Checklist For Evaluating Internal Controls Essay Example for Free

Checklist For Evaluating Internal Controls Essay For publicly traded companies, the Sarbanes-Oxley Act of 2002 requires an audit of internal controls. The purpose of an internal control evaluation is to evaluate risk, which offers auditors a basis for audit planning and provides useful information to management (Sox Law, 2006). Auditors typically use the five basic components of internal control to approve the entire system. According to Louwers, Ramsay, Sinason, and Strawser (2007) the five components to internal controls include control environment, risk assessment, control activities, monitoring, and information and communication. Control environment involves the tone of the organization and includes â€Å"the integrity, ethical values, and competence of the companys people† (Louwers, Ramsay, Sinason, Strawser, 2007). Risk assessment involves a thorough assessment which â€Å"identify(s) risks, estimate their significance and likelihood, and consider how to manage the risks† (Louwers, Ramsay, Sinason, Strawser, 2007). Control activities involve specific actions which help ensure that management’s goals and projections are met. Monitoring involves the continuous assessment of internal controls. Information and communication relates to the efficiency and reliability of information and communication regarding how the information is presented and communicated to users. Internal controls protect the financial information and operations of a business. The development and implementation of these controls are typically the responsibility of the business owners. Internal or external audits may be used to gauge the efficiency of internal controls. This audit generally takes place following a standard process of risk measurement regarding the business operations and financial information. The measurement data is most effectively determined by using an internal control checklist. Checklist Phase One: Understand and Document the Client’s Internal Control Obtaining an Understanding Control Environment Evaluation Risk Assessment Evaluation Information and Communication Assessment Phase Two: Assess the Control Risk Phase Three: Test Controls and Review Control Risk Reassess Controls Direction of the Test of Controls Reassess the Control Risk