Week 5 | Risk and Controls II Flashcards
What control plans are there in place?
Preventative:
- Stops errors occurring
- Normally applied at individual transaction level
Detective:
- Alert that an error or anomaly has occurred
- Normally applied to groups of transactions
Corrective:
- Correct errors or irregularities after the fact
think of preventative and detective as one stage then corrective the next
When is preventative control used during the stages in the 3 processing modes
Used in OLTE and ORTP in the capture and record data stage.
Optional: detective in the record and update data stage of batch
What is a real life example of environments suitable for automated and manual controls?
Automated (computer executed) suits frequent, high transaction environments
Manual: betters for judgement required and unusual non-recurring transactions environment
What traits of automated and manual perform controls are there
automated:
- Consistency
- Efficiency
- Accuracy
- Harder to workaround
- Segregation can be implemented
Manual:
- Suited to non-routine situation where judgement or discretion is needed
- Large unusual, nonrecurring transactions
- Run the risk of inconsistent execution or avoidance
How would we mitigate risk of purchasing poor quality goods and what info goal does it improve
Having preapproved vendors
- identify if we can buy this from them
- requisition departments should not be able to create new vendors
- appropriate checks before new vendor added
Validity - only purchase from approved vendor
Accuracy - details of vendors are right
What is a real life example of preapproved vendors not being an efficient control?
- need for authorisation can be tiring (give example)
- does it help with kickbacks
- could miss out on other vendors with good price
What is a control for the risk of setting price?
Independent pricing - identified whether sales department can key in/override price or only retrieve from pre-determined list
Information goals:
Validity - inventory item exists and is available, price charge is authorised
Accuracy - correct price charged
Could feedback be used as a detective control
Yes
Example:
- double checking order and shipping details
- KPMG experience
Does prenumbering in sequence check ensure all risks are eliminated
This control can be used to check no missing cheque numbers exist
Helps with completeness (event)
Helps sequence check to occur but doesn’t do check automatically (partial mitigation)
What 3 different batch totals are there and the purpose of this
record count: number of customer documents in the batch
Financial total: total dollar value of sales
Hash total: customer number sum etc
Goal achieved depends on batch total (the way how a batch total is used is the control plan)
Helps with:
- Completeness (event)
- Accuracy
What stage is the most important in segregation of duties?
All :))
- custody of assets
- record keeping
- authorisation/approval
- reconciliation/control activity
How can material weakness affect the company
internally:
- reduce operational efficiency
- reduce inventory turnover ratios and increase inventory impairments
- reduces firm financial reporting filing compliance and timeliness
- likelihood of fraud revelations
Externally:
Lender: loan spread is higher for firms, charge higher interest rate, provide collateral
Auditors: issue going concern
Equity market: firms with poor internal control quality have lower market valuation
How can bad debts be mitigated. What info goals does this improve
customer credit check - compare value of sale with available credit
info goal: validity
What is a risk of credit check irl
if customers place individual orders lower than credit limit but in ggregate surpass credit limit. This is recorded end of the day in accounts receivables, look at sales order data base.
Who sets the limit
What’s a real life risk with setting prices?
Who can access and alter the inventory master data
