Explore BrainMass
Share

Risk in Internal Control Procedures

This content was STOLEN from BrainMass.com - View the original, and get the already-completed solution here!

2. a. Consider the four vignettes: Internal control over cash, Embezzling, information Technology and inventory. For each one, suggest one additional internal control procedure. Discuss whether the procedure you suggest is preventive, detective or corrective; also identify the type of risk it is designed to control based on risk categories.
b. Hassan and Ashok are employed by one of the Big Four CPA firms. Both have recently earned their CPA licenses, however, and are considering starting their own practice. Using Brown's risk taxonomy, identify and describe at least five risks Hassan and Ashok must be aware of if they start their own business. For each risk you identify, suggest one or more internal controls that could ameliorate it?

© BrainMass Inc. brainmass.com October 17, 2018, 1:00 pm ad1c9bdddf
https://brainmass.com/business/accounting/risk-internal-control-procedures-598106

Solution Preview

2. a. Consider the four vignettes: Internal control over cash, Embezzling, information Technology and inventory. For each one, suggest one additional internal control procedure. Discuss whether the procedure you suggest is preventive, detective or corrective; also identify the type of risk it is designed to control based on risk categories.

In reference to internal controls for cash, some basic ideas could include ensuring that all cash receipts should are deposited in the bank daily to negate any employees or customers from having an opportunity to steal them as well as requiring that all cash payments should be made by check. Embezzling can be prevented by using a checking account to ...

Solution Summary

This solution of 400 words suggests an internal control procedure for four vignettes of internal control over cash, embezzling, information technology and inventory. It also describes five risks in starting up a business using Brown's risk taxonomy.

$2.19
Similar Posting

Assessing control risk, internal controls, and analytical procedures

8-15 (Analytical procedures)
In audit planning the audit of Construction Industry Resources, Inc., a building supply company. You have completed analytic procedures relevant to purchases and inventory. The results of these procedures are included in Figure 8.13.

Figure 8.13. Selected Financial Information ($000)
(see attachment for figure)

Analytical procedures show that inventory turnover decreased from 31-34 days to 27 days, and gross margins declined to the lowest level in five years. What might this indicate about the risk of misstatement with respect to inventory and inventory purchases?

8-16 (Analytical procedures)
In audit planning the audit of Circuits Technology, Inc. (CTI). CTI resells, installs, and provides computer networking products (client software, gateway hardware and software, and twinax hardware) to other businesses. Figure 8.14 provides some summary information from CTI's financial statements.

Figure 8.14. CTI Selected Financial Information ($000)
(see attachment for figure)

1. Calculate purchases, gross margin, inventory turn days, accounts receivable turn days, and accounts payable turn days for the years ended 20x2, 20x3, 20x4, 20x5.
2. Describe the trends identified by performing analytical procedures in the gross operating cycle, the net operating cycle, and gross margin.
3. If tolerable misstatement is $45,000 for inventory, develop an expectation range for inventory turn days.
4. With respect to inventory, what might these trends indicate about the potential misstatement in inventory?

10-31 (Components of internal control)
The chapter identified five components of internal control. Listed below are specific control policies and procedures prescribed by Suntron Company.

Management gives careful consideration to the requisite knowledge and skills personnel need at all levels of the organization.
General controls and application controls are established in the electronic data processing department.
Management acts to reduce or eliminate incentives and temptations that might lead individuals to engage in dishonest or illegal acts.
Management is alert to complaints received from customers about billing errors.
Management gives special consideration to the risks that can arise from the use of information technology in the accounting system.
Employees' responsibilities are assigned so as to avoid any individual's being in a position to both commit an error or irregularity and then conceal it.
IT management has designed controls to prevent unauthorized use of IT equipment, data files, and computer programs.
The processing of payroll includes a check on the total number of hours submitted. If more than 65 hours are reported in a weekly pay period, the transaction is printed on an exception report and put in a suspense file for additional review or additional authorization.
Suntron's internal audit staff periodically assesses the effectiveness of various ICS components.
Policy manuals, accounting and financial reporting manuals, and a chart of accounts have been developed and implemented.

Identify the components of internal control to which each policy or procedure relates.
For each item, identify one other policy or procedure for that internal control component that is not on the preceding list.

10-32 (Components of internal control)
Internal controls can be categorized using the following framework.

Control environment
Risk assessment
Information and communication
Control activities
4.1. Authorization
4.2. Segregation of duties
4.3. Information processing controls
4.3.1. Computer general controls
4.3.2. Computer application controls
4.3.3. Controls over the financial reporting process
4.4. Physical controls
4.5. Performance reviews
4.6. Controls over management discretion in financial reporting

Monitoring
Antifraud programs and controls

Following is a list of controls prescribed by Waterfront, Inc.

Management has established a code of conduct that includes rules regarding conflicts of interest for purchasing agents.
Waterfront has established a disclosure committee to review the selection of new accounting policies.
Any computer program revision must be approved by user departments after testing the entire program with test data.
The managers of each of Waterfront's manufacturing departments must review all expenditures charged to their responsibility center weekly.
The CEO, CFO, and controller review the financial consequences of business risks annually to ensure that controls are in place to address significant business risks.
Human resources focuses on ensuring that accounting personnel have adequate qualifications for work performed in billing and accounts receivable.
Security software limits access to programs and data files, and keeps a log of programs and files that have been accessed, which is then reviewed by the security manager daily.
A computer program prints a daily report of all shipments that have not yet been billed to customers.
The controller reviews sales and collections bimonthly.
The computer compares the information on the sales invoice with underlying shipping information.
Customer billing complaints are directed to internal audit for follow-up and resolution.
The documentary transaction trail for all credit sales is documented in company policy manuals.
A committee of the board of directors evaluates and monitors business risks.
Access to spreadsheets used in the financial reporting process is limited and spreadsheets are tested with test data on a quarterly basis.

Indicate the category of internal control applicable to each procedure using the framework above.
Identify an assertion to which each procedure pertains (some procedures may have a pervasive impact on multiple assertions).

11-21 (Assessing control risk)
An auditor is required to obtain a sufficient understanding of each of the components of an entity's system of internal control to plan the audit of the entity's financial statements and to assess control risk for the assertions embodied in the account balance, transaction class, and disclosure components of the financial statements.

1. Explain the reasons an auditor may assess control risk at the maximum level for one or more assertions embodied in an account balance.
2. What must an auditor do to support assessing control risk at less than the maximum level when the auditor has determined that controls have been placed in operation?
3. What should an auditor consider when seeking a further reduction in the planned assessed level of control risk?
4. What are an auditor's documentation requirements concerning an entity's system of internal control and the assessed level of control risk?

View Full Posting Details