Read Also Component of Accounting and Internal Control System
QUESTIONS
- What is the difference between internal audit and external audit?
- List the five elements of internal control.
- What are the factors that are responsible to the growth of the internal audit function?
- list the approaches used to record the internal control system by the auditor.
- Differentiate control environment from control procedures
ANSWERS
- Differences between external audit and internal audit.
- Scope of work: For an internal auditor the scope is determined by management whereas for an external auditor it is laid down by statutes and professional requirements of the institute (iCpaK).
- approach: an internal auditor may have many aims in his work including an appraisal of the efficiency of the internal control system and management information system. The external auditor is primarily concerned with the truth and fairness of accounts.
- responsibility: The internal auditor is answerable only to management. The external auditor is responsible to shareholder and the public at large.
- Internal control has five elements:
- The control environment
- The entity’s risk assessment process.
- The information system.
- Control activities.
- monitoring of Controls.
- i. increase in size of business. Dynamic business iii. legislation and regulatory requirements iv. Competitionv. Evolution of iT
- Flow charts
- narrative descriptions
Accounting and Internal Control Systems QUESTIONS
Section B
QUESTiON ONE
list down internal control procedures for raw material purchasing system of a large manufacturing firm
QUESTiON TWO
rhapsody Co supplies a wide range of garden and agricultural products to trade and domestic customers. The company has 11 divisions, with each division specializing in the sale of specific products, for example, seeds, garden furniture, and agricultural fertilizers. The company has an internal audit department which provides audit reports to the audit committee on each division on a rotational basis.
products in the seed division are offered for sale to domestic customers via an internet site. Customers review the product list on the internet and place orders for packets of seeds using specific product codes, along with their credit card details, onto Rhapsody Co’s secure server. order quantities are normally between one and three packets for each type of seed. order details are transferred manually onto the company’s internal inventory control and sales system, and a two part packing list is printed in the seed warehouse. Each order and packing list is given a random alphabetical code based on the name of the employee inputting the order, the date, and the products being ordered.
In the seed warehouse, the packets of seeds for each order are taken from specific bins and dispatched to the customer with one copy of the packing list. The second copy of the packing list is sent to the accounts department where the inventory and sales computer is updated to show that the order has been dispatched. The customer’s credit card is then charged by the inventory control and sales computer. bad debts in rhapsody are currently 3% of total sales.
Finally, the computer system checks that for each charge made to a customer’s credit card account, the order details are on file to prove that the charge was made correctly. The order file is marked as completed confirming that the order has been dispatched and payment obtained.
Required:
a) in respect of sales in the seeds division of rhapsody Co, prepare a report to be sent to the audit committee of rhapsody Co which:
- Identifies and explains four weaknesses in that sales system.
- Explains the possible effect of each weakness.
- provides a recommendation to alleviate each weakness.
(b) Explain the advantages to rhapsody Co of having an audit committee.
QUESTION THREE
iSa 400 (risk assessments and internal Control) deals with internal control objectives and internal controls. iSa 500 (audit Evidence) deals with audit objectives and audit procedures. a proper understanding of internal controls is essential to auditors in order that they understand the business and are able to effectively plan and execute tests of controls and an appropriate level of substantive procedures.
You are the auditor of a small manufacturing company, Dinko, that pays its staff in cash and by bank transfer and maintains its payroll on a small stand-alone computer.
Required:
- For the payroll department at Dinko, describe the:
- internal control objectives that should be in place.
- internal control environment and internal control procedures that should be in place to achieve the internal control objectives.
- For the payroll charges and payroll balances (including cash) in the financial statements of Dinko:
- Describe the external auditor audit objectives.
- list the tests of control and substantive procedures that will be applied in order to achieve the audit objectives identified in (b) (i) above.
QUESTION FOUR
ajio is a charity whose constitution requires that it raises funds for educational projects. These projects seek to educate children and support teachers in certain countries. Charities in the country from which ajio operates have recently become subject to new audit and accounting regulations. Charity income consists of cash collections at fund raising events, telephone appeals, and bequests (money left to the charity by deceased persons). The charity is small and the trustees do not consider that the charity can afford to employ a qualified accountant. The charity employs a part-time bookkeeper and relies on volunteers for fund raising. Your firm has been appointed as accountants and auditors to this charity because of the new regulations. accounts have been prepared (but not audited) in the past by a volunteer who is a recently retired Chartered Certified Accountant.
Required:
- Describe the risks associated with the audit of ajio under the headings inherent risk, control risk and detection risk and explain the implications of these risks for overall audit risk.
- list and explain the audit tests to be performed on income and expenditure from fund raising events.
QUESTION FIVE
You are the audit manager for parker, a limited liability company which sells books, CDs, DvDs and similar items via two divisions: mail order and on-line ordering on the internet. parker is a new audit client. You are commencing the planning of the audit for the year-ended 31 may 2005. an initial meeting with the directors has provided the information below.
The company’s turnover is in excess of Kshs85 million with net profits of Kshs4 million. All profits are currently earned in the mail order division, although the internet division is expected to return a small net profit next year. Turnover is growing at the rate of 20% p.a. Net profit has remained almost the same for the last four years. in the next year, the directors plan to expand the range of goods sold through the internet division to include toys, garden furniture and fashion clothes. The directors believe that when one product has been sold on the internet, then any other product can be as well.
The accounting system to record sales by the mail order division is relatively old. it relies on extensive manual input to transfer orders received in the post onto parker’s computer systems. recently errors have been known to occur, in the input of orders, and in the invoicing of goods following dispatch. The directors maintain that the accounting system produces materially correct figures and they cannot waste time in identifying relatively minor errors. The company accountant, who is not qualified and was appointed because he is a personal friend of the directors, agrees with this view, The directors estimate that their expansion plans will require a bank loan of approximately Kshs30 million, partly to finance the enhanced web site but also to provide working capital to increase inventory levels. a meeting with the bank has been scheduled for three months after the year end. The directors expect an unmodified auditor’s report to be signed prior to this time.
Required: identify and describe the matters that give rise to audit risks associated with parker .
Accounting and Internal Control Systems Answers Section B
QUESTION ONE
Internal control procedures for purchasing system
- The company should have clear division of duties between the various departments i.e. the manufacturing department, stores department and factory department.
- A responsible official should be charged with the duty of overseeing purchase of raw materials in the company and should report to the managing director or other appropriate senior level of management.
- The company should establish the re-order levels for purchase of all materials used in production. When the re-order level is reached a purchase requisition should be raised and must be authorized by the factory managers. This should then be sent to the purchasing department.
- Upon receipt of the purchase requisition, it should be checked to confirm that the transaction is authorized. Another person should prepare a purchase order and submit this together with the purchase requisition for the authorization by purchasing manager.
- Upon delivery an official from stores department must inspect the goods for quality and quantity. all units received should be recorded in a suitable documentation e.g. a goods received note (Grn) which store’s staff and supplier’s staff should counter sign.
- The goods received note and the suppliers invoice should be taken to the accounts department where an independent person should post the entries to the purchases ledger.
- Before payments are made to the suppliers, supplier’s statement should be reconciled to the ledger balance.
QUESTION TWO
Report to audit committee inventory control and Sales System
Seed division
| Weakness | potential effect of weakness | recommendation |
| recording of orders. orders placed on the internet site are transferred manually to the inventory and sales system. manual transfer of order details may result in information being transferred incompletely or incorrectly. E.g. order quantities may be incorrect or the wrong product code recorded. | Customers will be sent incorrect goods resulting in increased customer complaints. | The computer systems should be amended so that order details are transferred directly between the two systems. This will remove manual transfer of details limiting the possibility of human error. |
| Control over orders and packing lists. Each order/packing list is given a random alphabetical code. While this is useful, using this type of code makes it difficult to check completeness of orders at any stage in the dispatch and invoicing process. | packing lists can be lost resulting either in goods not being dispatched to the customer or the customer’s credit card not being charged. | orders/packing lists are controlled with a numeric sequence. at end of each day, gaps in the sequence of packing lists are investigated. |
| obtaining payment The customer’s credit card is charged after dispatch of goods to the customer, meaning that goods are already sent to the customer before payment is authorized. | rhapsody Co will not be paid for the goods dispatched where the credit card company rejects the payment request. Given that customers are unlikely to return seeds, rhapsody will automatically incur bad debts. | authorization to charge the customer’s credit card is obtained prior to dispatch of goods to ensure rhapsody Co is paid for all goods dispatched. |
| Completeness of orders. The computer system correctly ensures that order details are available for all charges to customer credit cards. however, there is no overall check that all orders recorded on the inventory and sales system have actually been invoiced. | Entire orders may be overlooked and consequently sales and profit understated. | The computer is programmed to review the order file and orders where there is no corresponding invoice for an order; these should be flagged for subsequent investigation. |
The internal audit of the inventory and sales system identified the following weaknesses:
Summary
We look forward to arranging a meeting to discuss these weaknesses with you in more detail.
(b) advantages of having an audit committee to rhapsody include:
it provides the internal audit department with an independent reporting mechanism compared to reporting to the directors who may wish to hide or amend unfavorable internal audit reports.
The audit committee will assist the internal auditor by ensuring that recommendations in internal audit reports are actioned.
Shareholder and public confidence in published financial information is enhanced because it has been reviewed by an independent committee.
The committee helps the directors fulfill any obligations under corporate governance to implement and maintain an appropriate system of internal control within rhapsody.
The committee should assist in providing better communication between the directors, external auditors and management by arranging meetings with the external auditor.
Strengthens the independence of rhapsody’s external auditor by providing a clear reporting structure and separate appointment mechanism from the board of rhapsody.
QUESTION THREE
(a) (i) internal control objectives
- Control objectives include policies and procedures designed by management to:
- Achieve the orderly and efficient running of the business including adherence to internal policies – this would include the regular, accurate processing and recording of payroll payments.
- Safeguard assets – this would include the physical safeguarding of cash and safeguarding money held in bank accounts by means of other controls.
- Prevent and detect fraud and error – fraud and error would include incorrect payments or deductions from the payroll and payments of incorrect amounts for tax and social insurance, payments for work not performed and payments to dummy employees, for example.
- Achieve accuracy and completeness of the accounting records and timely preparation of reliable financial information; this would include making correct payments and deductions from the payroll, correct payments for tax and social insurance, and making payments for work performed only (not to dummy employees, for example), in order that quarterly or half-yearly accounts can be prepared (possibly), but in any case in order that annual accounts can be prepared within the time limits for small companies. (ii) internal control environment and control procedures The control environment relates to:
Management’s overall style in encouraging awareness of the need for good controls, for example.
The existence of organizational controls such as review of the payroll by an independent person such as the managing director, and the rotation of payroll duties amongst staff responsible for processing it – this helps achieve all of the objectives set out above.
Segregation of duties and supervisory controls to avoid the misappropriation of cash (or allegations thereof) and to avoid fraudulent collusion to create, for example, dummy employees or to make inflated payments – this prevents the loss of assets and/or inaccurate records.
Accounting and Internal Control Systems Answers Section B
internal control procedures include:
- Limiting direct physical access to the cash, such as the use of a security firm to deliver cash, locking doors to areas where cash is held, keeping cash in a fire-proof safe and the protection of the computer by password controls – this will help safeguard assets and ensure the completeness and accuracy of the records and financial statements.
- Controls over computerized applications, checking the arithmetical accuracy of documents and the maintenance of control accounts – this can be achieved by, for example, the use of timesheets or clock cards, the use of reliable software with programmed controls for the calculation of deductions, and the use of batch and hash totals for information that is input into the computer system – this helps achieve the orderly and efficient running of the business and the accuracy and completeness of records and financial statements.
| objectives | Tests of control and substantive procedures |
| Existence: of assets and liabilities such as cash on hand and in the bank, and of the liability to pay staff and the associated tax and social insurance liabilities. | Testing controls over the security of cash to ensure that they are operating effectively throughout the relevant period. performing cash counts, with reconciliations to the records and observing cash payments to staff, ensuring that appropriate signatures are obtained and that unclaimed cash is immediately re-banked. |
| occurrence: payroll transactions occurred during the relevant accounting period. | performing cut off tests to ensure that payroll costs incurred during the period have been recorded during the period by examining entries in the payroll just before and after the period end and checking back to source documents, such as time sheets and clock cards. |
| Completeness: there are no unrecorded assets or liabilities such as those noted under ‘existence’ above or undisclosed items such as payroll liabilities. | performing starters and leavers tests to ensure that staff are not paid before they join the company or after they leave. This involves checking the payroll for two separate periods and examining entries relating to starters and leavers in the intervening period. manually checking the accuracy of payroll calculations to ensure that correct payments and deductions are being made in accordance with approved pay rates and approved deduction rates. reviewing evidence of authorization controls to ensure that the payroll has already been checked. |
| measurement: transactions such as payroll payments are recorded at the correct amounts and are recorded in the correct period. | as fro completeness, above, and checking to ensure that the payroll has been properly authorized and reviewed. Checking entries relating to hours or time worked in the payroll to source documentation. |
| presentation and disclosure: an item is disclosed in accordance with accounting standards and legislation. | Reviewing the financial statements with the aid of disclosure check list to ensure that disclosure requirements have been met. reviewing the overall presentation of payroll transactions and balances. |
- approval and control of documents, such as the authorization of the payroll itself, and authorization for the bank to make transfers and to deliver cash. (b) audit objectives, tests of control and substantive procedures objectives Tests of control and substantive procedures.
QUESTION FOUR
(a) Risks and implications for audit risk inherent and control risks
Charities can be viewed as inherently risky because they are often managed by non professionals and are susceptible to fraud, although many charities and the volunteers that run them are people of the highest integrity who take a great deal of care over their work. The assessment of this aspect of inherent risk depends on each individual charity and the areas in which it operates.
Charities are also at risk of being in violation of their constitutions which is important where funds are raised from public or private donors who may well object strongly if funds are not applied in the manner expected. Other charities and regulatory bodies supervising charities may also object. again, the auditors will assess the level of risk. The involvement of a recently retired Chartered Certified Accountant in the preparation of accounts in the past may lower the auditor’s assessed inherent risk to an extent.
Most small charities have a high level of control risk because formal internal controls are expensive and are not often in place. This means that donations are susceptible to misappropriation. Charities rely on the trustworthiness of volunteers. The auditors will assess the level of risk.
Detection risk
Detection risk comprises sampling risk and non-sampling risk. it is possible in this case that all transactions will be tested and therefore sampling risk (the risk that samples are unrepresentative of the populations from which they are drawn) is not present.
non-sampling risk is the risk that auditors will draw incorrect conclusions because, for example, mistakes are made, or errors of judgment are made in interpreting results, or because the auditors are unfamiliar with the client, as is the case here.
Audit risk audit risk is the product of inherent risk, control risk and detection risk and is the risk that the auditors will issue an inappropriate audit opinion. This risk can be managed by decreasing detection risk by altering the nature, timing and extent of audit procedures applied. Where inherent risk is high and controls are weak (as may be the case here) more audit work will be performed in appropriate areas in order to reduce audit risk to an acceptable level.
(b) audit tests– fund raising events attend fund raising events and observe the procedures employed in collecting, counting, banking and recording the cash.
This will help provide audit evidence that funds have not been misappropriated and that all income from such events has been recorded. Sealed boxes or tins that are opened in the presence of two volunteers are often used for these purposes.
perform cash counts at the events to provide evidence that cash has been counted correctly and that there is no collusion between volunteers to misappropriate funds.
Examine bank paying in slips, bank statements and bank reconciliations and ensure that these agree with records made at events. This also provides evidence as to the completeness of income.
Examine the records of expenditure for fund raising events (hire of equipment, entertainers, purchase of refreshments. etc.) and ensure that these have been properly authorized (where appropriate) and that receipts have been obtained for all expenditure. This provides evidence as to the completeness and accuracy of expenditure. Review the income and expenditure of fund raising events against any budgets that have been prepared and investigate any significant discrepancies.
Ensure that all necessary licences (such as public entertainment licences) have been obtained by the trustees for such events in order to ensure that no action is likely to be taken against the charity or volunteers.
obtain representations from the trustees to the effect that there are no outstanding unrecorded liabilities for such events– again for completeness of expenditure and liabilities.
QUESTION FIVE
Audit risks over-trading
The turnover of Parker is growing quite rapidly, although this growth is not matched in net profits. The company has been expanding into the internet, and plans to introduce other product lines for sale in this division. There is the risk that the business will exhaust any cash reserves as it continues to expand but does not generate sufficient additional cash to pay for that expansion. in this situation suppliers may go unpaid and at the extreme the business will be forced into liquidation. Therefore the financial statements may not adequately disclose doubts about going concern.
Internet trading
The decision to expand the internet business may cause other problems for parker. Selling of books and CDs appear to be related as they are both forms of entertainment and the customer knows what the product is like. Selling toys may fall into a similar category, but garden furniture and clothes are different. Garden furniture is bulky and will certainly cost more to deliver while clothes are sold more on taste and a high level of returns can be expected. Specific risks with this decision therefore relate to:
The overall ability of management to run the business given their apparent lack of knowledge of internet trading.
The need to setup and manage systems for the sales of many new products.
The need to allow for a much larger volume of returns.
The possibility of inventory obsolescence if parker overstocks on clothes which go ‘out of fashion’.
Control environment.
The whole environment in which the control systems should be operating appears weak. There are errors in the systems, the extent of which is not known, and the directors and the accountant do not appear to be inclined to attempt to remedy the situation. The skills of the accountant may also be questioned because he appears to have been appointed not on merit, but from some personal relationship with the directors. other errors may also have occurred which have not been detected. The risk is that the financial statements may have material errors in them.
bank loan
The directors require additional finance to expand the business. To provide this finance it is likely that the bank will require sight of the audited financial statements; the directors of Parker expect the audit to be completed prior to meeting the bank. The auditor may need to write to the bank to disclaim reliance on the audit report for the purposes of making a bank loan. There is a risk to the audit firm of being sued if the bank relies on the report and sustains financial loss.
There is also a risk to parker that the loan is not obtained and the company goes into liquidation. The financial statements may need to be prepared on a breakup basis.
First year of audit
The audit is also risky for the audit firm because it is the first year of an audit and the client has expectations about the type of auditor’s report to be produced. The accounting systems also appear to be unreliable, again increasing the risk of material error. The audit firm must ensure that sufficient time and resources are allocated to the audit to ensure that the audit opinion can be supported. pressure from the directors to complete the audit quickly will have to be resisted.
