Chapter 6 - Risk Management + Internal control

Question 1

Types of internal control:

Answer 1

• Financial or non-financial (both qualitative and quantitative)
• Prevent, detect, correct and direct
• Input, process, output
• Outsourcing
• Service level agreements

Question 2

Financial control:

Answer 2

• Budgets
• Standard costing
• Investment appraisal techniques

Question 3

Non-financial control:

Answer 3

• Quantitative = KPIs and appraisal

* Qualitative = structure charts, codes of conduct and procedures manuals

Question 4

Prevent, detect, correct and direct:

Answer 4

• Prevents controls = stop risk from occurring in the first place (not paying invoice until matched with a valid order and GRN)
• Detect controls = retrospective and identify risks once occurred (bank reconciliations)
• Correct controls = reduce impact of errors (keeping back-up copies)
• Direct controls = guide behaviour (training)

Question 5

Input, process and output controls:

Answer 5

• Input controls = what goes into a process (sourcing materials at best price and quality)
• Process controls = process itself (optimal performance)
• Output controls = outputs have met required standards

Question 6

Outsourcing:

Answer 6

• Ad hoc = outsourcing short-term skills gap
• Project management = installation of new system
• Partial = no. of services is outsourced
• Total = third party provides entire service/ function

Question 7

Service level agreements:

Answer 7

• Series of minimum standards

* Typically, will include: timescale, service levels, change process and exit route

Question 8

Responsibilities of treasury functions:

Answer 8

• Relationship with banks
• Liquidity management
• Borrowing activities and interest rate management
• Funding arrangements such as equity issues
• Currency management

Question 9

Control activities:

Answer 9

1. Authorisation:
   * Approvement of transactions by appropriate person
2. Information processing:
   * General IT controls = policies and procedures for many applications
   * Application controls = processing of individual applications
3. Performance review:
   * Review and analysis of actual performance vs. budget
   * Analysing relationships and investigating difference
   * Comparing internal data with external sources of information
   * Review of functional/ activity performance
4. Physical controls:
   * Physical security of assets
   * Authorisation for access to computer programs and data files
   * Periodic counting
5. Segregation of duties:
   * No of peoples involved in accounting process so no one person has overall control
   * Segregation of function = carry out of a transaction, recording that transaction in accounting records and maintaining custody of assets
   * Various steps in carrying out transaction should be segregated

Question 10

Limitations of internal controls:

Answer 10

• Costs can sometimes outweigh benefits – pragmatic approach is often taken and only implemented if it is worth it
• Human error or fraud – collusion between more than one employee
• Management override – either legitimate or fraudulent purposes
• Non-routine events that system was not originally set up to manage
• Change of any systems that are no longer fit to control

Question 11

Costs & benefits of internal controls:

Answer 11

Benefits:
* Business assurance
* Efficiency and effectiveness of operation
* Validation by external auditors
Costs:
* Resource (human and financial), technology (hardware and software) and assets (premises, supplies and vehicles)
* Opportunity costs

• Costs + benefits will not always be straight forward to measure and evaluate

Question 12

SMART targets:

Answer 12

Specific
Measurable
Achievable
Realistic
Time-bounded

Question 13

Governance and internal control:

Answer 13

• Performance-related pay (PRP) = can lead to excessive risk-taking amongst executive directors – go beyond acceptable risk appetite of shareholders if motivated by personal gain (agency problem)
• Share options = builds in limits on when options can be exercised to prevent directors from pursuing strategies that secure personal benefits in short-term at expense of longer-term value

Question 14

Management styles that can lead to dysfunctional behaviour:

Answer 14

1. Budget-constrained:
   * Needs to meet budget constraints
   * Short-term viewpoint
   * High tension within the job
   * Short-term focus
   * High manipulation of data
   * Poor staff relations
2. Profit-conscious:
   * Assessed only in relation to hitting targets no matter how it is done
   * Medium tension within the job
   * Little manipulation of data
   * Good staff relations
3. Non-accounting:
   * Budgets not important (other factors such as customer service or quality is)
   * Medium tension – based on hitting targets
   * Manipulation of data less relevant as other measures are used
   * Good staff relations

Question 15

Short-term vs. long term objectives

Answer 15

1. Reduce capital expenditure/ R+D to protect cash flows and save costs
   = Limits potential growth, operating capacity, efficiency and competitive advantage
2. Reducing quality control costs to increase profits
3. Reducing levels of customer service to reduce costs = Negative impact on reputation and customer goodwill
4. Cutting training and/or recruitment budgets to save costs
   = Potential skills shortages and poor morale

Question 16

Malfunction at any stage where employees are involved can lead to control failures due to:

Answer 16

• Poor motivation – poor reward structures or poor management
• Poor training – lack of skills or support from management
• Inappropriate values – absence of a code of conduct or code being visibly ignored
• Problems inappropriately managed – inequitably/ inadequately with no regard for feedforward learning

Question 17

Other forms of dysfunctional behaviour:

Answer 17

1. Tunnel vision:
   Problem = Focus on stated performance measures only to detriment of other areas
   Solution = consideration of different dimensions of performance
2. Myopia:
   Problem = preoccupation with immediate concerns leading to neglect of longer-term objectives
   Solution = fostering a long-term view amongst staff and management
3. Measure fixation:
   Problem = activities and behaviours to achieve specific performance indicators only which may not be effective
   Solution = adopting a sensible number and application of measures
4. Misinterpretation:
   Problems = creative reporting to suggest result is acceptable
   Solution = not placing too much emphasis on results + involvement of staff
5. Ossification:
   Problem = unwillingness to change performance measure scheme once it has been set up
   Solution = keeping performance measurement system under constant review + all staff to input suggestions for change

Question 18

What is a Critical success factor?

Answer 18

• Element of org activity which is central to future success
• May change over time and may include: product quality, employee attitudes, manufacturing flexibility and board awareness

Question 19

What is a Key performance indicator?

Answer 19

Way of measuring performance against a specific objective

Question 20

Information needs according to management levels:

Answer 20

1. Strategic management:
   * Monitors and controls org as a whole and take biggest decisions
2. Tactical management:
   * Implements decisions of strategic management and ensures that divisions are running smoothly
3. Operational management:
   * Controls day-to-day activities and escalates issues to tactical management for decisions

Question 21

Office automation system (OAS):

Answer 21

Email. Spreadsheet, word processing

Question 22

Transaction processing system (TPS):

Answer 22

Collects data about each business transaction

Question 23

Knowledge work system (KWS):

Answer 23

Allows new knowledge creation within org

Question 24

Management information system (MIS):

Answer 24

Draws info from TPS and presents it to managers for decision making and control in std report format

Question 25

Enterprise resource planning system (ERPS):

Answer 25

Captures data across whole enterprise so that custom-designed reports can be produced

Question 26

Strategic enterprise management system (SEMS):

Answer 26

Makes high-level strategic decision using tools such as activity-based management

Question 27

Decision support systems (DSS):

Answer 27

(e.g. Spreadsheet)

Data analysis tools that can be used to model scenarios and assist decision making

Question 28

Executive information system (EIS) or executive support system (ESS):

Answer 28

Data presented to senior managers, usually graphical and summarised, but with drill-down facilities

Question 29

Expert systems (ES):

Answer 29

Stores information and apply rules to make simple decisions

Question 30

Systems development life cycle:

Answer 30

Disciplined approach to systems upgrades intended to reduce possibility of ending up with a system that fails to meet the needs of org and wastes time and money

Question 31

Stages of systems development life cycle:

Answer 31

1. Feasibility study:
   * Review existing system + identify possible alternative solutions
2. Systems investigation:
   * Obtain details of current requirements and user needs
   * Identify current problems and restrictions
3. Systems analysis:
   * Consider why current methods are used and identify better alternatives
4. Systems design:
   * Determine inputs, processing and storage facilities
   * Consider matters such as programme design, file design and security
   * Prepare a detailed specification
   * Test system fully
5. Systems implementation:
   * Write/acquire software, test it, convert files, install hardware and start running new system

Question 32

Systems test:

Answer 32

1. Direct changeover:
   * Replacing old with new in one go
2. Parallel running:
   * Running old and new together to highlight problems with new system
3. Pilot operation:
   * Introducing a new system in one department to assess new systems and how it could be improved
4. Phased changeover:
   * Splitting new system into elements and implementing one element at a time across whole org