INTERNAL CONTROL SYSTEM

[ Past Year Question / Kaplan / BPP ]

DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

SALES SYSTEM
1) Credit limits preset / set by clerk 1) 1 CL should be set by SRO 1) 1 Review the sample of new customers that
performed by clerk
E: Out of date / Clerks not competent 2 CL should be reviewed and updated
enough to set credit limits (/amended) on regular basis by SRO (FD/SD) 2 Review the authorisation performed by SRO
Imp: CL set too high, poor credit risks / 3 CL regularly updated based on level of 3 Inquire the clerk who can set the CL
risk of bad debts transactions
Imp: CL set too low, loss of revenue
2) 1 Enquire the clerk to the frequency of GRNS are
1) 1 CL should be set by senior member received
2) GDNs / GRNs are sent to finance on a 2 Review by SRO and evidence with signature 2 undertake a sequence check of GRNs to discuss
weekly basis / failure to sent any missing orders
E: Finance not promptly receive (_) which
2) 1 Print four-copy of GDNs and send to each
goods being dispatched but being
department 2) 1 Review the file of copy GRNs held by clerk
invoiced late
2 (_) should undertake a sequence check of 2 Review for evidence that GRNs have been
E: Invoices could not agree to (_) /
the GDNs matched to POs and flagged as complete
Increase UFOs
2 Match the GDNs to SOs to ensure accuracy 3 Review the file of UFPOs for any overdue items
Imp: Revenue cut-off issues / Loss
revenue / Receivables understated 3 Raise invoice in a timely manner after 4 Discuss with manager the current status
confirming the details of order
Imp: Liabilities understated / Loss of early
settlement discount 4 Review for all UFOs
4) 1 Attempt to process order in the website by using
test data which are not currently held in inventory
3) Credit controller is currently on leave 3) 1 Alternative member of the finance department 2 If order excess the inventory level, flag as being
and no one has taken over her duties should be trained in the credit control role (/ out of stock and indicate an approximate waiting time
temporary credit controller recruited)
E: No one has been responsible for
monitoring and chasing ageing 2 Assigned the responsibility for reviewing the
receivables 5) 1 Discuss with members the process for setting
aged receivable listing and following up on any
the sales discount
overdue customers
Imp: Increased risk of irrecoverable
receivables / lead to customers not paying 2 Review and report the sales discount for
their outstanding balances on time / evidence of signature by FD
leading to reduced cash flows 4) 1 Update the website to include an interface
into the inventory system
6) 1 Request the clerk to attempt to access the ,aster
2 Check inventory levels and only process
4) Website is not integrated into inventory file or make changes on it, which the system should
orders if adequate inventory is held
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

PURCHASE SYSTEM
1) Access to the master file data for 1) 1 The monthly exception report of changes to 10) 1 Select a sample of PO to review for evidence of
suppliers is available to all those in the master file data should be reviewed by SRO + authorisation
purchasing department and not reviewed evidence this review
2 Agree to appropriate signature on the approved
E: Amend data and potentially, add new 2 Any unauthorised or unexpected signatories list
suppliers to the payables ledger system
changes should be investigated and appropriate
as it is unlikely that this would be identified
action taken
11) 1 Review the payment list for evidence of review
Imp: Increase risk of fraud as clerks could
3 The ability to make amendments to master file by FD
add fictitious suppliers and then place
data should be restricted to those required +
fraudulent orders without detection. 2 Inquire staff which supporting documents have
authorised the changes
requested by FD to review

2) PIs are not agreed to the relevant

2) 1 All PIs should be matched to both the PO and
GRNs prior to authorisation and input 12) 1 Utilise test data procedures to assess whether
the related GRN.
data can be entered without the use of batch control
E: Invoices being paid for goods which
2 The details should be agreed prior to the total and confirm sequence check undertaken
were not received
invoice being authorised + logged in the
2 Observe the inputting invoices process and
Imp: Increased costs
payables ledger. identify what application control are utilised by clerk

3) No authorisation for requisition forms /

3) 1 Requisition forms should be authorised by
Orders placed without checking inventory
senior level prior sending it off
level
2 Next departments should not process any
E: Goods being ordered which are not
unauthorised requisition forms
required
3 Inventory system should be updated to record
Imp: Increase risk of fraudulent purchases
min / max required level of inventory
/ Unnecessary cash outflows / Increase
cost of sales 4 Clerk should check the current level of
inventory on the system and only order if quantity
 is within the set parameters
4) No monitoring inventory levels
E: Experience stock-outs of inventory 4) CLIENT should set minimum authorised reorder
levels for inventory items
Imp: Unable to meet customer order

5) 1 Supplier list should be reviewed as necessary

5) No update for supplier list
by SRO
E: Supplier may not be deal with the price,
2 Update regularly on annual basis
quality and time deliveries
Imp: Increase costs for raw materials /
Receive poorer quality goods 6) 1 Send a copy of PO to warehouse and check
to the goods when received
2 Send a copy of PO to purchase order and log
6) Goods received without any checks
as completed
against POs
3 Review the order file for any outstanding
E: Not match to POs / Have a significant
items
POs which are outstanding
Imp: Receive and pay for goods that not
order / Loss of sales 7) 1 Clerk should record the PIs in the ledger on
daily basis
2 If not practical, PIs should be sequentially
7) PIs manually filed and updated on
number and file
(longer) basis / PIs not sequentially in
number 3 Confirm that there are no breaks in the
sequence
E: Risk of misplacing and not enter
correctly 4 Run a sequence check of unrecorded invoices
Imp: Payables understated / Late
payments to suppliers
8) Match PIs to related GRNs and agree the
details prior to log in purchase ledger
8) PIs not agreed to GRNs
E: PIs being paid for goods which not 9) 1 Review the policy of making payment
received
2 Consider should be given to early payments if
Imp: Increase cost of sales settlement discounts are sufficient
3 If not, pay invoices in accordance with
supplier’s payment terms
9) Invoices have authorised but made
payments after several months
E: Miss out any early settlement discounts 10) 1 POs should be authorised and reviewed by
/ Late payment to suppliers SRO
Imp: Increase cost of sales / Loss of 2 Establish various levels of PO authorisation
supplier goodwill

11) 1 FD should review the whole payment list

10) POs not authorised below ($_) / PIs prior authorisation
process by clerk
2 FD should agree to supporting
E: Place order for personal goods up to documentation
the limit
3 Review the supplier’s name to identify any
Imp: Increase non-business related duplicates or unfamiliar names and evidence with
purchases / Risk of fraud sign

11) FD authorise invoices without looking 12) 1 Clerk should input invoice in batches and
at the details apply application control (control totals)
E: FD only views at the total amount of 2 Undertake a sequence check into the system
payments to be made to ensure C
Imp: Paid incorrect amount / Paid to
fictitious suppliers

12) Clerk only utilise document count

control when inputting invoices into
purchase ledger
E: DCC ca confirm completeness but not
accuracy and validity of input
Imp: Late payment to supplier / Loss
supplier goodwill
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

DESPATCH SYSTEM
1) No records of customer signatures as 1) 1 CLIENT should remind all couriers to obtain 1) 1 Review a sample of dispatched by courier and
proof has received the goods signature as a proof of delivery ask CLIENT for proof of despatch by viewing
customer’s signatures
E: Customers may make a false claim by 2 Payment will be not be made when missing
stating that they did not receive the order signature on despatch
yet
2) 1 Review UFO report to identify any issues or
E: CLIENT could not prove that the goods matters
have been despatched 2) 1 Send a copy of SO to despatch department
and match it to other copies 2 Inquire manager the reasons why if there is
Imp: Goods could have been despatched
significant time lapse (SO and DD)
twice which resulted in loss of revenue 2 Once goods despatched, matched to SO and
flagged as fulfilled 3 Assess whether waiting time is reasonable and
within the predetermined period
3 Flag any UFOs that passed a predetermined
2) No copy of SO forwarded to the
despatch department for fulfilment period automatically

E: SO have not been fulfilled in a timely 4 Review by SRO and evidence with signature
manner - damage reputation of CLIENT
as a reliable supplier
Imp: Loss customer goodwill
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

PAYROLL SYSTEM
1) No monitoring / supervision of the 1) 1 Monitor by a supervisor / appropriate level / 2) 1 Review a sample of of the gross to net pay
clocking in/out process / No clock out CCTV camera installed to prevent one individual calculations for evidence that they are undertaken
when taking break clocking in multiple employees and approves
E: Staff may ask colleagues to clock them 2 Automatically clocked out at the end of their
in when they are not present / Staff shift + clock back in for overtime
3) 1 Request the clerk to attempt to access the
swiped in as present when they are not
3 Undertake a random check of employees to master file or make changes on it, which the system
E: Staff could be taking excessive breaks confirm visually the employee is present should reject this
Imp: Increase in payroll costs / Decrease 2 Obtain and review logs and exception, master
in productivity file report to data changes and amendments
1) 1 Allocate set break times and review by
supervisor to ensure employees only take the 3 Review the authority of those making
break when they are entitled to amendments which by a senior member
2) Not reviewed or checked calculations
for payroll cost / 100% reliance on payroll
system
2) 1 Supervisor / Senior member recalculate the 4) 1 Review a sample of overtime sheets with time
E: System errors occur during processing gross to net pay then compare with the computer- taken off to confirm that there is evidence of signed
would not be discovered generated figures report
Imp: Wages over or under calculated / 2 Sign as approved before payments are made
Additional payroll costs / Loss of
5) Review a sample of overtime reports emailed to
employee goodwill
HOD to confirm that a response has been received
3) 1 Access in master file should only be given to
from each head by reviewing all responses
supervisor / senior member and controlled by
3) Clerk has access in master file / passwords
standing data / Clerk decided bonus paid
2 Clerk can have the read access only 6) 1 Discuss with clerk the follow-up process for
E: Clerk is not senior enough / Make obtaining authorisation of overtime sheets
3 Review regularly by SRO and evidence with
unauthorised changes / Set up a fictitious
signature 2 Compare this to the process which they should
employee
adopt to identify any control exceptions
Imp: Incorrect payment of wages /
Incorrect bonus payment
3) 1 Check against written confirmation from 7) 1 Obtain a sample of payments list
production director by another member
2 Review signature by FD as evidence
4) Overtime report sent out on (long) basis
or not reviewed
4) 1 Clerk should be reminded of procedures to be
11) 1 Review the overtime report for evidence of
E: Employees take unauthorised leave as undertaken when processing overtime sheets
authorisation
time off but not worked
2 Sign as evidence to agree any time taken off
2 Inspect the date this occurred to ensure that
E: Unauthorised overtime
3 Authorise by SRO prior to payment being this was undertaken prior to the payment of the
Imp: False payments being made for processed by payroll overtime
overtime hours not worked / Increase
4 Evidence wit signature
additional payroll cost

5) 1 HOD should report on whether the report is

5) No report from HOD on (overtime
correct
worked) reports
2 Payroll department should follow-up on any
E: Assumed the report is correct even
non-replies and not make payments until agree by
there may be errors as HOD are busy / do
the HOD
not receive email that do not report on
time
Imp: Incorrect overtime payments 6) 1 HOD should be reminded of the procedures
with regards to annual leave and arrangement of
suitable cover
6) Late arrangement for annual leave
2 Clerk should monitor overtime sheets are
cover on a timely basis
being submitted by HOD on a timely manner
E: As delay payment of the overtime
3 Clerk should also follow-up on any late sheets
worked
Imp: Employee dissatisfaction or
disgruntled 7) 1 Undertake a regular review and check on
payroll records to payment list to confirm
completeness
7) FD reviews the total list of bank
2 Sign the payment list as evidence that it has
transfers with total per the payroll records
E: Fictitious employees added to the been checked
payment listing
Imp: Increase risk of fraudulent payments
8) Appointment should only be made by HR
being made
department

8) Appointment of new staff from payroll

9) 1 Manager should not be able to process
department
changes and authorise payments.
E: Appoint unsuitable employees / Not
2 Authorise the bank transfer listing should be
carry out the required procedures for new
undertaken by independent person such as FD
joiners
Imp: Not receiving correct pay / Loss of
employee goodwill 10) Inform that all cash wages can only be paid
upon check employee’s clock card and
photographic identification
9) Manager reviews and amend the bank
transfer listing
11) 1 Overtime should be authorised by SRO prior
E: Lack segregation of duties
to the payment being processed
Imp: Increase fraudulent payments to
2 Evidence in writing
certain employees

10) No proof of identity when collecting

wages
E: Employee could fake other identity to
take other’s wages
Imp: Payment to incorrect employees

11) Overtime worked not authorised prior

to being paid
E: Unauthorised overtime or amount being
paid incorrectly
Imp: Increase payroll cost
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:
E + I + O + P + Test Data (attempt)
CASH SYSTEM
1) Petty cash float and at any times 1) 1 Maintain petty cash log so the sundry purchase is
should be equal to float recorded in the log (sum borrowed / date / employee)
E: Sundry items being purchased 2 Keep the relevant receipt or voucher or nay funds
without relevant receipt or voucher not spent on purchase of the items
being returned 3 Update to confirm return of funds and receipts
Imp: Cash is being misappropriated / 4 Reconcile the petty cash to identity missing receipts
Spent on non-business related items and follow up to relevant employee
5 Investigate further if any cash missing with relevant
2) All tills have the same log on code employee
and changed irregularly
E: Difficult to ascertain which 2) 1 Provide unique log on code to each employee
employees may be responsible as which required when using the tills
there no way of tracking who used 2 Allocate employees to specific till point for their shift
the tills 3 Undertake double checked on any discrepancies to
Imp: Cash being easily ensure no arithmetical errors
misappropriated 4 If still present, inquire the relevant employees and
undertake further investigation
3) Reconciliations of the tills to the
daily sales readings are performed in 3) 1 Undertake reconciliation on an individual till by till
total for all tills at each venue rather basis
than for each till 2 Investigate any discrepancies noted during
E: Difficult to identify which till caused reconciliation
the difference
Imp: Increase fraudulent expenses / 4) 1 Undertake cash up process by two individuals
Increase training cost together (one count, one record)
2 Undertake double checked on any discrepancies to
4) One staff retain all works ensure no arithmetic errors
E: Lack SOD 3 If still present, inquire the relevant employees and
Imp: Risk of fraud errors undertake further investigation

5) Sales sheets are scanned and 5) 1 Daily sheet should be sequentially numbered
emailed on weekly basis 2 Send to head office on daily basis
E: Some sheets misplaced 3 Run a sequence check on a regular basis to identity
Imp: Incomplete sales and cash any missing sheets and investigate if there are any gaps
receipts recorded 4 Once received, post sales and cash data on daily
 basis
6) Store safe key inappropriate place 5 Evidence with sign
E: Significant sum of cash onsite
each day 6) 1 Replace the current safe to a safe with a digital
Imp: Risk of significant cash loss / code
Increase risk of theft 2 Give the code to authorised staff only and update
on a regular basis
7) Cashier is responsible for all or
several cash receipt system 7) Key roles should be split between different members
E: Lack SOD of finance team
Imp: Unable to identify errors in a
timely manner 8) 1 Reconcile the credit card vouchers per restaurant to
monthly statement
8) Credit card statements are not 2 Agree daily amounts per statements to bank
reviewed or reconciled statement to ensure all funds have been received
E: Risk that receipt of cash by credit 3 Review and evidence with signature by SRO
card may have been omitted
Imp: Errors could not be identified in 9) 1 Perform on monthly basis
timely manner 2 Review and evidence with signature by SRO

9) Bank reconciliation not performed 10) 1 FD should review the whole payments list prior to
E: Key control which reduces the risk authorising
of fraud 2 Agree the amounts to be paid to supporting
Imp: Increase risk of fraud documentation and
3 Review supplier names to identity any duplicates
10) FD only view the total amount of or any unfamiliar names
payments 4 Evidence with signature
E: No looking at the details of
payment list
Imp: Risk that supplier being paid
incorrect amount / Sums being paid
to fictitious suppliers
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:
E + I + O + P + Test Data (attempt)
INTERNAL AUDIT SYSTEM
1) New member / Shortage 1) 1 Consider to recruit additional employees to join
E: Maintain IA department is an 2 Seconded from another department to assist them
important control
Imp: Reduce the effectiveness of this
monitoring control
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:
E + I + O + P + Test Data (attempt)
HUMAN RESOURCE SYSTEM
1) Payroll set up new joiners 1) 1 Review the workload to assess whether the other 1) 1 Review the job description of (_) and HR to
E: Lack SOD tasks can be reprioritized confirm the split of responsibilities with regards to
Imp: Increase risk of fictitious / 2 Revert back to HR to undertake this role as payroll setting up new joiners
duplicate employees being set up need to cease from setting up new joiners 2 Discuss with member of (_) the process with
setting up new joiners and for confirmation the
2) HR increased wage rate and notify 2) 1 All increased of pay should be proposed and process is initiated by HR
payroll formally agreed by BOD
E: Significant expense for business 2 Sent a written notification of BOD to payroll 3) 1 Select a sample of new employees added to
which should be made by BOD the payroll to review the joiners forms for evidence
Imp: Increase a fraudulent expense 4) 1 Maintain a schedule of payments made to third of completion and the information was verified as
parties accurate
3) HR complete pre-printed form for 2 Reconcile (_) on a regular basis and sent to 2 Select a sample of edit reports for changes to
new employees (unique number) employee for agreement payroll and agree to the joiner forms
O: minimise the risk of incorrect wage 3 If payments due to cease shortly, confirm in writing
and tax payments with third parties prior to stopping

4) Any deductions forms completed

by relevant staff
E: Unlikely to be closely monitoring
payments
Imp: Risk of overpayments /
Employee dissatisfaction
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

INVENTORY SYSTEM
1) Supervision of inventory count by 1) 1 Inventory counts should be supervised by an 9) 1 Attend year-end inventory count
manager independent person / alternative supervisor
2 Inquire to counting teams which department they
E: Hide inefficiencies and inventory 2 Staff from warehouse department should not usually work in
discrepancies so that their departments be involved in the count at all
3 Inspect updated inventory count instructions
are not criticised
Imp: Inventory count records being
2) 1 All bays should be flagged as completed once
inaccurate / increase in inventory frauds 10) Inspect a sample of counting sheets used
counted
2 Supervisor should check at the counting that
2) Not flagged areas once counted all aisles of finished goods have been flagged 11) 1 Observe counting teams to assess the
effectiveness
E: Double counted or missed out
2 Review the records of the sample checks
Imp: Increase risk of inventory balances 3) IA should check sample of counting undertaken
undertake by supervisor
misstated by teams to provide extra control over the C and A
of count

12) 1 Enquire count supervisor where the third-party

3) Internal audit department are counters
inventory is to be stored
and performing the inventory count 4) 1 Inform both member that they are required to
count inventory separately 2 Inspect counting sheets that these bays are not
E: IA should review the control / perform
included
sample test count / focus more on 2 One count and second check
confirming the C and A of count

13) 1 Attempt to access the area which should not

5) 1 Give black sheet to counters for entering any
possible
4) Many teams of counters inventory count which not on their sheets
2 Visit at the year-end and attempt to access with
E: No clear division of roles 2 Blank sheets should be sequentially in
the code was supplied during inventory count
numbered
Imp: Both count together and errors
cannot be identified 3 Return any unused sheets at the end of count
 4 Supervisor should check the sequence of all 14) 1 Observe the counting team undertake second
sheets count of all areas
5) Sheets are not in sequentially
numbered 2 Confirm that different teams undertake the
second count
E: Supervisor is unable to ensure C 6) 1 Ask warehouse staff to move the damaged
goods to a centre point by using an appropriate
Imp: If sheets are missing, inventory
machine
records could be misstated 15) 1 Confirm physically that the completed bays
2 The area should be clearly marked and have been flagged
excluded from counting process
2 Review any bays which have not been flagged

16) 1 Review the sequence on inventory sheets to

identify any gaps in the sequence
7) RM: estimate how many required to use and put 2 Obtain explanation from count supervisor
6) Not moving damaged goods into one to one side (included in WIP as to year-end)
side
WIP: store to one side and counted once at the
* 1 Obtain a copy of standard costs used for
E: Damaged goods will be moved to end of count (included in FG as to year-end)
inventory valuation
another aisle or sold to customer
Purchases: stored in one side and counted at
2 Assess when the review was last undertaken
Imp: Inventory balances misstated / the end of count (included in RM)
Revenue overstated 3 Inspect for evidence of review by SRO
Sales: keep to minimum for the day of count

7) No movements during inventory count

8) 1 Appoint an expert to / review the (_)
E: Double or error in counting
Imp: Inventory records misstated
9) 1 Counting team should be independent
2 Appoint alternative department
8) Assessment made by warehouse
manager
10) Inventory sheets should be sequentially
E: Lack of expertise and experience
number and contain product codes and
Imp: Increase risk of error in (_) / human descriptions but no quantities
error
11) 1 Inform each team that both members
required to count assigned inventory separately
9) Inventory count by warehouse
department 2 One count then second check and record the
inventory on count sheets
E: Lack SOD as maintain inventory day-
to-day and check them
Imp: Risk of fraud and error could be 12) 1 Move third parties’ goods to one location
hidden
2 Clearly mark and excluded from counting

10) Inventory sheets contain quantities as

13) 1 Keep high value inventory in locked area of
per inventory records
the warehouse
E: Counter may simply agree to pre-
2 Senior members should be allocated to
printed quantities
count these goods
Imp: Significant errors in inventory
3 Give the access code only to the senior
member
11) No clear division of roles of between 4 Change the access code upon completion
counting team memes
E: Both counts together rather than
14) 1 Each area should be recounted by different
checking each other
team
Imp: Errors cannot be identified
2 Notify promptly any differences on the first
count to supervisor
12) Inventory owned by third parties 3 Undertake third count if necessary
E: Not appear to be a method for counters
for identification
15) 1 Flag all bays as completed
Imp: Goods may be not correctly removed
2 Check all bays have been flagged by
from counting - Inventory overstated
supervisor
13) Access to all staff to secured location
E: Member can access these goods 16) 1 Return all sequentially numbered sheets
after end of count
Imp: Increase risk of theft
2 Check the sequence of all sheets should be
undertaken by supervisor
14) Each bay of warehouse counted once
only
17) 1 Change access codes for all sites
E: Error in counting
2 Have a unique code for each site and know
Imp: Inventory overstated
to small number of senior employees
3 Change code on a regular basis
15) Not marking the areas after count
E: Different team may be confused
18) 1 Review perpetual inventory counts any
Imp: Double counted / missed out omissions
2 Any line which have been missed should be
included in remaining count
16) No sequence check on inventory
sheets at the end of count
E: No sequence check * 1 A review of all standard costs currently in use
should be undertaken by SRO
Imp: Inventory records understated as
missing sheets 2 Actual costs for materials, labour and
overheads should be ascertained and compared
to the proposed standard costs
17) Access via code is common to all sites 3 The revised standard costs should be
E: Employees can access inventory at any reviewed by the production director + evidence the
times review

Imp: Increase risk of fraud 4 A review of the standard costs should be

undertaken annually by the production director to
ensure they are up to date
18) Undertake monthly inventory count
and some are outstanding
 DEFICIENCIES RECOMMENDATIONS TEST OF CONTROL
Identify + Explain + Implication - What should we do? - test recommendations by using these:

E + I + O + P + Test Data (attempt)

NON-CURRENT ASSET SYSTEM

1) CAPEX items below ($) are authorised 1) 1 Establish an authorisation level for CAPEX 1) 1 Review a sample of authorised CAPEX forms
by the (_) * not SRO
2 Any sums in excess of this should be 2 Identify if the correct signature has authorised
E: (_) not sufficiently independent and approved by the board them
senior to authorise the transaction
3 CAPEX committee of senior employees
Imp: Reduce profits / Potential cash should be established for authorisation of capital
3) 1 Observe the review process by SRO
outflow are not genuine items + report to BOD
2 Identify the treatment of any old equipment
3 Review processed CAPEX forms to ascertain if
2) IA undertakes physical verification of all 2) 1 IA should review its programme of visits to
the treatment of replaced PPE is as stated
assets each year and not compared all assess if additional resources could be devoted to
assets / Not undertake for some time ensure that all sites are visited
E: It will take a longer period to physically 2 Any assets which cannot be located should be
verify all of them if they have many investigated fully to identify where they could be +
assets. If not, should be written-off
E: No check that the assets still exist in
their correct location
2) 1 Devote additional resources to complete the
Imp: Increased risk of assets being verification
misappropriated / obsolete assets still
2 Any assets cannot be located, should be
being included in the register
written off
Imp: Increase risk of assets being
3 Review on monthly basis and agree to
misappropriated or misplaced
register

3) CLIENT has considerable levels of

3) 1 Regular review of PPE on sites by SRO
surplus PPE
2 Confirm the treatment of the equipment being
E: Unused PPE / Surplus PPE not
disposed of replaced as part of CAPEX process
Imp: Risk of theft / Loss of sundry income
 Key Control [ SPAM SOAP good ] Test of Control
+
Control Objectives ( to ensure / to reduce ) [ E I O P + Test Data (attempt) ]
SEGREGATION OF DUTY 1 1 Review a sample of calculations of the monthly employment tax
liability for evidence of review by the FC
❖ Most transactions can be broken down into three separate duties:
2 Confirm the calculation is correct and that payment can be made
✔ the authorisation or initiation of the transaction

✔ the handling of the asset that is the subject of the transaction

2 1 Observe the preparation of the pay packets that has SOD
✔ the recording of the transaction 2 Inspect weekly payroll listing for evidence of signature by members
who involved in the preparation of pay packet

CONTROL OBJECTIVES:

⮚ This reduces the risk of fraud and may also reduce the risk of error 3 1 Review the job descriptions of payroll and HR to confirm the split of
responsibilities with regards to setting up new joiners
⮚ To ensure unintentional mistakes can be spotted easily
2 Discuss with members of the payroll department the process for
⮚ To reduce risk of fictitious (_) being set up and also being paid setting up new joiners
3 Agree new joiners to documentation initiated by HR
4 Attempt to add a new joiner to the payroll system without a uniques
employee number which system should reject this
PHYSICAL 2 1 Attempt to login to the (_) system using a password which should be
out of date
2 Confirm that the system has rejected access (test data)
CONTROL OBJECTIVES:

⮚ To protect physical assets against theft or unauthorised access and

use 3 1 Review the log of the recordings to identify who reviewed week’s
footage to ensure its been reviewed by a member of HR
⮚ 2 To reduces the risk of fraud by preventing unauthorised changes
being made to the standing data and unauthorised access to 2 Review the log for any gaps in the review process
sensitive payroll information (password) 3 Discuss with HR
 ⮚ To reduce the risk of (_) being recorded in incorrect amount
** Attempt to input dummy information and verify hat it has been updated
to (_) system
AUTHORISATION / APPROVAL 1 1 Observe the clerk inputting data and SRO who checks for input errors

❖ Review of transaction prior to being processed 2 Review (_) for evidence of signature by SRO who review (_)

❖ Many employees must adhere to authorisation limits, and these will

usually be specified in the terms of employment 2 1 Review a sample of POs and review for evidence of authorisation
2 Agree this to the appropriate signature on the approved signature list
CONTROL OBJECTIVES:

⮚ To ensure that a transaction must not proceed unless an authorised

individual has given his approval, possibly in writing

⮚ To reduce the risk of fraudulent payments being made / To ensure

that goods only purchased which are required and relate to genuine
business expenses
SUPERVISORY 1 1 Confirm the signature of payroll supervisor as evidence that they have
reviewed
❖ oversight / monitor of the work of other individuals, by someone in a
position of responsibility 2 Review the signature
3 For any discrepancies, enquire of the reasons and what action was
taken to resolve the issue
CONTROL OBJECTIVES:
4 Re Perform the gross to net pay calculations and compare to the
⮚ To reduce the risks that the automated system generated errors payroll system
during payroll processing
5 Discuss any discrepancies with the payroll supervisor
⮚ To ensure that individuals do the tasks they are required to and
perform them properly
2 1 Observe the use of clock cards by employees when entering (_)
⮚ To ensure that any unauthorised amendments to standing data are
identified and investigated on a timely basis 2 Confirm that security team is supervising the process
3 Discuss with security staff any discrepancies
 3 1 Review a sample of monthly exception for evidence of review
2 Follow up any unexpected changed by (_)
ARITHMETIC / ACCOUNTING 1 1 Inspect a sample of key cards and data recorded in system
2 Carry out a sequence check to identify if there are any gaps in the
sequence
CONTROL OBJECTIVES:
3 Review details of checks carried out by HR supervisor + evidenced
⮚ 1 To ensure that (_) records are complete (sequentially numbered) with sign
⮚ 2 This ensures the (SOPL) is accurate and is not misstated in the
year-end financial statements
2 1 Review the (_) reconciliation and make enquiries of the FD of any
⮚ To reduce the risk of (_) being incorrect errors, how they arose and what action was taken
2 Re Perform a sample of (_) reconciliations and compare results with
those prepared by the FD
3 Discuss any discrepancies with the FD
PERSONNEL

❖ Put in the right candidate with the right qualifications and experience
for the job

CONTROL OBJECTIVES:

⮚ to increase employee awareness and understanding of the risks of

failing to apply them properly

⮚ to ensure that they carry out their tasks efficiently and effectively