Table
of Contents
Part I - The Principles of Internal Control - Section 1
The Definition of Internal Control
Limitations of Internal Controls
Components of Internal Control
Relevance to Sarbanes-Oxley Compliance
Information & Communication Systems Support
Control Framework - 17 Principles
Control Framework with GAOs Attributes
Part I - Section 1 Review Questions
Part I - The Principles of Internal Control - Section 2
Integrating Controls over Information Systems
Considerations Specific to Smaller Entities
Part I - Section 2 Review
Questions
Part II - Management Assessment of Internal Controls -
Section 3
Understanding the Sarbanes-Oxley Act Rules
Enhanced Financial Disclosures (Section 404)
Managements Internal Control Report
The Role of Independent Public Accountant
Corporate Responsibility (Section 302)
Disclosures in Periodic Reports
Corporate and Criminal Fraud Accountability
Identification of Risks and Controls
Step 1: Selecting the Control Framework
Step 2: Defining Control Objectives
Step 3: Addressing and Monitoring Risks
Part II - Section 3 Review Questions
Part II - Management Assessment of Internal Controls -
Section 4
Assessment of the Adequacy of Controls
Evaluating the Effectiveness of Controls
The Operating Effectiveness of Controls
Evaluation of Control Deficiencies
Step 1: Understanding the Nature of the Deficiency
Step 2: Assessing the Likelihood of Misstatements
Step 3: Considering Compensating Controls
Step 4: Determining Classification of Deficiencies
Step 5: Reporting Assessment Results
Documentation of Effective Controls
Identification of Control Gaps
Part II - Section 4 Review Questions
Part III - Audit of ICFR Integrated with Audit of Financial
Statements - Section 5
Statement on Auditing Standards 130
Part III - Section 5 Review Questions
Part III - Audit of ICFR Integrated with Audit of Financial
Statements - Section 6
Trade Accounts and Notes Receivable
Prepaid Expenses and Deferred Charges
Sales and Other Types of Income
Characteristics of Financial Statement Fraud
Identify and Assess Fraud Risks
Respond to the Fraud Risk
Assessment
Testing Operating Effectiveness
Relationship of Risk to the Evidence to be Obtained
Evaluating Control Deficiencies
Examples of Significant Deficiencies and Material Weaknesses
Scenario A Significant Deficiency
Responding to Misstatements Caused by Fraud
Considerations Specific to Smaller, Less Complex Entities
Considerations of Financial
Information Systems
Management Written Representations
Communication of Certain Matters
Use of the Work of Internal Auditors or Others
Part III - Section 6 Review Questions
Part IV - Fraud Prevention and Detection - Section 7
Occupational (Corporate) Fraud
Risk Factors Relating to Misstatements Arising from
Misappropriate of Assets
Risk Factors Relating to Misstatements Arising from Fraudulent
Financial Reporting
Procurement and Contractor Frauds
False Claims and False Statements
Part IV - Section 7 Review Questions
Part IV - Fraud Prevention and Detection - Section 8
Forensic Accounting and Auditing
Red Flags of Employee Behavior
Red Flags of Organizational Behavior
Recent Cases in Corporate Fraud
Fraud Prevention and Detection
Techniques for Fraud Prevention
The ACFE Fraud Prevention Checkup
Interpreting the Entitys Score
The Use of Technology for Fraud Detection
Part IV - Section 8 Review Questions
Part I - Section 1 Review Questions Answers
Part I - Section 2 Review
Questions Answers
Part II - Section 3 Review Questions Answers
Part II - Section 4 Review Questions Answers
Part III - Section 5 Review Questions Answers
Part III - Section 6 Review Questions Answers
Part IV - Section 7 Review Questions Answers
Part IV - Section 8 Review Questions Answers
Appendix A: Example of Management Report
Appendix B: Section 404 Management Compliance Checklist
Part 1. Internal Control Assessment Questionnaires
Significant Account Balances and Transaction Cycles
Revenue and Accounts Receivable
Purchases and Accounts Payable
Property, Plant, and Equipment
Part 2. Financial Information System Checklist
Procedures and Controls over End-User Computing
Information Processed by Outside Computer Service
Organizations
Part 3. Assessing Segregation of Duties and the Risk of
Management Override
Appendix D: Computer Applications Checklist - Medium to Large Business