Internal control risk is defined as the part of an audit risk that relates to a clients internal control system. Internal controls maintain five components; control environment, process of risk assessment of an organization, information processing, control activities and monitoring controls. The auditors perform tests in order to evaluate the effectiveness of these five component controls. If the result from the auditor’s testing shows the client’s internal control system to be weak, then additional audit work may be required. Additional audit work may include substantive testing; this is to obtain additional audit information in which the audit opinion will be based. However, if the audit testing shows that the client internal controls are strong and running efficiently, then little or no additional testing will be necessary.
In the Apollo shoes case, some risks have been identified dealing with internal controls. Our auditors have filled out an internal control questionnaire, also known as an ICQ, based on the information provided by Apollo Shoes internal audit department head, on processing of sales transactions. However, information was not assessable on the type of sales transactions processed at Apollo Shoes and whether the same control procedures were applied on all sales transactions processed. Sales transactions need to be identified correctly and processes for each type distinguished or transaction could be processed incorrectly. There was also missing information on whether any number sequence was used processing checks, invoices and shipping documents to check the missing ones. It is very important checks, invoices and shipping documents have number control system otherwise these can go missing which could lead to Fraud, missing revenue and missed shipments. Therefore, these two issues specified could be potential risky areas due to the amount of sales revenue and receivables could be materially misstated.
Internal controls in the audit process
Internal control is defined as a process that affects an organization’s structure, work and authority, people and management information system, designed to help the company accomplish specific goals or objectives. Auditors measure the effectiveness of internal control through their efforts and assess whether the controls are properly