Documente Academic
Documente Profesional
Documente Cultură
1. You accept that this product is intended for your use, and you will not duplicate in
any form or manner, electronic or otherwise, copies of this product nor distribute this
product to anyone else.
2. You recognize that the product and its content are the sole property of AuditNet®
(the Publisher), and that we have copyrighted the product.
3. You agree that the Publisher is not responsible for any interruption of service or
malfunction that is a consequence of the Internet, a service provider, personal
computer, browser or other software or hardware components. You accept that
there is no guarantee that this product is totally error free. You further understand
and accept that the Publisher intends to provide reliable information but does not
guarantee the accuracy or completeness of any information, and is not responsible
for any results obtained from the use of such information.
4 This license is effective until terminated, when the license or subscription period
ends without renewal, or when you destroy this product and any related
documentation. The Publisher may terminate your license without notice if you fail
to comply with the conditions set forth in this agreement, and may pursue any other
legal recourse.
Document Source: Internet Search
1. This document was obtained from the Internet by AuditNet® using advanced search
techniques.
2. The document is from a site which has not identified restrictions on permitted use and are
sharing this information for the benefit of the audit community.
4. In particular, you should be aware that the document may be incomplete, may contain
errors, or may have become out of date.
5. While every reasonable precaution has been taken in the preparation of this document,
neither the author nor AuditNet® assumes responsibility for errors or omissions, or for
damages resulting from the use of the information contained herein.
7. No guarantee is provided.
Ratings Key: 1 =Training or Education 2 =Light Exp. 3 =Solid Exp. 4 =Very Strong
Comments
Comments
Comments
Comments
mation
Comments
Comments
Comments
pliance Exp
he right of it.
Comments
Location: Date:
Assertions
Valuation or Allocation
Rights and obligations
Completeness
Accuracy
Cutoff
Control Objective: Risk: Action/Control Activity: Evaluation/Conclusion:
1
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Purpose: To document key controls around the < >Cycle:
Location: Date:
Assertions
Valuation or Allocation
Rights and obligations
Completeness
Accuracy
Cutoff
Control Objective: Risk: Action/Control Activity: Evaluation/Conclusion:
21
22
23
24
25
26
27
28
29
30
31
Introduction: The table below presents an example internal control review template with related control points that may be
in place within the respective control cycle. This is not intended to prescribe a “cookie-cutter” approach to internal control
reviews; instead it is intended to represent a number of control points, of which management should identify the most
significant in maintaining its control over business cycle information.
Significant control points identified during process mapping should be tested during an internal control review. Other, less
significant points should be included in the process flow narrative describing the Control cycle. An example narrative is
presented below, in the right-hand column. It is the management’s option to include the narrative below, or to present it as
a separate document (such as internal process overviews or agency-based procedures). For that reason, the example
narrative below is “grayed out.” If this template is utilized but alternative documentation describes the process in the
internal control program work papers, please feel free to remove the column.
The Control objectives below are broken down into the following sub-cycles: General/Control Environment, (list additional
cycles for the area under review).
For the purpose of this generic document, the following terms are used: Define terms for example in the area of fixed asset
- Assets that are capitalized and depreciated over a period longer than one year are referred to as “fixed assets,” or as
“capital assets”- the terms are used interchangeably; and the person responsible for managing fixed assets at the
department level is termed the “Property Control Coordinator,” with the understanding that at one branch, it may be
Facilities Management, while at another it may be an official from the Business Office. Management are encouraged to
substitute below the terms that are in widespread use among their staff.
Notes:
(1) Each broad area is divided into subcycles. A subcycle is a sequence of related processes for which one set of
objectives and risks can be determined. Audit Assertions are the implicit or explicit claims and representations made by the
management responsible for the preparation of financial statements regarding the appropriateness of the various elements
of financial statements and disclosures - See more at: http://accounting-simplified.com/audit/introduction/audit-assertions.
(2) Management must designate which of the control points that it deems to be significant or key, for testing as part of the
internal controls (IC) review. Only the significant control points are required to be tested.
(3) In addition to noting a weakness and means of remediation, the control in place and the test performed should also be
noted in this column. (This will help management enact and/or maintain the proper monitoring to identify control
weaknesses in the future.)
POTENTIAL CONTROL
PROCESS AREA OBJECTIVES/ASSERTIONS (1)
POINT(S)(2)
Cash Receipts
Cash Disbursements
Procurement
Human Resources
Payroll
Accounts Receivable
Investments
Grants
Inventory
Financial Reporting
Fixed Assets
IT
RISK SUGGESTED CONTROL TEST
IC REVIEW CONCLUSION (3)
/IDENTIFIED /WEAKNESSES/ACTION
TAKEN PROCESS NARRATIVE (SAMPLE WORDING)
Audit Program Area:
A fundamental element of internal control is the segregation of certain key duties. The basic idea
underlying segregation of duties is that no employee or group should be in a position both to
perpetrate and to conceal errors or fraud in the normal course of their duties. In general, the
principal incompatible duties to be segregated include:
- Custody of assets
- Authorization or approval of related transactions affecting those assets
- Recording or reporting of related transactions
- Execution of the transaction or transaction activity
Based on the above criteria, this worksheet has been designed to highlight conflicting duties
performed by one individual or group of individuals (potential lack of proper segregation of duties).
Audit teams are encouraged to use this form to help identify potentially commingled duties within
accounting processes that may constitute a control weakness.
Instructions
1) The Tester should inquire to determine which individuals are responsible for certain duties within
the company/location.
2) The matrix should be used to determine if there is potential for a segregation of duties conflict.
Use the following key to identify the potential financial risk and segregation of duties conflicts:
3) The potential issues should be investigated to ensure a mitigating control prevents the
individuals from performing both tasks.
Instructions
We should always strive for the optimum degree of segregation of duties.
However, due to limited staff sizes at some organizations, optimum
separation of duties cannot be achieved. In those circumstances you
should at least strive for an acceptable(minimal) level of segregation of
duties which when combined with compensating controls will minimize the
impact of control deficiencies and exposure to errors or irregularities. A
minimal level of segregation of duties could possibly be achieved by
verifying that no one employee performs more than two of the
"incompatible duties". For example, an employee might perform the
authorization and verification/reconciliation functions but they should not
record the transaction or maintain custody of assets. A compensating
control would be managerial review.
AP Voucher Entry
AP Payments
Vendor (add/delete/change)
Bank Reconciliation AP
Bank Reconciliation AR
AR Cash Application
AP Voucher Entry 1
AP Payments 2
Vendor (add/delete/change) 3
Bank Reconciliation AP 4
Supplier Master Maintenance 5
Bank Reconciliation AR 6
AR Cash Application 7
AR Clear Customer Account 8
Item Master Maintenance 9
Service Master Maintenance 10
Purchase Requisitioning 11
Release Purchase Requisition 12
Process Purchase Requisition 13
Purchase Order Entry 14
Purchasing Agreements 15
Goods Receipt on PO 16
Service Receipts Entry 17
Physical Inventory 18
Inventory Adjustments 19
Sales Agreement/Contracts 20
Ship Product 21
Customer Master Maintenance 22
Customer Master (Credit) 23
Sales Invoicing 24
Sales Invoice Release 25
Sales Order Entry 26
Sales Order Release 27
Sales Pricing Maintenance 28
Sales Rebates 29
Open/Close General Ledger 30
Post Journal Entries 31
Approve Journal Entries 32
Reconciliation of Sub-Ledgers
to General Ledger 33
Initiate Wire Transfers 34
Approve Wire Transfers 35
Approve Asset Acquisitions 36
Record Fixed Assets into Fixed
Asset System 37
Fixed Asset Reconciliation 38
Employee Master File (add/delete 39
Process Payroll 40
Issue Payroll Checks (Manual or
Electronic) 41
Payroll Bank Reconciliations 42
Maintain Security 43
Ship Product
21
Sales Agreement/Contracts
20
Inventory Adjustments
19
Physical Inventory
18
17
14
Process Purchase Requisition
13
Release Purchase Requisition
12
Purchase Requisitioning
11
Service Master Maintenance
10
Item Master Maintenance
9
Initiate Wire Transfers
34
Reconciliation of Sub-Ledgers
33
to General Ledger
Approve Journal Entries
32
27
Sales Order Entry
26
Sales Invoice Release
25
Sales Invoicing
24
Customer Master (Credit)
23
Customer Master Maintenance
22
Compensating Control
43
Maintain Security
Payroll Bank Reconciliations
Issue Payroll Checks (Manual 42
41
or Electronic)
Process Payroll
40
Employee Master File
39
(add/delete)
Fixed Asset Reconciliation
38
Record Fixed Assets into Fixed
37
Asset System
Approve Asset Acquisitions
36
Approve Wire Transfers
35