For smaller companies, entity-level controls (also called top-level controls or management review controls) can provide effectiveness for all controls.
“Entity-level controls are often related to the monitoring process and financial close and reporting cycle — although small companies may not refer to them in those words,” explains Wayne Kerr, senior consultant with Thomson Reuters. Kerr says that these top-level controls are items such as weekly or monthly top management reviews of financial information; approval of large transactions, such as disbursements or sales; and reviews of bank reconciliations.
|
Internal Control Communications: ASB and PCAOB Plus FREE Checkpoint Training. Once again, the definitions of internal control deficiencies have been revised in the interest of convergence between the ASB, PCAOB, and International Auditing and Assurance Standards. We’ll bring you up-to-date information on how and when to apply this standard in your practice, and then provide an hour of free Checkpoint training!
Click here for more information and to order. |
|
|
|
“Smaller companies rely on these types of controls, in part, because they often lack the resources or capacity to incorporate separation of duties and other ‘prevent’ controls into their processes,” he adds.
With smaller public companies, auditors are charged with determining which controls to test and how to select controls that test multiple controls. This means that auditors should analyze all transactions to see if the related controls operate to the most effective degree, according to Kerr.
“If an auditor tests controls and determines that they are operating effectively, he or she can rely on those controls — which means he or she can reduce some of the other audit work that would otherwise be needed,” Kerr says.
According to the Public Company Accounting Oversight Board (PCAOB), a private, nonprofit entity formed to oversee public company auditors, the company’s complexity is a critical factor in an auditor’s assessment. The smaller the company, the less complex it may be due to fewer lines of business and management levels, explains the PCAOB.
It’s also more likely that with smaller companies, senior management is involved (or more involved) |
|
|
Internal Control and Fraud Detection. The essential tools you need to perform internal-control related services! This course takes you through your clients’ responsibility to design and implement programs and controls to prevent, deter, and detect fraud. Click here for more information and to register.
Practice Issues—Compilation and Review Update. Learn of the various changes proposed by the Accounting and Review Services Committee of the AICPA and practice issues surrounding compilation and review engagements. This course discusses SSARS No. 8, management-use only financial statements, changes in SSARS Nos. 9 through 14, and responsibility for fraud, internal control and going concern, representation letters for reviews, personal financial statements, using staff, compiling pro forma financial information, OCBOA financial statements, legends on financial statements, and more. Click here for more information and to register. |
|
in the daily business activities and that these levels of management have a greater variety of control. As such, these smaller company variables could result “in material misstatement of the company’s financial statements and the controls that a company might establish to address those risks,” explains the |
Taking Control
Feature Story
