Analysis of Systems Documentation and Internal Controls for Businesses

Verified

Added on 2020/04/01

AI Summary

This report provides a detailed analysis of systems documentation and internal controls, focusing on the revenue cycle and its functions. It examines the impact of poor internal controls, highlighting issues such as hasty decisions, employee collusion, and inadequate performance. The report also addresses the WannaCry ransomware attack, detailing its impact and spread. Furthermore, it proposes various internal controls to protect companies from such threats, including regular data backups, updated systems, and security applications. The analysis emphasizes the importance of fraud risk assessment, employee training, and segregation of accounting duties to strengthen internal control systems and ensure business security. The report draws on several academic references to support its findings and recommendations.

Systems Documentation and Internal Controls

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Answer 1:..............................................................................................................................................3
Answer 2:..............................................................................................................................................3
Part (i)................................................................................................................................................3
Part (ii)..............................................................................................................................................3
Part (iii).............................................................................................................................................4
Answer 3:..............................................................................................................................................5
Answer 4:..............................................................................................................................................5
References.............................................................................................................................................7

Answer 1:
Revenue Cycle comprises various activities in a period of Sales, Trade Receivables, Working
Capital, Stock and General Ledger. The functions performed in completing a cycle is
procuring and write the orders of customers and note the cost of the goods sold. Management
of the company has a good idea from this cycle is how to make revenue by performing these
functions.
Answer 2:
Part (i)
A. Bad and Hasty decisions taken by the management: Internal controls of the company
are made by the management of the company and when making the internal controls
management has to identify the areas prone to the risk and identify its nature but in the case
of Motherboards and More Pty Ltd made Internal controls in a hurried manner and it is not
successfully implemented all over the company.
B. Collaboration between the employees and staff: The employees and staff of the
colluded against the policies of the company and it affects the internal controls system of the
company.
C. Inadequate performance of internal controls: The internal controls of the Motherboards
and more are implemented in the company is very quick and because of that it is not
implemented all over the company and the performance of internal control is really bad
(Hammersley, et. al., 2008).
Part (ii)
Internal controls are made with the objective of analyzing the performance of an entity
whether the functions performed by the management and employees are done with
effectiveness and efficiency. Internal controls are made to check the compliance with
necessary laws and regulations and they also work for the safeguarding of company’s assets.
The financial performance of the company affects when weakness presents in the internal
control system of the company. And when the wrong information is provided the assumptions
made by the company and policies framed by the company are also affected (Ashbaugh‐
Skaife, et. al., 2009).

When Internal controls of the company are unable to find the problems in the organization’s
internal environment, then the conspiracy against the company increases, employees of the
company made fraud against the company, the records of the company and financial
information of the company is falsified.
Part (iii)
A. Conduct Detailed Fraud Risk Assessment: If the management of the company makes a
detailed assessment of risk related to fraud then the chances of manipulation of records can
be decreased.
B. Appropriate Training to Employees: Give appropriate training to the employees and
conduct various training programs and encourage the employees to take part in these
programs which will help the entity in long run.
C. Install Mechanical Devices: Mechanical Devices help the company in finding any
suspicious activity conducted by the employees or management against the entity. These
types of devices keep the members of staff in check and they work with the ethics (Spears &
Barki, 2010).
D. Segregate Accounting Duties: Accounting work of the company will be segregated
between the many persons and not give the entire accounting work to one person.
E. Require Employees to take Vacation: Give necessary leaves to the employees and
encourage them to go on vacation because of this they will feel motivated and not go against
the company.
F. Financial Statements checked by the Third Party: The financial statements made by the
company will be reviewed by the third party outside the company like Audit team.
G. Increase Oversight: various techniques and tools used by the management to increase the
oversight of its employees like placing a camera in the workplaces.
These Changes in Internal control will help the company in forgeable future and it also
strengthens the internal control system and they will work with efficiency and effectiveness.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Answer 3:
The WannaCry Ransomware attack was happened in the year 2017 in the month of May by
the Wannacry ransomware cryptoworm, WannaCry is “Ransomware” is made to advance
quickly into the computers working on the same network and this worm encrypted the files in
the computer by using a powerful encryption which is hard to crack and demand a huge
amount in exchange of decrypting the encrypted files. It moves very quickly on the
computers working under the Microsoft Windows operating system that does not have a
required security patch. And it spread quickly on the computers which are not updated or they
don’t have the security patch (Luo & Liao, 2007). They demand payment in the form of
Bitcoin which is untraceable. It affects at least 100,000 organizations in 150 Countries.
Answer 4:
Internal controls which can be implemented by the management of the Motherboards and
More Pty Ltd to protect the company from the threats of Potential ransomware attacks are as
follows:
Stay Updated: the management of the company has to remain up to date against the hacking
threats posed by the hackers because if you have at least a piece of knowing what will happen
from these attacks then there is a chance you might protect the data of the company.
Conduct Regular data backups: The financial data of the company defines the financial
performance of the company and regular backup of this data is made by the IT Department of
the company and it should be stored offline (Brewer, 2016).
Toughen up access control: The access control of the company should be changed time to
time and passwords should not be easily guessed.
Update Everything: Every system in the company remains up to date and all the software
and firewall in the systems is to keep updated because hackers targeted that system first
which is not updated and don’t have required security patch (Mercaldo, et. al., 2016).
Install Security Applications: various Security applications are available in the market to
protect the data of the users and these types of applications should be installed in all the
system which will make hard for the hackers to hack the systems of the company (Kharraz,
et. al., 2015).

Limit File Uploads: File uploading is a major concern because various threats come from the
uploading the files to protect the data of the company limited files should be updated and
firewall of the company should be updated.

References
Ashbaugh‐Skaife, H., Collins, D. W., & Lafond, R. (2009). The effect of SOX internal
control deficiencies on firm risk and cost of equity. Journal of Accounting
Research, 47(1), 1-43.
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
Hammersley, J. S., Myers, L. A., & Shakespeare, C. (2008). Market reactions to the
disclosure of internal control weaknesses and to the characteristics of those
weaknesses under Section 302 of the Sarbanes Oxley Act of 2002. Review of
Accounting Studies, 13(1), 141-165.
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015). Cutting the gordian
knot: A look under the hood of ransomware attacks. In International Conference on
Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24).
Springer, Cham.
Luo, X., & Liao, Q. (2007). Awareness education as the key to ransomware
prevention. Information Systems Security, 16(4), 195-202.
Mercaldo, F., Nardone, V., Santone, A., & Visaggio, C. A. (2016, June). Ransomware steals
your phone. formal methods rescue it. In International Conference on Formal
Techniques for Distributed Objects, Components, and Systems (pp. 212-221).
Springer, Cham.
Spears, J. L., & Barki, H. (2010). User participation in information systems security risk
management. MIS quarterly, 503-522.