Audit and Assurance Exam - Internal Control Deficiencies and Recommendations
Verified
Added on 2023/06/18
|7
|1313
|354
AI Summary
This article discusses internal control deficiencies in the bookkeeping system at Ace Ltd, their consequences, and recommendations to address them. It also covers good internal control examples and compliance testing by the auditor.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
AUDITANDASSURANCE EXAM
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
TABLE OF CONTENTS TABLE OF CONTENTS................................................................................................................2 PART- A..........................................................................................................................................1 a) i) Four internal control deficiencies within the bookkeeping system at Ace Ltd....................1 a) ii) Consequences of the internal control deficiencies..............................................................1 a) iii) Recommendations to address the deficiencies...................................................................1 b) i) Examples of good internal control within the scenario.......................................................2 b)..................................................................................................................................................2 c) i) and ii)...................................................................................................................................3 REFERENCES................................................................................................................................5
PART- A a) i) Four internal control deficiencies within the bookkeeping system at Ace Ltd. The first and the foremost is that post the purchase transactions have been entered in the bookkeeping system the invoices of the same are being shredded away by the in-charge to serve the purpose of confidentiality. This is a deficiency as the invoice has to maintained in the company as the proof for the future legal requirements. The negotiation with the suppliers is directly done by Mr Stanley who is the purchase in- charge, but on the other hand he is excluded from the payment process. This brings lagging in the internal control process and can lead to communication gap. The bookkeeping data is backed on the off-site cloud server and the updation is made in every three months by the officials of the company (Off-site backup,2021). But this is the deficiency of the internal control in the organization as it should be frequently updated. The whiteboard in the company is displayed which shall be portraying the details of the member in the finance team, annual leaves and the passwords of them. This is the major deficiency as the password is the confidential detail and must not be publicly presented. a) ii) Consequences of the internal control deficiencies If the documentary evidence are being shredded just after the recording of the transaction then it can cause the legal objections for notcomplying with the law of maintaining documents for three years. There shall be the communication gap as the suppliers are decided by one person and also the same shall be negotiating. These terms and conditions are not communicated to the finance person making the payment. The data is transferred in every three months and if between that the disaster, ransomware accidents, hacking etc. happens at the company location then the important data of the company shall be lost. Through the whiteboard representation of passwords the unauthorized users can access the data and can manipulate the same or leak it posing threats for the company. a) iii) Recommendations to address the deficiencies The invoices of the purchase shall be confidentially maintained in the company for at- least three years that is required by law. 1
The complete negotiation process, payment and the settlement of the dues must be addressed by one official to avoid the miscommunication in the organization. The data needs to be transferred to the off-site cloud server either daily or maximum weekly so that the security and privacy of the information can be efficiently maintained. The details of finance team shall not be mentioned manually but in the electronic form on the system which is password protected so that the unauthorized access can be avoided. b) i) Examples of good internal control within the scenario Some examples of the good internal control are:- Thesegregationofthedutiesmustbeefficientlyorganizedsothatrisksof miscommunication can be reduced (What are Internal Controls?2017). The reconciliation should be timely conducted so that the due balances can be identified. The informationprocessing controlsin thecompany should alsobe appropriately maintained so that data privacy and security are ensured. Physical control in terms of quality of the products must be regarded to avoid legal suites. b) ii)Conduct of the compliance test by the auditor The internal control of the company is very good. The auditor can follow the given steps to carry out the test of controls: The auditor can carry out the compliance risk assessment which may involve the IT compliance testing which will reveal whether the system is in compliance or not. By developing the testing methodologies will help in gaining better insight into the various areas of compliance. Identifying the assertions tested which is embodied within the financial statements and is then used by the auditor for the purpose of considering various types of significant misstatements. A brief explanation pertaining to the various assertions are required which helps in making sure that every key aspect has been taken note of. Analysing the audit procedures which is being used by the auditor so that level of accurate information gained can be determined. Reviewing the compliance audit report helps in getting insight into the company’s 2
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
adherence to the regulatory guidelines. It will provide information about the strength, access controls and the risk management procedures doing the compliance audit. Thus, following the above stated few steps for the test of controls will result into gaining evidence that the internal control systems of the organization is running effectively. c) i) and ii) E-mail To: Finance Director at Ace Ltd From: Audit Team Subject: Internal and external auditor’s responsibility in respect of the legal dispute. Dear Sir, Hope you are doing well and with respect to the above subject I would like to draw your attention towards the responsibility of the external auditor pertaining to the legal disputes. With reference to ISA 250 which mainly deals with the auditor’s responsibility in the audit of financial statements of the company pertaining to laws and regulations. Following are the key auditor’s responsibilities: Determinethemisstatementwithinthefinancialstatementsbecauseofthenon- compliance but it is important to note that auditor is not responsible for preventing non- compliance or is expected to detect it (SA 250 Consideration of Laws and Regulations in an Audit of Financial Statements. 2018). To obtain the reasonable assurance that the financial statements as a whole are free from the material misstatements irrespective of whether it is caused because of fraud and error. Auditor shall generate basic understanding of the legal and regulatory framework which is applicable to the business. This will help in better analysing the financial statements of the business and identifying whether the company is meeting with the required legal laws and regulations. 3
The internal auditor may assist the Board of Directors pertaining to the legal compliance as it is the duty of the internal auditor to ensure that the company complies with the relevant laws and regulations. In addition to this, the internal auditor can evaluate the internal control and make suggestions on improving it further. In this way, internal auditor can help in meeting with the legal requirements. Hope this will be helpful to you in carrying out the audit. Thanks & Regards 4
REFERENCES Books and Journals Online Off-sitebackup.2021.[Online]Availablethrough: <https://searchdatabackup.techtarget.com/definition/off-site-backup> WhatareInternalControls?2017.[Online]Availablethrough: http://www.wiu.edu/internal_auditing/internal_controls/ SA 250 Consideration of Laws and Regulations in an Audit of Financial Statements. 2018. [Online]. Available Through:<https://www.sbsandco.com/blog/sa-250-consideration-of- laws-and-regulations-in-an-audit-of-financial-statements>. 5