Controls Dialog

Click the doormat icon () to open the Control Doormat menu. The menu lists risks, controls and reportable items that have been defined. You can create, delete and edit a risk, controls or reportable items from this menu.

You can also remove risks, controls and reportable items in bulk by clicking the Delete (x) button to the right of the heading.

Control Documentation

New control name

Type a short description of the identified control.

New control description

Type the detailed description of the control.

Identifier

The identifier field is automatically populated with the user ID and a sequential number so that each risks, controls and reportable items are unique. This field can be enabled in the AO - General Options in the master template.

Financial Statement Areas

Click to display a list of entity level risks and material financial statements areas (FSAs). From the dialog that appears, select one or more items that affect the identified risk. Once the relevant items have been selected, check off the related assertions within the Financial Statement Areas Affected area. As the material FSAs and assertions populate from the Financial Statement Areas worksheet, the worksheet must be generated before they can be selected.

Note: The master template lists all of the FSAs, whereas the engagement client file lists only the material FSAs.

Business Cycles Affected

Click to display a list of affected business cycles associated with the risk. The list in business cycles is defined in the Financial Statement Areas worksheet. Note: If an FSA item in the Financial Statement Areas worksheet is already associated with a business cycle through the Financial statement areas worksheet, this area will be automatically filled out with the selection of Financial Statement Areas Affected.

IT Systems Affected

Click to display a list of affected IT systems associated with the risk. The list of IT systems affected are defined in the AO - General Options | General Control Options.

Maturity Level

Select to rank the maturity level of the control from a range of 1 (low) to 5 (high).

Indirect Control

Select to indicate whether the control is dependent upon other controls.

Manual / Automatic

Select to indicate whether the control is a manual or an automatic control.

Frequency of control

Select to indicate how frequent the control is being applied.

Key control

Select to indicate whether the control provides reasonable assurance that material errors will be prevented or detected in a timely manner.

Supporting Working Papers

Click to open a listing of documents in the Document Manager. In this dialog, select applicable supporting documents from Working Papers.

Control Design

Select to indicate whether the control design is satisfactory or unsatisfactory.

Design Implemented

Select to indicate whether the control design was implemented.

Evaluation Results

Select to Indicate whether the control environment was satisfactory or unsatisfactory.

Changed Since Previous Evaluation

Select to indicate whether the control is identical with the previous year or has been changed.

Roll forward

Select to include the control in next year’s file. This is selected by default for all new controls.

Test Control

Select to indicate if a control is to be tested or in which period it was last tested. After a year-end close, the Test Control rolls forward and automatically updates from Yes to PY1 (Tested), then PY2 (Tested). Tests of control are used to gather evidence of the operational effectiveness of internal control procedures. It may be appropriate to use audit evidence about the operating effectiveness of controls obtained in previous audits.

Note: If you select No, the Control is Effective field will automatically set to Not Tested.

Supporting Working Papers

Click to open a listing of documents in the Document Manager. In this dialog, select applicable supporting documents from Working Papers.

Control is Effective

Select to indicate whether the control is effective, not effective or not tested.

Risk

Click beside Risk, to add risk to the control. The following choices appear:

• Create New (item) - opens the New risk dialog to create a new risk.
• Import from File - imports risks from a template or other source file, using the import controls dialog.
• Edit Association - uses an existing risk. A dialog appears that lists the controls that have already been added to this client file. From the dialog, select one or more controls to be associated with this risk.

Reportable Item

Click beside Reportable Item, to add reportable items to the risk. The following choices appear:

• Create New (item) - opens the New reportable item dialog to create a new control.
• Import from File - imports reportable items from a template or other source file, using the import controls dialog.
• Edit Association - uses reportable items. A dialog appears that lists the reportable items that have already been added to this client file. From the dialog, select one or more reportable items to be associated with this risk.

This option is available only if you have enabled reportable items in the AO - General Options document.