Beruflich Dokumente
Kultur Dokumente
Process
Receive
customer
order
Credit
assessment
Picking,
Packing and
Delivery
Recommendations
[Preventive/ Detective] The solution could be to implement ERP and centralized database that includes
limit/range check/reasonableness check for sales department. For example, the limit/range check would
ensure orders fall within a certain range which are set based on the sales orders from previous transactions
with the customer. Similarly, reasonableness check is helpful in notifying any unusual quantity
corresponding to the specific product. (eg 100 vs 1000). In addition, completeness check can ensure that all
required data are entered.
[Detective] Closed-loop Verification to check the accuracy of input data by using it to retrieve and display
other related information. E.g. On the sales order document, there will be the customer details such as the
customer name where the credit officer can simply click on the link to retrieve and display the record of the
customers past transaction which can then be used to evaluate and verify the existing customers current
creditworthiness
[Preventive] ERP and centralized database with access control which restrict the access to master data and
review all changes of data. This is to prevent internal unauthorized access.
[Preventive] Use encryption, which is the process of changing information in such a way as to make it
unreadable by anyone except those possessing special knowledge (usually referred to as a "key") that allows
them to change the information back to its original, readable form. This allows the company to securely
protect sensitive data even if the computer is stolen.
With an ERP and centralized database, credit officer can update the credit approval decision while the sales
officer can have access to it and start the preparation simultaneously.
1. [Detective] Automated controls such as limit checks based on certain guidelines on credit management
could be integrated in the ERP and centralized database to ensure objectiveness of credit assessment.
2. [Preventive] Segregation of duties
The credit manager, who sets credit policies and approves the extension of credit to new customers and
raising of credit limits for existing customers, is independent of the marketing and sales function. With an
ERP and centralized database, sale order entry clerks should be granted read-only access to information
about individual customer credit limits.
1. [Preventive] RFID technology to track the goods movement as it moves through the warehouse. The goods
movement data is then updated to the central database about the inventory. This allows perpetual inventory
control and prevents misappropriation of inventory. Restrict physical access to inventory; documentation of
Billing and
AR
Cash
collections
Shipping errors
Shipping the wrong items or quantities of merchandise and
shipping to wrong location are serious errors because they can
significantly reduce customer satisfaction and thus future
sales. They may also result in loss of assets if customers do
not pay for goods erroneously shipped.
AR clerk generate invoice and also updates the customers
AR file - Integrity control risks
all internal transfers of inventory; periodic physical counts of inventory and reconciliation of counts with
recorded amounts.
2. [Preventive] - Have the carrier to sign a document indicating the items that have been taken in for delivery
each day - can prevent fraud during delivery
3. [Preventive] Segregation of duties
Employees who are responsible for controlling the physical access to inventory should not be able to adjust
inventory records without review and approval. Neither the employees responsible for custody of inventory
nor those authorized to adjust inventory records should be responsible for the receiving or shipping function.
[Preventive/ detective] The use of bar-code scanners and RFID technology to record the picking and shipping
of inventory as it moves through the warehouse could enables detecting and then correcting any mistakes
before the merchandise leaves the premises by comparing the shipment data with the sales order. Only after
the system has verified that the shipment is correct should the packing slip and bill of lading be printed.
Through the ERP and centralized database, the available information of sales order can automatically be used
to generate invoices. Thus reducing the risk of fraudulent behaviors by the AR clerk.
There is no segregation of duties of cash handling function [Preventive] - Proper segregation of duties. Separate person (another AR clerk) to generate invoice and
with billing function as AR clerk generate invoice and also
update customers AR file such that AR clerk will not be able to easily write-off his friends accounts
updates the customers AR file. This poses an integrity control [Corrective] - Regular reconciliation: After the segregation of duties, regular reconciliation of bank
risks when AR clerk may update friends invoice as being
statements and account receivables should be done by another person independent from cash handling and
written off and do not collect payment from his friends.
billing functions. Any discrepancies must be reported to the managers and proper investigation should be
carried out.
Failure to bill customers no segregation of duty
1. [Preventive] Segregation of duties
An employee performing both shipping and billing functions
Billing functions should be performed by a person independent of shipping function.
could ship merchandise to his friend without billing them.
2. [Corrective] Reconciliation
This results in loss of assets and erroneous data about sales,
Sales order, picking tickets, packing slips, and sales invoices should be sequentially numbered and then
inventory and accounts receivable.
periodically accounted for. Any sales order or packing slips that cannot be matched to a sales invoice
represent shipments that have not been billed and corrective action should be taken.
Billing errors
[Preventive] Through the ERP and centralized database, pricing mistakes can be avoided by having the
Billing errors, such as pricing mistakes and billing customers
computer retrieve the appropriate data from the inventory master file.
for items not shipped or on back order, represents another
[Detective] Mistakes involving quantities shipped can be detected by reconciling the quantities listed on the
control issue. Overbilling can result in customer
packing slips with those on the sales order.
dissatisfaction and under billing results in loss of assets.
Theft of cash
1. [Preventive]Minimise the handling of cash and checks within the organization through a bank lockbox
There is no segregation of duties for those pairs:
arrangement or the use of electronic fund transfers for customer payments.
Handling cash or checks and posting remittance to customer
2. [Preventive] Segregating the recording and custody functions as follows provides addition control: Only
accounts: a person performing both of these duties could
the remittance data should be sent to accounts receivable department, with customer payments being sent to
commit the special type of embezzlement called lapping
the cashier. Such an arrangement establishes two mutually independent control checks. First, the total credits
to accounts receivable recorded by the accounting department should equal the total debit to cash
representing the amount deposited by cashier. Second, the copy of the remittance that is sent to the internal
audit department cann be compared with the validated deposit slips and bank statements to verify that all
checks the organization received were deposited. Finally, the monthly statements mailed to customers
provide another layer of control, because customer would notice the failure to properly credit their accounts
for payments remitted.
The person who reconciles the bank statement should be independent of all other activities involved in
handling or recording the receipt of cash. This separation of duties provides an independent check on the
cashier and prevents manipulation of the bank statement to conceal the theft of cash
Recommendations
1. [Preventive] Technology for perpetual inventory record
Bar-code technology can improve the accuracy and efficiency of the perpetual inventory records so that
information about inventory stocks is always current.
Affixing RFID tags to individual products to track the movement of inventory and allow instant update on
inventory stocks on the centralized database
2. [Preventive] Selection of suppliers: should select suppliers that are known to meet their delivery
commitments diligently.
[Preventive] The solution could be to implement ERP and centralized database that integrate purchase
orders by different units of the organization. This accurate perpetual inventory record could allow different
units to get access to updated information about inventory stocks before requesting for purchase. Moreover,
through the centralized database, supervisor can review and approve purchase requisitions based on valid
reasons.
1. Preventive: Several procedures could be implemented for procurement process:
Price lists for frequently purchased items should be stored in the computer and consulted when ordering.
Competitive, written bids should be solicited for high-cost and specialized products.
2. Corrective: Purchases should be charged to an account that is the responsibility of the person or
department approving the requisition. To facilitate control of budgets, managers are required to generate
reports highlighting any significant deviation from budgeted amount for further investigations.
1. Preventive: Several procedures could be implemented for procurement process:
Establishing lists of approved suppliers known to provide goods of acceptable quality should e stored in the
computer and consulted when ordering.
Competitive, written bids should be solicited on the basis of both cost and quality.
Supplier performance data should be collected and periodically reviewed to maintain the accuracy of these
approved lists.
2. Corrective: Purchasing managers should be held liable for the total cost of purchases, which includes
not only the purchase price but also the quality-related costs of rework and scrap.
satisfaction.
Kickbacks
Kickbacks are gifts from suppliers to purchasing agents for the
purpose of influencing their choice of suppliers. In order to
recover the money spent on the bribe, suppliers can inflate price
of subsequent purchases or substitute goods of inferior quality.
[Preventive] Companies should prohibit purchasing agents from accepting any gifts from potential or
existing suppliers. Purchasing agents should be required to sign annual conflict of interest statements,
disclosing any financial interests they may have in current or potential suppliers.
In order to prevent purchasing agents from dealing with the same suppliers infinitely, job rotation should be
implemented. Alternatively, company could conduct a detailed audit of the purchasing agents activities.
Process
Receive
and
store
goods
Approv
e
and
pay
vendor
invoices
Recommendations
[Preventive] Company should allow the receiving department to have access to the open purchase orders file. In doing so,
company could instruct the receiving department to accept only deliveries for which there is an approved copy of purchase
order.
2. [For electronic funds transfer] Strict access controls over all outgoing EFTs should be followed all the times. Passwords and userID should be used to
specifically identify and monitor each employee authorized to initiate EFTs.
EFT transaction above a certain threshold should require real time supervisory approval and there should be limits on the total dollar amount of transactions
allowed per day per individual.