Internal Controls Section B (Risks and Recommendations) 2 Flashcards
(128 cards)
1
Q
Risk for GDNs not given same number as order numbers they relate to?
A
If GDNs are missing and company fails to raise invoices in a timely manner, could lead to a loss of revenue
2
Q
Control recommendation for GDNs not given same number as order numbers they relate to?
A
A sequence of check of GDNs should be undertaken to identify any missing despatch notes
3
Q
Risk if sales order department don’t receive copu of GDN
A
Not able to monitor if orders are being fulfilled on a timely basis, which could result in a loss of revenue and customer goodwill
4
Q
Control recommendation if sales order department don’t receive copu of GDN
A
GDN should be amended to a four-part with one copy going to sales department
5
Q
Risk if additional staff are drafted to help sales clerks produce sales invoices?
A
Increase of mistakes being made to sales invoices
6
Q
Control reccomendation if additional staff are drafted to help sales clerks produce sales invoices?
A
Only sales clerks should raise sales invoices - recruit more sales clerks
7
Q
Risk if manual entry of discounts?
A
A clerk could forget to manually enter discount or input wrong amount, causing loss of customer goodwill
8
Q
Control recommendation if manual entry of discounts?
A
Invoice system should be manded to prevent sales clerks from manually entering sales discounts onto invoices
9
Q
Risk if customer statements not generated and being sent to customers?
A
Increases likelihood of errors and invoice disputes. Which leads to cash flow issues
10
Q
Control recommendation for customer statements not generated and being sent to customers?
A
Should sent monthly customer statements and send them out promptly
11
Q
Risk if trade receivables account only reconciled annually?
A
Errors can’t be spotted promptly. Meaning receivables are misstated
12
Q
Control recommendation if trade receivables account only reconciled annually?
A
Trade receivables account should be reconciled on a montlhy basis. Then reviewed by an authorised employee
13
Q
Risk that customer orders are given a number based on sales person’s own identification number?
A
Sequential numbers mean it’s difficult to identify missing orders. Which leads to a loss of customer goodwill
14
Q
Control recommendation that customer orders are given a number based on sales person’s own identification number?
A
Sequence check of orders should be undertaken to identify any missing orders
15
Q
Risk for when each till has the same login code?
A
If there are cash discrepancies within the register, difficult to ascertain which employees are responsible. Cash is easy to misappropriate
16
Q
Control recommendation for when each till has the same login code?
A
Each employee is provided with a unique logon code
17
Q
Risk for when tills are reconcilied to daily sales reading are performed in total for every till rather than each till separately
A
When exceptions arise, it is difficult to identify which till caused differences
18
Q
Control recommendation for when tills are reconcilied to daily sales reading are performed in total for every till rather than each till separately
A
Reconciliation done on a till by till basis rather than in aggregate
19
Q
Risk for when daily sales sheets are scanned and emailed to head office?
A
Possibility some sales sheets could be misplaced by restaurant manager
20
Q
Control recommendation for when daily sales sheets are scanned and emailed to head office?
A
Daily sales sheets should be sequentially numbered and be sent to head office on a daily basis
21
Q
Risk for cash is stored at safe where safe key is kept under their desk?
A
Risk of significant cash losses due to theft if access to safe key not carefully controlled
22
Q
Control recommendation for cash is stored at safe where safe key is kept under their desk?
A
Current key lock safe should be replaced with a digital code. This code should be updated regularly
23
Q
Risk for when cashier is responsible for several elements of cash receipts system?
A
There is a lack of segragation of duties and errors can’t be identified on a timely basis
24
Q
Control recommendation for when cashier is responsible for several elements of cash receipts system?
A
Key roles should be split between different members of the finance team
25
Risk for when credit card statements are not reviewed or reconciled straight away?
Credit card omissions won't be identified on a timely basis, results with discrepancies with credit card company
26
Control recommendation for when credit card statements are not reviewed or reconciled straight away?
Cashier should reconcile credit card vouchers to monthly statement received from card company
27
Risk for no monitoring of student loan deductions
Risk of overpayments being made, leading to employee dissatisfaction
28
Control recommendation for no monitoring of student loan deductions
Payroll department should maintain a schedule of payments made to 3rd parties such as the central government
29
Risk for variances not analysed between budgeted wages and salaries
Management needs to understand why variances have arisen
30
Control recommendation for variances not analysed between budgeted wages and salaries
Monthly management accounts should be amended to include an analysis of wages and salaries compared to budgeted costs
31
Risk for no inter-branch transfers between stores?
Customers are less likely to contact individual stores themselves and company losing valuable sales
32
Control recommendation for no inter-branch transfers between stores?
Inter-branch sustem shjould be established between stores, with inter-branch inventory forms being completed for store transfers
33
Risk for no GRNs not being processed regularly?
Result in delays for supplies being paid as purchase invoices can't be agreed to a GRN
34
Control recommendation for no GRNs not being processed regularly?
Copy of GRNs should be sent to accounts department on a more regular basis
35
Risk for GRNs only being sent to accounts department
Significant level of unfilled orders leading to a loss of sales and stock-outs
36
Control recommendation for GRNs only being sent to accounts department
GRN should be created in three parts
37
Risk of when supplier statement reconciliaitons can't be performed?
Result in errors in recording of purchases and payables not being identified in a timely manner
38
Control recommendation of when supplier statement reconciliaitons can't be performed?
Supplier reconciliations should be performed on a monthly basis and should be reviewed by a responsible official
39
Risk of when high value inventory is stored in warehouses via a four digit access ?
Considerable number of individuals are aware of codes. Increases risk of fraud
40
Control recommendation of when high value inventory is stored in warehouses via a four digit access ?
Access code should be changed and only a few employees should be aware of it
41
Risk of when invoices are authorised by finance director but only paid 75 days after receipt of invoice?
Risk that company is missing out on early settlement discounts
42
Control recommendation of when invoices are authorised by finance director but only paid 75 days after receipt of invoice?
Policy of making payment after 75 days should be reviewed
43
Risk of when employees can serve friends/family
Could give goods away for free or grant unauthorised discounts
44
Control recommendation of when employees can serve friends/family
CCTV cameras should be placed in shops to act as a fraud deterrent
45
Risk of when if store needs changing, a junior sales cerk is sent to bank by a till operator to change it into smaller denominations?
Risk of cash being misplaced or stolen on the way to the bank
46
Control recommendation if store needs changing, a junior sales cerk is sent to bank by a till operator to change it into smaller denominations?
If further smaller denomination notes are required, store manager should authorise member of staff to obtain cash from bank and fully record movements in and out
47
Risk of when overtime reports are authorised atter payment has been made
This could result in unauthorised overtime or amounts being paid incorrectly
48
Control recommendation of when overtime reports are authorised atter payment has been made
All overtime should be authorised by a responsible official prior to payment being processed by payroll department
49
Risk of when bonus is input by clerk with no additional review
Could result in errors or fraudulent entries, leading to increased payroll costs
50
Control recommendation of when bonus is input by clerk with no additional review
All entries should be double checked against written confirmation from director by another member of team to ensure any bonuses are correct
51
Risk of when internal audit teams are undertaking performing counts?
Internal audit should review controls and perform sample test counts. Not doing the actual count
52
Control recommendation of when internal audit teams are undertaking performing counts?
Internal audit counters should sample check counting undertaken by counting teams to provide control over completeness and count
53
Risk of when additional sheets not sequentially numbered
Supervisor can't ensure completeness of all inventory sheets, resulting in understatement of inventory
54
Control recommenadtion of when additional sheets not sequentially numbered
Team should enter on a blank sheet that is sequentially numbered, any unused sheet should be returned at end of the count
55
Risk of when inventory sheets not signed?
Difficulty to contact counting team if no signatures
56
Control recommendation of when inventory sheets not signed?
Inventory sheets should be signed by relevant team upon completion of an aisle
57
Risk of when third party inventory included in count?
Results in inventory being overstated if these are not removed from inventory count sheets
58
Control recommendation of when third party inventory included in count?
Inventories belonging to third parties should be moved to one location
59
Risk of when assets recorded in the non-current asset register have not been physically verified for some time
There is an increased risk of loss, theft or misplacement as there is no check that the assets still exist in their correct location.
60
Control recommendation for when assets recorded in the non-current asset register have not been physically verified for some time
Additional resources should be devoted to completing the physical verification of all assets within the register. Any assets that cannot be located should be written off.
61
Risk of when the (HR) department has been busy; therefore, the payroll department has set up new joiners to the company?
This is a lack of segregation of duties, as employees are able to set up new joiners in the payroll system and process their pay, this increases the risk of fictitious (“ghost”) or duplicate employees
62
Control recommendation of when the (HR) department has been busy; therefore, the payroll department has set up new joiners to the company?
All new joiners set up by payroll should be reviewed and agreed against employee files to confirm that they are bona fide.
63
Risk of when the bank reconciliations are only reviewed by the financial controller if the sum of reconciling items is significant; therefore, some are not reviewed?
The bank reconciliations could contain significant errors, but a low overall amount of reconciling items, as there could be compensating errors which cancel each other out
64
Control recommendation when the bank reconciliations are only reviewed by the financial controller if the sum of reconciling items is significant; therefore, some are not reviewed?
The bank reconciliations should be reviewed by the financial controller monthly, even if the reconciling items are not significant, and this review evidenced by a signature on the bank reconciliation.
65
Risk of when invoices are authorised by the finance director, but paid only 75 days after receipt of the invoice?
There is the risk that Equestrian Co is missing out on early settlement discounts.
66
Control recommendation for when invoices are authorised by the finance director, but paid only 75 days after receipt of the invoice?
The policy of making payment after 75 days should be reviewed. Earlier payment should be considered if settlement discounts are sufficient.
67
Risk of when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?
This could result in purchases that are not required by the business.
68
Control recommendation for when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?
All purchase orders should be authorised by a responsible official using a digital signature, regardless of value
69
Tests of control for when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?
Select a sample of purchase orders and confirm that each one has the appropriate digital signature from the authorised signatories matrix.
70
Risk of when Goods received notes (GRNs) are sent to the accounts department every two weeks?
This will delay processing of invoices (understanding liabilities) and payments to suppliers as the purchase invoices cannot be agreed to a GRN
71
Control recommendation for when Goods received notes (GRNs) are sent to the accounts department every two weeks?
A copy of the GRNs should be sent to the accounts department more often, perhaps daily.
72
Tests of control for when Goods received notes (GRNs) are sent to the accounts department every two weeks?
Enquire of the accounts clerk how frequently GRNs are received, to assess if they are sent promptly
73
Risk of when GRNs are only sent to the accounts department and not to purchasing department?
Failing to send a copy to the purchasing department means that it is not possible to monitor the level of unfulfilled orders
74
Control recommendation for when GRNs are only sent to the accounts department?
Either the purchasing department should also receive copies of GRNs via email
75
Tests of control for when GRNs are only sent to the accounts department?
Review access logs and permissions within the purchasing module to verify that both the purchasing and accounts departments can access GRNs
76
Risk of when supplier statement reconciliations are no longer performed?
Errors in the recording of purchases and payables may not be identified in a timely manner
77
Control recommendation for when supplier statement reconciliations are no longer performed?
Supplier statement reconciliations should be performed monthly for all suppliers and reviewed by a responsible official
78
Tests of controls for when supplier statement reconciliations are no longer performed?
Re-perform a sample of the reconciliations to confirm that they have been carried out appropriately.
79
RIsk for monthly management accounts do not analyse the variances between actual and budgeted wages and salaries; this is because there are no overtime costs.
These could arise due to the recruitment of extra employees which was not budgeted or an increase in wage pay out rates
80
Tests of control for monthly management accounts do not analyse the variances between actual and budgeted wages and salaries; this is because there are no overtime costs.
Monthly management accounts should be amended to include an analysis of wages and salaries compared to the budgeted costs
81
Risk of each restaurant maintains a petty cash float of $400; at any point in time the receipts and funds present should equal the float?
This could be due to sundry purchases without a relevant receipt or voucher. There is also a possibility that the cash is spent on non-business related items or stolen.
82
Control recommendation of each restaurant maintains a petty cash float of $400; at any point in time the receipts and funds present should equal the float?
A petty cash log should be maintained so the purchase of sundry items is recorded in the log along with the sum borrowed, date and employee.
83
Risk of the reconciliations of the tills to the daily sales readings are performed in total for all five tills at each venue rather than for each till?
It will be difficult to identify which till caused the difference and, therefore, which employees may require further till training or may have acted fraudulently
84
Control recommendation of the reconciliations of the tills to the daily sales readings are performed in total for all five tills at each venue rather than for each till?
Reconciliations should be prepared on a till-by-till basis rather than in aggregate and any discrepancies noted should be investigated immediately
85
Risk of daily sales sheets are scanned and emailed to head office on a weekly basis
A possibility that some sales sheets could be misplaced by the restaurant manager
86
Control recommendation of daily sales sheets are scanned and emailed to head office on a weekly basis
Daily sales sheets for each venue should be sequentially numbered and remitted to head office daily
87
Risk of cashier is responsible for several elements of the cash receipts system
There is a lack of segregation of duties and errors may not be identified on a timely basis.
88
Control recommendation of cashier is responsible for several elements of the cash receipts system
These key roles should be split between different members of the finance team
89
Risk of cashier is not checking credit card payments have resulted in cash receipts by Camomile Co
Risk that receipts of cash by credit card may have been omitted
90
Control recommendation for not checking credit card payments have resulted in cash receipts by Camomile Co
The cashier should reconcile the credit card vouchers per restaurant to the monthly statement received from the card company
91
Risk of company values inventories using standard costs, which are not kept up-to-date
If standard costs were reviewed 18 months ago, there is the risk that costs are misstated as changes in raw materials and wages inflation may not have been adjusted for
92
Control recommendation of company values inventories using standard costs, which are not kept up-to-date
A senior manager in the production department should review all currently used standard costs
93
Tests of control of company values inventories using standard costs, which are not kept up-to-date
Obtain a copy of the standard costs used for valuation of inventories, determine when the last review was and inspect for evidence of review by the production director
94
Risk of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?
These reports are reviewed sometime after the payments have been made which could result in unauthorised overtime
95
Control recommendation of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?
All overtime should be authorised by a responsible official before the payment is processed by the payroll department
96
Tests of control of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?
Review the overtime report for evidence of authorisation and note the date to confirm that this was before the payment of the overtime
97
Risk of when discounts given to customers who purchased goods during the 15% off weekend are entered separately on the sales invoices by sales clerks?
This could result in giving unauthorised sales discounts as there does not seem to be any authorisation required
98
Control recommendation of when discounts given to customers who purchased goods during the 15% off weekend are entered separately on the sales invoices by sales clerks?
During the period of any special offers (e.g. the 15% off weekend), the authorised sales prices file should be updated by a responsible official
99
Risk of when client services managers are given responsibility to chase customers directly for payment once an invoice is outstanding for 90 days?
Client services managers are more likely to focus on customer relationships and generating further revenues rather than chasing payments
100
Control recommendation of when client services managers are given responsibility to chase customers directly for payment once an invoice is outstanding for 90 days?
A credit controller should be appointed, and it should be their role, rather than the client services managers, to chase any outstanding sales invoices which are more than 30 days old
101
Control deficiency when employees can serve friends or family?
Significant fraud risk employees could fail to put goods through till but retain cash paid by family members
102
Control recommendation when employees can serve friends or family?
CCTV cameras placed in shops to record daily till transactions. Acting as deterrent to employees
103
Control deficiency when junior sales clerk sent to bank
There is a risk of the cash being misplaced or stolen on the way to the bank or collusion between the junior clerk and till operator as no record appears to be kept of the money removed from the till in these instances and no confirmation of how much cash is returned is carried out
104
Control recommendation when junior sales clerk sent to bank
Caterpillar’s head office should stipulate a float amount per till and how the note denominations should be comprised. When assigning the cash float in the morning, the store manager should ensure that this policy is adhered to.
105
Control deficiency for warehouse manager supervises the count?
The warehouse manager is familiar with the inventory, but has overall responsibility for the inventory and so is not independent.
106
Control recommendation for warehouse manager supervises the count?
An alternative supervisor who is not normally involved with the inventory, such as an internal audit manager, should supervise the inventory count.
107
Control deficiency of IA teams performing counts
Internal audit should review the controls and perform sample test counts to confirm the count is being performed accurately and effectively.
108
Control recommendation for IA teams performing counts
The internal audit counters should sample check the counting undertaken by the ten teams to provide an extra control over the completeness and accuracy of the count.
109
Control deficiency of counted areas not flagged?
Some areas of warehouse could be double counted or missed out
110
Control recommendation of counted areas not flagged?
All aisles should be flagged as completed, once the inventory has been counted
111
Control deficiency for additional sheets not sequentially numbered
The supervisor will be unable to ensure the completeness of all inventory sheets
112
Control recommendation for additional sheets not sequentially numbered
This blank sheet should be sequentially numbered, any unused sheets should be returned at the end of the count, and the supervisor should check the sequence of all sheets at the end of the count.
113
Control deficiency for inventory sheets not signed
If any issues arise with the counting in an aisle, it will be difficult to follow up as the identity of the counting team will not be known
114
Control recommendation for inventory sheets not signed
All inventory sheets should be signed by the relevant team upon completion of an aisle. When the sheets are returned, the supervisor should check that they have been signed
115
Control deficiency inventory movements during the count
Goods may be missed or double counted due to movements in the warehouse
116
Control recommendation for inventory movements during the count
The goods which are manufactured on 31 December should be stored to one side, and at the end of the count should be counted once and included within finished goods
117
Control deficiency for third party inventory included in count
There does not appear to be a method for counters to identify which items are third party inventory. There is a risk that these goods may not be correctly removed from the inventory count sheets, resulting in inventory being overstated.
118
Control recommendation for third party inventory included in count
All inventories belonging to third parties should be moved to one location. This area should be clearly marked and excluded from the counting process.
119
Control deficiency website and inventory system not integrated
This can result in Pear accepting customer orders when the goods are not available. This can cause them to lose sales and customer goodwill.
120
Control recommendation website and inventory system not integrated
The website should be updated to include an interface into the inventory system; this should check inventory levels and only process orders
121
Control deficiency for customer signatures not obtained
Customers may falsely claim that they have not received their goods. Pear would not be able to prove that the goods had in fact been delivered and may result in goods being sent out twice
122
Control recommendation for customer signatures not obtained
Pear should remind all local couriers that customer signatures must be obtained as proof of delivery and payment will not be made for any despatches with missing signatures
123
Control deficiency for unfulfilled sales orders
This can lead to a loss of customer goodwill and if it persists will damage the reputation of Pear as a reliable supplier
124
Control recommendation for unfulfilled sales orders
Once goods are despatched they should be matched to sales orders and flagged as fulfilled.
125
Control deficiency for sales discounts set by sales team
In order to boost their sales, members of the sales team may set the discounts too high. This will lead to a loss of revenue and profit for the company.
126
Control recommendation for sales discounts set by sales team
Regular review of sales discount levels should be undertaken by the sales director, and this review should be evidenced.
127
Control deficiency for authorisation of purchase requisitions?
Production supervisors are not sufficiently independent or senior to authorise asset expenditure.
128
Control recommendation for authorisation of purchase requisitions?
Asset expenditure authorisation levels to be established. Production supervisors should only be able to authorise low value items, any high value items should be authorised by the board.
