Risk Assessment & Internal Control Flashcards
The Entity’s Risk Assessment Process includes how management identifies business risks
relevant to the preparation of financial statements in accordance with the entity’s
applicable financial reporting framework, estimates their significance, assesses the
likelihood of occurrence and decides upon actions to respond to and manage them and
the results thereof. Elucidate the circumstances in which risks can arise or change.
Entity’s Risk Assessment Process: Risks can arise or change due to circumstances
such as the following-
(i) Changes in operating environment: Changes in the regulatory or operating
environment can result in changes in competitive pressures and significantly different
risks.
(ii) New personnel: New personnel may have a different focus on or understanding of
internal control.
(iii) New or revamped information systems: Significant and rapid changes in
information systems can change the risk relating to internal control.
(iv) Rapid growth: Significant and rapid expansion of operations can strain controls and
increase the risk of a breakdown in controls.
(v) New technology: Incorporating new technologies into production processes or
information systems may change the risk associated with internal control.
(vi) New business models, products, or activities: Entering into business areas or
transactions with which an entity has little experience may introduce new risks
associated with internal control.
(vii) Corporate restructurings: Restructurings may be accompanied by staff reductions
and changes in supervision and segregation of duties that may change the risk
associated with internal control.
(viii) Expanded foreign operations: The expansion or acquisition of foreign operations
carries new and often unique risks that may affect internal control, for example,
additional or changed risks from foreign currency transactions.
(ix) New accounting pronouncements: Adoption of new accounting principles or
changing accounting principles may affect risks in preparing financial statements.
FSA
Financial Statement Assertions
RCM
Risk and Control Matrices
NTE
Nature, Timing and Extent
ATM
Automated Teller Machine
ERP
Enterprise Resource Planning
CAATs
Computer Assisted Auditing Techniques
ICM
Internal Controls Memorandum/ Memo
New Life Hospital is a multi-specialty hospital which has been facing a lot of pilferage and troubles regarding their inventory maintenance and control. On investigation into the matter it was found that the person in charge of inventory inflow and outflow from the store house is also responsible for purchases and maintaining inventory records. According to you, which basis system of control has been violated? Also advise the other general conditions pertaining to such system which needs to be maintained and checked by the management.
Basic system of Control: Internal Checks and Internal Audit are important constituents of Accounting Controls. Internal check system implies organization of the overall system of book-keeping and arrangement of Staff duties in such a way that no one person can carry through a transaction and record every aspect thereof.
In the given case of New Life Hospital, the person-in-charge of inventory inflow and outflow from the store house is also responsible for purchases and maintaining inventory records. Thus, one of the basic system of control i.e. internal check which includes segregation of duties or maker and checker has been violated where transaction processing are allocated to different persons in such a manner that no one person can carry through the completion of a transaction from start to finish or the work of one person is made complimentary to the work of another person.
The general condition pertaining to the internal check system may be summarized as under-
(i) No single person should have complete control over any important aspect of the business operation. Every employee’s action should come under the review of another person.
(ii) Staff duties should be rotated from time to time so that members do not perform the same function for a considerable length of time.
(iii) Every member of the staff should be encouraged to go on leave at least once a year.
(iv) Persons having physical custody of assets must not be permitted to have access to the books of accounts.
(v) There should exist an accounting control in respect of each class of assets, in addition, there should be periodical inspection so as to establish their physical condition.
(vi) Mechanical devices should be used, where ever practicable to prevent loss or misappropriation of cash.
(vii) Budgetary control should be exercised and wide deviations observed should be reconciled.
(viii) For inventory taking, at the close of the year, trading activities should, if possible be suspended, and it should be done by staff belonging to several sections of the organization.
(ix) The financial and administrative powers should be distributed very judiciously among different officers and the manner in which those are actually exercised should be reviewed periodically.
(x) Procedures should be laid down for periodical verification and testing of different sections of accounting records to ensure that they are accurate.
Samyak Limited is engaged in the business of trading leather goods. You are the internal auditor
of the company for the year 2021-22. In order to review internal controls of the Sales Department
of the company, you visited the Department and noticed the work division as follows:
(1) An officer was handling the sales ledger and cash receipts.
(2) Another official was handling dispatch of goods and issuance of Delivery challans.
(3) One more officer was there to handle customer/ debtor accounts and issue of receipts.
As an internal auditor, you are required to briefly discuss the general condition pertaining to the
internal check prevalent in internal control system. Do you think that there was proper division of
work in Samyak Limited? If not, why?
The general condition pertaining to the internal check system may be summarized as under:
(i) no single person should have complete control over any important aspect of the business
operation. Every employee’s action should come under the review of another person.
(ii) Staff duties should be rotated from time to time so that members do not perform the same
function for a considerable length of time.
(iii) Every member of the staff should be encouraged to go on leave at least once a year.
(iv) Persons having physical custody of assets must not be permitted to have access to the books
of accounts.
(v) There should exist an accounting control in respect of each class of assets, in addition, there
should be periodical inspection so as to establish their physical condition.
(vi) Mechanical devices should be used, wherever practicable to prevent loss or misappropriation
of cash.
(vii) Budgetary control should be exercised and wide deviations observed should be reconciled.
(viii) For inventory taking, at the close of the year, trading activities should, if possible be
suspended, and it should be done by staff belonging to several sections of the organization.
(ix) The financial and administrative powers should be distributed very judiciously among different
officers and the manner in which those are actually exercised should be reviewed periodically.
(x) Procedures should be laid down for periodical verification and testing of different sections of
accounting records to ensure that they are accurate.
In the given scenario, Samyak Limited has not done proper division of work as:
(i) the receipts of cash should not be handled by the official handling sales ledger and
(ii) delivery challans should be verified by an authorised official other than the officer handling
despatch of goods.