Beruflich Dokumente
Kultur Dokumente
Table of Contents
5.1. Introduction ....................................................................................................... 45
5.2 Definition of internal control ............................................................................. 45
5.3 Components of Internal control ......................................................................... 45
5.4 Elements of internal control activities ............................................................... 50
5.5 Limitation of internal control ............................................................................. 53
5.6 Communicating deficiencies in internal control ISA 265............................... 54
5.6.1 Introduction ................................................................................................. 54
5.6.2 Objective ..................................................................................................... 54
5.6.3 Deficiency definition .................................................................................. 54
5.6.4 Importance and advantages of internal controls ......................................... 54
5.6.5 Examples of matters leading to significant deficiencies ............................. 55
5.6.6 Reporting procedures .................................................................................. 56
5.6.7 Illustrative example 1 .................................................................................. 56
5.6.8 Illustrative example 2 .................................................................................. 60
44
By Busara
5. INTERNAL CONTROLS
5.1. Introduction
As mentioned in previous chapter, it is the statutory responsibility of the
directors of a company for ensuring that proper accounting records are
kept and annual accounts presented to the members. The directors can
usually best discharge this responsibility by instituting a system of
internal control to ensure that the work is properly carried out by the
employees of the company.
The strength of internal control (or the presence of control weaknesses)
determines the reliance that the auditor may place on controls, established
by management, in determining the correctness of recorded amounts.
The great4er the reliance that can be placed on controls, the less the
reliance needed from substantive testing.
5.2 Definition of internal control
Internal control may be defined as the whole system of controls, financial
and otherwise, established by the management in order to carry on the
business of the company in an orderly manner, safeguard its assets and
secure, as far as possible, the accuracy and reliability of its records, and
improvement in operational efficiency and adherence to company
policies.
Internal control can be defined as the process designed and effected by
those charged with governance, management and other personnel to
provide reasonable assurance about the achievement of the entitys
objectives with regard to reliability of financial reporting, effectiveness,
and efficiency of operations and compliance with applicable laws and
regulation.
5.3 Components of Internal control
Internal control consists of the following five components: control
environment, entitys risk assessment process, control activities,
monitoring of controls, and information system, including the related
business processes, relevant to financial reporting and communication.
These components are discussed as hereunder:
(1) The control environment
Control environment includes the governance and management functions
and the attitudes, awareness and actions of these charged with governance
and management concerning the entitys internal control and its
45
By Busara
46
By Busara
47
By Busara
48
By Busara
49
By Busara
50
By Busara
51
By Busara
52
By Busara
By Busara
5. The need to balance the costs of the control with its benefits.
6. Obsolescence of controls.
5.6 Communicating deficiencies in internal control ISA 265
5.6.1 Introduction
International Standard on Auditing (ISA) 265 provides guideline on how
auditor should discover and communicate findings on the deficiencies on
the client internal control systems. This topic should also be read with
ISA 200 regarding objectives of the independent external auditor.
In
USA, Sarbanes Oxley Act 2002 requires independent external auditor to
report on significant weaknesses on the independent external auditors
report so that readers could be well informed about strengths and
weaknesses prevailing at the organization.
5.6.2 Objective
The standard (ISA 265) imposes reporting responsibility to the auditor to
those charged with governance and management deficiencies observed by
the auditor in the course of auditing financial statements of the client at
any stage of the audit whether familiarization stage, planning stage,
implementation stage, reporting stage, etc.
5.6.3 Deficiency definition
Deficiency in internal control as the missing or inability of the designed,
implemented and operated internal control to prevent, detect or correct
misstatements in the financial statements of the client/auditee in a timely
manner. Two main reasons either controls are not in place i.e. they are
missing or they are unable to detect weaknesses. If the matter is so
serious, then it is termed as significant deficiency in internal control
warranting the attention of those charged with governance. Significant
deficiency should be communicated in a timely manner to those charged
with governance in writing and if not very serious, the matter may be
communicated to the management only. Also, if the matter is not very
serious, the auditor may discuss the matter orally with the management.
5.6.4 Importance and advantages of internal controls
The internal controls of any entity are essential due to the following
benefits and advantages:
54
By Busara
55
By Busara
56
By Busara
Mrembo company closes its financial year on December each year and
the most recent financial year just ended in December 2011.
Purchase order - It presses order twice annually but the fashion for the
beauty (Warembo) moved so fast that the speed of the Mrembo company
hence a lot of obsolete stocks and out of fashion goods were piled up in
the warehouse and selling outlet without being sold out. Mrembo
Company changed its ordering strategy to Just in Time from stock pile for
sale system. The company has neither been audited by the external
auditor nor internal auditor for the last 2 years.
Orders are done by one person, the highly trusted procurement manager
without involving stores department or sales & marketing department.
Procurement clerk compiles all order from Africa and the rest of the
world and present to the highly trusted person to authorize, the
procurement manager.
It takes too long to get ordered goods to the
store despite of having an automated inventory system. The internal sales
and delivery system is not connected with other branches hence a
customer missing a beauty product in one branch may not get it from
another branch of the same company, Mrembo Company.
Purchase invoice and receipt of beauty goods for sale -Goods ordered
are directly delivered to the branches not headquarters of Mrembo
company limited. They are received by clerk and checked against
delivery order and GRN is prepared. The GRN will eventually be
forwarded to the headquarter of Mrembo company for reconciliation and
payment. Procurement Manager, is also responsible to review and
authorize all purchase invoices and this takes more time since he has
many responsibilities in Mrembo Company. Other processes of recording
the invoice to the purchase day book and respective creditors ledger will
follow.
Discussion questions
Write a letter discussing deficiencies, possible implication of each
deficiency and recommendation to eliminate deficiencies.
Proposed solution
March 15, 2015
Board Chair
Mrembo Company Limited Co.
P.O.Box 7140
Dar es Salaam
57
By Busara
Tanzania
Dear Sir/Madam Mrembo,
Re: Audit of Mrembo Company Ltd. December 2011
Thank you for appointing us to be the independent external auditors.
Attached, please find management letter on significant internal control
deficiencies which were observed in the most recent audit on
procurement with implication and recommendation to eliminate them.
Deficiency
1.Procurement
decisions are made
by
one
person
without
involving
sales and marketing
department
hence
may not have market
insight
Implication/consequences
Warehouse could have a
lot of unsold goods for
failing to match the
demanded beauty goods
with company supply side
hence failing to sell and
inadequate cash flow and
damage of products
2.The procurement
manager is the only
person who reviews
and
authorize
purchase orders all
over the world
Customer dissatisfaction
and
missing
sales
opportunities. Reflection
of inefficiency and lack of
clear vision to realize
58
Recommendation
Procurement
manager
should
involve
other
departmental
members on what
products to buy for
resale to avoid slow
moving goods and
cashflow problems
There should be a
proper segregation of
duties by allowing
other
procurement
members
to
participate
in
decision than one
person
Ordering can be done
from
different
branches based on
needs
Electronic
system
should be introduced
linking all branches
and headquarters to
track all orders. Staff
By Busara
(not
customer)
should check stocks
with other branches
Goods
must
be
inspected at delivery
point before they are
accepted
and
recorded
Incorrect goods may be Procurement
and
received by the sales clerk Stores professionals
who is not professionally a should receive goods
procurement person.
Manual system may lead Procurement
and
to errors, irregularities, stores system should
fraud and takes long time be computerized to
to reconcile
improve efficiency.
Regular
reconciliation to be
performed
59
By Busara
60
By Busara
Implication/consequences
Risk of using fake
identities and paying for
work
not
performed,
leading to loss.
61
Recommendation
Design proper control
system in monitoring
electronic attendance
register. Supervisor
can reconcile physical
presence with records
By Busara
2.Senior
officials Risk of paying for nonare not authorizing performed job. Risk of
overtime payments overrunning the budget.
Losses to the organization
3.The
password
used to process
payroll
is
commonly known
and shared among
staff
4.Net pay is not
reconciled
with
payroll summary
5.Human
and
department
reconciling
monthly
resource
finance
are not
records
Risk
of
unauthorized
transactions on the payroll
and wage system. Risk of
double payment. Risk of
errors and ghost payment
Risk of over or underpay.
Risk of penalties and fines
from revenue authority and
pension funds
Risk of errors in payroll.
Risk of ghost staff. Risk of
fines and penalties on
incorrect terminal benefits.
62
By Busara
63
By Busara