue decrease in value by 10% from their cost and are then sold.

Mary will have a loss of $40,000 on her $400,000 investment—a loss of 10% on Mary’s

investment. Sue will have a loss of $120,000 ($1,200,000 X 10%) on her $400,000 investment.

This is a loss of 30% ($120,000 divided by $400,000) on Sue’s investment.

 

What is the difference between gross margin and contribution

margin?

Gross Margin is the Gross Profit as a percentage of Net Sales. The calculation of the Gross Profit

is: Sales minus Cost of Goods Sold. The Cost of Goods Sold consists of the fixed and variable

product costs, but it excludes all of the selling and administrative expenses.

Contribution Margin is Net Sales minus the variable product costs and the variable period

expenses. The Contribution Margin Ratio is the Contribution Margin as a percentage of Net

Sales.

Let’s illustrate the difference between gross margin and contribution margin with the following

information: company had Net Sales of $600,000 during the past year. Its inventory of goods wasthe same quantity at the beginning and at the end of year. Its Cost of Goods Sold consisted of 

$120,000 of variable costs and $200,000 of fixed costs. Its selling and administrative expenses

were $40,000 of variable and $150,000 of fixed expenses.

The company’s Gross Margin is: Net Sales of $600,000 minus its Cost of Goods Sold of 

$320,000 ($120,000 + $200,000) for a Gross Profit of $280,000 ($600,000 - $320,000). The

Gross Margin or Gross Profit Percentage is the Gross Profit of $280,000 divided by $600,000, or 

46.7%.

The company’s Contribution Margin is: Net Sales of $600,000 minus the variable product costs of 

$120,000 and the variable expenses of $40,000 for a Contribution Margin of $440,000. The

Contribution Margin Ratio is 73.3% ($440,000 divided by $600,000).

What is the difference between gross margin and contribution

margin?

Gross Margin is the Gross Profit as a percentage of Net Sales. The calculation of the Gross Profit

is: Sales minus Cost of Goods Sold. The Cost of Goods Sold consists of the fixed and variable

product costs, but it excludes all of the selling and administrative expenses.

Contribution Margin is Net Sales minus the variable product costs and the variable period

expenses. The Contribution Margin Ratio is the Contribution Margin as a percentage of Net

Sales.

Let’s illustrate the difference between gross margin and contribution margin with the following

information: company had Net Sales of $600,000 during the past year. Its inventory of goods was

the same quantity at the beginning and at the end of year. Its Cost of Goods Sold consisted of 

$120,000 of variable costs and $200,000 of fixed costs. Its selling and administrative expenses

were $40,000 of variable and $150,000 of fixed expenses.

The company’s Gross Margin is: Net Sales of $600,000 minus its Cost of Goods Sold of 

$320,000 ($120,000 + $200,000) for a Gross Profit of $280,000 ($600,000 - $320,000). The

Gross Margin or Gross Profit Percentage is the Gross Profit of $280,000 divided by $600,000, or 

46.7%.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 16/27

The company’s Contribution Margin is: Net Sales of $600,000 minus the variable product costs of 

$120,000 and the variable expenses of $40,000 for a Contribution Margin of $440,000. The

Contribution Margin Ratio is 73.3% ($440,000 divided by $600,000).

August 8, 2008 

What is the difference between gross profit

margin and gross margin?

The use of the terms such as gross margin and gross profit margin often

varies by the person using the terms. Some people prefer to use gross margin instead of gross

 profit when referring to the dollars of gross profit. Often they want to avoid the use of the

word profit because the selling and administrative expenses must also be covered. Recall

that gross profit is defined as Net Sales minus Cost of Goods Sold.

Others use the term gross margin to mean the gross profit as a percentage of net sales. Perhaps

the term gross profit margin means the gross profit percentage or the gross margin ratio.To achieve a gross margin or gross profit percentage of 25%, you will need to mark up your 

product’s cost by 33.333%. The following illustrates how this is calculated.

Assume a product has a cost of $75 and a selling price of $100. Since the gross profit is defined

as selling price minus the cost of goods sold, this product will have a gross profit of $25 ($100

minus $75). The gross margin or gross profit percentage is 25% (gross profit of $25 divided by

selling price of $100). The mark up of $25 on the cost of $75 equals 33.333% ($25 divided by

$75).

Let’s prove this with one more example. Assume you have a product that you purchased for $9. If 

you mark it up by 33.333%, you will have a markup of $3 and the product will sell for $12. The

income statement will show a sale of $12 minus its cost of $9 for a gross profit of $3. The gross

profit of $3 divided by the selling price of $12 equals a 25% gross margin or gross profit

percentage or gross profit ratio.April 22, 2009 

What is the difference between cost and price?

Some people use cost and price interchangeably. Others use the term cost 

to mean one component of a product’s selling price. Even the same person might use the terms

differently.

For example, in standard costing the price variance of the raw materials refers to the difference

between the standard cost and the actual cost of the materials.

In other situations we define a product’s selling price as: product costs + expenses + profit.

As these two examples indicate, there can be different meanings for the terms cost and price.

What are adjusting entries?

Adjusting entries are usually made on the last day of an accounting period

(year, quarter, month) so that the financial statements reflect the revenues that have been earned

and the expenses that were incurred during the accounting period.

Sometimes an adjusting entry is needed because:

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 17/27

1. Revenue has been earned, but it has not yet been recorded.

2. An expense may have been incurred, but it hasn’t yet been recorded.

3. A company may have paid for six-months of insurance coverage, but theaccounting period is only one month. (This means that five months of insurance expense isprepaid and should not be reported as an expense on the current income statement.)

4. A customer paid a company in advance of receiving goods or services. Until the

goods or services are delivered, the amount is reported as a liability. After the goods or services are delivered, an entry is needed to reduce the liability and to report the revenues.

A common characteristic of an adjusting entry is that it will involve one income statement account

and one balance sheet account. (The purpose of each adjusting entry is to get both the income

statement and the balance sheet to be accurate.)

Reversing entries are made of the first day of an accounting period in order to remove certain

adjusting entries made in the previous accounting period. Reversing entries are used in order to

avoid the double counting of revenues or expenses and to allow for the efficient processing of 

documents. Reversing entries are most often used with accrual-type adjusting entries.

To illustrate reversing entries, let’s assume that a retailer uses a temporary help service from

December 15 - 31. The temp agency will bill the retailer on January 10 and the retailer agrees topay the invoice by January 15. If the retailer’s accounting year ends on December 31, the retailer 

will make an accrual-type adjusting entry for the estimated amount. If the estimated amount is

$18,000 the retailer will debit Temp Service Expense for $18,000 and will credit Accrued

Expenses Payable for $18,000. This adjusting entry assures that the retailer’s income statement

and balance sheet as of December 31 will include the temp service expense and obligation.

On January 1, the retailer enters the following reversing entry: debit Accrued Expenses Payable

for $18,000 and credit Temp Service Expense for $18,000. When the actual invoice arrives from

the temp agency on January 11, the retailer can simply debit the invoice amount to Temp Service

Expense. If the invoice is $18,000 the Temp Service Expense will show $-0-. (The credit from the

reversing entry and the debit from the invoice entry.) Thanks to the reversing entry, the retailer 

did not have to stop and consider whether the invoice amount pertains to December or January.

If the invoice amount is $18,180 the entire amount is debited to Temp Service Expense and $180will appear as a January expense. This insignificant amount is acceptable since the adjusting

entry amount was an estimate.

How, when and why do you prepare closing

entries?

We prepare closing entries for the temporary accounts such as the revenue

and expense accounts (see earlier Q&A). The closing entries are recorded after the financial

statements for the accounting year are prepared. The reason for the closing entries is to ensure

that each revenue and expense account will begin the next accounting year with a zero balance.The closing entries require that a debit be entered into each of the temporary accounts having a

credit balance. The debit entered must be exactly the amount of the credit balance prior to the

closing entry. The objective is to get the account balance to be zero.

The closing entries also require that a credit be entered into each of the temporary accounts

having a debit balance. The credit amount that is entered must be exactly the amount of the debit

balance prior to the closing entry.

The net amount of the debits and credits in the closing entries for the income statement accounts

is the amount of the income or loss. This net amount will end up in the balance sheet account

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 18/27

Retained Earnings (part of stockholders’ equity of a corporation) or in the owner’s capital account

(part of owner’s equity in a sole proprietorship). In manual systems, there is often an Income

Summary account before the entry into the equity account.

With some accounting software the closing entries are prepared and posted by selecting “closing

entries.” With other accounting software, formal closing entries are not used. Instead, the user 

specifies the beginning and ending dates of the information needed.

What is the difference between adjustingentries and closing entries?

Adjusting entries are made at the end of the accounting period (but prior to

preparing the financial statements) in order for a company’s accounting records and financial

statements to be up-to-date on the accrual basis of accounting. For example, each day the

company incurs wages expense but the payroll involving workers’ wages for the last days of the

month won’t be entered in the accounting records until after the accounting period ends. Similarly,

the company uses electricity each day but receives only one bill per month, perhaps on the 20th

day of the month. The electricity expense for the last 10-15 days of the month must get into theaccounting records if the financial statements are to show all of the expenses and the amounts

owed for the current accounting period. Other adjusting entries involve amounts that the company

paid prior to amounts becoming expenses. For examples, the company probably paid its

insurance premiums for a six month period prior to the start of the six month period. The company

may have deferred the expense by recording the amount in the asset account Prepaid Insurance.

During the accounting period some of those premiums expired (were used up) and need to

appear as expense in the current accounting period and the asset balance reduced.

Closing entries are dated as of the last day of the accounting period, but they are entered into

the accounts after the financial statements are prepared. For the most part, closing entries

involve the income statement accounts. The closing entries set the balances of all of the revenue

accounts and the expense accounts to zero. This means that the revenue and expense accounts

will start the new year with nothing in the accounts–allowing the company to easily report the newyear revenues and expenses. The net amount of all of the balances from the revenue and

expense accounts at the end of the year will end up in retained earnings (for corporations) or 

owner’s equity (for sole proprietorships). Thanks to accounting software, the closing entries are

quite effortless

Which accounts are debited in the closingentries?

The closing entry or entries at the end of the accounting year will include 1) a

debit to each revenue account that has a credit balance, 2) a debit to each gain account, and 3)a debit to each contra expense account. The amount of each debit entered into an account will be

the amount of each account’s credit balance.

The closing entry or entries will also include 4) a credit to each expense account that has a debit

balance, 5) a credit to each loss account, and 6) a credit to each contra revenue account such as

sales returns and allowances. The amount of each credit entered will be the amount of the debit

balance in each account.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 19/27

If the debits to the revenue, gain, and contra expense accounts have a total that is greater than

the closing entry credits to the expense, loss, and contra revenue accounts, the corporation had a

positive net income. The net income amount will be credited to Retained Earnings, either directly

or through an Income Summary account.

Let’s illustrate this with some numbers. Assume that the revenue, gain, and contra

expense accounts had credit balances totaling $600,000; and the expense, loss, and contra

revenue accounts had debit balances that totaled $530,000. This will require closing entriesresulting in $600,000 of debit amounts, $530,000 of credit amounts, and a $70,000 credit to

Retained Earnings. If the expenses and losses were greater than the revenues and gains, there

will be a debit to Retained Earnings.

The purpose of the closing entries is to end up with a zero balance in every temporary account

before starting the next accounting year.

Fixed assets management is an accounting process that seeks to track fixed assets for the

purposes of financial accounting, preventive maintenance, and theft deterrence

a management system that ensures the efficient use of business equipment such as vessels,

measuring equipment, etc

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 20/27

a liability is defined as an obligation of an entity arising from past transactions or events,the settlement of which may result in the transfer or use of assets, provision of services or other yielding of economic benefits in the future.

•

All type of borrowing from persons or banks for improving a business or personincome which is payable during short or long time.

A liability is a present obligation of the enterprise arising from past events, the settlement of which is expected to result in an outflow from the enterprise of resources embodying economic benefits

Contingent liabilities that may or may not be incurred by an entity depending on theoutcome of a future event such as a court case

Contingent Liability - A potential obligation that may be incurred dependent upon the occurrence of a

future event. Two examples are: (1) the liability of an endorser or guarantor of a note if the primary borrower fails to pay as agreed and (2) the liability that would be incur 

A contingent liability is a potential liability…it depends on a future event occurring or notoccurring. For example, if a parent guarantees a daughter’s first car loan, the parent has acontingent liability. If the daughter makes her car payments and pays off the loan, the parent willhave no liability. If the daughter fails to make the payments, the parent will have a liability.

Contingent Asset:

What Does Contingent Asset Mean?An asset in which the possibility of an economic benefit depends solely upon future events thatcan't be controlled by the company. Due to the uncertainty of the future events, these assets arenot placed on the balance sheet. However, they can be found in the company's financialstatement notes.

Explains Contingent Asset 

these assets, which are often simply rights to a future potential claim, are based on pastevents. An example might be a potential settlement from a lawsuit. The company doesnot have enough certainty to place the settlement value on the balance sheet, so it canonly talk about the potential in the notes. This improves the accuracy of financialstatements and removes potential abuses

What is a contingent asset?

A contingent asset is a potential asset associated with a contingent gain. Unlike contingent

liabilities and contingent losses, contingent assets and contingent gains are not recorded in

accounts, even when they are probable and the amount can be estimated.

An example of a contingent gain and contingent asset might be a lawsuit filed by Company A

against Company B for infringement of Company A’s patent. If it is probable that Company A will

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 21/27

win the lawsuit and receive an estimated amount of money, it has a contingent asset and a

contingent gain. However, it will not report the asset and gain until the lawsuit is settled. (At most

Company A will prepare a very carefully worded disclosure stating that it possibly could win the

case.) On the other hand, Company B will need to make an entry in its accounts if the loss

contingency is probable and the amount can be estimated. If one of those are missing, Company

B will have to disclose the loss contingency in the notes to its financial statements

Amortization - reduction of debt through installed payments.

Amortization - (1) The paying off of debt in regular installments over a period of time. (2) The ratablededuction of certain capitalized expenditures over a specified period of time.

Appreciation - The increase in value of an asset.

Amortization usually refers to spreading an intangible asset's cost over that asset's useful life. For example, a patent on a piece of medical equipment usually has a life of 17 years. The costinvolved with creating the medical equipment is spread out over the life of the patent, with eachportion being recorded as an expense on the company's income statement.

 Depreciation, on the other hand, refers to prorating a tangible asset's cost over that asset's life.For example, an office building can be used for a number of years before it becomes run downand is sold. The cost of the building is spread out over the predicted life of the building, witha portion of the cost being expensed each accounting year.

Depletion refers to the allocation of the cost of natural resources over time. For example, an oilwell has a finite life before all of the oil is pumped out. Therefore, the oil well's setupcosts are spread out over the predicted life of the oil well.

It is important to note that in some places, such as Canada, the terms amortization anddepreciation are often to used interchangeably to refer to both tangible and intangible assets.

Depreciation is concerned with Tangible assets. The assets which we can see and touchcan depreciate; like machinery and building among others. Their costs are spread over thenumber of years. Depreciation takes into account the wear and tear of the tangible assets.The moment you own or use the assets, it starts depreciating. There are at least 10methods in accounting to take into account the depreciation. The income tax laws andcompany laws decide which method to use and how to use it.Suppose, a company buys amachine for $12 million and expects it to have a useful life of 12 years, its cost will bedepreciated over 12 years. In each accounting year, the company will write off $1million (according to straight-line depreciation method), money depreciated would help

company to make more money by that time.

Amortization is concerned with intangible assets. The assets which we can’t see or touch but we can feel like patents and copy rights come under intangible assets. It is the part of capitalized expenditure and preliminary expenditure which is usually distributed over thenumber of years. It is also fixed by company’s law and it can rapidly change. Basically,in amortization the intangible assets are written off over the number of years.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 22/27

For example ABC Company spent $48 million US dollars on a Car engine technologyand the patent on the engine lasts 12 years, this will mean that $4 million will beaccounted each year as an amortization expense.

Both depreciation and amortization are non cash expense of the company and they

decrease the earning while increasing the cash flow

Accounting vs Financial Management

Financial Management is a relatively new branch of accounting, that manages thefinances of a particular individual,  business, or organization. The main  aim of the

discipline is to achieve various financial objectives. It also involves the company’sfinancial resources for management purposes.

Its key objectives are to create or improve the financial health of the organization, either  by generating cash, or by adding related resources. It should study and devise plans for implementation, in order  to provide a satisfactory return on investment. Financialmanagement considers all factors, such as risks, of which it tries to manage, and howmany resources are invested. Basically, financial management makes plans to ensure a productive cash flow. It governs and maintains the financial assets of a certain body.Apparently, the main concern is not the techniques of quantifying finances, but theassessment thereof. Financial management is often referred to as the science of money

management.

The three elements of financial management are: Financial planning,Financial Control, and Financial Decision-making. Planning often deals with funding asany management should, ensuring that adequate funding is available at the right moment.Financial control, on the other hand, ensures that the individual’s assets, or company’sassets, are secure, and being utilized efficiently. Obviously, financial management dealswith various financial decisions, particularly the things relating to financing, dividends,and investments.

According to the American Institute of Certified Public Accountants (AICPA),

accounting is defined as: “The art of recording, classifying, and summarizing in asignificant manner, and in terms of money, transactions, and events, which are, in part atleast, of financial character, and interpreting the results thereof.”

The practice is, in fact, ancient. Archaic accounting records have been found, and theyare more than 7,000 years old. Not surprisingly, the methods of accounting used thenwere primitive, and they were mainly done to record the development of crops, or the

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 23/27

increase of herds. Nowadays, accounting has evolved, and become an important part of  businesses.

Accounting, nowadays, is considered as ‘the language of business’. It is means to reportfinancial data or  information about a particular business entity or individual. There are

two main types of accounting – management accounting and financial accounting. If anaccounting report is focused on individuals within the organization, it is considered asmanagement accounting. In management accounting, information is provided toemployees, auditors, owners, managers, etc. The report is used as a basis for makingmanagerial or operational decisions.

The other type of accounting is financial accounting, in which the information provided isfor people outside of the organization or business, such as, creditors, potentialshareholders, economists, government agencies, and analysts.

Summary:

1. Accounting is more about reporting the financial information of a particular individual,or business entity.

2. Financial management encompasses everything that involves finances, assets, andresources. It takes part in financial planning, control, and decision-making.

3. Fundamentally, Financial Management is a relatively new branch of accounting, andmore about business applications, accounting data, and reports

The Difference

The question of the differences between the IAS and IFRS has arisen on a number of occasions in accounting circles, and in fact, some would question if there is anydifference at all. One of the major differences is that the series of standards in the IASwere published by the International Accounting Standards Committee (IASC) between1973 and 2001, whereas, the standards for the IFRS were published by the InternationalAccounting Standards Board (IASB), starting from 2001. When the IASB wasestablished in 2001, it was agreed to adopt all IAS standards, and name future standardsas IFRS. One major implication worth noting, is that any principles within IFRS that may  be contradictory, will definitely supersede those of the IAS. Basically, whencontradictory standards are issued, older ones are usually disregarded.

Summary:IAS stands for International Accounting Standards, while IFRS refers to InternationalFinancial Reporting Standards.IAS standards were published between 1973 and 2001, while IFRS standards were  published from 2001 onwards.IAS standards were issued by the IASC, while the IFRS are issued by the IASB, which

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 24/27

succeeded the IASC.Principles of the IFRS take precedence if there’s contradiction with those of the IAS, andthis results in the IAS principles being dropped

Accounting vs Economic Profit

Many people think that profit is the revenue one gets after the costs have   been deducted, but many of us are not aware that there are two kinds of profits – accounting profits andeconomic profits. Well, the two profits – economic and accounting -have certaindifferences between them.

Accounting profit is the difference between the total revenue and the total cost, excludingthe cost of the opportunity. On the other hand, economic cost is the difference betweenthe total revenue and the total cost, including the cost of the opportunity.

Economic profit is obtained when the revenue exceeds the opportunity’s cost. On the

contrary, a firm can be said to have accounting profits if the revenue exceeds theaccounting cost of the firm. In other words, accounting profit can be referred to as therevenue obtained by a firm after all the economic costs are met.

One of the differences that can be seen, is that the economic profit will always be lesser when compared to accounting profits. When compared to economic profit, the accounting profits are only given during leap years.

When considering accounting profits, it is defined as the revenue deducted from theexplicit costs, and economic profits, as the revenue deducted from explicit and implicitcosts.

When calculating accounting profits, the things that are considered include leased assets,non-cash adjustments/transactions for depreciation, provisions, allowances, andcapitalising development costs. When calculating economic profits, several things, likeopportunity costs, residual value, inflation level changes, tax rates, and interest rates oncash flow, are taken into account.

When compared to economic profits, accounting profit is calculated for a certain periodof time.

Summary:

1. Accounting profit is the difference between the total revenue and the total cost,excluding the cost of the opportunity. On the contrary, economic cost is the difference between the total revenue and the total cost, including the cost of the opportunity.

2. Accounting profit can be defined as the revenue deducted from the explicit costs, andeconomic profits, as the revenue deducted from explicit and implicit costs.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 25/27

3. When compared to economic profits, accounting profit is calculated for a certain period of time.

4. Economic profit will always be lesser when compared to accounting profits. Incomparison with economic profit, the accounting profit is only given during leap years.

5. Accounting profit can be called as the revenue obtained by a firm after all theeconomic costs are met. A firm can be said to have accounting profits if the revenueexceeds the accounting cost of the firm.

Yield vs Interest Rate

Do you know the difference between yield and interest rate? In order  to start makingsmart investment decisions, and calculating your investment profits, you need to be able

to tell the difference. To keep it as simple as possible, we can say that the yield is the profit, and the interest rate is why you made the profit.

To go a bit deeper, the interest rate is stated as a percentage. Whether you’re paying or receiving dividends, the interest rate is the percentage of money above the initial amount.If you take out a loan with a 3% interest rate, you will pay 3% more money than you borrowed. The same applies to profit. If you take out a CD with a 3% interest rate, youcan expect to cash out the CD with the original deposit, plus an additional 3%.

The yield is how much you actually profited from the investment. While you can put theyield into terms of percentages, you can also do it simply in dollar amounts. If you

 bought an investment for $10,000, with a 3% interest rate for one year, your yield would be about $300. Of course, if you’re compounding your interest back into the investment,your yield increases. You can’t compound an interest rate.

Yield is determined through basic math. Take your initial investment, and simply divideit by the interest rate. This will give your basic term yield. Whether a term is 6 months, ayear, or 12 years, you multiply your annual yield into the number of terms you’ll beallowing the investment to sit (if you’re not compounding), and you will derive your totalyield. If you’re compounding, you’ll have to continually adjust the initial amount for each time the yield is compounded back into the investment. So, if you invested $10,000for three years, at a term of one year, your second term would be calculated by

multiplying $10,300 by the interest rate.

Summary:

1. Yield is the monetary profit.

2. Interest rate is how much additional monetary profit is produced per term.

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 26/27

3. Interest rate is bound in percentages.

4. Yield can be expressed in dollars or percentages.

Difference Between Audit and Evaluation

EVALUATIONEvaluation is all about identifying and understanding a particular process and then thewillingness to redesign and improve the process or make the necessary alterations in the process to result in an improved achievement.

Basically, evaluation is considered as a learning tool as it is always done during the

middle of the process or at the end of the process. It is all about identifying andunderstanding the results of a process and their impacts and what can be the bestalternatives to help in decision-making which would lead further improvement in the process.The most important intention behind evaluation is to enable `learning-by-doing`. By`learning-by-doing` we mean that a process can be understood and performed in a better way only by doing it first and then finding out ways to improvise upon it. Also it wouldfurther help in improving the results-oriented activities by re-engineering or say re-designing the ongoing activities and by crafting improved design for new ones.The most important factor regulating evaluation is accountability; i.e. whether results areachieved or not and what are the reasons behind the success or failure of the process

followed.Evaluation comprises three things:Whether we are doing the right thingsWhether we are doing it rightWhether there are better ways of doing it

AUDITAudit may be defined as an independent assurance activity designed with an objective toadd value and improve the working and operations of a particular organization. It isintroduced to improve the control and governance processes in an organization and alsoto check the efficiency of risk management. This is done by bringing in a systematic anddisciplined approach to assess the overall working of the organization. In audit,accountability is very important as it focuses on the success of the managementframework and its appropriateness and provides assurance for the effective management  practices in the organization.Audit comprises:INTERNAL AUDIT: Here, auditing is done within the organization and reporting is doneto the senior management of the organization.EXTERNAL AUDIT: Here, auditing is done by an independent entity and reporting is

8/8/2019 Notes on Internal Control & Audit

http://slidepdf.com/reader/full/notes-on-internal-control-audit 27/27

done to the governing body of the organization being audited.DIFFERENCE BETWEEN EVALUATION AND AUDITEvaluation is a part of the Management Cycle(planning implementation evaluation)Audit is independent from Management Cycle since it comes into scene after thecompletion of Management Cycle.

Evaluation talks about doing the right thing while audit talks about how the things aredone.Evaluation involves doing it right while audit involves managing it right.Evaluation is about sustainability while audit is about efficiency.Evaluation approach follows good practices while audit works against norms.Evaluation is done at the end-of-phase while audit can be done any time.Anything can be evaluated while things falling under the management control only can be evaluated

Because very few assets last forever, one of the main principles of accrual accounting requires

that an asset's cost be proportionally expensed based on the time period over which the assetwas used. Both depreciation and amortization (as well as depletion) are methods that are usedto prorate the cost of a specific type of asset to the asset's life. It is important to mention thatthese methods are calculated by subtracting the asset's salvage value from its original cost.

Amortization usually refers to spreading an intangible asset's cost over that asset's useful life. For example, a patent on a piece of medical equipment usually has a life of 17 years. The costinvolved with creating the medical equipment is spread out over the life of the patent, with eachportion being recorded as an expense on the company's income statement. Depreciation, on the other hand, refers to prorating a tangible asset's cost over that asset's life.For example, an office building can be used for a number of years before it becomes run downand is sold. The cost of the building is spread out over the predicted life of the building, with

a portion of the cost being expensed each accounting year.

Depletion refers to the allocation of the cost of natural resources over time. For example, an oilwell has a finite life before all of the oil is pumped out. Therefore, the oil well's setupcosts are spread out over the predicted life of the oil well.

It is important to note that in some places, such as Canada, the terms amortization anddepreciation are often to used interchangeably to refer to both tangible and intangible assets.