 In this presentation, we will take a look at and discuss internal controls. Internal controls. Management is respond- First, a word from our sponsor. Well, actually, these are just items that we picked from the YouTube shopping affiliate program, but that's actually good for you because these aren't things that we're just given to us from some large corporation which we don't even use in exchange for us selling them to you. These are things that we actually researched, purchased, and used ourselves. Here we have a Western Digital WD Elements 20TB USB 3.0 Desktop External Hard Drive. We use as part of our backup system, noting that if you lower the number of terabytes of storage, the price will lower dramatically as well. When you're thinking about a backup system, you're usually thinking about an online system or an external hard drive system like this or ideally some combination between the two giving you some redundancy. You can also work directly from an external hard drive like this, but there are some drawbacks to doing that, one being if you use this as your primary drive you're working from, it's no longer a backup drive and you're going to need a backup system, possibly another external hard drive and or some kind of cloud backup system and if you're working on something that takes up a lot of short term memory, a lot of RAM as you're working on it, such as video editing, the external hard drive can slow up the system so you might want to come up with some kind of system where you download the project you're working on to your computer, to your C drive or possibly to a solid state drive which is a much more expensive external hard drive as you do the work once the work is done, then save the project to an external hard drive such as this. If you would like a commercial free experience, consider subscribing to our website at accountinginstruction.com or accountinginstruction.thinkific.com where we have many different courses you can purchase one at a time or have a subscription model giving you access to all the courses, courses which are well organized, have other resources like Excel files and PDF files to download and no commercials. It's possible to implement and maintain controls to provide reasonable assurance that adequate controls exist over the entity's assets and reporting. The internal control system should ensure assets and records are safeguarded and produce reliable information for decision makers. So a couple key points when we think about the internal controls. We are the auditor. We're positioning ourselves thinking of ourselves as the auditor. Note that the internal controls are something that is done by management. So like the financial statements, when we audit the financial statements, those being prepared by management, the internal control system also something designed and implemented by management. And so the internal control system is implemented in order to provide reasonable assurance that adequate controls exist over the entity's assets and reporting. So the internal controls, you can think of it kind of as a bureaucratic type of system. They're going to put in more bureaucratic systems. We think of it as an entity growing in size. They're going to need more of these kind of bureaucratic types of systems, more checks and balances, more internal controls in order to assure more reliability over the assets that the company possesses, as well as the reporting that will be a result as well. And then us as the auditor, we'll take a look at those internal controls, test those internal controls and see whether or not we can rely on those internal controls as part of our auditing and thereby test controls rather than test as much of the substantive testing that we would have to do if we had little to no internal controls. Risk assessment procedures are used by management to obtain an understanding of the entity's internal controls, identify the most important controls, recognize potential for misstatement given the controls and design test the controls and substantive procedures. Note that we as the auditor are going to have a good idea of what good internal controls should be. We need to have a good idea of what good internal control should be as we review the internal controls of the company. You might then ask, well, why wouldn't the auditor then help to implement internal controls? And that's a natural type of thing to happen within an audit engagement to say, hey, the management might say, hey, well, the auditor should help us basically to implement proper internal controls. Just note that you need to be careful. We'll talk more about this with the separation of duties, but we want to mention it here that the auditor needs to be careful in terms of what types of internal controls or what type of advice are being given with regards to internal controls, because that's going to be starting to give more advice in as if you're basically part of the management of the organization. In other words, it could harm the separation of duties and it would also result in the fact of the audit basically testing the internal controls, which the auditor themselves had either designed and or implemented. And if that was the case, if the auditor designed and helped to implement the internal controls, then you have a clear kind of separation or a clear kind of problem in terms of the independence, you would think, right? So that's going to be one of the issues that you'll see often come up with these types of relationships between the public accounting firm doing auditing one needing to be independent. And then also as you're learning, as you're knowing this business, you're getting a better idea of this business than any other anybody else would. And therefore it's natural for the business to want more information such as information that would be more on a management type of level. And the auditing firm needs to also maintain separation. So that's one of the kind of problems that go into place as we go forward and think about things like independence, we'll discuss more of those in a future presentation. This is COSIL's internal control integrated framework. So here's our objectives. We typically are going to break these out to three types of objectives, reliability of financial reporting, effectiveness and efficiency of operations and compliance with laws and regulations. As we consider these objectives, note when you consider internal controls in other words, you may hear internal controls and think of it in different types of frameworks. We are thinking about it in terms of financial statement auditors were auditors. And therefore we're thinking about internal controls mainly related to the reliability of the financial statements. But when you hear internal controls in a general kind of framework, it may be the controls over the reliability of financial framework or they might be internal controls over the effectiveness and efficiencies of operations. Notice those aren't the same thing. They may be related. They may have overlap, but they're not going to be basically the same thing. The controls over the efficiency of the operations are designed to make us more and more efficient. The controls over the reliability of the financial statements are designed in order to make sure that the financial statements are capturing what is happening and being reported in accordance with some set of standards possibly something like generally accepted accounting principles. Note that the controls over the reliability of financial reporting may coincide with the controls over the effectiveness and efficiency of operations. Or they may not in some cases. The fact that we need to put some controls in to make sure that the reliability of the financial statements is there may cost us in terms of effectiveness and efficiency. So they may not always be going the same way. We might have to put it controls in that would reduce effectiveness and efficiency in some way in order to make sure that the financial statements are reported well. And then we have compliance with laws and regulations. And this might be seen very clearly for many people in laws and regulations related to something like safety. We might have laws and regulations like OSHA type of laws and regulations that would be required to maintain to make sure that we're in accordance with safety regulations that can also be designed or formed on the level or called of course internal controls. Now when we're thinking about internal controls we're not usually thinking about the safety internal controls because we're not auditing that. That's not whether to audit typically for auditing the financial statements. So although those are internal controls they're probably not where we're really focused on because our job is to give an opinion on the financial statements. So we're focused mainly over here on the internal controls that are related to the reliability of financial reporting. So internal controls related to the preparation of financial statements for external purposes are the internal controls related to an audit. That's what we're really looking for. However internal controls related to operations and compliance objectives can be relevant when they relate to data auditors uses to apply auditing procedures. So there might be cases where the items will be relevant to and we can take a look at the internal controls for them as well. But again our focus of course is here with regards to the our internal control. Be aware that when you hear internal control just generally outside of the realm of basically a public accounting firm they may well be referring to something that's not what we're going to be focusing in on. They may be referring to the effectiveness and efficiency of operations or compliance with laws and regulations as opposed to reliability of financial reporting.