PricingBlogAbout Us

Mallacoota Marina Limited Case Study: Risk Assessment & Controls

Verified

Added on  2023/06/12

|6
|1344
|226
Case Study
AI Summary
This assignment provides a detailed analysis of the internal control weaknesses at Mallacoota Marina Limited and Bas Limited. The Mallacoota Marina case identifies risks such as non-collectability of debts, understatement of revenue, overpayment of overtime, inventory theft, and duplicate payments to suppliers, suggesting internal control techniques to mitigate these risks, including accurate reporting, segregation of duties, and regular checks. The Bas Limited case focuses on general control weaknesses related to IT functions, such as lack of segregation of duties, inadequate documentation, and insufficient system security, recommending better separation of IT and finance roles, thorough documentation practices, and improved system access controls. The document also provides appropriate references.
Document Page
Assessment Task Two – Session One – 2018 1
ASSESSMENT TASK TWO – SESSION ONE – 2018
By; Student’s name:
Course name:
Tutor’s name:
Institution Name:
Date:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Assessment Task Two – Session One – 2018 2
Case 1: Mallacoota Marina Limited
Non-Collectability of Debts
Basically, the practical internal control technique that would help in mitigating the identified risk
is that the company should ensure accurate and timely reporting to be made to the top managers
by all staff about all the activities they are engaging with. Receipts and review of periodic reports
should be done periodically (Alles, Kogan, & Vasarhelyi, 2018). Additionally, the company
should constantly check the debt registers to confirm if the debtors have been making any
payment to the company. A vigorous fraud control policy document should be provided, where
all staff are expected to comply. There should be the establishment of clear purchasing
authorization levels and monitor these to ensure there are reasonable purchases and invoices.
Understatement of Revenue
In order to mitigate this risks, the company should ensure that there is appropriate segregation of
duties between purchasing, supplies, invoicing and authorization. They should ensure that they
understand the demand levels clearly to avoid possible understatement. Purchasing authorization
should always be monitored (De Zwaan, Stewart, & Subramaniam, 2016). Additionally, credit
notes and the issue of credit on accounts should only be awarded following the authorization by a
non-sale staff.
Overpayment of Overtime
For the company to mitigate this particular risks, it should be ensured that the overtime
transactions are pre-authorized by the finance manager and accurately recorded and approved.
Timesheets should be availed to act as evidence, as there must be a review by the manager to
assure that these hours were worked (Jans, Alles, & Vasarhelyi, 2014). Moreover, it should be
ensured that the person signing the daily overtime timesheets is not the one signing the weekly
Document Page
Assessment Task Two – Session One – 2018 3
timesheets. Overtime reports and trend analysis should always be prepared by the bookkeeper
and forwarded to the top managers. Regular checks should be done for the employees to ensure
that their existence is verified. The manager should also always check the employee’s overtime
payment regularly.
Inventory Being Stolen
Economic crime survey (2007), identified asset misappropriation as the highest risk category
representing about 37% of all the economic crime reported. Warehouses should always be
maintained under high levels of surveillance. In this case, for the company to mitigate this risks,
it should be ensured that no inventory leaves the warehouse without proper checks that the
inventory given out matches with the inventory that is ordered (Şerban, 2009). Additionally,
another practical internal control technique that would help in mitigating the identified risk is
peer-employment screening. This procedure should be done to all the 10 casual workers as this
will be a first defence line against inventory theft. The checks to be done on the employees
includes; referees check, previous employers and criminal record check.
Payments made twice to suppliers
Basically, in order for the company to mitigate this particular risks, there should be a clear
purchasing authorization level, invoicing, accounting and bank reconciliation processes. Credit,
payments of suppliers and credit on accounts should only be done with authorization. The
bookkeeper, who does the banking, should not make any payments without involving an
authorization from the finance manager (Jans, Alles, & Vasarhelyi, 2014). The company should
also consider setting up automated testing programs, which will undertake periodic checks and
detect any cases of fraud, which may include the payment of a supplier twice. The company
should also involve external auditors to make checks about financial statements in the company.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
Assessment Task Two – Session One – 2018 4
Case 2: Bas Limited
Basically one of the significant general control weaknesses of the company is that IT function is
under the general control of the finance manager. This forms a weakness because the day to day
activities are the duties of the IT Director who has had substantial IT experience in a big multi-
user environment (Elder, Beasley, & Arens, 2011). In this case, I recommend that there should
be a complete segregation of duties between the IT staff and finance staff.
Another significant general control weaknesses are the dismissal of the analyst who primarily
executed the FMS as a result of a difference with the IT Director. This aspect may lead to
collusion between the other staffs. Working together should be encouraged so as to enhance the
productivity of the company.
Additionally, lack of written records, instructions or documented systems specification for the
FMS modification which basically led to another significant general control weaknesses (Dunn,
Baguley, & Brunsden, 2014). In this case, after the dismissal of the system analysts, the FMS
development work lost direction. In such cases, proper documentation of instructions should be
provided to enhance continuous system development.
Moreover, another the significant general control weaknesses are that the IT staff were not
logging out of the systems when not in use. This aspect enabled Monica to review the existing
FMS records and make alterations to the program under development through a station which
was logged on and not attended by the programmer. In such cases, it is recommended that all the
systems not attended to should be completely logged out to prevent unauthorized access.
Furthermore, no notification mechanism put in place that should provide notification when any
changes are made to the FMS program (Şerban, 2009). Proper notification mechanism should be
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Assessment Task Two – Session One – 2018 5
installed as this will help greatly in identifying intruders to the program. It also ensures that the
staff are fully aware of this policies and code of conduct.
Document Page
Assessment Task Two – Session One – 2018 6
References
Alles, M. G., Kogan, A., & Vasarhelyi, M. A. (2018). Putting continuous auditing theory into
practice: Lessons from two pilot implementations. In Continuous Auditing: Theory and
Application (pp. 247-270). Emerald Publishing Limited.
De Zwaan, L., Stewart, J., & Subramaniam, N. (2011). Internal audit involvement in enterprise
risk management. Managerial auditing journal, 26(7), 586-604.
Dunn, T. J., Baguley, T., & Brunsden, V. (2014). From alpha to omega: A practical solution to
the pervasive problem of internal consistency estimation. British Journal of Psychology, 105(3),
399-412.
Elder, R. J., Beasley, M. S., & Arens, A. A. (2011). Auditing and Assurance services. Pearson
education. Forensic, K. P. M. G. (2006). Fraud risk management. New York, NY: KPMG.
Jans, M., Alles, M. G., & Vasarhelyi, M. A. (2014). A field study on the use of process mining of
event logs as an analytical procedure in auditing. The Accounting Review, 89(5), 1751-1773.
Şerban, I. (2009). Fraud Risk Management. Theoretical and Applied Economics, 12 (12 (541)
(supplement), 550-556.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.