fbpx

Internal Controls: Verifications – CPA Exam Definitions

Internal Controls Verifications CPA Exam

Share This...

Internal Controls: Verifications

Testing the design and implementation of relevant automated and manual transaction-level internal controls involving verifications helps an auditor assess the risks of material misstatements and plan further audit procedures. The following steps outline how to test the design and implementation of these controls:

  1. Identify relevant controls: Determine the key automated and manual transaction-level internal controls involving verifications, such as verification of sales prices, verification of customer credit limits, or verification of inventory quantities.
  2. Understand the control design: Gain an understanding of the design of each identified control, including the purpose, process flow, and control objectives. Assess the adequacy of the control design in addressing the associated risks and whether the control is preventive or detective.
  3. Evaluate segregation of duties: Assess whether there is an appropriate segregation of duties within the control process, ensuring that no single individual has the ability to initiate, record, and verify transactions without independent review or oversight.
  4. Perform walkthroughs: Conduct walkthroughs of the identified controls, tracing sample transactions from initiation to completion, and observe the control activities in action. This helps in understanding the control process and assessing whether it operates as designed.
  5. Inspect documentation: Review documentation related to the identified controls, such as policy and procedure manuals, system configurations, or access control settings. Evaluate the documentation to determine whether it supports the proper design and implementation of the controls.
  6. Test control effectiveness: Test the effectiveness of the controls by selecting a sample of transactions that have undergone the verification process. For manual controls, review supporting documentation, such as verification reports or sign-offs, to verify that the transactions were properly verified. For automated controls, test the application’s configuration settings or perform computer-assisted audit techniques (CAATs) to verify that the verification process is functioning as intended.
  7. Interview key personnel: Interview personnel involved in the control process, such as employees responsible for performing verifications, reviewers, and those responsible for resolving discrepancies. Obtain insights into the control activities, their understanding of the control objectives, and any known issues or challenges.
  8. Document test results: Create clear and comprehensive documentation of the tests performed, including the sample transactions tested, the procedures performed, and the results obtained. Highlight any identified control deficiencies or deviations and assess their potential impact on the financial statements.
  9. Assess control deficiencies: Based on the test results, assess the identified control deficiencies and determine whether they represent significant deficiencies or material weaknesses in the entity’s internal control over financial reporting. This information will be used to plan further audit procedures, including additional tests of controls or substantive procedures, as necessary.

By following these steps, auditors can test the design and implementation of relevant automated and manual transaction-level internal controls involving verifications, providing valuable insights into the effectiveness of the entity’s internal control over financial reporting.

Other Posts You'll Like...

Want to Pass as Fast as Possible?

(and avoid failing sections?)

Watch one of our free "Study Hacks" trainings for a free walkthrough of the SuperfastCPA study methods that have helped so many candidates pass their sections faster and avoid failing scores...