Internal Audit Report: Financial Controls and Risk Assessment Analysis

Verified

Added on 2022/09/02

AI Summary

This report presents an internal audit of a manufacturing business with declining gross profits, examining potential issues within its financial controls and subsidiary operations. The audit identifies critical areas for investigation, including verifying the existence and legitimacy of subsidiaries, confirming delivery addresses and recipient identities, and ensuring alignment of delivered goods with subsidiary production processes. The analysis highlights breaches of segregation of duties, specifically management override of controls, and emphasizes the importance of whistleblowing to detect such risks. The report details the necessary audit trail documents, such as tender requests, vendor bids, meeting minutes, and purchase orders, to thoroughly assess the transactions. The report references key resources on internal control systems and their effectiveness, providing a framework for evaluating and improving the financial health and operational efficiency of the business.

a) In order to affirm if the problem exists in the transaction, as explained by the AP staff or rule
out any such possibility, we should perform following specific checks:
i. Extract the information about the subsidiary to whom the material is being shipped,
if that the subsidiary in reality exists or not.
ii. Obtain the address to which the material is being delivered and confirm if the
address pertains to the subsidiary.
iii. From the delivery receipts, identify the name of the person receiving the material
and check whether the person is the employee of the subsidiary or not
iv. Identify the nature of goods delivered to the subsidiary and ensure if they correlate
to the production process at the subsidiary.
b) Financial controller’s action represents the breach of segregation of duties and it is also an
example of Management Override of controls
c) Management override of control is a risk, which is very difficult to identify, as the top level
management itself in involved in it and it has got all the rights and powers to be able to get
away with the wrong doings without being caught. The only way to identify such risk, is by
way of whistle blowing, similar to what happened in the given scenario.
The other risk of “segregation of duties”, exposes the company to a risk of entering into
unauthorized illegitimate transactions, as the duties are not properly segregated and there is
no control over the decisions been taken by an individual.
3) From audit trail perspective, in the given scenario, we would be asking for the following
documents:
1. Copy of Request for tender (RFT) floated by the company
2. Copies of bids received from the prospective vendors
3. Copies of minutes of the meetings wherein the negotiations were carried out with the
vendors
4. Copy of the quotation comparison carried out, wherein the decision to award the order to a
vendor would have been taken
5. Copy of purchase order placed to the vendors
6. Copy of GRN made for the asset
7. Copy of Payment voucher for the vendor.
References:
Chapter-2, Internal Control System, Available from:
https://shodhganga.inflibnet.ac.in/bitstream/10603/123583/9/09_chapter%202.pdf
Dr. R B Sharma (2019) A Study on Effectiveness of Internal Control System in Selected Banks in Saudi
Arabia, Available from:
https://www.researchgate.net/publication/333934194_A_Study_on_Effectiveness_of_Internal_Cont
rol_System_in_Selected_Banks_in_Saudi_Arabia