Internal Controls Section B (Risks and Recommendations) 2

Question 1

Risk for GDNs not given same number as order numbers they relate to?

Answer 1

If GDNs are missing and company fails to raise invoices in a timely manner, could lead to a loss of revenue

Question 2

Control recommendation for GDNs not given same number as order numbers they relate to?

Answer 2

A sequence of check of GDNs should be undertaken to identify any missing despatch notes

Question 3

Risk if sales order department don’t receive copu of GDN

Answer 3

Not able to monitor if orders are being fulfilled on a timely basis, which could result in a loss of revenue and customer goodwill

Question 4

Control recommendation if sales order department don’t receive copu of GDN

Answer 4

GDN should be amended to a four-part with one copy going to sales department

Question 5

Risk if additional staff are drafted to help sales clerks produce sales invoices?

Answer 5

Increase of mistakes being made to sales invoices

Question 6

Control reccomendation if additional staff are drafted to help sales clerks produce sales invoices?

Answer 6

Only sales clerks should raise sales invoices - recruit more sales clerks

Question 7

Risk if manual entry of discounts?

Answer 7

A clerk could forget to manually enter discount or input wrong amount, causing loss of customer goodwill

Question 8

Control recommendation if manual entry of discounts?

Answer 8

Invoice system should be manded to prevent sales clerks from manually entering sales discounts onto invoices

Question 9

Risk if customer statements not generated and being sent to customers?

Answer 9

Increases likelihood of errors and invoice disputes. Which leads to cash flow issues

Question 10

Control recommendation for customer statements not generated and being sent to customers?

Answer 10

Should sent monthly customer statements and send them out promptly

Question 11

Risk if trade receivables account only reconciled annually?

Answer 11

Errors can’t be spotted promptly. Meaning receivables are misstated

Question 12

Control recommendation if trade receivables account only reconciled annually?

Answer 12

Trade receivables account should be reconciled on a montlhy basis. Then reviewed by an authorised employee

Question 13

Risk that customer orders are given a number based on sales person’s own identification number?

Answer 13

Sequential numbers mean it’s difficult to identify missing orders. Which leads to a loss of customer goodwill

Question 14

Control recommendation that customer orders are given a number based on sales person’s own identification number?

Answer 14

Sequence check of orders should be undertaken to identify any missing orders

Question 15

Risk for when each till has the same login code?

Answer 15

If there are cash discrepancies within the register, difficult to ascertain which employees are responsible. Cash is easy to misappropriate

Question 16

Control recommendation for when each till has the same login code?

Answer 16

Each employee is provided with a unique logon code

Question 17

Risk for when tills are reconcilied to daily sales reading are performed in total for every till rather than each till separately

Answer 17

When exceptions arise, it is difficult to identify which till caused differences

Question 18

Control recommendation for when tills are reconcilied to daily sales reading are performed in total for every till rather than each till separately

Answer 18

Reconciliation done on a till by till basis rather than in aggregate

Question 19

Risk for when daily sales sheets are scanned and emailed to head office?

Answer 19

Possibility some sales sheets could be misplaced by restaurant manager

Question 20

Control recommendation for when daily sales sheets are scanned and emailed to head office?

Answer 20

Daily sales sheets should be sequentially numbered and be sent to head office on a daily basis

Question 21

Risk for cash is stored at safe where safe key is kept under their desk?

Answer 21

Risk of significant cash losses due to theft if access to safe key not carefully controlled

Question 22

Control recommendation for cash is stored at safe where safe key is kept under their desk?

Answer 22

Current key lock safe should be replaced with a digital code. This code should be updated regularly

Question 23

Risk for when cashier is responsible for several elements of cash receipts system?

Answer 23

There is a lack of segragation of duties and errors can’t be identified on a timely basis

Question 24

Control recommendation for when cashier is responsible for several elements of cash receipts system?

Answer 24

Key roles should be split between different members of the finance team

Question 25

Risk for when credit card statements are not reviewed or reconciled straight away?

Answer 25

Credit card omissions won’t be identified on a timely basis, results with discrepancies with credit card company

Question 26

Control recommendation for when credit card statements are not reviewed or reconciled straight away?

Answer 26

Cashier should reconcile credit card vouchers to monthly statement received from card company

Question 27

Risk for no monitoring of student loan deductions

Answer 27

Risk of overpayments being made, leading to employee dissatisfaction

Question 28

Control recommendation for no monitoring of student loan deductions

Answer 28

Payroll department should maintain a schedule of payments made to 3rd parties such as the central government

Question 29

Risk for variances not analysed between budgeted wages and salaries

Answer 29

Management needs to understand why variances have arisen

Question 30

Control recommendation for variances not analysed between budgeted wages and salaries

Answer 30

Monthly management accounts should be amended to include an analysis of wages and salaries compared to budgeted costs

Question 31

Risk for no inter-branch transfers between stores?

Answer 31

Customers are less likely to contact individual stores themselves and company losing valuable sales

Question 32

Control recommendation for no inter-branch transfers between stores?

Answer 32

Inter-branch sustem shjould be established between stores, with inter-branch inventory forms being completed for store transfers

Question 33

Risk for no GRNs not being processed regularly?

Answer 33

Result in delays for supplies being paid as purchase invoices can’t be agreed to a GRN

Question 34

Control recommendation for no GRNs not being processed regularly?

Answer 34

Copy of GRNs should be sent to accounts department on a more regular basis

Question 35

Risk for GRNs only being sent to accounts department

Answer 35

Significant level of unfilled orders leading to a loss of sales and stock-outs

Question 36

Control recommendation for GRNs only being sent to accounts department

Answer 36

GRN should be created in three parts

Question 37

Risk of when supplier statement reconciliaitons can’t be performed?

Answer 37

Result in errors in recording of purchases and payables not being identified in a timely manner

Question 38

Control recommendation of when supplier statement reconciliaitons can’t be performed?

Answer 38

Supplier reconciliations should be performed on a monthly basis and should be reviewed by a responsible official

Question 39

Risk of when high value inventory is stored in warehouses via a four digit access ?

Answer 39

Considerable number of individuals are aware of codes. Increases risk of fraud

Question 40

Control recommendation of when high value inventory is stored in warehouses via a four digit access ?

Answer 40

Access code should be changed and only a few employees should be aware of it

Question 41

Risk of when invoices are authorised by finance director but only paid 75 days after receipt of invoice?

Answer 41

Risk that company is missing out on early settlement discounts

Question 42

Control recommendation of when invoices are authorised by finance director but only paid 75 days after receipt of invoice?

Answer 42

Policy of making payment after 75 days should be reviewed

Question 43

Risk of when employees can serve friends/family

Answer 43

Could give goods away for free or grant unauthorised discounts

Question 44

Control recommendation of when employees can serve friends/family

Answer 44

CCTV cameras should be placed in shops to act as a fraud deterrent

Question 45

Risk of when if store needs changing, a junior sales cerk is sent to bank by a till operator to change it into smaller denominations?

Answer 45

Risk of cash being misplaced or stolen on the way to the bank

Question 46

Control recommendation if store needs changing, a junior sales cerk is sent to bank by a till operator to change it into smaller denominations?

Answer 46

If further smaller denomination notes are required, store manager should authorise member of staff to obtain cash from bank and fully record movements in and out

Question 47

Risk of when overtime reports are authorised atter payment has been made

Answer 47

This could result in unauthorised overtime or amounts being paid incorrectly

Question 48

Control recommendation of when overtime reports are authorised atter payment has been made

Answer 48

All overtime should be authorised by a responsible official prior to payment being processed by payroll department

Question 49

Risk of when bonus is input by clerk with no additional review

Answer 49

Could result in errors or fraudulent entries, leading to increased payroll costs

Question 50

Control recommendation of when bonus is input by clerk with no additional review

Answer 50

All entries should be double checked against written confirmation from director by another member of team to ensure any bonuses are correct

Question 51

Risk of when internal audit teams are undertaking performing counts?

Answer 51

Internal audit should review controls and perform sample test counts. Not doing the actual count

Question 52

Control recommendation of when internal audit teams are undertaking performing counts?

Answer 52

Internal audit counters should sample check counting undertaken by counting teams to provide control over completeness and count

Question 53

Risk of when additional sheets not sequentially numbered

Answer 53

Supervisor can’t ensure completeness of all inventory sheets, resulting in understatement of inventory

Question 54

Control recommenadtion of when additional sheets not sequentially numbered

Answer 54

Team should enter on a blank sheet that is sequentially numbered, any unused sheet should be returned at end of the count

Question 55

Risk of when inventory sheets not signed?

Answer 55

Difficulty to contact counting team if no signatures

Question 56

Control recommendation of when inventory sheets not signed?

Answer 56

Inventory sheets should be signed by relevant team upon completion of an aisle

Question 57

Risk of when third party inventory included in count?

Answer 57

Results in inventory being overstated if these are not removed from inventory count sheets

Question 58

Control recommendation of when third party inventory included in count?

Answer 58

Inventories belonging to third parties should be moved to one location

Question 59

Risk of when assets recorded in the non-current asset register have not been physically verified for some time

Answer 59

There is an increased risk of loss, theft or misplacement as there is no check that the assets still exist in their correct location.

Question 60

Control recommendation for when assets recorded in the non-current asset register have not been physically verified for some time

Answer 60

Additional resources should be devoted to completing the physical verification of all assets within the register. Any assets that cannot be located should be written off.

Question 61

Risk of when the (HR) department has been busy; therefore, the payroll department has set up new joiners to the company?

Answer 61

This is a lack of segregation of duties, as employees are able to set up new joiners in the payroll system and process their pay, this increases the risk of fictitious (“ghost”) or duplicate employees

Question 62

Control recommendation of when the (HR) department has been busy; therefore, the payroll department has set up new joiners to the company?

Answer 62

All new joiners set up by payroll should be reviewed and agreed against employee files to confirm that they are bona fide.

Question 63

Risk of when the bank reconciliations are only reviewed by the financial controller if the sum of reconciling items is significant; therefore, some are not reviewed?

Answer 63

The bank reconciliations could contain significant errors, but a low overall amount of reconciling items, as there could be compensating errors which cancel each other out

Question 64

Control recommendation when the bank reconciliations are only reviewed by the financial controller if the sum of reconciling items is significant; therefore, some are not reviewed?

Answer 64

The bank reconciliations should be reviewed by the financial controller monthly, even if the reconciling items are not significant, and this review evidenced by a signature on the bank reconciliation.

Question 65

Risk of when invoices are authorised by the finance director, but paid only 75 days after receipt of the invoice?

Answer 65

There is the risk that Equestrian Co is missing out on early settlement discounts.

Question 66

Control recommendation for when invoices are authorised by the finance director, but paid only 75 days after receipt of the invoice?

Answer 66

The policy of making payment after 75 days should be reviewed. Earlier payment should be considered if settlement discounts are sufficient.

Question 67

Risk of when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?

Answer 67

This could result in purchases that are not required by the business.

Question 68

Control recommendation for when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?

Answer 68

All purchase orders should be authorised by a responsible official using a digital signature, regardless of value

Question 69

Tests of control for when the purchase orders below $1,000 are not authorised and are processed solely by the purchase order clerk who is also responsible for processing invoices?

Answer 69

Select a sample of purchase orders and confirm that each one has the appropriate digital signature from the authorised signatories matrix.

Question 70

Risk of when Goods received notes (GRNs) are sent to the accounts department every two weeks?

Answer 70

This will delay processing of invoices (understanding liabilities) and payments to suppliers as the purchase invoices cannot be agreed to a GRN

Question 71

Control recommendation for when Goods received notes (GRNs) are sent to the accounts department every two weeks?

Answer 71

A copy of the GRNs should be sent to the accounts department more often, perhaps daily.

Question 72

Tests of control for when Goods received notes (GRNs) are sent to the accounts department every two weeks?

Answer 72

Enquire of the accounts clerk how frequently GRNs are received, to assess if they are sent promptly

Question 73

Risk of when GRNs are only sent to the accounts department?

Answer 73

Failing to send a copy to the purchasing department means that it is not possible to monitor the level of unfulfilled orders

Question 74

Control recommendation for when GRNs are only sent to the accounts department?

Answer 74

Either the purchasing department should also receive copies of GRNs via email

Question 75

Tests of control for when GRNs are only sent to the accounts department?

Answer 75

Review access logs and permissions within the purchasing module to verify that both the purchasing and accounts departments can access GRNs

Question 76

Risk of when supplier statement reconciliations are no longer performed?

Answer 76

Errors in the recording of purchases and payables may not be identified in a timely manner

Question 77

Control recommendation for when supplier statement reconciliations are no longer performed?

Answer 77

Supplier statement reconciliations should be performed monthly for all suppliers and reviewed by a responsible official

Question 78

Tests of controls for when supplier statement reconciliations are no longer performed?

Answer 78

Re-perform a sample of the reconciliations to confirm that they have been carried out appropriately.

Question 79

RIsk for monthly management accounts do not analyse the variances between actual and budgeted wages and salaries; this is because there are no overtime costs.

Answer 79

These could arise due to the recruitment of extra employees which was not budgeted or an increase in wage pay out rates

Question 80

Tests of control for monthly management accounts do not analyse the variances between actual and budgeted wages and salaries; this is because there are no overtime costs.

Answer 80

Monthly management accounts should be amended to include an analysis of wages and salaries compared to the budgeted costs

Question 81

Risk of each restaurant maintains a petty cash float of $400; at any point in time the receipts and funds present should equal the float?

Answer 81

This could be due to sundry purchases without a relevant receipt or voucher. There is also a possibility that the cash is spent on non-business related items or stolen.

Question 82

Control recommendation of each restaurant maintains a petty cash float of $400; at any point in time the receipts and funds present should equal the float?

Answer 82

A petty cash log should be maintained so the purchase of sundry items is recorded in the log along with the sum borrowed, date and employee.

Question 83

Risk of the reconciliations of the tills to the daily sales readings are performed in total for all five tills at each venue rather than for each till?

Answer 83

It will be difficult to identify which till caused the difference and, therefore, which employees may require further till training or may have acted fraudulently

Question 84

Control recommendation of the reconciliations of the tills to the daily sales readings are performed in total for all five tills at each venue rather than for each till?

Answer 84

Reconciliations should be prepared on a till-by-till basis rather than in aggregate and any discrepancies noted should be investigated immediately

Question 85

Risk of daily sales sheets are scanned and emailed to head office on a weekly basis

Answer 85

A possibility that some sales sheets could be misplaced by the restaurant manager

Question 86

Control recommendation of daily sales sheets are scanned and emailed to head office on a weekly basis

Answer 86

Daily sales sheets for each venue should be sequentially numbered and remitted to head office daily

Question 87

Risk of cashier is responsible for several elements of the cash receipts system

Answer 87

There is a lack of segregation of duties and errors may not be identified on a timely basis.

Question 88

Control recommendation of cashier is responsible for several elements of the cash receipts system

Answer 88

These key roles should be split between different members of the finance team

Question 89

Risk of cashier is not checking credit card payments have resulted in cash receipts by Camomile Co

Answer 89

Risk that receipts of cash by credit card may have been omitted

Question 90

Control recommendation for not checking credit card payments have resulted in cash receipts by Camomile Co

Answer 90

The cashier should reconcile the credit card vouchers per restaurant to the monthly statement received from the card company

Question 91

Risk of company values inventories using standard costs, which are not kept up-to-date

Answer 91

If standard costs were reviewed 18 months ago, there is the risk that costs are misstated as changes in raw materials and wages inflation may not have been adjusted for

Question 92

Control recommendation of company values inventories using standard costs, which are not kept up-to-date

Answer 92

A senior manager in the production department should review all currently used standard costs

Question 93

Tests of control of company values inventories using standard costs, which are not kept up-to-date

Answer 93

Obtain a copy of the standard costs used for valuation of inventories, determine when the last review was and inspect for evidence of review by the production director

Question 94

Risk of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?

Answer 94

These reports are reviewed sometime after the payments have been made which could result in unauthorised overtime

Question 95

Control recommendation of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?

Answer 95

All overtime should be authorised by a responsible official before the payment is processed by the payroll department

Question 96

Tests of control of overtime worked is not authorised before it is paid. The information per employee is collated and submitted to payroll by a production clerk, but not authorised?

Answer 96

Review the overtime report for evidence of authorisation and note the date to confirm that this was before the payment of the overtime

Question 97

Risk of when discounts given to customers who purchased goods during the 15% off weekend are entered separately on the sales invoices by sales clerks?

Answer 97

This could result in giving unauthorised sales discounts as there does not seem to be any authorisation required

Question 98

Control recommendation of when discounts given to customers who purchased goods during the 15% off weekend are entered separately on the sales invoices by sales clerks?

Answer 98

During the period of any special offers (e.g. the 15% off weekend), the authorised sales prices file should be updated by a responsible official

Question 99

Risk of when client services managers are given responsibility to chase customers directly for payment once an invoice is outstanding for 90 days?

Answer 99

Client services managers are more likely to focus on customer relationships and generating further revenues rather than chasing payments

Question 100

Control recommendation of when client services managers are given responsibility to chase customers directly for payment once an invoice is outstanding for 90 days?

Answer 100

A credit controller should be appointed, and it should be their role, rather than the client services managers, to chase any outstanding sales invoices which are more than 30 days old