China Law Online Database : novexcn.com

You are using Guest Account

Subscribe To This Law Only

Subscribe To All Law Contents

Print This Page

Back




	STANDARDS OF AUDIT AUTHORITIES FOR INTERNAL CONTROL ASSESSMENT

	(Order No.5 of the National Audit Office of the People's Republic of China promulgated on December 15, 2003; shall come into force as of February 1, 2004)


SUBJECT : AUDITING; INTERNAL CONTROL ASSESSMENT
ISSUING DEPARTMENT : THE NATIONAL AUDIT OFFICE OF THE PEOPLE'S REPUBLIC OF CHINA
ISSUE DATE : 12/15/2003
IMPLEMENT DATE : 02/01/2004
LENGTH : 1,539 words
TEXT :

Article 1. The present Standards are hereby formulated in accordance with the National General Auditing Standards of the People's Republic of China for the purpose of regulating the acts of internal control assessment by auditors on the audited entity in the process of auditing, and guaranteeing the quality of auditing work.

Article 2. The internal control mentioned in the present Standards, refers to the process that an audited entity formulates and implements the relevant policies, procedures and measures for the purpose of maintaining the safety and integrity of its assets, ensuring the truthfulness and reliability of the accounting information, and guaranteeing the economy, efficiency and effectiveness of its management or business activities and observance of relevant regulations.

The internal control consists of such five factors including control environment, risk assessment, control activities, information and communications, and supervision.

Article 3. The "internal control assessment" mentioned in the present Standards refers to the activity of auditors to know the establishment and operation of internal control of the audited entity through investigation, and to make the relevant testing and assessment on the healthiness, rationality and effectiveness of the internal control, so as to determine whether to rely on the internal control and the nature, scope, time and emphasis of material testing.

Article 4. It is the responsibility of the audited entity to establish and perfect internal control and ensure its effective implementation. And auditors shall be responsible for evaluating the healthiness and effectiveness of the internal control.

Article 5. The following four procedures shall be followed by the auditors when assessing the internal control:

(1) Making investigation into internal control;

(2) Making preliminary appraisal on internal control to assess control risk;

(3) Making consistency test on the implementation of internal control; and

(4) Putting forward conclusions on internal control assessment, and determining the scope, focus and method for material testing on the basis of such conclusions.

Article 6. Auditors may make investigation into and preliminary assessment on the internal control through the following methods:

(1) Consulting the various management systems and relevant documents of the audited entity;

(2) Inquiring the management personnel and other relevant personnel of the audited entity;

(3) Checking the documents and records formed during the process of internal control;

(4) Observing the business activities of the audited entity and the actual operation of internal control thereof.

Article 7. The contents concerning control environment of the audited entity, which are investigated into by auditors shall mainly cover: the control awareness and degree of good faith of the senior management personnel and other management personnel of the audited entity, the business scale and the complexity of the business, organizations and relevant systems, the division and functions of work for each department, the major revenue budget and financial plan, and the policies of manpower resources, etc..

Article 8. The contents concerning risk assessment on audited entity made by auditors shall mainly cover: how the audited entity determines the risk and the importance of risk assessment, and how it connects the possibility of risk occurrence with the management target, management plans and the relevant contents of financial report, and takes corresponding measures.

Article 9. The contents concerning control activities of the audited entity, which are investigated into by auditors shall mainly cover: the authorization and approval of the various business handling process of the audited entity, the function and division of work, in-kind control, establishment and application of the certificates and records, the establishment and implementation of the independent examination procedures and other control means.

Article 10. The contents concerning information and communication of the audited entity, which are investigated into by auditors shall mainly cover: the kinds of main business of the audited entity in respect of management and business activities, the procedures for handling various economic business, the accounting treatment procedures for various business and the sources of information they rely on, the design of the accounting system and important accounting certificates, kinds of book accounts and items of accounting statement, and the ways of passing information among the various departments, etc..

Article 11. The contents concerning internal supervision conditions of the audited entity, which are investigated into by auditors shall mainly cover: the routine supervision and examination methods of the audited entity, namely, the systems and methods that the supervisors use for supervising the running of various work, such as the budget, plan, responsibility report, and other systems and methods, and establishment of internal auditing and the actual working conditions, etc..

Article 12. Auditors may take the following forms to describe the internal control of the audited entity and write them down on the auditing journal:

(1) Describing the establishment of internal control of the audited entity in the form of letter recording;

(2) Getting to know the establishment of internal control from the management personnel of the audited entity or relevant parties by using the questionnaire, and record them;

(3) Depicting the operation flow of economic activities in specific lansigns to describe the establishment of internal control of the audited entity.

The preceding methods may be used separately or all together.

Article 13. After making preliminary appraisal, auditors shall assess control risk and make decision on whether to rely on the internal control of the audited entity and to what extent they may rely on it.

Article 14. Assessment of control risk shall include the following working contents:

(1) Analyzing business process and fields of activity, which may have errors or omissions, and reviewing the control measures taken by the audited entity;

(2) Testing the rationality of relevant internal control and the effectiveness of the operation; and

(3) Determining the level of control risk.

Article 15. When making consistency test on internal control, auditors may test whether the internal control system has been enforced effectively through such methods as checking documents and data, enquiry, on-the-spot observation, and doing over certain business, etc.. The ways of testing shall mainly include the following two kinds:

(1) Checking according to the business handling process whether the various provisions on internal control in the business handling procedures have been carried out; and

(2) Choosing relevant economic business, making test on key reference points of the business handling procedure, and checking whether their roles have been truly brought into play.

Article 16. After assessing the implementation of internal control, auditors shall analyze comprehensively the healthiness and effectiveness of internal control of the audited entity, bring forward conclusions on internal control assessment, and determine hereby the scope, focus and method of material testing.

Article 17. Auditors shall, when assessing internal control of the audited entity, keep professional caution they should have, and fully consider the following intrinsic limitations of the internal control:

(1) The establishment and operation of internal control are subject to the principle of cost and benefit;

(2) The internal control is generally established for routine business activities;

(3) Even a perfectly established internal control may also be invalidated due to the negligence, mistakes and false judgment of the relevant personnel;

(4) The internal control may be invalidated due to the collusion of relevant personnel with one another inside and outside the audited entity;

(5) The internal control may be invalidated due to misuse of authority by executors or their yielding to outside pressure; and

(6) The internal control may be weakened or invalidated due to the alteration of business environment or kind of business.

Article 18. The following three aspects shall be taken into consideration when determining the major fields of material testing:

(1) Major business fields that lack internal control;

(2) Fields with irrational establishment of internal control, and the unrealizable control target; and

(3) Fields in which the role of internal control hasn¡¯t been brought into play.

When determining the concrete methods for material testing, corresponding examination measures shall be put forward on the basis of the defects of internal control and the possible consequences it may lead to, so as to verify whether the relevant revenue income and expenditure, financial income and expenditure or accounting treatment is real and lawful.

Article 19. The material testing shall not be replaced by the assessment on internal control of the audited entity made by auditors, no matter how perfect and effective the internal control of the entity being audited is, the auditors shall choose appropriate methods to make material testing on major revenue income and expenditure, and financial income and expenditure of the audited entity.

Article 20. Under the condition of processing information through computers, auditors shall make assessment on control environment of the computer information system and application control of the audited entity to determine its reliability and the auditing method for the following step.

Article 21. Auditors shall, in light of the principle of cost and benefit, make decision through their professional judgment on whether an entity of small business scale shall carry out internal control assessment process.

Article 22. Auditors shall record the process of the investigation into, testing and assessment on internal control of the audited entity into auditing journal, and communicate with the audited entity on the major defects of the internal control they find in assessment.

Article 23. The right to interpret the present Standards shall remain with the National Audit Office.

Article 24. The present Standards shall be implemented as of February 1, 2004.