ISA 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL TO THOSE CHARGED WITH GOVERNANCE AND MANAGEMENT
ISA 265 is a new standard which was born out of the IAASB Clarity Project and its primary objective is to deal with the auditor’s responsibility to communicate deficiencies in internal control appropriately to those charged with governance and management of the entity. It distinguishes what communication is necessary to each of these two parties.
ISA 265 recognises that the objective of the auditor is to communicate appropriately to those charged with governance and management any deficiencies in internal control that the auditor has identified during the course of the audit and which are of significant importance to warrant their respective attention.
DEFICIENCIES IN INTERNAL CONTROLS
Deficiencies in internal controls can occur in any control environment, regardless of how robustly the system has been designed. Even the best internal control systems devised by the best management cannot eliminate the risk of material misstatement within the financial statements. At best, a robust internal control system can only reduce the risk of material misstatement within the financial statements, not eliminate it entirely.
Deficiencies in internal control exist when a control is designed and implemented in such a way that it is unable to prevent, detect and correct misstatements in the financial statements on a timely basis or a control which is required to prevent, detect and correct ...