31.INTERNAL CONTROL AND RISK ASSESSMENT
One of the first tasks in an audit engagement is obtaining an understanding of the accounting and internal control system.
The internal control system consists of the control environment and control procedures.
The understanding must be sufficient to enable the auditor to design procedures for obtaining evidence applicable to the separate assertions.
The understanding of the accounting and internal control system should enable the auditor to make a preliminary assessment as to the probable effectiveness of internal controls.
All companies should maintain internal controls that will provide reasonable assurance that fraudulent financial reporting will be prevented or subject to early detection.
Internal control is a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the
following categories:
(a) reliability of financial reporting.
(b) compliance with applicable laws and regulations.
(c) effectiveness and efficiency of operations.
Before commencing an audit on an entity's financial statements, the auditor must have a thorough understanding of the entity's accounting system.