To Print DIPAC TEST 2 Auditing

1 | P a g e A U D I T I N G N O T E S T E S T 2 D I P A C

CHAPTER 5 : GENERAL PRINCIPLES OF AUDITING.(CH 5 IN BOOK)CHAPTER 5 : GENERAL PRINCIPLES OF AUDITING.(CH 5 IN BOOK)

INTERNAL CONTROL

INTRODUCTION1) ISA 315- before an auditor can audit a thorough understanding of a clients internal control systems should be obtained –(do a walk through)2) Internal Contols: + acc.sys. produce balances & totals –good acc.sys. = generates good ( 1-valid,2-accurate,3-complete,4-timeous = “ VACT”) info.3) Auditor more interested in acc. info. less in other info : eg sales analysis,budgeting info,marketing info etc.

DEFINITION OF INTERNAL CONTROL.DEFINITION (PER SAICA BOOKLET :'GUIDANCE FOR DIRECTORS:REPORTING ON INTERNAL CONTROLS')

Internal Control is a PROCESS effected by the 1- COMPANIES BOARD OF DIRECTORS ,2-MANAGEMENT AND 3-OTHER PERSONNEL.Designed to provide REASONABLE ASSURANCE regarding the achievement of OBJECTIVES in the following 3 categories:

i) 1-ECONOMY 2- EFFICIENCY 3-EFFECTIVENESS.ii) INTERNAL FINANCIAL CONTROL iii) COMPLIANCE with applicable LAWS & REGULATIONS.

FOUR ASPECTS OF INTERNAL CONTROL FROM ABOVE DEFINITION.

1. Internal control is a PROCESS , a means to an end, not an end in itself.2. AFFECTED BY PEOPLE ,not just procedures/policies.3. Only REASONABLE ,NOT ABSOLUTE ASSURANCE.4. To achieve objectives in 3 CATEGORIES , which are INTERLINKED. (3 in definit.)

(ISA 315). 5 COMPONENTS OF INTERNAL CONTROL (IN CH 7)

1. CONTROL ACTIVITIES : actual sys.2. CONTROL ENVIRONMENT (all) : +attitudes,awareness,actions, of those responsible for governance,mngmnt3. ENTITIES RISK ASSESMENT PROCESS: 4. INFORMATION SYSTEM : incl. related business systems, transactions 5. MONITORING OF CONTROLS : eg internal audit dept.

INTERNAL CONTROL OBJECTIVES.1) Policies & Procedures (internal controls) to ensure orderly & efficient conduct of business.incl. controls to :

a) ADHERE TO MNGMNT POLICIES (INCL. APPLICABLE LAWS & REGULATIONS!) b) SAFEGUARD ASSETS c) PREVENT& DETECTION OF FRAUD & ERROR d) ACCURACY & COMPLETENESS OF ACC RECORDS e) TIMELY PREPARATION OF RELIABLE FIN. & OTHER INFO NECESSARY TO RUN BUSINESS.

LIMITATIONS OF INTERNAL CONTROL.1) Cost exceed benefit –limits capacity of int.controls.2) Directed at routine transactions. –miss non-routine eg sell copier.3) Human error. – eg: calc. discount after vat.4) Collusion- eg fraudulent paypacket- collude wage clerk,foreman,personell mngr.5) Mngmnt Override / Abuse of responsibility over internal control.- eg mngr overrides stop on purchases for overdue acc.6) Changes in CONDITIONS causes INADEQUATE controls.- sales clerk not check credit record/overdue acc. due to volume

THE ACCOUNTING SYSTEM1) Category of int. controls = 'INTERNAL FINANCIAL CONTROLS'.2) Collection of TASKS & RECORDS to process transactions to create fin.records 3) Maj. elements = 1-PAPER 2-PROCEDURES 3-PEOPLE 4-COMPUT4) BUT , to ensure =” VACT” = VALID ,ACCURATE,COMPLETE +TIMEOUS ADD: control procedures to Acc.Sys. (not calc.price,write invoice,enter in sales journal, BUT check customer not overdue before

sale, check calculations, mnthly check if entered in sales journal afterwards.

WHO IS INTERESTED IN WHAT?

1) MANAGEMENT:all 3 categories , but eg fin director-int.fin. controls, production dir- operations controls(efficiency,effecti...) etc2) INTERNAL AUDITORS : all 3 categories –eg audit delivery procedures,or compliancewith laws, or stock audit etc.3) EXTERNAL AUDITORS : last 2 Internal Financial Control :accounting sys. + related controls.,related laws & reh=gulations(but not on eg environmental laws,that is production mngr etc.,unless fin

implications eg a fine is involved.Then he is interested,(now financial))

THE CHARACTERISTICS OF GOOD INTERNAL CONTROL.

INTERNAL CONTROL is only ever: POLICIES & PROCEDURES .

1) Control Environment (strong) : Attitude and awareness of managers & directors to internal controls and their importance to entity.1. Eg : fin accountant does not bother to check recon of creditors ledger to creditors statements made by creditors clerk PROPERLY ,only HALF,before paying ,.So soon clerk wont bother to

actually reconcile properly.2. ISA 315 : says good control environment characterised by: see back of isa 350 for list of this

2) Competent ,Trustworthy Personnel. – esp. at internal controls.3) Segregation of Duties. – collusion is necessary.

1. Eg: E.F.T. control, or storeman signs a gate pass delivery note+ falsify stock record+takes goods2. A TRANSACTION PASSES THROUGH 4 STAGES:

i) Authorising (1) Purchase order authorised by chief buyer(2) Checking & approve supporting docs. For a payment to a creditor.

ii) Executing (1) Order placed with supplier by the order clerk(2) Preparing the cheque realisation and cheque (SEPARATE CUSTODY OF CHEQUE)

iii) Custody of Asset (1) Goods rec. by receiving clerk & placed in store.(2) Signing cheque (NB person who has signing power auto has SEPARATE HAS CUSTODY OF CASH)

iv) Recording (1) Transactions entered into acc. records by acc. clerk.


(2) Recording payment in records & posting to ledgers.3. MOST IMPORTANT DIVISION : 3 & 4 are the most 'incompatible'. 'Defalcation' is easiest if both are same ou. Esp: SMALL BUSINESSES.

i) NEXT BEST is 2 & 3 & 4 . :For the same reasons.ii) 1 & 2 can be combined most easily : because if the others are segregated ,defalcation is likely to be identified. iii) GOOD SEGREGATION : starts with divide the companies CYCLES into FUNCTIONS , then further segregate duties within FUNCTIONS. ( each Function = Segregated duty./a New person

and each cycle = authorisation/executing/custody/recording)4) Isolation of responsibility –

1. FULLY AWARE OF THEIR RESPONSIBILITIES : Internal controlsER must be .2. ACCOUNTABLE FOR THEIR PERFORMANCE ; Internal controlsER must be .3. Acknowledge in writing that they have peformed control procedure :IDENTIFY & ISOLATE employee responsible.

i) SIGNITURE fulfils 2 functions :(or fingerprint login)(1) ISOLATE+IDENTIFY which person was responsible for delivery.(2) ACKNOWLEDGEMENT of delivery.from supplier . to purchaser.

5) Custody / Access Controls. 1. ONLY to PROTECT COMPANIES ASSETS.( policies & procedures)

i) PHYSICAL & NON PHYSICAL ASSETS.Cash in Bank(only entry in book to show), Investments (only papers to show), Debtors (only an entry in book to show).ii) Custody/access controls designed to;

(1) Prevent damage ,deterioration ,Unauthorised USE , THEFT , LOSS. 6) Source Document Design: ('PAPER')

1. Properly designed docs. can assist in achieving good internal control. by have following features -Esp. Fin Control. i) Pre-printed – format leaves MINIMUM AMOUNT OF INFO. to be filled in.ii) Pre-numbered- facilitates IDENTIFICATION OF MISSING /Added FORMS (used by skelms)–by data entry clerk end week.iii) Logicaly designed : eg : Prominent 'important info' spaces , + blocks per digit in acc. no. so allways 10 get put in.iv) Contain Prominent Block each for 1-authorising / 2-approving / 3-preparer etc etc to sign in.v) (a) MULTI-COPIED (vi)CARBONISED SELF COPYING , (vii)DIFFERNT COLOURS EACH SHEET.-sales clerk fills form for : 1-picking slip to stores 2 +to accounting, all in one go.

7) Comparison and Reconcilliation. 1. 1-FREQUENT AND 2-TIMEOUS comparison & recons.2. INDEPENDANT from functions & records kept.

Following 2 make all recons far less effective as a control:3. AGAIN REVIEWED BY SENIOR PERSONEL.4. FOLLOWED UP / investigated and pursued.(+ report where it went or auditors fees go up!).5. Following recons & comparisons ARE IMPORTANT.

i) Stock & fixed assets to records. Eg: stock cycle counts. ii) Bank and investments accounts to Bank statements eg bank recon. iii) Creditors accounts to creditors statements. iv) Subsidiary ledgers to general ledger.

8) Efficient internal control risk identification & monitoring system : ADDED later from a later chapter :: eg audit committees, internal control design committees, risk officer/manager/supervisor/appointee, internal audit

AUDIT EVIDENCE.

Audit evidence is absolutely crucial to audit function to Support opinion. ISA 500R- "The Auditor should obtain SUFFICIENT APPROPRIATE EVIDENCE to be able to draw a reasonable conclusions on which to base audit opinion." : KEY PHRASE = sufficient appropriate

evidence. Evidence usally relates to Assertions on Fin Stats. Suffficient is the measure of qty of evidence, appropriate is the measure of qlty of evidence (eg Photostat VS original)

SUFFICIENT APPROPRIATE EVIDENCE.Overall measure of whether enough sufficient appropriate evidence is gathered cannot be 100% exactly determined :BUT

1) SUFFICIENT EVIDENCE:

1) SUFFICIEN T means if QUANTIT Y of evidence is enough.2) Evidence is Cumulative : eg debtors test = 1-debtors circularisation +2-test if debtors pay( very good evidence they exist!)3) To calc. quantity of evidence needed =NO hard and fast way ,only :USE professional Judgement + statistical methods.This is done as part of the "AUDIT PLAN" stage.

2)APPROPRIATE EVIDENCE.

1) APPROPRIATE means if QUALITY of evidence is enough. Further broken down into:a) RELIABILITY (source & nature)b) RELEVANCE (to assertion being tested)

2) RELIABILITY : Hierarchy of Reliability of Evidence:a) Most Reliable =Developed by auditor : eg inspect stock.b) Reasonably Reliable =Evidence from 3rd party(not client) if 1-Independant 2-Reputable 3-Competent eg attorneyc) Less Reliable = From 3rd party BUT passed through client. Eg: bank statement.d) Less Reliable = Evidence from clients SYSTEM and where related controls it passed through were Effectivee) Least reliable = Evidence provided by client (lacks independance)f) Written more reliable than oral.(easy denied)g) Original documents More than Photocopies /facsimiles.

Also, REM these are guidelines, eg if competence +integrity of directors&employees are strong &acc.sys and internal controls are strong, evidence from client could be very reliable.Eg sheet to shelf = existance BUT shelf to sheet =completeness.3) RELEVANCE :

a) Evidence MUST be MATCHED to assetion tested : eg; self stock count= 'existence'+some 'valuation' BUT not 'rights' eg could be uncollected but sold .NOR 'completeness' yet eg must first be traced to records to determine if all were included in records.

b) Eg tests of controls as to accuracy will not prove validity or completeness.c) A single procedure could be relevant to more than 1 assertion though.

INFLUENCEING FACTORS IN DETERMINING WHETHER SUFFICIENT APPROPRIATE EVIDENCE HAS BEEN OBTAINED.

Factors which MUST influence auditors decision.:

1) THE ASSESMENT of Inherent Risk and Control Risk at the client. :if higher risk – more evidence from most reliable source needed.2) THE MATERIALITY Of Item Being Examined : eg if stock is very material – auditor must get more of appropriate evidence.-why –greater likelihood of material misstatement. 3) Experience from Previous audits (at same client). HISTORY 4) Results of audit procedures ALREADY CONDUCTED. – eg if test of debtors was good , then do less other tests.5) RELIABILITY and Source of info.available. if no reliable tests available, then much more of less reliable tests must do.6) PERSUASIVENESS of the audit evidence : eg: evidence gathered on one section of audit which is Supported by evidence from another section = more persuasive .If it Contradicts it = less pesuasive.


FINANCIAL STATEMENT ASSERTIONS:

1) The OBJECTIVE of an audit : is for an auditor to EXPRESS an OPINION on whether the FINANCIAL STATEMENTS are FAIRLY PRESENTED. In all MATERIAL ASPECTS after comparing it to an IDENTIFIED REPORTING FRAMEWORK (check other definitions of this before)

2) Embodiment of Assertions : the financial statements are the EMBODIMENT of the ASSERTIONS of the DIRECTORS of the COMPANY ,in the PRESCRIBED FORMAT , on the FINANCIAL RESULTS and PERFORMANCE of OPERATIONS ,which they are managing on behalf of shareholders.

3) ISA 500R : the auditor should use assertions for classes of transactions ,account balances,and presentation and disclosure,in sufficient detail to form a basis for the assesment of risks of material misstatement and the design and performance of further audit procedures.

4) It is the Auditors duty to gather sufficient evidence to support assertion being audited.5) Every assertion should be considered for audit, but those assert. presenting highest risk of MATERIAL MISSTATEMENT by the AUDITOR in his'"OPINION on ... ", must be concentrated on.

6) CATEGORIES OF ASSERTIONS: ISA 500R Categorises the Assertions as follows.:a) Classes of Transactions and Events (for period) eg:sales, purchases, interest receivedb) Account Balances carried forward to next year (at year end) eg:property plant &equipment ,accounts receivable.c) Presentations and Disclosure : eg:notes to bal.sheet , contingent liabilities

1. Classes of TRANSACTIONS AND EVENTS: Assertions about (during period)1.1. OCCURENCE :recorded trans.& events DID occour and DO PERTAIN to THIS entity.1.2. COMPLETENESS :all that should have been recorded, were recorded ,none missing.1.3. ACCURACY :1-Amounts & 2-Data were recorded appropriately.1.4. CUT-OFF : in right accounting period.1.5. CLASSIFICATION (and UNDERSTANDABILITY) : recorded in correct account names.

2. ACCOUNT BALANCES :Assertions about (end period). 2.1. EXISTENCE : assets, liabilities, equitys DO actually exist.2.2. RIGHTS AND OBLIGATIONS : entity holds rights to assets , liabitities are obligations of this entity , named shareholders . : do hold the rights to the equity.+2-ALL

ENCUMBERENCES on ownership must be . .. . :Disclosed2.3. COMPLETENESS : all that should have been recorded,were recorded,none missing.2.4. VALUATION AND ALLOCATION. : assets ,liabilities , equity recorded at appropriate valuation amounts and any resulting : valuation adjustments or allocation adjustments are appropriately

recorded .ALSO , :DEPRECIATION and OBSOLECENCE ALSO allocated to correct accounts in ledger3. PRESENTATION AND DISCLOSURE :Assertions about.

3.1. OCCURENCE 3.2. AND RIGHTS AND OBLIGATIONS. :disclosed events ,transactions& other matters DID occour and Do pertain to this entity. 3.3. COMPLETENESS : All matters that should be disclosed in FIN STATS. , were disclosed, none missing.3.4. CLASSIFICATION AND UNDERSTANDABILITY. :financial info./disclosures are appropriately/ properly PRESENTED and DESCRIBED, and EXPRESED CLEARLY., and classified correctly in ledger3.5. ACCURACY amounts disclosed in eg notes are not junk3.6. VALUATION & ALLOCATION. : 1-FINANCIAL and 2-OTHER INFORMATION( eg notes on union problems) are disclosed FAIRLY and at APPROPRIATE AMOUNTS. (at correct valuation amounts

and in a correct and proper – 'FAIRLY presented' - manner.)

DIAGRAM OF ASSERTIONS:

ASSERTION TRANSACTION EVENTS ACCOUNT BALANCES PRESENTATION DISCLOSURE

1 COMPLETENESS (ALSO ? VALIDITY) # # #2 OCCURRENCE # #3 EXISTENCE #4 ACCURACY # #5 CUT OFF #6 CLASSIFICATION (and for Pres.&

Disclosure : UNDERSTANDABILITY) # #

7 RIGHTS and OBLIGATIONS # #8 VALUATION and ALLOCATION

# #

9 Ias 315 has ACCURACY & Valuation instead of number 8 above for presentation( 8 is correct for acc.balances though)

#

10 Ias 315 has rights& obligations&OCCOURANCE for presentation ( 8 is correct for acc.balances though)

#

EXAMPLES OF ASSERTION CLASSIFICATION IN PRACICE:

1. SALES TRANSACTIONS :1.1. FIRSTLY : all Sales figures PLUS all disclosures pertaining to sales should be checked for :(leave out Occourance for disclosures though)

1.1.1. Occourence : all sales included DID actually occour.(not fictitious)1.1.2. Completeness : all sales made were included in sales total, none left out.1.1.3. Accuracy : all sales recorded appropriately , meaning prices discount & vat rates are correct & correctly calculated. 1.1.4. Cut- off : All sales recorded occoured in accounting period being audited.1.1.5. Classsification : All sales posted to proper account incl. Contra accounts –VAT, DISCOUNT ,CREDITORS.

TRANSACT&EVENTS Occourence Completeness Accuracy Cut-Off Classify&Undrstd

ACCOUNT BALNCES Existence Completeness Rights&Obligat. Valuat.&Allocat.


Plant &Equipment All in bal.sheet existed at time of bal. sheet

All owned is included,none left out.

Holds rights to ownership+2-Encumberences on ownership disclosed.

reflected at appropriate amount incl allocat.1Obsolete+ 2-Depreciation

Note: when "presentation and disclosure ' is done for Sales transactions and above,it is far more complex for plant & equip(deprec)

PRESEN. & DISCLO. Occourence Completeness Accuracy Cut-off Classify&Undrstd Rights&Obligat

2. Auditor self stock count= 'existence'+some 'valuation' BUT not 'rights' eg could be uncollected but sold .NOR 'completeness' yet because must first be traced to records to determine if all were

included in records.3. sheet to shelf = existance BUT shelf to sheet =completeness.4. Tests of controls specificaly as to accuracy will not prove validity(?occourence /existence? ) or completeness.

THE AUDITORS TOOLBOX:

1. Auditor has ONLY 2 things in his TOOLBOXa. TESTS OF CONTROLS =to test if control procedures complied withb. SUBSTANTIVE PROCEDURES. =to test if verify / substantiate 1-TRANSACTIONS 2-BALANCES

TESTS OF CONTROLS1) CATEGORIES OF TESTS OF CONTROLS:

i) REPERFORMANCE : repeating 1-Wholly 2- In Part control procedures eg: reperform bank recon.ii) INSPECTION : verify on docs. if contrl procedures did happen : eg: verify if transaction authorisation signiture is there. iii) ENQUIRY; ask person CONCERNED with control procedure as to effective operation of.,NOT just accept mngmnts word. Eg : find out who performs each procedure and what they

do.iv) OBSERVATION: watch process/procedure being performed eg:watch what a receiving clerk does when supplier delivers goods.

2) Tests of Control are performed to obtain evidence of whether i) Controls suitably Designed to

(1) PREVENT (2) DETECT (3) CORRECT material misstatements

ii) Operated effectively THROUGHOUT PERIOD AUDITED.

3) Good results reduce control risk and hence audit risk , then less time need spent on substantive tests.4) LIMITATIONS OF : tests of controls:

a) Good when checked but not in the rest of the Fin. Year. b) Inherent risk? ch7eg 1-only test some 2- subjectivity-auditor own method 3-

5) LIMITATIONS OF : internal controls: i) Cost exceed benefit –limits capacity of int.controls.ii) Directed at routine transactions. –miss non-routine eg sell copier.iii) Human error. – eg: calc. discount after vat.iv) Collusion- eg fraudulent paypacket- collude wage clerk,foreman,personell mngr.v) Mngmnt Override /Abuse of responsibility over internal control.- eg mngr overrides stop on purchases for overdue acc.vi) Changes in CONDITIONS causes INADEQUATE controls.- sales clerk not check credit record/overdue acc. due to volume

6) Example:a) If control procedures in credit purchase procedure are sound- related balances/transactions rec. will be sound

i) Ie: control when purchase acc and creditors acc debited /reconciled authorised, also controls at creditor payment and creditor acc. DR etc.

SUBSTANTIVE PROCEDURES.1) Tests controls cannot provide 100% assure so sustant.tests need be done.2) SUBSTANTIVE TESTS BROADLY DISTIGUISHED INTO;

a) Tests Of Detail. b) Analytical Procedures.( very powerful tool)

3) CATEGORIES OF SUBSTANTIVE PROCEDURES: i) REPERFORMANCE : repeating 1-Wholly 2- In Part same procedures performed by client eg:debtors age analysis.ii) INSPECTION : inspect 1-docs+records, or 2-tangible assets eg: inspect fixed asset to verify existence or inspect . "Confirmation Of Balance Certificate" from long

term loan creditor.iii) ENQUIRY : 1-oral or 2-formal written : to inside or outside entity to get 1-Corroborative evidence or 2-Plain knowledgeable person inside or outside entity.iv) CONFIRMATION : procedure of obtain response to an enquiry to corroborate info. in the acc. records. knowledgeable person inside or outside entityv) RECALCULATION : check arithmatic on source docs & records. Eg: check depreciation calc.vi) ANALYTICAL PROCEDURES : analysis of ratios + trends , then investigate inconsistent deviations .(statistics)

4) Substantive procedures are performed on a) Balances Assertions= ; Existence, Completeness,Rights&Obligations,Valuation&Allocation.,b) Transactions Assertions= ; Occourence,Completeness,Cut-off,Classification&Understandability,Accuracy

5) Financial stat. consist of onlya) Collection of balances - bal sheetb) Summary of totals – inc.stat

6) VOUCHING AND VERIFYING: a) Vouching: (To Vouch) TRANSACTIONS auditing.b) Verifying : BALANCES auditing.c) Example:

i) VOUCH – a sales transaction = inspect docs + enquire discounts + recalculate ii) VERIFY – a debtors balance = confirmation in writing from debtors + enquiries as to calc. of prov.bad debts. +reperform aging analysis of debtors.

7) DUAL PURPOSE TESTS : some tests can be a test of control and substantive test at same time eg: bank recon. Reperform = test of control(recon is a control) and substantive test (bank balance).

AUDIT SAMPLING

DEFINITIONS:1) From ISA 530 : 'audit sampling and other means of testing': gives definitions2) AUDIT SAMPLING


a) application of PROCEDURES to LESS THAN 100% OF ITEMS in balance or class of transactions ,to EVALUATE AUDIT EVIDENCE on the some characteristic of sample to form CONCLUSION ON POPULATION

3) ERROR:a) 1-Test of Controls =Control deviations 2-Substantive testing= Misstatements OR

4) TOTAL ERROR :a) 1-Rate of Deviations 2-Total Misstatement . AND

5) ANOMOLOUS ERROR:a) ERROR FROM ISOLATED EVENT,not representative of population.

6) POPULATION :a) Total set of data from which samples are selected.eg all items in an account balance or class of transactions.

7) SAMPLING RISK:a) RISK THAT the auditors conclusion is not true for total population because sample is not representative of the total population .(Sample could be selected by stat or non-stat approach-

any).There are 2 types of Auditing Risk:i) Risk 1-tests of control =auditor judges them to be more effective than they actually are. 2- Tests of Detail- error exists where it does not : this type 1-AFFECTS AUDIT EFFICIENCY :causes

more work for auditor to establish that initial conclusions were incorredt.ii) Risk 2-tests of control = auditor judges them to be less effective than they actually are. 2- Tests of Detail- error does NOT exist where it does. : This type2-AFFECTS AUDIT

EFFECTIVENESS : more likely to lead to an inappropriate audit opinion than assesing risk to be higher than it is..8) NON-SAMPLING RISK : risk of

a) apply sampling plan incorrectly, or b) used inappropriate procedure c) misunderstood results of sampling exercise.

9) SAMPLING UNIT. a) :INDIVIDUAL ITEMS making up a population eg: cheques listed on deposit slips/credit entries on bank statements.

10) STATISTICAL SAMPLING :a) any approach that has following characteristics or it is non-statistical.

i) Random selection of a sample.ii) Use of probability theory -to evaluate sample results (INCL.MEASUREMENT OF SAMPLING RISK.)

11) STRATIFICATION :a) DIVIDING a population into sub-populations each with similar characteristics eg : debtors balance >1000.

INTRO.1. Only some items all are tested eg:loans to directors,but mostly sampling is used due to Resource & Time efficients.2. Sample results must be EXTRAPOLATED over population(3 mistakes * xxx= 1000 mistakes total) statistical sampling will result in more defensable results than non-statistical sampling.3. Other evidence is used together with sampling results like a jigsaw puzzle eg: Analytical procedures on same population.4. ISA 500 –says auditor must selecyt appropriate means of selecting samples when design audit procedures.

REM TO GO THROUGH UNDERSTANDING ENTITY CHAPTER IN OTHER NOTES.


CHAPTER 8: COMPUTER AUDIT THE BASICS.CHAPTER 8: COMPUTER AUDIT THE BASICS.

COMPUTER AUDITING

INTRO:1) Companies can use different types of ERP (enterprise resource planning) software , which doe severything from accounting to warehouse , mail, online etc etc in the business.Different

types include: J.D.Edwards, BAAN, SAP, Oracle , PeopleSoft etc.2) Auditor is a called a simple ‘line auditor’.A computer Audit Specialist might have to be called in if there are difficulty with technicalities ,or a tax specialist if there are tax troubles.Auditors

are not necessarily highly specialized in these fields.3) VACT = valid,accurate,complete,timeous(in old days shortcut) ,SCRAMM=separation of duties,c,r,access control,m,m ,CEAVOP=completeness,e,accuracy,validation,o,p,4) First years of auditing=verification approach only ie check bal sheet.1960 etc ,then 2 –systems approach, now today 3-cycle approach.

COMPUTER ENVIRONMENTS:1) *Definition : Computer Environment is any particular and unique combnination of 1-hardware,s2-oftware,3-operating systems & and 4-personnel.(larger clients may have 2 or more of

these computer environments)2) Small firms will not be able to implement all the internal controls needed eg full segregation of duties, like the larger firms, but mngmnt is still responsible to ensure proper internal

control.3) *KEY OBJECTIVE OF CONTROLS IN A COMPUTER ENVIRONMENT: VAC : Valid Accurate Complete : although computer environments are different ,”auditing objective” is still to

establish if accounting system and related controls is VAC.4) EDP= Electronic Data Processing (Old Term Used In Past)5) DP= Data Processing(Old Term Used In Past)6) IT= Information Technology (Current Term)7) IS= Information Systems(Current)

A BRIEF DESCRIPTION OF DIFFERENT COMPUTER ENVIRONMENTS:

(1) fully centralised systems

(a) In old days all hardware was centralized and users need bring all documents to dept. to be processed. Some companies still use this system for certain aspects eg: clock cards to head office for processing, using batch controls.

(b) Characteristics of fully centralized system.:(i) IT Skills :Employees in user depts. Need have no IT skills.(ii) Security Easy: maintenance & safekeeping of electronic DATA and computer facilities is Easy since only 1 dept to control access etc. to.(iii) (REQUIRES A SYSTEM TO CONTROL PHYSICAL MOVEMENT OF DATA ) Batch Control System: system of controlling physical movement of data (eg invoices,wage

cards,printouts output) to and from user Depts.

(2) centralised IT dept. but linked to user depts. by personal computer

(a) Next development was the central IT depts. Linked to user depts. By a terminal in dept where info. could be typed in.Hardcopy (printed material first had to be delivered(batch controls) but in later years could be printed out in user dept.

(b) Characteristics of this type of system;(i) Type in data in terminal transfer to central dept(ii) Output distributed from Central It(iii) Widening Risk to incl. Users : Employees in user depts. Needed some computer skills, so corresponding widening of risk to include them, not just ‘boffins’ in computer

dept.(iv) Security Complications : Facilities and data risk spread : hardware + data access by many more depts. widened this risk too.

(3) Use of microcomputers/personal computers

(a) Next stage : explosion of small businesses using self contained computers to do accounting etc.(b) Segregation of duties: far less since 1 person could do all easily.Very Risky if alternative controls not put in place eg: accountant deletes debtors and keeps

payments.”Physical Audit Trail” missing now.(c) Possiblity Override Controls : higher possibility of this(d) Prevalent in Small Businesses :

(4) networked systems

(a) Definition: number of pc s linked together by data cable, each has own powerful processing – input/output/process/- capabilities, but can share networked computers data and processing power.

(b) Characteristics:(i) Combined processing power and storage: of each together is considerable.(ii) Security is Demanding : far more demanding since each computer has access to all other’s data etc.eg employee can alter his wage record.(iii) Computer knowledge : Sophisticated software needed so a high level of knowledge is needed to run it.

(5) use of outside service providers

(a) “computer bureau” - Similar to a centralized IT dept. but run by another firm.Very common example is a ‘computer bureau”(b) Magnetic tapes / e-link : Information can be delivered /collected in hardcopy or magnetic tape or electronicly linked .(c) Implications of using this type –characteristics:

(i) Natural Segregation of Duties(ii) Security is dependant on bureau – makes business vulnerable here.(iii) : Transfer of Information. Controls : these controls must now be very strong –back and forth of magnetic tapes etc..

(6) summary

(1) An Entity may have a mixture of all these systems , lans,wans, networks, central, and use a service bureau for wages to enhance confidentiality and security , etc etc .controls must be designed to fit the user, a large organization will use all the controls, a small one far less.

INTERNAL CONTROL IN COMPUTERISED ACCOUNTING SYSTEMS1) The 7 (+1 = controls monitoring,review,development) characteristics of good internal control as applying to computer environment:

i) THE CONTROL ENVIRONMENT : (1) Mngmnts attitude influencing employees attitude(2) increases the need :Introduction of computers increases the need for good control environment.

ii) COMPETENT TRUSTWORTHY STAFF : (1) Trustworthy: needed because of potential of destruction/manipulation of data.(2) Competent :important because of skill needed , for common users as well as specialized I.T. staff.


iii) SEGREGATION OF DUTIES ; (1) Danger : makes it possible for 1 person to do all the duties at once,lessens segregation.(2) Capabilities of computers that can enhance segregation of duties:

(a) PC Restricted access: can be set to restrict access to certain files and programs to certain PC’s only.(b) User Restricted Access: can set to restrict access to data&programs to certain users.(c) Level of access : read only / write only / (d) Log/Audit Trail : record of who accessed what +when.+ log any entries = leaves an audit trail.

iv) ISOLATION OF RESPONSIBILITIES :(1) Unique User Id’s :Can computer can isolate who did what and when.: by this allow 5 people to use 1 pc for different purposes,and the above types,

v) ACCESS CUSTODY CONTROLS: (1) Information =ASSET :eg destroy debtors masterfile,make electronic payments, etc.(2) Restrict access to masterfiles etc : info can be regarded as an asset which must be controlled/guarded in same way(3) Computers can enhance : this by features eg: regular mini – stock counts (cycle counts) to recon theoretical to actual.

vi) SOURCE DOCUMENT DESIGN: (1) Equally important in computers, processes what is fed, good doc design minimizes errors at source already.(2) Note: no signatures,no coloured paperwork copies carbon, etc.(3) Effective pre-numbering: when on-screen , each doc should be pre-numbered!(4) For hardcopy distribution : (printing) requirements for multipart stationary should be satisfied.(5) ‘On Screen’ good design Achieved by :

(a) Mandatory fields ; before can continue(b) Alpha numeric checks : wrong letter(c) Screen dialogue : eg have you Confimed order details.(d) As little as possible : to be keyed in by capturer, rest auto by system(less mistakes)(e) Select & click : only the desired options for data entry are allowed.

vii) COMPARISON AND RECONCILIATION :(1) A strong computerized acc system should promote frequent reconciliation and comparison.eg:

(a) Input-output(b) Theoretical-actual eg stocktake(c) Progammed computer to do auto -own recons as well.

(2) Timely and comprehensive accounting info makes frequent &regular recons +comparisons possible . viii) CHECK ON INTERNAL CONTROLS WORKING/NEED MORE

FACTORS PECULIAR TO COMPUTERISED SYSTEMS WHICH THE AUDITOR SHOULD BE AWARE OF. Watch for exam question:contrast a manual and computer system

(1) Lack of audit trail : could be only in machine readable form,or only exists short period in some.(2) Lack of segregation of duties : (3) Potential for errors and irregularities

(a) needs more skill : Development + Operation + Maintenance needs more skill and detail so potential for human error (b) Visible evidence: one can gain access and alter data without visible(c) Decreased human involvement : means less chance of spotting errors(d) Software Design errors: remain undetected for long, or exploited by those in the know.

(4) Initiation or execution of transactions may be automatic : eg interest rate increases on a savings account once a certain balance is reached.(5) Potential for increased mngmnt supervision: appropriate software – eg sales reports,analyses, expense fluctuations,stock movement reports.(6) DISADVANTAGES OF COMPUTER ENVIRONMENT:

(a) Dependence of other controls on computer processing : eg: when account balance debtor check before sale is made, if masterfile tampered with, it could lead to extra bad debts.

(b) Uniform processing of transactions : if error in program, all transactions will be wrong eg: extra vat calculated etc.

COMPUTER AUDITING

DEFINITION OF A GENERAL CONTROL:1) All controls in a computerized centre are classified as either 1-General or 2-Application controls.2) Definition: General Controls: Span across all applications. Establish an overall framework of control for computer activities. Must be in place before any processing of transactions takes

place.3) Definition: Application Controls :relevant to a specific application/task within the accounting system eg wage cycle, purchases cycle,

CATEGORIES OF GENERAL CONTROLS1) Control environment and security policy2) Organizational structure and personnel practices3) Standards and standard operating procedures4) System development controls5) Program change controls6) Continuity of operations7) Access controls8) Documentation.

CONTROL ENVIRONMENT AND SECURITY POLICY:

i) Control environment

1) As per normal for control environments , especially the following for I.T.a) BoD IT representation: “IT Committee” preferably ,all new IT matters referred to them.b) Internal Control System : incl. an Internal Audit Dept. if possible + embrace characteristics of good internal controlc) Mngmnt style : that promotes good controls.d) Organizational structure : that promotes to good controls.

ii) Control environment

1) For Hardware +Software ONLY:A Policy ,not Procedures, must be developed, must be DOCUMENTED. Characteristics should be :a) Least Priveledge: clerk cannot access things he does not need to.b) Fail Safe : if one control fails, another takes its place : eg log in software fails, system shuts down.c) Defense in depth : combination of controls ,not just one, eg ATM , no more than balance total give out, in case it spews out thousands.-sommer add a control.d) Logging: NOT an EFFECTVE measure unless regular and frequent review/AND follow up action .All access,all changes etc.

ORGANISATIONAL STRUCTURE AND PERSONNEL PRACTICES1) Should achieve 2 major objectives :

a) Clear Reporting Lines / Levels of Authorityb) Lay foundation for segregation of duties,so no staff perform incompatable functions. :1- segregate IT and user depts., 2- segregate users within dept.


i) organisational structure

2) Sound ORGANISATIONAL STRUCTURE for an EDP/IT Dept :3) The following chart illustrates following important segregations of duty: note main principles used below for chart.

a) 1- SEGREGATE I.T. AND USER DEPTS.,i) Authorise :No transactions to be authorized by IT dept eg: wage increase rate, purchase order (to put on system, or otherwise)ii) Access :No IT staff have access/or custody of PHYSICAL ASSETS eg stock, or UNCONTROLLED ACCESS TO NON-PHYSICAL ASSETS eg debtors masterfile.iii) Resposible : ONLY responsible for correcting errors in processing+operating problems, for other corrections (eg in books) ONLY assistance if by request from user

departments.

b) 2- SEGREGATE USERS WITHIN DEPT. i) Technical administrators have a high level of knowledge and should be separated from programmers/business analysts else if they also knew the program they could

easily make unauthorized changes.ii) Security : separate from other – because a operator should never be asked to follow up on logged access violations.iii) System analysts iv) Operators v) Programmers vi)

4)

5) APPLICATION DEVELOPMENT AND PROGRAMMING. : a) Business system analysts b) programmers

6) TECHNICAL /ADMINISTRATION a) Db admin b) OS admin ( and hardware)c) Network admin

7) HELP DESK/OPERATIONS 1st tier questions ,backups, refer 2nd tier questions8) SECURITY access,logs follow up,passwords issue.

ii) personnel practices:

(1) Very important to have good personnel practices in IT .( nerve centre)(a) Background check,competence checks(b) Password,access exclusion if dismissed.(c) Compulsory leave : crookery discovered when they are missing to cover up(d) Training and development(e) Terms of reference: written personnel policies and practices.(f) Rotation of duties: boredom, learn other tasks, catch out. Do not compromise segregation of duties though.

STANDARDS AND STANDARD OPERATING PROCEDURES

i) standards:

(1) Eg ISO 9000 , and ISO17799 : standards for security ertc. In IT depts..(2) Makes sure

(a) Compatability with other systems /companies(b) Communicate requirement for good consistent practices with IT mngmnt .

ii) standard operating procedures:

(1) Prodedures over everyday Operations: compliance with standards and current standards should be frequently reviewed to ensure up to date,in touch,protected.(a) Scheduling of jobs : eg wages on thurs for payout fri.(b) Equipment operation and maintenance. : eg log out, not switch off at plug.(c) Machine serviceing: eg printer every 1000 copies etc.(d) Job run procedures: not left to own devices but instructions(e) Activity logs: as before(f) Personnel habits and tidiness: eating ,drinking ,smoking etc- protect equip- neatness standards: less loss eg flash disk.(g) Library(physical) : tapes etc. : label,access,issue,inspection,duty segregation.

SYSTEMS DEVELOPMENT CONTROLS (NB KNOW VERY WELL)DOUBLE NB

BoDBoard of Directors

Steering Commitee

IT Manager

Application Development and

Programming

Technical Administrators

Help Desk /Operations Security


3) For a new system eg payroll or internet shop, new hardware,software,OS,procedures etc must be got4) RISKS :

i) Costs get out of controlii) Sytem design end up does NOT suit user at end.iii) Errors,bugsiv) Business analyst incorrectly implements accounting procedures etcv) Not enough controls implemented- users access too easy etc.vi) No-one knows how to use itvii) Transfer info old to new system causes errors.

5) To avoid these risks , following controls must be implemented: know well as per lecturer:i) STANDARDS : eg ISO 9000 , + check compliance ii) PROJECT APPROVAL: steering committee must approve, feasibility study in-house or off-shelf +cost vs benefits.iii) PROJECT MANAGEMENT : KNOW well lecturer : 1-project team 2-stages/milestones/deadlines 3-progress monitoring + 4-prog. monit. reports to steering commiteeiv) USER REQUIREMENTS : business analyst + auditors consult(int +ext) + mngmnt of depts. sign off approvalv) SYSTEMS SPECIFICATIONS AND PROGRAMMING : specifications documented + programming by international standards –flow chart etc.vi) TESTING : debugging, test data run, integration other programs, if users happyvii) FINAL APPROVAL : test results approved by all involved, + final all users-mngmnt-IT-internal audit approvalviii) TRAINING : schedule for training with times for all users, manuals updated.ix) CONVERSION: following controls to ensure DATA is VALID,ACCURATE,COMPLETE

(i) CONVERSION PROJECT: seen as a project in its own right(ii) DATA CLEANUP: thoughrouly checked before conversion eg stock count(iii) CONVERSION METHOD:

1. parallel OR 2. phases OR3. shut down old start new

(iv) PREPARATION AND ENTRY: 1. File comparison – old to new data +resolve discrepencies2. Reconcile old/new using:1- Record counts & 2-Control totals.3. Use programmed Limit checks etc. to identify problems and follow up 4. user approval per dept if correctly done, 5. confirm all balances with customers/suppliers etc.

(v) POST IMPLEMEMENTATION REVIEW: : users+auditors+ IT for several months : documentation/sys dev. success or not/bugs/

PROGRAM CHANGE CONTROLS(1) You want valid + accurate + complete information. (2) When changes are made to computer programs/ + sytems :Use following controls to ensure above. For “program maintenance”

(a) Similar standards as f or system development controls (above)(b) Documented , Preprinted ,Prenumbered : change control forms.(c) Change requests: approval by 1- IT manager 2 user dept.(d) Done by programmers, NOT operators.(separation of duties)(e) Make it a Mini project (f) Change a development (test) program first, not the real one.(g) Test by programmer+ senior use debugging tequniques(h) Changes : users + internal audit must sign change form control.(i) Documentation updated(j) 1-Logging: of changes dine to it by computer + 2-independent tech operator puts program on(separation of duties)(k) Review of log by it manager to check no extra changes were made skelm in the process.

P DO PG 8/17 TO 8/24 LEFT OUT NO TIME (INCL. PASSWORDS CONTROLS!)


APPLICATION CONTROLS:

INTRO:(1) GENERAL CONTROLS & APPLICATION CONTROLS

(a) General = for all applications and the sytem eg hardware, other software etc etc(b) APPLICATION CONTROLS: o nly for the software : programs & procedures to satisfy users for 1 task eg: payroll

(2) Suggested framework for application controls: = 10 KEYWORDS:(a) Masterfile Amendments (b) Input , Processing ,Output (c) VAC: Validity Accuracy, Completeness. (d) Prevention, Detection, Correction.

(3) When input/output/ processing is more real time than segregated(tech), we(a) More access+programmed controls , less manual controls(b) More Preventative , less than detective+corrective.

i. Eg: get details of a airline booking correct before its processed(for both above)

DEFINITIONS: NB

(4) An APPLICATION : a set of procedures and programs , ,designed to satisfy users for a specific task eg payroll cycle(cycle link)(5) APPLICATION CONTROLS : over input,processing output of fin info , relating to a specific application ,to ensure VAC :Valid Accurate Complete.(6) TRANSACTION FILES: files to STORE DETAILS of individual transactions(7) MASTER FILES: files only to store 1-standing information + 2- latest balances : need tight control(8) MASTERFILE AMENDMENTS : changes to(9) VAC: VALID , ACCURATE, COMPLETE (objective of controls in computerized environment is VAC)

(a) VALID: transactions&data : not 1-fraudulent/fictitious 2-in Accordance activities actually authorized by mngmnt.(b) ACCURATE; transactions&data: are correctly 1-captured,processed,allocated to 2-minimize errors(c) COMPLETE: transactions&data: not omitted or incomplete

(10) PREVENTION, DETECTION ,CORRECTION : (just the stage at which controls are implemented to achieve objectives of VAC))(a) PREVENTION : controls to get errors BEFORE input/process/output (check before input)(b) DETECT :controls to detect errors ALREADY IN SYSTEM + RESOLVE.(c) CORRECT :controls to RESOLVE ERRORS&PROBLEMS already identified by detection controls

INPUT, PROCESSING, OUTPUT:NB

(11) Application Controls : are Various controls , designed to ensure info on comp.acc sys. Is VAC , which means controls at stages of input/processing/output stages(12) Diagram: masterfiles - programmes - processing – output : see pg 8/26 (13) INPUT: data inputed to computer by:

(a) Manual source docs(b) PC/keystroke entry(c) Barcode scanning

(14) PROCESSING: info to masterfile, Application programmes use this to processing, controls to 1-program error 2-hardware/software malfunctions(a) HARDWARE MUST FUNCTION PROPERLY : regular servicing,treatment,ie auditer worry(b) INPUT: TRANSACTIONS MUST BE VAC : computer processes whats fed to it: so need General Controls (eg good source docs)+ Application controls(foreman authorize

clockcard) (c) MASTERFILES: very important eg alter salary.(d) PROGRAMMES : gives what fed, so general controls eg sytems development/implementation contrls

(15) OUTPUT: eg hardcopy/e-mail/store : Controls to: (a) Integrity : Preserve data integrity(b) Effective Use :Ensure of reports(c) Confidentiality :Ensure

PROCESSING METHODS:NB

(1) 3 types of controls (a) BATCH ENTRY ,batch processing/update

(i) First on Source Docs(ii) In batches of eg 25 : entered on computer to store at efficient/convenient time, to update masterfile immediately

(b) ONLINE ENTRY, batch processing/update (i) First on directly on PC(ii) Stored on transaction file, later batches of these files are updated to masterfile.

(c) ONLINE ENTRY, real time processing/update (i) First direct on PC(ii) Stored and also Masterfile updated in Real Time eg airline seats available

(2) Todays esp. SME ,Commercial packages incorrectly configured to not do programmed controls are a risk.

APPLICATION CONTROL FRAMEWORK : MASTERFILE AMENDMENTS NB

VAC OBJECTIVE CONTROL

(3) VALIDITY: 1- Program Checks

2-Assess To Source Docs

3-Access Controls

4- Authorisation

5- Independent Checks


6-Logs And Reports

(4) ACCURACY 1- Program Checks

2-Screen Aids

3- Source Doc Design

4-Independent Checks

(3) . COMPLETENESS 1-Independent Checks

2-Logs And Reports

(5)

APPLICATION CONTROL FRAMEWORK : INPUT DOUBLE NB

(1) BATCH IMPUT METHOD (a) Step 1 :PREPARE SOURCE DOCS. /DATA

(i) VALIDITY: 1. Access to source docs2. Authorization of transactions

(ii) ACCURACY : 1. Source doc design2. Independent checks3. Batch

(iii) COMPLETENESS: 1. Independent checks2. Batch

(b) Step 2:ENTER SOURCE Data Via Keyboard (i) VALIDITY:

1. Access to application specific Program module2. Batch

(ii) ACCURACY : 1. Screen Aids2. Batch 3. Program checks

(iii) COMPLETENESS: 1. Screen Aids2. Batch 3. Program checks (all same as above one!)

(2) ON-LINE INPUT (i) VALIDITY:

1. Access to application specific program module2. Program Checks

(ii) ACCURACY: 1. Screen aids2. Program checks

(iii) COMPLETENESS: 1. Screen aids2. Program checks 3. Post Entry Batch control

APPLICATION CONTROL FRAMEWORK : PROCESSING DOUBLE NB

(1) Four major components as indicated earlier: (a) Hardware : eg: parity check(odd/even bit), valid operation code,echo check,equipment check.(b) Transactions(c) Masterfiles(d) Programs

(2) Controls techniques to achieve objective:(a) VALIDITY

(i) Program Controls(processing)(ii) Logs and Reports

(b) ACCURACY (i) Program Controls(ii) Logs and Reports(iii) Reconcilliation and Review

(c) COMPLETENESS (i) Program Controls(ii) Logs and Reports(iii) Reconcilliation and Review

APPLICATION CONTROL FRAMEWORK : OUTPUT DOUBLE NB

(1) Can be hardcopy, data file, e-mail etc. so different control techniques(2) Eg : destroy printer ribbon & carbon from stationary : data can be read from it.(3) Controls:

(a) CORRECT & CONFIDENTIAL DISTRIBUTION (validity receiver) (i) Output handling controls (eg printout/ e-mail etc.)(ii) Access controls (electronic output)

(b) ACCURACY (i) Logs And Reports


(ii) Recon. And Review(c) COMPLETENESS

(i) Logs And Reports(ii) Reconciliation And Review

MENU AND DESCRIPTION OF CONTROLS ABOVE:NB

(1) AUTHORISATION (i) Signature of supervisor on source doc and batch forms(ii) input module program application restricted to authorized person(iii) programmed checks: against parameters : eg loan allowed if income+expenditure right/enough(iv) overrides to above: min. supervisor +logs and recon by mngmnt

(2) ACCESS (i) Unused source docs under lock and key, independent person(ii) Register of issue/receipts + numerical sequenceing

(3) SOURCE DOC DESIGN (i) Pre-printed, multicopy in differ colours(ii) Tick , from list rather than write.(iii) Clear Title(iv) Instructions written below how to fill in(v) Field size boxes: eg date= 6 boxes(vi) Order of keying in : in right order not here and there(vii) Pre-numbered

(4) INDEPENDENT CHECKS (i) Independent check others work person eg : foreman checks clerks ‘hours worked’ calculation (ii) Check numbering sequence correct. Preferably With exeption reports.(iii) Review : Override Logs, Exception Reports, Audit Trails By Senior/supervisor.

(5) BATCH CONTROLS: (a) Controls:

(i) Source Docs Grouped Eg 50 : compute following controls MANUALLY.1. Financial Totals: totals of any fields holding monetary amounts2. Hash Totals : totals of any numeric field eg: invoice number3. Record Counts: total records per batch

(ii) Batch Control Sheet :attached to each batch.Should contain on it:1. Unique batch number : eg batch 3 of 6, week ending 31/07/20082. Control totals for batch : see (i) above3. Transaction Type : eg invoices4. Signature spaces : prepared by + checked by + reviewed by.

(iii) Batch Register : 1. Recipitent : signs the register after checkingwhat is signed for

(b)Batch Control System Works As Follows: 2. Details(description & control totals) keyed into computer to create “batch header label”3. Actual Records entered : already then subjected to programmed validsation checks eg valid account number, limit checks.4. Finsh entering records: computer computes&check all contol totals5. If totals agree +no other error: batch accepted , else rejected & sent back for re-processing.6. The contol totals can follow the bach in its life : eg 10 clock cards keyed in, 10 processed,10 output created etc.

(c)Batching assists with the following: 7. Data transcription error identify eg wrong valued entered into computer by accident.8. Incorrect field : detect data entered in incorrect field.(computates like trial balance)9. Invalid or omitted or duplicate entry into computer checked for.

(d) Batch control in online entry systems: 1. Pre –entry batch Controls impossible, so use Post-entry batch Controls.

a. Set 1 : Computer generates logical batch totals : eg per user/ application /PC b. Set 2 : User manually computes same logical batch totals totals on entry.

(e) ACCESS CONTROLS (i) Only certain PC’s can Access certain applications : eg payroll(ii) Physical access to PC’s : lock door, key safe.(iii) User Id/password restrict to (least privaledge)

1. System level (to PC)2. Application level (to Program)3. Read only/ write access4. Time of day5. Sensitive fields hidden

(iv) PC Shutdown for violation/timeout.(v) Logs :User ID + application

(f) Screen Aids: (i) Minimum key in Info.(ii) Order of type in same as form order(iii) Screen formatted like form : ie sound source doc design controls.(iv) Screen dialogue + prompts(v) Mandatory fields : cannot continue till typed in(vi) Verbal confirmation of data : eg with customer (vii) Drop down lists .

(g) PROGRAM CHECKS: VERY VERY NB(i) CONTROLS BUILT INTO the software, this list is not exhaustive :

1. Alpha –numeric – if letter or number2. Range checks –min AND max3. Limit checks – min OR max4. Limit test after processing – not on entry5. Check digit – extra digit on end of field, formula checks if field generates it,no db6. Size checks – field too many characters7. Missing data checks – detect blanks8. Reasonable checks – eg not more than 50 Hrs per week9. Reasonableness test after processing : eg wage of 10000000010. Sequence checks –duplications/gaps in numbers11. Verification checks – masterfile lookup if correct account number


12. Data approval checks –credit limit for all sales13. Internal label check – if computer file name correct14. Generation number check – correct file generation loaded ( old/ new etc)15. Retention date checks –if file expired16. Arithmetic accuracy check – eg reverse multiplication for 3*5= 15 : do 15/5=?17. Cross casts – acc18. Run to run totals: closing balance 10th compared to opening balance 11th ,and also to total debits minus credits etc. and more at same time same time etc etc.19. Reconciliation of related subsystem balances – debtors legder to debtors control acc.

(h) Logs and reports (i) Audit trails: eg intrest or PAYE rates used/ or summaries + list transactions(ii) Run to run balancing reports – see above(iii) Override reports- abuse of privaledges(iv) Exception rports- outside parameters set for control purposes eg wages > 40 hrs(v) Before and after images- database images before/after updates in case error(vi) Activity reports- usage times etc per user on pc, using resource(vii) Computer generated transaction listing- all automaticly generated re-orders/purchases by computer(viii) Access & access violation reports – sensitive eg – payroll + EFT

(i) Output handling controls (i) clear report identification :name, time+production number , period covered/date,numbered pages(ii) distribution checklist : who is to receive them(iii) register sign: must sign for receipt(iv) printing restricted to specific printers: confidential info eg salary slips – HR managers office printer only.(v) stationary design: eg sealed envelope salary slips(vi) shredding/ destroy: eg carbon paper or printer ribbons etc.

(j) Reconciliation and review (i) Control clerk:activity reports : output and processing(ii) Control clerk:control totals from input : eg batch controls(iii) Control clerk:sequence checks numbering on docs(iv) Control clerk:document count : eg must be 200 cheques for 200 payments(v) User dept :recon : with processing dept : eg foreman calc. 5000 wage hrs, payment should be for 5000 wage hrs.(vi) User dept : recon :reports : to 1-source docs 2- physical assets (vii) User dept :reasonableness: review output for:

SUMMARYComputers do not change the FUNCTIONS which mus occour in a cycle: eg in a wage system:Personnel recordsTime keepingPayroll prep and recordPayPay deductions overUnclaimed wages accounted for.

CAATS : COMPUTER ASSISTED AUDITING TECHNIQUES (SUMMARY –NOT NB)

Common large client sytems: SAP ,Peoplesoft CAAT programs : 1-GAS (generalized audity software)eg: ACL and 2- CAS (customisesd audit software)

HOW DO CAATS FIT IN AUDIT PROCESS(1) TO AUDIT AROUND COMPUTER

(a) Only check source3 docs-input – and output for VAC, if right then computer is also ok.Only for simple computer systems(2) TO AUDIT THROUGH COMPUTER

(a) Testing the computer system and controls built into it(3) TO AUDIT WITH COMPUTER

(a) Using computer to assist in audit procedures- mainly substantive testing(b) And using it to do reports, fin stats, workpapers etc.

SYSTEM ORIENTATED CAATS(1) More : auditing through computer (2) Mainly for tests of controls, but some substantntive evidence may be produced(3) Send test data through stystem, wrong acc. No.s and overlarge amounts eg 50 hrs wages week etc(make a dummy company/cost centre X, to prevent corruption of clients files.watch

out for manipulation of by fraud –of this dummy cost centre(4) Any of :Test data,IntegretedTestCentre,Parallel,Embedded audit facility

DATA ORIENTATED CAATS(1) More : auditing with computer (2) Mainly substantive testing(3) Can cause : Corruption of client files

FACTORS WHICH WILL INFLUENCE DECISION TO USE CAATS(1) Complexity(2) Volume(3) Data elec(4) Skills(5) Independence: loss -assistence(6) Attitude professional tequniques –must use caats(7) Compatable hardware(8) Utilites available(9) Cost of data 3rd parties

AUDIT FUNCTIONS WHICH CAN BE PERFORMED USING DATA ORIENTATED CAATS

(1) Sorting and file organization (2) Summarization,stratification and frequency analysis (3) Extracting samples (4) Exception reporting (5) File comparison eg current masterfile to prior years masterfile (6) Analytical review eg extraction of ratios


(7) Casting and recalculation (8) Examinining records for inconsistencies ,inaccuracies and missing data- and creating a report thereon

APPENDIX 1: ILLUSTRATION OF WHAT A DATA ORIENTED CAAT CAN DO:See above list XV)

NB NB DOUBLE NB KNOW VERY WELL .(1) Scan the file : and produce a report on missing fields ,duplicated item numbers , eg item no.missing/dup(2) Sort the file : by category : and total fields to determine if any has major portion : determine where to aim audit (3) Sort the file : by location: add values and quantity fields to assist in planning stockcount attendance(4) Extract a list : items with negative quantity, or values, or unit costs : ( NB : - X - =+)(5) Extract a list : items quantity field is zero but date of last purchase is after the date of last sale(6) Extract a list : items where date of last sale is say > 9 mnths ago , but date of last purchase is < 3 mnths ago : enquiry why ordereod? – is it because goods in stock were damaged(7) Extract a list : where date last order > 9 mnths , and date last purchase > 9 mnths : to assist in identifying non saleable stock –which should be written down.(8) Extract a list : where date last sale or purchase after stock masterfile date : weird(9) Extract a list : random sample of items to be counted at stockcount (10) Cast : value field for total value : to be compared to trial balance(11) Compare : unit price EXCEEDS selling price (12) Reperform : Qty X Value : see where clients file has a different answer

THE USE OF MOBILE INFORMATION &COMMUNICATION TECHNOLOGY ON AUDITS.

WHAT THIS TECHNOLOGY CAN DO(1) Planning and administration (2) Review Internal control & accounting systems (3) Document & obtain evidence (4) Preparation and review of fin stats (5) Application of generalized audit software(GAS)

SECURITY IMPLICATIONS OF USING MOBILE INFORMATION AND COMMUNICATIONS TECHNOLOGY ON AUDITS.(1) Security over workpapers: controls restrict access to audits computers& storage devices (2) Security of clients files:

SECURITY OF CLIENTS FILES:(1) Client make Backup to time of access by auditor.(2) Only audit software thouroughly tested by a computer audit specialist should be used.(ask to phone other clients he lately used it on)(3) Full procedure should be done in presence of clints IT personell(4) The files should be “read – only” if/where possible(5) Access granted only to those files necessary for audit purposes.(eg debtors)(6) Clients staff should not have access to audit software(7) Own: have updated computer anti-virus same day.(both auditor and client)


CHAPTER 10 : REVENUE AND RECEIPTS CYCLECHAPTER 10 : REVENUE AND RECEIPTS CYCLE

ACCOUNTING SYSTEM AND INTERNAL CONTROLS:

INTRODUCTION:1) The Revenue and Receipts cycle is sometimes also referred to as the : SALES and COLLECTION cycle.2) This cycle deals with ACCOUNTING system and related controls pertaining to it.3) There are 3 top level functions :

i) :Sales : Taking Orders & Distribution of goodsii) Get Paid Receipt of payment from customersiii) Sales Adjustments :

4) The MAJOR Activities of a (credit) REVENUE AND RECEIPTS CYCLE are:i) Receiving Customer Orders –phone/internet/written/counter etc.ii) Authorising the Sale -creditworthy/and in stockiii) Processing the Order -manual pickingiv) Despatch -releasing+collect/courierv) Invoicing - vi) Record Sales and Raise Debtors.- vii) Receiving and Recording Payment from debtors.-

5) The MINOR Activities are:i) Goods returned Controlii) Credit Notes passingiii) Discounts granting on paymentsiv) Bad debts – writing off and considering.

ACCOUNT BALANCES:1. SCI : sales, discount in/out, bad debts , sales returns, cost of sales 2. SFP : receivables, bank, provision for bad debt, inventory, “output” Vat.

DOCUMENTS USED IN THE (REVENUE+RECEIPTS)CYCLE1) Customer order: customers instruction2) Internal sales order : sales clerk for picking+records3) Picking slip : 4) Invoice :sent(say all details in exam)5) Delivery note: signed by customer,details to delivery list to schedule6) LIST :Statement: month end(say all details in exam,Ob+Cbalance+ageing+pay received+credit notes)7) Credit application form : trade references,income+expenditure,bankers,details,credit bureaux8) Receipts9) Remittance advice: from customer, advises which Precisely accounts being paid10) LIST :Remittance register: lists all payments received by company11) Credit note: acknowledge customers account reduced(we cr your dr) for all exept pay received12) Deposit slip: bank document deposit …13) LIST :Price lists: …referred to by sales clerk14) Back-order note: a slip/doc,ONLY goods in orders which could not be supplied… filed+regular review to check if ordered.15) Goods returned voucher : made by company, records returns.16) ALSO: Sales,Cash Receipts,”Sales returns+allowances”,JOURNALS + debtors ledger.

UNDERSTANDING THE CONTROL ENVIRONMENT:1. Understanding the clients business helps auditor to understand the:

a. Materiality & reasonableness of significant balances & classes of transactions in FSb. Performance relative to external & inter factors affecting itc. Potential risk of material misstatement that mngmnt has not managed effectivelyd. Anticipate total revenues /. Different GP margins / total debtse. Detect potential missaplictaions of GAAPf. Audit strategy determine.

BUSINESS RISKS

CHARATERISTICS OF GOOD INTERNAL CONTROLAll normal good internal control characteristics –here applied to Sales&rec.cycle like this:1) Control environment:

i) Over receipts particularly strong +ii) protection of debtors(eg crook deleted etc)

2) Competent trustworthy Personnel:i) Emphasis – those access to cash+cheques

3) Segregation of Duties:i) Basic= points 1-7 in basic activities of r&r cycleii) 1Receive payments /from/2Banking cash /from/ 3Recording writing up / from 4Reconcilliation

4) Isolation of Responsibilities:i) All docs in cycle signed to indicate a control procedure has taken place.ii) + Important: As goods move: check/count them +sign for receiptiii) +Important : As Payment/cash move …..mailroom to cashier …sameiv) Creditworthiness check-per order-before process -controler signature.

5) Access/Custody control:i) Cashier protectedii) Cheques crossed after receipt ( if stolen cannot..)iii) Debtors ledger (destroy/altered)

6) Source document design:all docs in cycle7) Comparison and Reconcilliation :Frequent & timeous of

i) Orders placed TO orders Processed/invoicedii) Invoices TO Payments receivediii) Debtors ledger TO General ledger


iv) Bank statement TO Cash records8) ????

FLOW CHARTS AND DESCRIPTION OF THE CYCLENOTE: For every single controls column below , ADD: employees must sign docs to acknowledge control procedures they have conducted.( as per book vertabim)FUNCTION Descr. DOCUMENTS RISKS CONTROL PROCEDURES

1-Receive Customer Orders (order dept)1) Receiving

Customer Orders

No account=refer to credit manager for application

Customer orderInternal sales orderPrice Lists

1-non-account holder2-no timeous fulfil/atall3-inaccurate/no details

1-only account holders2-sequential numbering3-attach customer order to internal sales order-cross check details if practical4-phoneorders: get 1-acc.no; 2-customer ref.no. ;3-confirm details by ‘read back’ 5-regular sequence check ISO’s (C=complete) + + + + matched to delivery notes find those not acted upon.7- order clerk check vAc right customers ‘items’ details 8-order clerk sign ISO,s indicate cntrl procedures done

2-Sales Authorisation (order dept)Authorising the Sale

Old=not exeed limitNew=creditworthy

Credit applicationDebtors ledger

Not creditworthy-will not pay Old Customer:1-credit controler check (a) fictitious details (b)credit status fine from balance&terms on file2-ISO’s(picking slip) Credit Cntrlr authorize by sign first.New Customer:1-must fill in bank details,trade references,+inc&exp details2-credit cntrlr follow up credit bureau, trade references,assess liquidity.3-Limit set by credit contrlr. And approved by fin.manager.

3-WarehouseProcessing the Order

Ensure only authorized orders are acted on

Picking SlipDelivery NoteBack Order Note

1-picking slip not picked2-pick for fictitious / unauthorised sales3-pick incorrect item/qty 4-delivery note inaccurate/incomplete5-‘out of stock’ items not shown on picking slip.6-customer not notifed of “out of stock” items-

1-picker initial each picked item, and tick items unpickable out of stock2-warehouse foreman-check all items picked supported by signed (PRE-NUMBERED) picking slips.3-stores clerk to: i)check goods picked to picking slip ii)prepare delivery note from picking slip+cross reference iii)prepare back order slip + cross reference iv)back order copy to order clerk to notify customer v)back order copy to buying dept.4-order clerk follow up back order, confirm if send again when it arrives5-delivery notes &picking slips filed numericly – follow up unmatched to check for picked/sent

4-DespatchDespatch

Delivery noteList of Deliveries

1-theft from uncontrolled dispatch2-Dispatch errors qty/item/customer3-customers deny receiving4-released from warehouse but never despatched.

1-on receipt by dispatch clerk (a)check qty/item against 1picking slip 2delivery note (b)sign picking slip&delivery note show receipt (c)keep 2 copies of delivery note,return picking slip to warehouse2-double check against picking slip when packing,also check address3-clerk prepare 2 part delivery list, match goods+Delivery Note eg: Delivery Note a447… 5 boxes.4-delivery staff sign delivery list show receipt (after check) of goods+delivery notes, give to dispatch clerk,+keep 1 copy5-gate control data stamp both copies of delivery note after check goods vs 1delivery notes+2delivery list(no gate control then dispatch controls must be very tight)6-customer sign both copies of delivery note, keep 1 ,1back

5-invoicingInvoicing

Return of delivery note match to ISO and produce invoice.

1-Sales invoice2-Price lists

1-Goods not invoiced2-Inaccurate invoice

1-copy of ISO temporary in numerical order in invoicing dept.2-as signed delivery notes received filed sequentially & match to ISO(is it then removed to where from file)3-ISO’s remaining in temporary file investigate frequently.4- matched delivery notes file sequence tested, gaps check5-invoice clerk:

i) check details ISO vs INVOICEii) check prices vs price&discount listsiii) make sequenced invoice cross-reference to ISO & Delivery note.

6-second employee(supervisor) check & sign invoice: discount,vat,prices,customer details,extentions,casts.

6-Recording of SalesRecord Sales and Raise Debtors.

1-Invoice2-Sales journal3-Debtors Ledger4-General Ledger

1-invoices are omitted from sales journal2-inv. Duplicated in sales journal3-inv.inaccurately entered in eg 45 as 4504-inv.entered against incorrect debtor

1-invoices entered in sales journal in numerical sequence only a)sequence continued from period to period b)cancelled invoices to be recorded in SJ -as “cancelled”-no missing a number2-batch control sys- total “invoices” before entry/ then after entry total the “sales journal” to check entries.3-independant employee to: recon1 a)sequence check SJ entries+follow up missing b)compare SJ customer name+amount to invoice c)check SJ to “GL & DL”4-other independent employee recon 2 DL to GL regular

7-Receipts Mail room/ CashierReceiving and Recording Payment from debtors.

1-Remitance register2-Customer remittance advice3-Receipts4-Bank deposit slip

1-payments received not banked due – (a)carelessness or (b)theft

1-Post opened by 2 people2-Post payments into remittance register by “openers”3-Prenumbered receipts for all pay received(or at least for cash)4-bank receipts daily5-Bank deposit slip by CASHIER- NOT employees opening post.6-cashier recon 1 remit.register vs cash&cheques & sign it.7-independent employee remittance register& receipts issued recon 2 to bank deposits.

7.5-cash sales receipts 1-count of cash AT TILL ON STANDARD CASH COUNT FORMS2-signed by cashier & cash controller3-list totals of cash couynt forms on daily cash summary4-compare to cash register total5-investigate overs and unders6-cash controller to prepare bank deposit slip

8-Recording of ReceiptsReceiving and

Record debtors in CRJ & credit debtors accounts promptly

1-bank deposit slip2-CRJ3-DL

1-deposits not recorded/or timeously2-recorded deposits may

1-CRJ daily by date & number from receipts (if rec. issued)2-Queries from debtors : by person independent of debtors’ & banking&recording of cash functions.’


Recording Payment from debtors.

Total received for period then posted to GL control acc.

4-GL(?remittance list/receipts issued/customer remittance advice)?

(a)inaccurate (b)overstated(fictitious) (c)cr to wrong debtor

3-recon1 bank statement TO cash book mnthly + independent of banking&recording employee + reviewed by senior official.4-recon2 CRJ supervisor (a)CRJ vs gaps 1dates 2sequential (b) test CRJ to DL5-recon3 DL to GL control acc. Independent employee regular

9-Goods Returned by Customersee 4 minor activities in the cycle for this one

1-Goods returned voucher2-credit note3-Returns&allowance journal4-debtors ledger5-general ledger

1-desc. & qty of the actual goods returned incorrect- causes an incorrect credit note be passed2-credit note passed for goods not returned3-credit note recorded inaccurately/or to wrong debtor

1-all ONLY received by “Goods receiving Dept.”2-goods receiving clerk must: (a)check qty+descr. +damage (b)make goods retuned voucher+ cross reference it to customer documentation (c)sign customer docs. +keep copy+attach to GRVoucher3-transfer receiving TO warehouse: clerk (a)check qty+desc to GRVoucher (b)sign4-Credit notes to be: (a)ONLY made by Accounting dept (b)cross-reference to original invoice (c)supervisor check GRV+credit note+signed customer docs –check policies(eg: in 30 days only) +valid (d)5-sequential in Returns&Allowances Journal and normal control procedures over recording put in place eg check gap s in sequential6-senior fin. Manager regular check Journal +follow up suspicious(eg large amounts, regular same customer, etc)7-Not to mix up damaged with other stock

10-Credit Managementsee 4 minor activities in the cycle for this one

All record in cycle are relevant+monthly statements+age analysis+credit bureau information

1-debtors do not pay/pay late2-debtors prematurely or inappropriately written off3-debtors written off without authority.

1-credit application controls same as in ‘sales authorisation’2-monthly statements to be sent promptly to all debtors3-monthly age analysis+ follow up by phone/letter if exceed4-if not successful- credit manager contact to re-negotiate terms or threaten hand over debtor.5-hand over before too long period elapsed(prescription..)6-write off recommend credit manager , authorize independent senior financial employee.7-recon 1 : credit manager recons write offs TO supporting docs, after entered in journal.8-REPORT: senior fin manager: regular: age analysis,write offs,how overdue’s are being handled,bank,debtors balance,list of debtors.

AUDITING THE CYCLE:1) SPECIAL INTERESTING CHARACTERISTICS OF THE REVENUE AND RECEIPTS CYCLE:

After assessing the risk at FinStat AND at assertion(eg complete/exist/occour ..ance) level, auditor gets idea which of following is more likely to occour.a) Debtors Amount : this cycle produced what is frequently a very significant figure on the balance sheet. (fraud/errors etc)b) Sales : it produces the figure from which Profits & Losses originate. c) The Overall Risk in this cycle can be looked at in 2 ways:

i) Understate SALES: mngmnt tempted to understate for (1) TAX & REDUCED PROFITS particularly with large cash sales.(2) ‘hold back’ by moving to next year , to get off to a good start for next year ( if large slaes this year)

ii) Overstate SALES: mngmnt overstate to : by ficticious paper sales OR pre-invoicing (year-end more)(1) Meet sales targets(2) ‘Ratios’ by manipulate ‘debtors’

FINANCIAL STATEMENT ASSERTIONS -IN THIS CYCLE-(ISA 500)The directors of company are ‘ASSERTING’ 1) SALES: (transactions)

a) Completelessb) Occourancec) Accuracyd) Cut-Offe) Classification (proper accounts)

2) RECEIPTS: (transactions)a) Completelessb) Occourancec) Accuracyd) Cut-Offe) Classification (proper accounts)

3) 1-DEBTORS 2-BANK/CASH (balances)a) Existence (like ‘occourance‘ but goes for events)b) Rights: (entity had the rights, and they were not encumbered in any way – OR it should have been disclosed)c) Completeness (at bal. sheet date)d) Valuation : 1-Prov.BadDebts 2-Bank/Cash balances

4) PRESENTATION and DISCLOSURE:a) Completeness (in terms of the 4th schedule and the financial reporting standards)b) Accuracy (of presentation)c) Classification-d) Understandability-

IMPORTANT ACCOUNTING ASPECTS : SPECIALLY FOR THIS CYCLEAs per ISA18 revenue : following conditons must be met before it can be recognized.

1) SALES of GOODS a) Revenue Measurement Reliable : can be measured reliably – simple if amount is on invoiceb) Flow Economic Benefits Probable : not that it is not probable it will flow to entity– eg a fictitious sale. c) Effective control or managerial involvement - eg Consignment : seller does not retain effective control or managerial involvement over goods eg: consignment or other type.d) Evidence : that risks&rewards of ownership have passed from seller to buyer. Eg: signed contract/delivery note

2) RENDERING of SERVICES


a) Revenue Measurement Reliable : can be measured reliably – simple if amount is on invoice/or rates&payments terms on contractb) Flow Economic Benefits Probable : not that it is not probable it will flow to entity– eg a fictitious sale. c) STAGE of completion at Bal.Sheet.Date. :-of transaction can be measured reliably eg by %costs used vs total costs.

3) ALLOWANCE FOR DOUBTFUL DEBTS: a) As per isa18, if it seems if a revenue cannot be collected, an expense should be created instead of reducing revenue (PROV. BAD DEBTS)

FRAUD IN THE CYCLE

1) FRAUDULENT FINANCIAL REPORTING a) Fictitious/Overstating Sales( occourance) & fictitious /Overstating Debtors( existence) : incr. profits & current assets –so ratios.b) Understating Sales & same Debtor : tax or ‘cheap mngmnt buyout’c) Understating Bad Debt Allowance( valuation) : normally part of trend to manipulate allowances/provisions , improve assets/profits/ratiosd) Recognition of revenue from sales (occourance): eg pre-invoicing OR recording appro. / lay-by OR understating

2) MISAPPROPRIATION OF ASSETS. a) Stealing cash sales(Completeness sales+bank)b) Stealing debtors payments(Completeness debtors+bank)c) Unauthorised reduced sales charge -bribe/friend(Completeness debtors+bank & Accuracy sales)d) Debtors accounts (Completeness debtors ) bribe/friend –not accurate but completeness.e) Picking/dispatch theft (Existence stock) – 15 instead of 10 collusion ouside)f) VAT not pay (Completeness liabilities) – recorded OR unrecorded sales.

3) LAPPING/ ROLLING a) Stealing cash from : Cash sales or Debtors payments by:

i) Hide by manipulate posting from debtors to debtors ledgerii) Hide by substitute cash stolen with debtors cheque payments-take cash put debtors cheque payment as a cash sale-then post another debtors payment at mnth end as 1st one taken/or

multiple.(Becomes very complex Web)You can say 2nd was too close to mnth end thus not reflecting yet. (reconcile physical cash with cash receipts) b) He needs: to succeed he wants you must NOT use bank deposit slips as source docs for cash book(bank teller compares cheque name to deposit slip, so he cannot substitute),he handles all

queries from debtors, or he write up source doc receipt Or cash book.c) Fix by:

i) Feed backii) Credit notesiii) Bad debtsiv) Destroy records

d) Risk in:i) Poor control environmentii) Poor segregation duties pay write receipts / debtors queries/ recordingiii) Cash&credit salesiv) Small/medium size business

TESTS OF CONTROLS AND SUBSTANTIVE PROCEDURES1) Types of controls:

a) PREVENTATIVE: stop things happen at input or processing stage , rejects then before it happensb) DETECTION: finds out after it has happened after accounting & all other processes finished. Eg reconcillliations / or supervisor check work of dept. later.

2) TESTS OF CONTROLS: used to determine if Control Procedures & Information System is working correctlya) Observation b) Enquiry c) Inspectiond) Re-performance

3) SUBSTANTIVE PROCEDURES : if Balances and Totals are fairly presented.a) Enquiry & Confirmationb) Inspectionc) Reperformanced) Recalculatione) Analytical Procedures : eg: if Gross profit 30%, you immediately know whether sales & purchases is correct.

TESTS OF CONTROLS1) You identify each control, then perform 1 of the above 4 procedures on it to test if it works .2) Each is Limited in value: ‘inspect’ signature only says it was signed, not actually checked, ‘observe’ only says control worked While you watched, not always.3) Note: tests must also be done on NON-SPECIFIC (GENERAL) CONTROLS: eg ‘custody’ of blank delivery notes,invoices.4) Eg:

a) Enquire: i) of order clerk if 1- ALL orders go to him, ii) 2- if he makes out an ISO for all orders, not only phone orders.

b) Inspect : i) 1-filed copies of ISO for ‘evidence’ credit approval was obtained.ii) 2- correspondence from ‘credit bureau’ to confirm approval was actually obtained.

c) Observe: i) opening of mail & writing of receiptsii) despatch clerk counting and checking goods on transfer from warehouse to dispatch.

d) Reperformi) A bank recon

SUBSTANTIVE PROCEDURES1) In some other textbook says it is divided in 3 Types: 1- Transactions 2-Balances 3-Analytical Procedures.(we say these 3 plus extra + Presentat.and Disclos.)2) MAIN focus for this cycle: BANK/CASH + DEBTORS balances, which also gives evidence for sales.3) MOST IMPORTANT part : non-cash transactions which reductions debtor balances : do tests as in ‘eg’ no 4 below , PARTICLARLY AUTHORITY given for each to be done.

a) Credit notesb) Bad debts write offc) Special discounts

4) Eg: auditor just selects a sample of Sales Invoices and Does DUAL PURPOSE TESTs on them :”VOUCHING OF TRANSACTIONS ‘ ARE referred to as ‘dual purpose’ tests: because…..a) DUAL PURPOSE TESTS:

i) Inspect: Match to details on supporting docs –sales order,delivery noteii) Inspect: trace to entry in sales journaliii) Inspect : docs for signatures showing control procedures have been carried out.iv) Reperform :pricing from price list and Enquiry&Confirmation :validity of discounts.v) Reperform/recalculate: casts, extensions,discounts, vat.


vi) Reperform: posting to debtors ledger.5) CATEGORIES OF ASSERTIONS: ISA 500R Categorises the Assertions as follows.:Classes of Transactions and Events (for period) eg:sales, purchases, interest received: Rem‘allowance for doubtful debts ‘ AS WELL AS ‘ Revenue’ are ‘transactions’

a)b) Account Balances carried forward to next year (at year end) eg:property plant &equipment ,accounts receivable.c) Presentations and Disclosure : eg:notes to bal.sheet , contingent liabilities

4. Classes of TRANSACTIONS AND EVENTS: Assertions about (during period)4.1. OCCURENCE :recorded trans.& events DID occour and DO PERTAIN to THIS entity.4.2. COMPLETENESS :all that should have been recorded, were recorded ,none missing.4.3. ACCURACY :1-Amounts & 2-Data were recorded appropriately.4.4. CUT-OFF : in right accounting period.4.5. CLASSIFICATION (and UNDERSTANDABILITY) : recorded in correct account names.

5. ACCOUNT BALANCES :Assertions about (end period). 5.1. EXISTENCE : assets, liabilities, equitys DO actually exist.5.2. RIGHTS –(AND OBLIGATIONS) : entity holds rights to assets , liabitities are obligations of this entity , named shareholders . : do hold the rights to the equity.+2-

ALL ENCUMBERENCES on ownership must be . .. . :Disclosed5.3. COMPLETENESS : all that should have been recorded,were recorded,none missing.5.4. VALUATION –(AND ALLOCATION). : assets ,liabilities , equity recorded at appropriate valuation amounts and any resulting . . . : valuation adjustments or allocation

adjustments are appropriately recorded .ALSO , . . :DEPRECIATION and OBSOLECENCE 6. PRESENTATION AND DISCLOSURE :Assertions about.

6.1. OCCURENCE AND RIGHTS AND OBLIGATIONS. :disclosed events ,transactions& other matters DID occour and Do pertain to this entity. 6.2. COMPLETENESS : All matters that should be disclosed in FIN STATS. , were disclosed, none missing.6.3. CLASSIFICATION AND UNDERSTANDABILITY. :financial info./disclosures are appropriately/ properly PRESENTED and DESCRIBED, and EXPRESED CLEARLY.6.4. ACCURACY AND VALUATION. : 1-FINANCIAL and 2-OTHER INFORMATION( eg notes on union problems) are disclosed FAIRLY and at APPROPRIATE AMOUNTS. (at correct valuation amounts

and in a correct and proper – 'FAIRLY presented' - manner.)

DIAGRAM OF ASSERTIONS:

Remember: ‘allowance for doubtful debts ‘ AS WELL AS ‘Revenue’ are ‘transactions’ assertions

ASSERTION TRANSACTION EVENTS ACCOUNT BALANCES PRESENTATION DISCLOSURE

1 OCCURRENCE (ALSO ? VALIDITY) # #2 COMPLETENESS # # #3 ACCURACY # #4 CUT OFF #5 CLASSIFICATION (and for Pres.&

Disclosure : UNDERSTANDABILITY) # #

6 EXISTENCE #7 RIGHTS and OBLIGATIONS

# #

8 VALUATION and ALLOCATION# #

SUBSTANTIVE PROCEDURES FOR THE AUDIT OF DEBTORS:

1) ASSERTION: RIGHTS & OBLIGATIONS:a) Determine if any accounts received have been factored, ceded or encumbered in any way. By:

i) Inspection:(1) Loan agreements(2) Bank confirmations(3) Prior year workpapers(4) Minutes of directors meetings

ii) Enquiry: of management2) EXISTENCE:

a) The 2 MAJOR procedures for existence are:i) Enquiry: Debtors circularization: must have permission from management(if no you qualify report), ii) Inspection: Subsequent receipts testing : matching amounts owed at year end to payments received after year end.(unless paid for new year bill) IE it was “Existing “ at year end, not it

was not there but should be-if they moved this years sales to next year-(oocourance) .b) How to do a debtors circularization:

i) Auditor takes control of all debtors statements after they have been printed at month end(1) Test to debtors ledger & other way(2) Select sample for circularization

ii) 2 types of confirmation can be used.(1) Positive : requests confirm if correct OR not

iii) Negative: only confirm if not correct: weak since could be 1-fictitious debtor 2-incorrect in favour of debtor iv) Enclose in letter

(1) Sticker/letter requesting confirmation directly with auditor(2) Self-addressed envelope(‘positive confirmations’ only)

v) Auditor supervise all mailings by:(1) Direct all ‘addressee unknown’ to return to auditor only(2) Check all P.O. boxes telephonicly or by looking in the directory.

vi) Auditor collects evidence for Existence & Valuation now by :monitors replies, follows up on:(1) Disagreements: refer to 1-source docs, 2-client, 3-clients attorneys.(2) ‘No-replies’, ‘addressee unknowns’ : refer to : 1-recircularise after correct address,&2-telephone/fax &3-post year end receipts.

c) How to ‘subsequent receipts testing’:i) Select sampleii) Check CRJ to identify receipts, 1-trace to customers remittance to see for which invoice it was, 2-trace to date, 3-trace to invoice & delivery note& 4-trace if recorded at year end in sales

journal & debtors ledger.


iii) Make sure a cut-off test is performed where last 20 invoices+delivery notes customer signed inspected to make sure they are from year end /OR : at year end(auditor marks the last invoice/del. Note number as ‘end of year’ & note number)

3) ASSERTION : VALUATION (& ALLOCATION): for debtors consists of 2 parts , gross amount and bad debtsi) Gross Amounts: & follow up

(1) Unusual entries: eg year end dr’s(2) List of debtors : trace to general ledger debtors control account&trial balance, and debtors ledger individual accounts.(3) Reconciling items from ii) must be

(a) Casts(b) Reconciliation logic(c) Follow up reconciliation items.

(4) re-CAST : Debtors list & control account re-CAST.(5) Find CR balances in debtors ledger+reverse if needed(6) Circularization : Refer to circularization & follow up (7) Foreign currency :

(a) Rates Bank(b) Old transaction rates calc vs end year rates(c) Must be at end of year rate in books, or it is wrong!

b) Bad Debts: (this is very close to debtors cause it reduces debtors etc)(1) Method &procedures enquire (eg if to students hostel room no. then provision must be more)(2) Authorization procedure :(better if more independent of ‘credit control/er’ itself)(3) Change in circumstances : have they change so prior year’s method is wrong eg new credit policy.(4) ENQUIRE MNGMNT: change in circumstances : eg new credit policy/ changed trading conditions major customer.(5) Reperform ALL calc’s.(6) Reperform Ageing : on small sample, to check if correct periods, refer to invoice/delivery note.(7) Long outstanding & material outstanding :discuss ALL with credit controller(8) Legal &debtors correspondence : check to identify debtors handed over and those with disputes.(9) Prior year vs Actual compare to check the companies ability to estimate correctly.(10) MONTHLY REPRTS TO MNGMNT: should be reviewed eg: write offs & debtor liquidity problems.(11) Analytical Review:

(a) % to prior year (b) write-offs to prior year.(c) Age analysis to prior year : is debt getting older?(d) Ratios year on year : eg Days Outstanding Debtors.

(12) Potentially Uncollectable : debtors should be considered on a 1 by 1 basis, not as a %.Consider all aspects eg large chain store will pay, but just overdue.4) ASSERTION : COMPLETENESS : do following to make sure of this

a) Cut-Off Testing:i) AFTER: first 20 (material) after year end cut off number –trace correct to delivery notes/records ii) BEFORE: 10 before check as above.

b) Credit Sales: to see whats NOT been recorded is more difficult to check/trace than what has been recorded.i) Missing dispatch notes (not in debtors)ii) Dispatch notes NOT MATCHED to an invoice (not invoiced= not in debtors- TAX etc)iii) Purchases+ inventory left MATCH to Sales (eg sold but not in debtors/or revenue)iv) Specific Representation from Management as to Completeness of Sales v) Analytic procedures:

(1) gross profit % fluctuations(2) prior periods : sales&debtors to (3) prior periods : sales by characteristic to branch/region/month/customer(4) sales ratio: eg: commission vs sales (if commission is up, sales should be up)

5) PRESENTATION & DISCLOSURE ASSERTIONS: (not ‘balances’ but next one :ie) as it applies to debtors: as per ISA500a) COMPLETENESS : IN TERMS OF ias INTERNATIONAL ACCOUNTING STANDARDS, 4TH SCHEDULE. Eg: debtors balance with current assets, + disclosed encumbrances on debtors. + all dother

DISLOSURES are thereb) :Occourance: Evidence :consistent with evidence gathered on audit.c) Accurate: Amounts , facts ,details, 1-accurate 2- and=evidenced) Classification&: Appropriate classification of information.e) Understandablity: Wording is clear and understandable. Eg: accounting policy & explanation of encumbrances.f) Rights&Obligations: per evidence gatheredg) Valuation&Allocation: per evidence gathered

6) ASSERTIONS: all /Generala) Analytical procedure of debtors : should be performed

(1) Analytical Review: (a) Debtors to prior year (b) Debtors vs credit Sales to prior year.(c) No. & Amount of Debtors by Branch/Division/Product.

USE OF AUDIT SOFTWARE (SUBSTANTIVE PROCEDURES) FOR DEBTORS1) Enhance auditing of debtors by (if clients debtors are computerized)

(1) Stratify as % total: by rand amount, profile,etc, (2) select samples for ageing(valuation)/circularization(existence).(3) Scan ERROR : masterfile for error conditions,duplicate ACCOUNT NUMBERS (existence),NEGATIVE balances( valuation) ,blank fields(existence)., over/abnormal/ credit

limit/terms(valuation bad debts)(4) Debtors balances vs client listing, or vs ageing,(5) Unique characteristic/code 1-2-3: eg extract all handed over to lawyers(Valuation gross&bad debts, or code 2 correspondence(all assertions)(6) This Year vs Last Year for

(a) New accounts ( to check eg credit applications)(existence)(b) Major fluctuations in individual account balances(valuation)(c) Not Listed :anymore Debtors (existence)

(7) Bad debt allowance : recalculate based on aging eg 3% 30 days + 5% 60 days etc.(8) Casts/cross cast : (valuation)

SUBSTANTIVE PROCEDURES FOR AUDITING BANK/CASH1) EXISTENCE : BANK BALANCE

a) Bank confirmation letter(1) Standard SAICA bank confirmation letter sent to bank, first permission from client(2) Return to auditor, not client(3) Ask to SUPPLY balance details, NOT confirm bal. details.- auditor gives account numbers, or name of entity maybe better


(4) ALL TYPES of accounts eg: 32 days, call , current etc.(5) Takes bank long, do timeously,-auditor give year end date.(6) Compare to clients docs(7) ENCUMBRANCES : Confirmation from bank must ALSO list any ENCUMBRANCES(8) MINUTES of directors meetings checked for balances encumbered.

2) RIGHTS & OBLIGATIONS: see Existence above , it is the same stuff to be used here3) ASSSERTION : COMPLETENESS : ALL BANK BALANCES

a) Risk Siphoning: off to other bank accounts ,then call forensic auditor assistance.- b) This year to previous year : no. and type of accounts held compare & follow up closed accountsc) ASK bank if ALL: accounts have been included in confirmation.d) Alert in other audit procedures: to check for other bank accounts, eg in minutes,cash budgets,vouching payments.e) Foreign Bank :ask mngmnt –written reply -about foreign accounts if any import/export is undertaken.

4) ASSERTION: VALUATION: at appropriate amounts in the fin.stas.a) Bank confirmation: Theory is bank could not pay up, but in reality this is low, so confirmation is good enough.b) Bank Recon:

i) REPERFORM by:(1) Check balance on recon vs bank stat. vs bank confirm.lett. vs cashbook(2) Reperform casts & test logic of recon ( eg outstanding cheques added not subtracted to cash book balance.)(3) Sample cashbook receipts & payments : check in bank statements before OR in recon itself.(recon date is year end)(4) Outstanding out cheques + deposits in recon : must be in BEFORE: date cash book AFTER: date a bank statement.(5) Cut off no. cheque on any post bank statement : must appear on recon.(6) Written out :enquire about any long standing deposits (max 2 weeks) and long outstanding cheques which SHOULD BE WRITTEN BACK.(7) UNUSUAL reconciling items : follow up by supporting docs.

5) Window Dressing : where you make a payment by cheque but do not post it until after year end: so a ratio of 2:1 will become a ratio of 3:1: eg bank 100 creditors 50=2:1 , so you pay 25 then bank=75 creditors= 25 = 3:1 but with window dressing I think they don’t record the 25 paid out,so you have a ratio of 100: 25 or 4:1 at that date.–(1-to catch check a ‘cut off statement from bank’ which means one from after the end of fin year, to see which cheques took very long to present, 2-then request to write-back this cheque for year end figures purposes)

6) Kiting: where company controls many bank accounts and uses this to inflate ceratin balances using the time taken by a bank to clear payment n a cheque. You transfer from a bank account at another bank, by cheque to another bank account-then while one is waiting to clear so it gets reduced (has not cleared yet so not yet reduced at 1 bank) , then other is immediately credited on deposit and youseem to have more than you actually have ie; 50 +10+ deposit of 10 = 70., but deposit only clears after bal.sheet date so then it is 2 weeks before 40-payment of 10 + 10+deposit of 10=60

7)8) Transfers:

a) Eft TRANSFERS scrutinize : carefully esp. payee account VALIDITYb) YEAR END : any large transfers at year end, to subsidiary or related party or own bank accounts,CONFIRM(for KITING) (also with reference to other auditors at related parties if needed).

i) Supporting docsii) In same year period : recorded in both enities books in same periodiii) Any outstanding : are included in any bank recons.

9) Cash counts: a) Simultaneous: counting of all floats prevents cover upsb) In Presence of cashier responsible for:c) Alone : auditor NEVER alone with cash, or accused of stealing itd) Cashier+auditor sign : results on workpaper togethere) Recon as follows: cash float + cash received - cash payments=cash on hand.f) Supporting docs : all Payments& receipts should be supported by g) Supporting docs: 1-Valid+2-Authority all to be scrutinized for both of these things.h) Postings: cash transactions to the ledger

10) PRESENTATION AND DISCLOSURE : i) Same as for Debtors, egii) Correctly presented on face of SOFP. –in liabilities if in overdraft, or in assets etciii) Disclosuresiv) Agree evidence.


CHAPTER 11 : ACQUISITIONS AND PAYMENTS CYCLE:CHAPTER 11 : ACQUISITIONS AND PAYMENTS CYCLE:

THE ACCOUNTING SYSTEM AND INTERNAL CONTROLS:

1) 2 major activities:a) Ordering & receiving : 1-required 2- suitable quality&priceb) Payment 1-valid orders 2-authorised,accurate,timeous

2) Major balance= creditors3) Control procedures: mainly payments =risk asset=cash

DOCUMENTS IN THE CYCLE:1) Requisitions: from any dept but mainly stores, from stores mainly by: 1-re-order levels/qtys(computer or count) 2-production schedules 3- special (preferably written) request. 2) order forms: buying dept,sign chief buyer,details & price3) Suppliers delivery note: cross reference order form, sign by us, 4) Goods received note: by us, cross-ref SupplierDelnote.5) Purchase invoice:6) Credit note: FROM supplier, + returned goods accompanied by “12-returned goods voucher”7) Creditors statements: mnthly8) Cheque requisitions: by creditors section to whoever9) Remittance advice: breakdown of what is being paid10) Receipt: from supplier11) PJ,Creditors journal,GL, Purchase Returns & Allowances journal

CHARACTERISTICS OF GOOD INTERNAL CONTROL:1) Control environment: 1-NORMAL + 2-particular to authorize payments (shows poor contrl envir.…: 1-sign blank cheques, 2-not check supporting doc. Before sign cheques)2) Competent , trustworthy staff: boring &mundane& poorly paid (some tasks here)+money+if readily saleable consumer goods = special attention3) Division of duties:

a) Order goods = not Access goods (order for yourself) + {best if also “not Authorize payment”}b) 1-Receiving/custody = not amend records , 2-also Receiving=not do Goods Rec.Note.(or receiving does correct GRN but sends half back with suppliers truck then split proceeds{so receiving

signs ‘delivery note’, but warehouse does ‘GRN’ later))4) Isolation of responsibility:only: 1-moving goods isolate each move BOTH ‘count+sign’ 2-cash transferred isolate each move BOTH ‘c+s’5) Custody/asset control : 1-blank order forms (etc) 2-bank 3-goods6) Regular reconciliations & review

a) Creditors Statement vs Company Records (before pay)b) Orders vs goods received (unfulfilled)c) Company’s records vs Bank statements

7) Source doc design: 1-normal

FLOWCHART AND DESCRIPTION OF CYCLENOTE: For every single controls column below , ADD: employees must sign docs to acknowledge control procedures they have conducted.( as per book vertabim)FUNCTION Descr. DOCUMENTS RISKS CONTROL PROCEDURES

1-ORDERING OF GOODS AND SERVICES

Initiate orders, always available,place orders,after check suitable deliver/ /qlty /qnty /price

1-REQUISITION2-ORDER FORM

1-Incorrect/Unnecessary =liquidity+wastage2-unauthorised=losses by fraud3-order forms misused eg private orders4-requisition not acted on OR orders not timeous5-inferior quality6- unnecessarily high prices 7-orders not OR not timeously filled.

1-order clerk not order no authorized requisition (a)cross-ref requisition to order (b)confirmation by stores/production (esp. preset levels)2-before place order senior buyer/supervisor check (a)accuracy&authority (b)supplier suitability, price&qty reasonable, nature goods reasonable ie used by company3-approved supplier list (a) confirm available+delivery dates (b)or get quotes if no supplier list (c)seniors evaluate suitability of before approve a supplier4-order dept file requisitions sequentially by dept + frequent review requistions not cross-ref to an order. (unordered) 5-copy of order filed sequentially + review sequence check +cross-ref to GRN to make sure they were received.OR check pending file of orders in receiving bay.6-blank order forms sound stationary controls (custody)

2-Receiving of goods&services

Accept, acknowledge, valid, record(GRN) + check qty, qlty, descr.

1-supplier delivery note(DN)2-GRN

1-acceptance of Short deliveries as full Damaged/broken Itms not ordered Wrong type/qty2-GRN incomplete/ Inaccurate3-no GRN made out4-fraud/theft +collusion outside

1-pysically secured access controlled Goods rec. section2-offload by goods rec. clerk who must: (a)match supplier delivery note to Purchase Order (b)check qty+descry. Vs both docs above (c)check goods- broken/wet etc (superficially) (d)reject incorrect + note on both docs (e)note short delivered on both(+ actual QTY!) (f)include only those accepted on GRN(??????) (g)suppliers personel sign +sign amendment eg short (h)sign supplier delivery note3-on transfer to stores next clerk sign GRN + count + report discrepencies to supervisor4-Collusion in this cycle is a major problem to many companies, so isolate responsibilities+independent physical controls eg: tracing device on vehicles+security cameras to be used by all in supply chain

3-RECORDING OF ACQUISITIONS

1-purchase invoice(PI)2-credit note(CN)3-Creditors statements4-Purchases journal5-Purchases Returns +allowances journal6-Creditors ledger7-General ledger

1-record incorrect amounts from incorrect purchase invoices (a)QTY/QTY/TYPE notas ordered or received (b)price not as quoted (c)calc errorsegcast/vat2-fictitious purchases /creditors from invoices never receiv. or

1-purchase invoice must be: (a)match to1- GRN 2-delivery note+3-purchase order for: Qty, descr,prices, discounts(from order or supplier price lists) (b)review if posted to correct account eg: stationary. 2- account to be posted must be got from official list by requisition maker outer and written on there-or clerk will not know for which account it is.!3-reperform casts,extentions,calc,s on invoice.4-Specific emplyee must responsible GRN +invoice dates check and only then


ordered3-delays, misallocation, posting errors = recon problems+ loose early pay discounts.

timeously posted to journal+ledger.

4-Payment preparation(requisitioning)

1-remittance advice (RA) 2-cheque requisition

1-pay fictitious creditors2-pay incorrect amounts3-unauthorised payments4-discounts lost

1-creditors statement recon to support docs.+clerk check invoice accuracy controls done before recorded2- creditors statements recon creditors ledger individual 3-creditors clerk make sure pay early discount 1-pay early2-actually is deducted4-cheque requisitions 1-preprinted+ 2-sequenced + 3-custody controls over blanks5-cheque requisitions: 4-to incl. details of 5- authorized by preparer sign 6- maybe even authorized second person6-cheque requisition+support docs ALL go to cheque signatories.(+ batch controls if numerous enough)

5-PAYMENT & RECORDING

1-cheque2-returned paid cheque 3-bank statement4-Cash payments journal (CPJ)6-Creditors ledger7-General ledger

1-cheque incorrectly made out(payee,amount)2-invalid payments(fictitious creditors)3-payments recorded inaccurately (error/fraud)

1- two cheque signatories2-they must agree support doc to date/amount/payee3-cancel (stamp/crossing) paid , used, Support Docs. ,(not use again)4-anti-tampering methods for cheque (a)permanent ink (b)no gaps (c)payees name in full (d)cross as ‘not transferrable’5-cheques+cheque books issued numerial sequence, only 1 used at a time.6-incorrect cheques: stamp cancelled +tear off signature –retain do not throw away7-signed cheques NOT returned to preparer: BUT mailed by independent employee.8-all recorded in NUMERICAL sequence in CPJ9-CPJ review by mngmnt regularly for missing sequence OR unusual pay.10-recon cash book to bank statement : staff independent of banking functions/creditors dept11-returned paid cheques: (a)filed numerically, (b) review suspicious endorsements.

AUDITING THE CYCLE:

INTRO.1) Important cycle –must be comprehensively audited.2) Product= purchases&creditors also bank 3) If auditor thinks cash&creditors is fair, then purchase&payments should be fair

FINANCIAL STATEMENT ASSERTIONS AND THIS CYCLE1) Purchase transactions: (TRANSACTIONS)

a) Completeness.-all have beenb) Occourance. -normalc) Accuracy.d) Cut-off.e) Classification.-in the proper accounting records

2) Payments (TRANSACTIONS)a) Completeness.b) Occourance.- did actually occour,not fictitiousc) Accuracy.-d) Cut-off.e) Classification.

3) Creditors: (BALANCES)a) Completeness:b) Existence.-not fictitiousc) Valuation:d) Rights&obligations.-are actually obligations, not anything else.

4) Assertions pertaining to (PRESENTATION AND DISCLOSURE.)a) Completenessb) Accuratec) Classification & Presentationd) Understandable

FRAUD IN THE CYCLE1) FRAUDULENT FINANCIAL REPORTING :

a) Understate trade creditors : to improve ratios (completeness testing)i) Eg: manipulate cut-off year end = inventory count at year end but only put as a ‘purchase’ after year end.

b) Overstate Purchases : to reduce profits (tax)c) Trading with many related parties like subsidiaries = “current liabilities” manipulation becomes much easier

2) MISAPPROPRIATION OF ASSETS i) Order goods for personal use- but company pays (occourance purchase,obligation fictitious creditors)ii) Fictitious payments to creditors : own companies/friends (obligation of creditors, occourance of purchases)iii) Claim Vat not entitled to :(completeness of liabilities)iv) Bribes from suppliers to purchase/or family/friends : Sect 45 Accounting Profession Act (director has not declared his interest to company) –difficult to catch.v) Theft of goods at receiving stage: (existence of inventory)

TESTS :1) Tests of controls:

a) Observationb) Inspectionc) Reperformanced) Enquiry

2) Substantive procedures:


a) Inspectionb) Enquiry & Confirmationc) Recalculationd) Reperformancee) Analytical procedures

TESTS OF CONTROLS:1) Assess the risk that misstatement will not be identified by the system/risk of misstatement of the fin stats/not fairly presented.2) Eg:

a) Inspecti) a sample of purchase orders for supplier is on approved supplier listii) Requisitions for authorizing signatureiii) Supporting docs is it stamped so it cannot be used again

b) Enquire: procedures carried out of goods receiving clerk – to reveal missing proceduresc) Observe: procedures carried out of goods receivingd) Reperform: creditors reconciliation(creditors STATEMENTS to creditors ledger)

3) Test should also be conducted on GENERAL(NON-SPECIFIC) CONTROLS eg: custody of blank order forms4) Remember limitations of these tests: observing someone performing it only means he did it then, not every time etc.

SUBSTANTIVE PROCEDURES:1) Main= creditors balance, main=completeness, main 2) Generally seen as :liabilities understated, not overstated3) In addition to creditors balances auditor may select sample of transactions eg: payments and purchases to perform subst.tests on, to seek EVIDENCE on assertions :Eg on a purchase transaction:

a) Occourance: i) Inspect supporting docs (GRN, PURCHASE ORDER, DELIVERY NOTE, INVOICE)to see if

(1) External docs are made out to Why(Pty)ltd(2) All doc are signed by the authority eg chief buyer.

b) Accuracy: (amount)i) Recalc name extentions invoice ii) Confirm prices&discouts: check order or purchase contractiii) Recalc vat , check discounts come before vat.

c) Cut-off:i) Date on docs to date in purchase journal +fin year

d) Classification:i) Should be on purchase order by buyer , check if in right oneii) Check descr. To be sure correct: eg fixed asset not written off as expense.iii) Vat correct on invoice+journaliv) Creditors ledger posting from ..

e) Completenessi) All that should have been recorded are recorded.

DUAL PURPOSE TESTSThese are combinations of testcontrols& substantive tests : to be done as follows:1) BY INSPECTION:

a) Supporting docs for:i) A Requisition from stores or production : 1- signed by foreman etc 2- goods commonly used by company ii) An Official company order form: 1-signed by the inhousecompany Buyer 2-cross-ref requisition 3-agree descr. Received goods 4-from authorised supplieriii) Copy suppliers delivery note which is:

(1) Sign(2) Descr right / agrees (3) Cross-ref : (only?)order

iv) Official GRN:(1) Sign in stamp says qty+qlty checked(2) Cross-ref :order/suppliers delivery

v) A suppliers invoice which :1-signed to show following tests done: 2-arithmatic accuracy check 3-pricing supplier list vs order price checked 4-the invoice was reconciled with supporting docs.

vi) A suppliers statement and RECONCILLIATIONwhich: 1-signed by clerk who reconciled 2-cross-ref to cheque requisition& agrees in amount to.vii) A cheque requisition which: 1-cross ref. to creditors support docs.by name,date amount 2- bears number of cheque issued 3-signed by senior creditors clerk & fin. Accountant to

authorize itb) Returned paid cheque:

i) Correct creditorii) Amountiii) Crossing&datingiv) Stamped by bankv) Signed by authorized signatories( pref.2)

c) General:i) All docs cancelledii) All docs addressed to this companyiii) All docs dates in current fin year + reasonable relation to each other

2) REPERFORMANCEa) Casts & extentions (generally)b) Prices correct (generally) test to price lists/orders etc.c) Recons correct

CREDITORS BALANCE (TRADE) PERFORMING SUBSTANTIVE PROCEDURES ON :1) Assertion : Existence :

a) Cut –off tests at year end. 1-record cut off no.& write on invoice 2 select in last 2 weeks material in purchases journal check GRN&delivery note&invoice that number&date are from last year(check for prematurely3- raised creditors so not overstated )..

2) Assertion : Obligations: : a) Check supporting docs to get evidence of

i) 1-the goods are commonly used by companyii) 2-made out in name of company

3) Assertion : Valuation (1) Individual Creditors Accounts TO Creditors Control account NB- MAIN do not forget this one(2) Sample of creditors on creditors list TO individual creditors accounts(3) Cred control+ ACCRUALS in General ledger TO- TrialBalance(4) Reperform Casts of Creditors list+ Creditors Control acc.


(5) Find ANY ‘dr’ balance and discuss with credit manager if they should be taken off list- put in debtors.(6) Check Year end Recons by creditors clerk : a sample incl. major suppliers

(a) Reperform casts(b) Balances on recon- TO creditors list AND creditors statement(c) Test logic of recon.(d) Inspect supporting docs & inquiry&confirmation –all amounts/balances

(7) Foreign currency –on date of fin stats = at Spot Rate.(8) All Accruals (year end adjustments) : 1-re-cast list 2-check all sup docs+Ledger &reperform calculations3- check if total is the same as in TB,Ledger,Balance Sheet

4) Assertion : Completeness MOST AT RISK of ALL – companies are more likely to understate liabilities than overstate them (find missing ones)(1) Current year TO last year : 1-missing this year 2-significantly smaller this year 3-find why(2) Disputes – check creditors correspondence file for evidence –adjust if needed/dispute not winnable?(3) Check list of GRN unmatched to Invoices year end-which is compiled when doing cut-off at year end 1-was it specially raised in journals at year end since no invoice was received

yet ??Y/N 1-recalc amount 2-check price(a) Check if Pile of Unmatched GRN,s contains 1 with number lower than cut-off number -and check if that one was put in journal (creditor raised)-the later in year you do this

the less likely there will be 1.(ALL THE YELLOW ONES BELOW WERE NOT FINISHED_NO TIME)book- page11/28

(4) AFTER year end: 1-GRN purchases journal no. > cutoff . 2-DATES after year end (5) Check if cheque payments made prior to year end are paid in reasonable time(window dressing creditors) (6) Check recon-eg premature write off disputed amount (7) Physical MORE THAN recorded inventory. (8) GL accounts ACCRUALS correct

5) ASSERTION: Presentation & Disclosure of trade creditors.(ISA500)NOT FINISHED-NO TIME BOOK pg 11/29 (very short)

USE OF AUDIT SOFTWARE (SUBSTANTIVE PROCEDURES) FOR CREDITORS BALANCES2) Enhance auditing of debtors by (if clients debtors are computerized)

(1) Stratify as % total: by rand amount, profile,etc, select samples for ageing(valuation)/ nil balance/ above some level(2) Scan ERROR : masterfile for error conditions,duplicate ACCOUNT NUMBERS (existence),NEGATIVE balances( valuation) ,blank fields(existence)., over/abnormal/ credit

limit/terms(valuation bad debts)(3) Unique characteristic/code 1-2-3: eg extract all handed over to lawyers(Valuation gross&bad debts, or code 2 correspondence(all assertions)(4) This Year vs Last Year for

(a) Major fluctuations/reduced in individual account balances(valuation)(b) Not Listed :anymore creditors

(5) Casts/cross cast : (valuation) ageing + print a detailed list of creditors&balances out (6) creditors balances vs client listing, or vs ageing,


CHAPTER 12 INVENTORY AND PRODUCTION CYCLECHAPTER 12 INVENTORY AND PRODUCTION CYCLE

ACCOUNTING SYSTEM AND INTERNAL CONTROLS:

INTRODUCTION:1) Also called: “inventory & warehousing cycle” ,”conversion cycle”, etc.2) Deals with 3 things:

(1) Control Physical Transfer of inventory – /it’s movement anywhere.(2) Protect inventory : from damage,theft,loss / Custody. raw materials, work in process, finished goods.(3) Record Production Costs : Provide Information to calc. cost of manufacture/production. (accumulating all production costs and adding to

‘cost’)

CHARACTERISTICS OF THE CYCLE1) HEART of the business : often the business is shaped around what it sells2) FIN. STATS. Effect on:usually major component in calc. of sales/cost of sales/net profit. Pervasive role in fair presentation . of fin.

Stats. Int.controls&control environment&acc.procedures must be good. (many businesses failed . .. due to this) 3) INTERNAL cycle : acquisitions cycle puts in, revenue cycle takes out, but this one depends on their controls.4) PHYSICAL asset : physical controls because it is not non-physical assets(eg debtors) 5) FRAUD - Inventory: inventory overstatement is very prominent –very ‘effective’ manipulation by overstating fin.stats.6) DIVERSITY of inventory :acc.procedures&internal controls must be able to deal with:

The auditor is affected by the diversity by eg: existence: of gas, valuation: of products of rapid tech obsolescence, rights: to inventory held in anothers possession, completeness & existence: held at multiple&obscure locations.a) Nature – 1-easy ID:fridge 2-difficult ID : chemicals,precious stones 3-growing: game,plants,chickensb) Location – 1-in transit, 2-multiple locations, 3-obscure locations, 4-in others possession-eg customs or on . . consignment.c) Stage of development – raw/wip/finishedd) Permanence – 1-tech.obsolecence 2-expiry dates 3- fresh produce

DOCUMENTS IN THE CYCLE1) Goods received note : for transfer from receiving bay into stores- simply that stores clerk MUST SIGN the original GRN made out when the goods arrived in

the receiving bay from supplier2) Materials issue note/materials requisition – authorize the removal of items from stores.3) Manufacturing or Production schedules : to notify production what to produce, from orders/stock levels/forecasts etc.4) Job cards :tracks the stages of production of a specific job./adds each cost as it comes + an overhead allocation.5) Production report ; reports results of production/output/ wastage loss/ For specific cost centres 6) Transfer to finished goods note : records from mnftring TO stores.7) Picking slip: -normal8) Delivery notes: when/after we delivered9) Inventory sheet: for inventory count: descr,location,qty,cost,extention.10) Inventory tag: 2 (identical)small,numerically sequenced, attached to each item before count,name&descr. Of item,empty qty block.Team1 gives to ‘inventory

controller’. Teams 2 as well. Discrepencies recounted.Some have a 3rd leaf which stays with the part till count is over.11) Inventory adjustment form:sequenced form used to record adjustments when actual&theoretical perpetual inventory records do not agree.(eg lazy to count

right at goods receiving, or stolen)

3 OBJECTIVES OF THE CYCLEThere are 3 objectives of the cycle:

1) Control Physical Transfer of inventory – /it’s movement anywhere.2) Protect inventory from :damage,theft,loss / Custody. raw materials, work in process, finished goods.3) Record Production Costs :Provide Information to calc. cost of manufacture/production. (accumulating all production costs and adding to ‘cost’) 4) SEE DIAGRAM PAGE 12/4 bottom – no time 5) 3 functions of the CYCLE

RISKS OF THE CYCLE1-RISKS1) Inventory is Lost or Stolen due to.

(1) Physical Controls – inadequate(2) Transfer Controls -of inventory, inadequate ,unathorised issues(3) Isolation of Responsiblility – inadequate establish who is accountable for at any stage(4) Division of Duties - inadequate- eg storeman custody+recording=conceal theft

2) Inventory Deteriorates due toa) Inadequate Physical controls (eg: gets wet)b) Its Nature (foodstuffs, chemicals, fresh produce)

3) Delays & Inefficiencies in Production due to:a) Incorrect raw materials supplied to productionb) Non-availability of raw materialc) Poor Quality of raw materials

4) Unauthorised Production : eg private jobs5) Inadequate recording of Costs of Production. : WIP etc wrong costs carried forward. 6)

2-CONTROL PROCEDURES1-TRANSFERS N.B. 1) Recorded : no movement without recording eg signed requisition / or barcode scanning.

2) Deliverer + Receiver Sign : both should acknowledge after check qty,descr. Eg material issue3) Filed Numericly : transfer documents (for finding gaps/false copies/missing/)4) Regular Review Signature : all docs. Should regular review for authorizing signature.5) Regular review sequence check : docs regular find missing/false extra etc. +Investigate if

2-DAMAGE/LOSS/THEFT N.B. 1) Physical controls : Stores + All Production Areaa) Limited entry/exit : minimum doors possibleb) Controlled entry/exit: swipe cards / keypads /turnstiles /x-ray /security guards/gate cntrl.c) Restricted entry/only: eg buying clerks not unaccompanied, only production employees.d) Secure buildings: solid structure, minimum windows, locks etce) Environmental: pest free, temp. controlled, dry, neat , clean.f) Surveillance: cameras over production line+receiving+despatch.(it’s often easy to steal from production line)

2) Frequent Comparison & Reconciliation:a) Inventory theory vs Actual: in all its forms, theoretical vs actual


b) Production schedule VS Actual :where’s the extra raw materials from lower actual gone to?c) Budget VS Actual : why did it cost more? Dofness on duty?or why?

3) Investigate Reconciliation : material variances.4) Regular Surprise Checks: by mngmnt+supervisory to see unauthorized production by: machine hours/usage compare to

actual production+production schedule to actual being made comparison5) Division of Duties : Note: ONLY THIS ONE : custody + recording inventory not by same person.

3-Info. FOR PRODUCTION COSTS

1-FOR JOB ORDERS1) Preprinted Job Cards for ALL JOBS TO BE RECORDED ON

a) Sequenced and datedb) List of materials to be usedc) Cross-ref : to customer order/quoted) Cross-ref : to materials requisitione) Cross ref : daily production schedulef) AUTHORISED by PRODUCTION MANAGER.

2) Job cards Pending File : that are still In production go in a …and updated for labour hours as they are incurred.(could be computerized)

3) Job cards Finished: should be removed from pending file and costed-labour hours&material prices accumulated and overheads allocated. (see objectives above)

4) 5) Job Card Calculations Checked : all above calc. should be checked by a second clerk6) Job Card Numericaly filed : after7) Job Card Completed file Sequence test & Check for: Frequent & Regular for

a) Cross-ref to “transfer to finished goods note” and to a “sales invoice” ( not skelm private job) b) Missing job Cards are still in the production stage.

8) Job Card Mngmnt Compare : to QUOTES and BUDGETS & investigate variances.9) “transfer to finished goods form” : On Completion : make out a

a) Accompany goods to finished goods storeb) Cross-ref to job cardc) Be used to write up perpetual inventory of finished goods (one record-the other is job card accumulation, so you have

2 to stop skelm change 1,as well as other reasons)

2-FOR PROCESS COSTING1) Production Schedules : ALL ‘process runs’ MUST go on these, which are:

a) Sequenced & Datedb) Cross-ref : to Production Plansc) Cross-ref : to Material Requisitionsd) Authorised by: production manager

2) Each Day / or eg per 1000 : “Transfer to Finished Goods Form” should be made outa) Accompany goods to finished goods storeb) Cross-ref to Production Schedulec) Used to write up the finished goods perpetual inventory

3) Performance reports : by production shift to measure performance eg wastage,qty produced,damaged items.4) Performance reports +production schedules –sent to: ‘costing’ for the allocation of labour &material pricing

&overhead costs(by ‘Standard costing usually’)5) Mngmnt Compare: Costed Production Schedules: Date&Sequence test regularly to check

a) All Production Qty was CROSS-REF to a ‘transfer to finished goods form’(means none was left out)b) Missing schedules are for finshed goods still in production(not skelm private jobs)

6) Mngmnt review :Performance reports to evaluate &follow up inefficiencies/wastage/(control environment)7) Standard Costs :VS: Actual cOSTS: variances investigated.8) Posting to Journals: from signed , costed production schedules:

a) Dr WIP : Material cost, Direct labour, Mnftring overheads.b) Cr WIP , Dr finished goods with the total costs of goods above

9) CHECK: all casts, extentions,calc. before posting though.

4-INVENTORY COUNTS 1- CYCLE COUNTS Frequent comparison &reconciliation logic behind it is Discrepencies must be timeously indentified & corrected & preventative measures then put in place to stop more

1) Cycle counts are: used by very large qty&items inventories to compare actual to theoretical.BUT then PERPETUAL system must be used in order to make this work.(cycle counts are not restricted to large companies but a perpetual inventory IS required.)

2) Plan Timing : at begin year eg: 2 days every 3 weeks, or every 3 months(in large firms it can be an ongoing exercise.3) Identify items to be counted:

a) Random samples (from the records -list to shelf)b) Items susceptible to theftc) High value itemsd) Divided List in sections: do just 1 at each counte) Divided Warehouse in sections. : do 1 at the count

4) Use a Standard method & count controls5) Sequenced INVENTORY ADJUSTMENT FORM : all discrepencies entered here.6) Investigate discrepencies : by 1-internal audit 2-inventory controller.

a) Results of investigation recorded on ‘inventory adjustment form’b) Warehouse manager authorize adjustments &reviewc) Numerically filedd) Sequence checked regularly(? Why?maybe got ‘lost’in investigation)

7) Recording adjustments : by other clerk independent of 1-custody,2-receiving,3-issue.8) Review 1 : perpetual inventory records VS adjustment forms by senior warehouse ou (to see if all adjustments DO

actually come from the forms or not?)9) Review 2 : discrepencies over a period to identify trends & put preventative measures in place. 2-YEAR END INVENTORY COUNTS

Periodic sytems count & price all once per year – so mistakes =effect on fin.stats.(perpetual as well but not as bad)

1) PLANNING & PREPARATION: 1. Timeous planning & preparation2. Date & time : of count, to be decide in advance.3. Method of : choose eg Tag system, or double counts, or marking all boxes counted in 2 colours chalk (1 colour for

each count) etc.4. Staff requirements : 1-Per team : 1 person from stores, 1 from accounting 2- How many teams?5. Supervision : who will be the “Count Controller”?6. Prepare Warehouse: tidy racks, mark damaged goods,stack like goods together,pack out half empty goods on to the

racks.


7. Warehouse floor plan :draft one to ID count areas for count teams.8. Locations & Categories :ID locations & categories all of inventory.

2) DESIGN OF STATIONARY:(3 types used) 1. Various docs.(3) used, all to be designed along standard design stationary principles 2. Inventory Sheets: printed, numerically sequenced ,show inventory category + item number + location,columns for

1st count + 2nd count + discrepencies +prices + extentions(in many companies counters must insert the descriptions etc, esp. where perpetual system not used.)

3. Quantities not to be shown on sheet, as per records : so it forces counters to count(in theory, but practically not always possible)

4. Inventory tags : 5. Inventory adjustment forms :

3) WRITTEN INSTRUCTIONS: 1. Provide for all members directly&indirectly involved : info&instructions on the count to be conducted. 2. Identity of Count Teams + Responsibilities of each. 3. Method to be Used : eg Tag system, or double counts, or marking all boxes counted in 2 colours chalk (1 colour for

each count) etc.4. Identity of 1-Slow moving 2-damaged 3-consignment inventory.(say how to identify these and record it)5. Controls over issues to & returns of Inventory Sheets to count controller???: 6. Procedures if Problems Arise: eg if items cannot be found, deliveries during count etc.7. Dates,Times, Locations of Count: Give this in Detail.8. Pronounce ‘sixtiey’ etc not sixtie for 60, same for 70, 80, etc. to avoid confusion

4) CONDUCTING THE COUNT :(NB done in detail in class)(there are variations in procedutes but following should always be adopted)1. TEAMS of 2, one person always independent of all aspects of ‘inventory section’2. Floor plan : each team gets one, shows which are they are accountable for3. Count Twice: all items, use one of following methods:

i) 1 member counts, 1 records, swapping to count their area a second time.ii) I team counts 1 area once , then another team counts it again.They give their sheets back to controller and sign

for sheets of another area.4. Tag OR Chalk :Either neatly boxes counted coloured chalk 1 colour for each count OR use tag system5. Damaged OR Very Dusty unused : inventory: mark on sheet as potential write-downs.6. Packaging Tampered with : count items inside & note details on sheet.7. Random selection & check : select some packages and check contents inside to see if description is same as on

sheet, (check they have not been changed/removed and seal replaced.)8. After count: controller + assistents must walk through warehouse and check

i) Double marks OR both tags removed : on all boxes to show counted twiceii) Check inventory sheets if 1st & second counts qty same and same as records of perpetual inventory.iii) Have discrepencies recounted.

9. Last GRN + INVOICE + DELIVERY NOTE numbers up to date of count obtained by count controller and recorded for future reference.

10. No dispatch on date of count(or use system of : all issue forms on those days must record if before end of year or after end of year removal per item and exact time and date of picking–before add to count if already counted , after subtract from count if not yet already counted – the counters must note time & date of each item counted to see which .(note : if box was already counted, then before leave same , and after also leave same.And if busy counting the box while picking stock then figure out a method to balance it all out-with people at door to double check what goes out etc. etc.very complex- must research and work this out)

11. Receipts from deliverys : store separate in receiving bay-don’t add to stock until after count.These late deliveries MUST then be counted and added to inventory count after count is complete.

12. Counters to:i) Draw Lines through Blank spaces on sheetsii) Sign each sheet and every alteration.

13. Inventory Controller to:i) Check above 2 procedures doneii) Sequence test sheets to make sure all are accounted for.

14. Count Teams Formally Dismissed : only when count is complete AND all queries have been attended to.

AUDITING THE CYCLE:During the “understabding the entity and its environment” stage the auditor will walk through and gather details of internal controls and production/cost accumulation/ inventory internal controls & processes and estimate the risk of fin.stats. being misstated.then he plans the audit in accordance.

FINANCIAL STATEMENT ASSERTIONS

1) Mainly : THE ASSET is fairly presented in fin.stats.2) Assertions : which apply:

a) Rights: …b) Existence: actually existed(not overstated)c) Completeness: all that should was recordedd) Allocation & Valuation: appropriate value amount(incl.adjustments ie “carrying value” at lower of cost and net realizable value) and in the right

account headings in ledger.3) Presentation & Disclosure :

a) Complete : in terms of 4th schedule and IFRSb) Classified : correctlyc) Accurately: presentedd) Understandable : ..manner

IMPORTANT ACCOUNTING ASPECTS –IAS2 –INVENTORIES

1) IAS-international accounting standards- gives definitions and requirements for methods to value inventory and present &disclose it.2) DEFINITIONS:

a) Definition: Inventories:consist ofi) Assets held for sale in the ordinary course of business(incl. finshed goods or bought for resale)ii) Assets held in process of production(WIP)iii) Raw materials to be consumed in production process

b) Definition:Net Realisable value :i) The estimated selling price in the ordinary course of business less the estimated costs of completion and the estimated costs necessary to make the

sale.3) Inventory to be presented at the lower of cost and net realizable value

a) Eg damaged inventoryb) Eg obsolete inventory


c) Eg:selling price has declined to below cost price4) Cost of inventories:

a) Should consist ofi) Costs of purchase: transport + import dutiesii) Costs of conversion :production overheads & direct labouriii) Costs to bring to present location and condition: eg costs of designing a product for a client

b) MUST EXCLUDE:i) Storage costs(unless these costs are necessary in the production process before the (further), following production stage)ii) Administrative costs (exept those incurred in bringing them to present location and condition)iii) Selling costsAuditor must be satisfied that these were written off as expenses and not included in the costs of inventories

5) ‘Cost’ of manufactured goods : a) Allocating overheads to inventory must incl. only the following:

i) Fixed&variable PRODUCTION overheads.ii) Based on NORMAL capacityiii) Be allocated on a systematic basis which is reasonableiv) ABNORMAL wasted material,labour,or other abnormal production costs should be excluded.

6) Cost formulae : only the following are allowed by IAS 2.a) Specific Identifictionb) Weighted Averagec) FIFOd) Standard costs(only allowed to be used in fin.stats. if it approximates actual costs though-as a second requirement)

i) Only Variances in STD costing relating to Stock actually an hand at year end-since some will relate to stuff already sold- may affect the cost of sales)ii) Variances as a result of incorrect standard setting must be dr/cr to inventory & cost of sales to approximate actual cost as per IAS2)iii) So if it was a temporary price rise due to shortages but the price went down again , it must be added to inventory cost for any of that specific

purchase that is still in stock ,for the fin stats, due to condition: only allowed to be used in fin.stats. if it approximates actual costs though-as a second requirement), but if it is a price rise and half the inventory was sold, the variance for the part that was sold must be “???written off???how?? “, but only for part still in stock it must be added to the cost of inventories, and if same inventories were used for manufacture then it must be ‘written off”???what if the manufactured goods are still in stock?.

e) Retail Method (allowed to be used in fin.stats. if it approximates actual costs though-as a second requirement)7) Pricing of Imported inventory:

a) Rate at TRANSACTION date, not PAYMENT date.b) Even if rate is different at year end, no change is made to inventory.

FRAUD IN THE CYCLE:1) Fraudulent Financial Reporting :

a) Presents directors with an effective opportunity for manipulating the bal.sheet.b) The directors may:

i) Include fictitious inventoryii) Understate writedowns for obsolescence,damage,etc.iii) Overstate writedowns, or exclude inventory which should be included.

c) There are hundreds of ways to include fictitious inventory.As all directors know auditor will perform physical tests of inventory,many frauds require intricate planning and a lot of deception

d) Example: the great salad oil swindle- vats had false pipes for measuring or seawater in the bottom.fraud only got discovered when the banks called in their debts and there was no oil.

e) Methods to reconcile fraudulent inventory with physical inventory:(1) Include hollow containers in the count(2) Hollow stacking: surround empty boxes with full ones(3) Attach empty container to shelf to seem heavy(4) Put bricks in proper inventory packaging(5) Repack second hand or defective to look like new.(6) Alter qty on inventory count after the count(7) Include inventory which is not what is recorded on sheets eg steal genuine nike and replace with cheap lookalike(8) Borrow from a related party for the count only(9) Have sold goods returned under false pretences for the count eg vehicles(10) Double counting : eg in transit or multiple locations(11) Obtain False 3rd party confirmations from agents or related parties(12) Include ‘on-consignment’ inventory as your own(13) Manipulate year–end cut-off.(14) Incl. goods received in physical count but not in inventory.(15) Pre-invoicing and include goods in physical count.

2) Misappropriation of assets a) How to get the goods and how to hide the theftb) How to get the goods will depend on:

i) Nature of goods: small valuable vs large immovableii) Physical control ; limited exits, cameras,etciii) Division of duties: custody & recording by same personiv) Frequency of physical & theoretical reconciliations.the more often the more difficult to stealv) Controls in other cycles: eg receiving goods(aquisition cycle) , despatching goods(revenue cycle)vi) How to hide the theft will depend on :

(1) Division of duties-custody & record keeping – presents the BEST opportunity.(2) Control environment weak.

TESTS OF CONTROLS AND SUBSTANTIVE PROCEDURES:TESTS OF CONTROLS

The auditors main focus will be substantive testing but some tests of controls are carried out.1) Observation:

a) of inventory count2) Inspection:

a) Cycle count amendment forms&recons. For frequency&materiality & how were resolved of discrepenciesb) Of Stores Controls : to determine the effectiveness of:

i) ACCESS : Access Control,(custody and safekeeping)ii) DOCS: Authorized documentation to record inventory movement.iii) FIFO: STORES LAYOUT, to facilitate physical implementation of FIFO.

c) Inspect Records controlling inventory movement. i) Inspecting a sample of requisitions and materials issue notes.


(1) Authorising signatures(2) Cross-ref to Job cards.

ii) Inspect a sample of inventory movements per the perpetual inventory records to “transfers to finished goods stores”3) Enquiry: of production & warehousing to see what procedures they really perform.4) Recomputation :of calculations on 1-production schedules, 2-performance reports, and 3-other costing records.

SUBSTANTIVE PROCEDURES

1) Many of the tests of controls are dual purpose tests 2) Auditors Objective: (all done by substantive procedures)

a) Quantities correctb) Cost formula correctc) Reasonableness of write-downsd) Cut-off procedures(physical vs records)e) List of GRN no.s not matched to suppliers invoices by year end drawn up for later use.

3) Year-End procedures: a) Attendance at inventory count (existence ,completeness,valuation)b) Post – count procedures :subsequent audit of carrying value (valuation, rights, presentation & disclosure)

4) Inventory Count Attendance: ( generally) a) it is both a test of controls & substantive test.b) Test of controls: of actual controls for the count itselfc) Substantive tests:

i) Existence : of qty by sheet to shelf tests.ii) Valuation : condition-damaged/obsolete/slow moving.iii) Completeness: by shelf to sheet

d) Cut-off procedures(physical vs records)e) List of GRN no.s not matched to suppliers invoices by year end drawn up for later use.

5) INVENTORY COUNT ATTENDANCE: (METHOD ) NB a) PRIOR:

i) dates & times Liase with client about of countii) locations: confirm by enquiry, prior audit papers,visitiii) admin.planning eg organize staff to attendiv) written instructions: get a copy of clients instructions to his teamsv) not to be counted: get list of eg: consignment,invoiced but not delivered/collected.(&ask how it is identified physically)vi) brief audit staff: as to their responsibilities.

b) DURING: i) Written instructions: observe to check clients instruction are adhered to.ii) Obsolete/damaged/dusty old packets record item no,details etc to check if it was noted on count sheets as it should have.iii) Sheet to shelf: make sure all categories all sections & categories are tested.iv) Shelf to sheet: make sure all categories all sections & categories are tested.v) Resolve discrepencies & amendment: before end, to be sure amendments entered on sheet after recounted with staff.vi) Numerical Sequence test: check before & after count to be sure all sheets are accounted forvii) Exclusions: confirm by enquiry (of counters) &inspection (of sheets) whether consignment/undelivered/uncollected/etc have not been included.viii) Pronounce ‘sixtiey’ etc not sixtie for 60, same for 70, 80, etc. to avoid confusion.

c) CONCLUSION: i) Inspect Inventory Sheets To Confirm That:

(a) Lines drawn through blank spaces. (so items cannot be added)(b) Alterations/corrections have been signed.(c) Sheets signed by counters responsible.

(2) Audit Records (create some by)(a) Copies: of all inventory sheets.(hardcopy or digital)(b) Observations: as to clients count procedures.(c) Test Counts Results : of Test Counts by Audit team(d) Recording damaged/slow-moving/ obsolete : inventory.

(3) Record cut-off numbers: for all docs used in inventory & production cycle.(4) Record GRN unmatched to Supplier Invoices. List of.

POST INVENTORY COUNT PROCEDURES: (BIT NB SORT OF)

1) RIGHTS : (company holds or controls rights to the inventory.)a) Consignment : enquire mngmnt if any is held for other partiesb) Imported in Transit: get listing, see from FOB,CIF- if ownership has passed or not.c) Encumbered: find out if any is offered as security. By.

i) Discuss with mngmnt.ii) Inspect bank confirmationsiii) Review directors minutesiv) Review correspondence/contracts- suppliers/&credit providers.

d) Invoices : made out to clients name (not another) check while doing valuations.2) VALUATION & ALLOCATION (at appropriate amounts) (ONLY IN MULTIPLE CHOICE)

a) Arithmatic Accuracy: i) Auditors copy VS clients copy of inventory sheet(if client did not alter the sheets)ii) Reperform casts&extentions on inventory sheets.iii) Negative item values- check sheet(should not be any)iv) Inventory sheets TOTAL vs ledger vs TB.

b) Pricing inventory purchased locally i) use sample test counted at ‘count’ to check

(1) trace pricing to suppliers invoices(2) & recalc. Formula for FIFO.(3) Or recalc formula for Weighted average if used(4) Carriage costs: enquire of costing clerk&inspect transporter invoices to make sure it was incl. in costs of items

c) Pricing imported inventory purchases. i) Get a sample of HIGH VALUE items

(1) Get suppliers invoices,shipping contracts,costing schedule and reperform unit cost calc. to verify:(a) Exchange rate on day of transaction, not payment(check with bank -rates)(b) Customs&import duties incl. –from Shipping agents invoices(c) Allocation to each item of these costs is reasonable & accurate.(d) NOTE: companies which import inventory usually have a ”COSTING SCHEDULE” with details of how costof imported goods was arrived at –

eg customs,shipping etc. (auditor traces back to source docs)


(e) NOTE: there may be more than 1 supplier invoice at different prices&times for any 1 type of items sampled-check all.d) Pricing manufactured goods

i) COSTING METHOD: enquire&inspect docs to get idea of method used.ii) CHECK IF CONSISTENT with prior years, AND remains appropriate now.iii) FOR STD COSTING SYSTEM:

(1) Check appropriateness of standards setting process & adjustments to standards- enquire&inspect(2) Check variances- esp. to see no inappropriate increasing of inventory at year end.

iv) COSTING SCHEDULES VS SUPPORTING DOCS:(1) descr. of materials & prices (2) labour costs VS payroll records(3) allocation of overheads: ONLY fixed&var. Production overheads.(4) Based on normal capacity(5) Done on a systematic basis which is reasonable

v) COSTS OF CONVERSION: make sure no: admin. Overheads or selling expenses or “abnormal” wastage&labour&production costs.e) Lower of cost/net realizable value

i) Use a sample to verify selling price by (1) Refer to sales lists(2) Most recent sales invoice per item(3) Compare sales prices VS 1st post bal. sheet date invoices to see which is lower.

f) Obsolescence : Inventory allowance i) Discuss with management:

(1) Process used – fixed(only allowed if strong historical evidence) or detailed analysis each year.(2) Procedure for approval of allowance- eg is it approved by fin. Director after consult warehouse mngr.(3) Specific events: eg flooding this year(4) Any soon to be /or are obsolete products- eg competitor launched a competing product.

ii) Analytical procedures: this year to last tear for eg:(1) Allowance(2) As % of total inventory(3) Inventory turnover ratio(4) Days inventory on hand

iii) Indicators of obsolescence problems:iv) Reperform ageing of inventory by tracing back to source docs.v) Compare allowances raised in previous years to actual write-offs in subsequent years to check mngmnts estimates.vi) Year-end count- check if those obsolete/damage etc have been included in allowance.vii) Reperform calc.s of allowance viii) & discuss reasonableness with management as per evidence gathered.

3) COMPLETENESS a) Cut-off proves all that was purchased was included and all that was sold, was excluded.b) Attend inventory countc) Analytical review

4) EXISTENCE :a) Cut-off proves all that was purchased was included and all that was sold, was excluded.b) Attend inventory countc) Analytical review

5) GENERAL: ALL ASSERTIONS: a) Analytical review : current to last years eg:

i) Total ii) Total by category, source(local/import), locationiii) As % of Current assets,total assets.

b) Include reference to inventory + also to obsolescence, in the management representation letter.

6) PRESENTATION & DISCLOSURE : (whether fin.stats. are complete in terms of)a) IAS standards & 4 th schedule

i) Encumbrances on inventory(security)ii) Accounting policiesiii) Cost formulae

b) Consistent with evidence gathered on auditc) Amounts,facts,details accurate and consistent and agree with evidence gathered.d) Classification is appropriate : eg WIPe) Wording of disclosures is clear&understandable eg: for a reversal of impairment.

THE USE OF AUDIT SOFT WARE (SUBSTANTIVE TESTING)

1) Normally the inventory masterfile will contain at least the following fields:a) Item no.,descr,category,location,importlocal,approved suppliers,qty on hand,unit selling price,unit cost,date of last receipt&GRN no., date of last issue &

Doc. No, item value(cost*qty).2) Procedures which can be conducted on it using CAAT. 3) Enhance auditing of inventory by

(1) Stratify as category & item value – for 1-planning/2-analytical/3-selecting samples(2) Scan ERROR : masterfile for error conditions,1-duplicate ACCOUNT NUMBERS (existence),2-NEGATIVE qty or unit cost 3-negative qty AND negative unit costs( valuation) ,3-blank

fields(existence)., 4-QTY field is 0 but date last purchase is > date of last sale 5-qty = 0 but ‘value’ is above zero 6-date last purchase/sale in after year end (3) Select samples for 1- pricing 2- inventory count(4) Reperform : 1-qty VS unit cost 2- cast totals field(5) ANALYSE by:-ALL to get evidence for WRITE-DOWNS

(a) Unit cost EXCEEDS selling price(b) Date last sale is 9 mnths before year end,date of last purchase is within 2 mnths of year end(c) Date last sale+purchase is over 9 mnths from year end(d) Where qty on hand is say over 5 times qty sold to date.


CHAPTER 13 PAYROLL AND PERSONEL CYCLECHAPTER 13 PAYROLL AND PERSONEL CYCLE

ACCOUNTING SYSTEM AND INTERNAL CONTROLS

INTRODUCTION:1. Unique Characteristics:

a. Major Expense: results in an outflow of cash , to most businesses it is a MAJOR expense, not a small one.b. Involves Cash : many are still cash , exept electronic transactions.c. Internally generated transactions : most documents are internally generated, not by eg external suppliers.Fraud is thus easy with this.d. Susceptibility to fraud: wage frauds are not uncommon because:

i. Cash is easy to conceal/stealii. Adding fictitious hours/or workers needs no external documentation.iii. Large amounts of money can be generated, by 20 extra employees, to bribe collusion wage dept.

e. Continuity of Operations: a workforce paid 1 day late is very upset, not suppliers.Thus Contingency Plans Needed.f. Major Risks Within the Cycle.

i.

DOCUMENTS USED IN THE CYCLE:1) Employment Contract/ Employee file : Employment contracts + Advert in Newspaper(proof not fictitious) +Interviewing panel results + UIF etc. + Sick

leave taken/signed etc.2) Payroll Amendment Form : used in detail to authorize all changes per mnth etc. for promotions/dismissals/ higher wages etc.3) List of Employees: provided by personnel, a list of all employees &details, needed to calc. wages&salries month end etc.4) Clockcard: card which records hrs a wage earner has worked.5) Batch Control Sheet & Batch Register: control movements of batches of clockcards between functions.6) Deduction tables & Returns: PAYE /Med.Aid /UIF etc.7) Wage journal (PAYROLL is another name) : spreadsheet listing employees names + work/cost centre + overtime&hours etc.8) Paypackets, Payslips, Salary Advices: cash goes in here./ explains deductions etc.9) Unclaimed Wage Register: book recording those who did not collect their paypackets.10) Wage /Salary Reconcillliation: recons this weeks wages/salaries to last weeks .(see example later in chapter)

CHARACTERISTICS OF GOOD INTERNAL CONTROL:1) Control Environment: important that management insists on strict adherence to controls, if employees perceive weakness frauds will occour.2) Competent Trustworthy staff.: cash is being handled: accurate& on time & trustworthy.3) Division of Duties: recording separate to assets(cash&bank) eg clerk prepare payroll may not handle cash./ or sign cheques.

a) 1- creating clockcards 2-recording hours 3-preparing payroll 4- paying over cash/signing cheques b) Within each of these above functions : divide between Doing task & Checking it.

4) Isolation of Responsibilities : because fraud is likely , workers must be able to prove where their resposnsibility started and ended and prove they carried out their function. This is very important where cash is passed from 1 to another.a) Eg: where clockcards are passed from 1 to another : both must sign to show they 1-checked & 2-received/gave the cards so if any false card is inserted,

it can be identified who was involved /put it in.5) Access/Custody controls : especially: blank clockcards, salary account cheques, clocking device , cash(as paypackets or unclaimed wages)6) Source document design : eg place to sign payroll journal&clockcards . Also space for normal/overtime/employee details/ etc. and gross wages/deductions

total in payroll journal etc.7) Comparison and Reconcilliation :

a) Current VS Previous weeks wages/salaries + no. of employees + amounts paid.b) Payroll (by wages dept) VS Records from User Dept(eg depatch dept etc.)c) Personell records VS Actual living people

FLOWCHART & DESCRIPTION OF CYCLE :NOTE: For every single controls column below , ADD: employees must sign docs to acknowledge control procedures they have conducted.( as per book vertabim)FUNCTION Descr. DOCUMENTS RISKS CONTROL PROCEDURES

1-PERSONNEL (Human Resources)

Obtain max efficiency from workforce by control: 1-Dismissals2-Recruitments3-Wage negotiations4-Labour disputes5 Keep Records for employees(Accurate Complete) produce clockcards from these.

1-Payroll Amendment Form.(PAF)2-Employees File.

1- Unnecessary or unsatisfactory :recruit/retain such employees.2- Dismissal : Incorrect procedures.3-Unauthorised amendments to employee records. -fictitious add - wage rate change

1-Requests: for new retain or old dismiss must be from 1-DEPT making request, IN WRITING 2-Signed by section head , countersigned by sect. manager,after reference to the budget.2-Pay Rate / promotions /other service conditions : 1- Decided by Wage Committee/ or Personnel Dept. after 2-Consultation with interested parties eg UNION representative 3-Consider Laws & Regulation : eg min. pay rate/overtime etc. 4-Documented + Authorised by body authorizing eg: Wage Committee/ Personell 3-Payroll Amendment Form(PAF) : all above to here + 1-Cross Ref to supporting docs + 2-Signed by senior Personnell Dept. 3-Regular Review Gaps in file of PAFS : sequence&validity.4-Competent trustworthy Personel : 1-use sound Personell Practices (interview/background checks.)5-File Of Each Employee : to be kept incl : 1-copies of relevant PAF’s 2-employment contract 3-performance appraisals & disciplinary warnings 4-personal details including qualifications ,background info.

2-TIMEKEEPING 1-KEEP VAC record of valid hrs worked2-Clockmachine commonly used3-daily hrs added for week & sent to payroll preparation.

1-Clock cards2-Batch control sheet3-batch register.

1-invalid Hrs recorded.by eg: Fictitious employee Clock for absent friend Clock in + leave premises.2-hrs incorrectly added for normal / overtime

1-Entry & Exit points of Work area: 1-limited (preferably just 1) 2-protect by turnstile mechanism(counts in/out) 3-supervised during clocking periods(watch that no double clock etc.)2-Clockcard : prepare by Personell Dept only,strictly per “authorized employee list.”3-At end of WEEK : (usual Wednesday Afternoon) 1-agree no. of cards VS list of employees in section.

1- calculate ordinary time


2- calc. overtime3- divide into workable batches(25)4- Do batch control sheet:

a-ID section&weekb-control totals(tot.hrs,no.of cards etc)c-signature

4-Batches: a- Before batch transferred to payroll section head must: 1-check calculations 2-authorise overtime( need for overtime to be confirmed before it is worked) 3- check & sign batch control sheet\ b- Batch Register : details of batch to register & then securely transferred to Payroll Preparation

3-PAYROLL PREPARATION:

Calc. wages&deductions. From hrs. and record on payroll.(wages journal)

1-Clock cards2-Deduction tables3-Updated List of employees4-Payroll (Journal)

1-Include fictitious employee2-Use Incorrect/ Unauthorized pay rates/hrs/deduction tables.3-Cast & Calculation errors.

1-Wage clerk check details of batch & sign register on receipt from timekeeping.2-Wage clerk prepare: 1-payroll 2-coinage schedule 3-Recon : this week VS last week (no.employees+amounts net) 4-A RECORD: control totals for overtime & hrs worked etc. 3-Supervisor or 2nd wage clerk : 1-verify hrs&rates used VS clockcards & employee lists. 2-verify deductions VS relevant table 3-Reperform calculations & wage recon. 4-Sign4-Head of Payroll Prep : SIGN 1-payroll 2-recon (week to week one) after careful review.5-Cheque for wages: give with 1-payroll 2- recon to 2 cheque signatories who : 1-review for unusual eg large amounts , excessive overtime. 2-check signatures :for control signatures 3-sign payroll & recon

4- PAYMENT PREPARATION &PAYOUT VERY NB:

1-Prepare Pay-packets2-Distribute Wages3-Unclaimed wages recording.

1-Payroll2-Payslips &3-Paypackets4-Unclaimed wages register

1-Errors or theft of cash during 1-drawing of cash 2-making up paypackets 3-payment of employees2-Theft of Unclaimed Wages

1- 2 people to make up wage packets (where there is cash allways 2+) (and also “physical” security over cash handling tight)2- Delivery of Wages to payout: section head must 1- agree no. paypackets to payroll. 2-agree control totals : batch register ot.hrs , no. cards. 3-sign payroll to show receipt & control procedure done.3- Lock away paypackets till payout4- 2 people min. do payout :independant paymaster & foreman 5- Employees must: 1-show ID 2-sign payroll (to show receipt) 3-count & report discrepencies immediately. (tick sheet on employment date to say read this- tick each & sign.6- collect for another person : MAY NOT collect the paypacket. 7- AFTER payout: foreman & independent paymaster must : 1-agree all unclaimed paypackets to payroll 2-identify on payroll all employees with unclaimed paypacket. 3-Unclaimed wage register : fill it in 4-Sign Payroll :to acknowledge this control procedure.8- Lock away by paymaster : unclaimed paypackets AND payroll9- Collect Unclaimed Wages : show ID + Sign unclaimed wage register(not payroll) (it could be a fictitious employee!)10-After 2 weeks: unclaimed to be a-Banked + b-Copy deposit slip attached to register + c-Cross-Ref to entries11- Reconciliation : unclaimed wage packets to unclaimed wage register +CHECK FOR UNUSUAL OCCOURANCES eg more unclaimed in one section than another.

POINTS BY LECTURER:-physical security : high windows + no disturbance allowed during the paypacket filling with cash.-people who will count out cash must declare how much cash they have when they walk into the room- if short wages they must be searched. & use other people eg creditors or debtors clerk, not same ones who prepared the wages. Also someone must observe them to make sure they put nothing in their pockets.-unclaimed: recon to blank spaces on register

5-DEDUCTIONS: PAYMENT & RECORDING.

1-To record liabilities in respect of deductions& settle them in time

1-General Ledger2-Payroll (wage journal)3-Cash Payment Journal4-Return form

1-penalties due to non-payment or late payment or underpayment.2-criminal/civil charges due to non-payment (this is theft)3-Overpayments : losses due to

1-One Single Person to raise & pay deductions :isolate responsibility so no confusions develop 2-a strict monthly schedule for : 1-post entries to raise liabilities for deductions 2-make payments timeously 3-supervisory checks on above activities3- Signing cheques: Payroll Journal & Return forms should be presented for scrutiny before signing .4- independent monthly scrutiny of general ledger accounts for deductions (liability/ creditor account) by the financial accountant , to be sure they are being cleared

AUDITING THE CYCLE

INTRODUCTION1) Risk of misappropriation is high so direct lots of resources to this one2) EXPENSE total, not a BALANCE total which can be reconciled to an asset.


3) Auditor must be reasonable certain controls operated efficiently throughout the year to produce VAC total.4) Substantive tests:

a) Test recording of hoursb) Confirm employees do existc) Test week to week changes to PAF d) Accuracy of calculations & deductionse) Confirm deductions are paid overf) Extensive Analytical review

5) BASE WEEK METHOD: common method is to test 1 or 2 base weeks to be sure they are 100% correct, then just compare& recon them to all other weeks in year and do ANALYTICAL COMPARISONS.

ASSERTIONS:1) OCCOURANCE : most important one because The Highest risk = overstatement of expense by incl. fictitious payments2) ACCURACY: 3) CUT- OFF: 4) CLASSIFICATION : in the proper accounts5) COMPLETENESS : not normally a risk exept make sure no illegal immigrants and not record wages/ or illegally low wages to those who need a job.=

reportable irregularity + contingent liabilities (fines/penalties/ illegal)6) DEDUCTIONS: the Liabilities part does not form part of this and is done when “creditors” are audited , not here.

FRAUD IN THE CYCLE1) FRAUDULENT FINANCIAL REPORTING

a) Not really a lot of scope for this, exept profit by manipulating the expense accountb) Illegal immegrants: by not reporting their wages a form of fraudulent financial reporting is taking place.

i) Wages not reportedii) Contingent liabilities ie possible fines/penalties not reported

2) MISAPPROPRIATION OF ASSETS a) Wage fraud :

i) OCCOURANCE :Include dummy employees : MASTERFILE+ CLOCK CARD etc (1) Not remove if retire/dismissed/resign(2) Collusion is required eg foreman & wage clerk , also possibly fictitious employee.(3) Note : They MUST get the cash into their own pockets somehow-this is a tricky part

ii) OCCOURANCE :Unauthorized rate/scale changesiii) OCCOURANCE :Employee paid for Fictitious hours eg foreman authorizes overtime never worked & split proceeds , or clock in for absent friendiv) VARIOUS ASSERTIONS :Tax evasion schemes - by directors usually , eg company cars for directors not declared and PAYE not deducted & fringe

benefit not reported.This is a reportable irregularity per Auditing Profession Act.

AUDIT PROCEDURES: SALARIES & RELATED ACCOUNTS

1) OCCOURANCE: a) Check if genuine living people :Sample of Employees from wage register,

i) Inspect Personel file (various docs verify he exists)ii) Signature : compare “salaries register” one to “employee file” one. iii) Vouch ; trustworthy eg fin acc. To vouch for people you don’t knowiv) Vouch ; with dept. manager if if worked there in dept.v) If Doubt, do surprise verification: physical check on person.vi) Discuss with Personell Staff, & Examine employ/dismiss Docs to:

(1) Make sure removed from salaries register on correct date(2) Employ/dismiss Docs Properly Authorised

vii) Examine: PAYE /UIF returns for employee name&tax no. etc. VS employee fileviii) AUDIT SOFTWARE: Check masterfile for Error conditions which show fictitious employee

(1) Duplicated/missing ID no.(2) Duplicated/missing Tax No.(3) Duplicated: employee no (only duplicated)(4) Duplicated: Bank acc. No.

2) ACCURACY , CUT-OFF , CLASSIFICATION a) Inspect : Salaries register Gross salary VS personnel section listingb) Inspect: if there were lately salary changes – inspect authorized list of salary increases VS actual salary paid to see if correct one was used.c) Deductions: PAYE/Med aid etc check if correct was made, if wrong ask personell&employeed) Returned Salary Cheques: correct crossings, + suspicious endorsements + correct amount per salary register.e) Recompute: 1-deductions & 2-salaries register casts & cross-casts. f) DATES & details : on Paid cheques VS return forms for : deductions Clearing Accounts+ salaries paid pertain to correct cut off AND deductions paid

timeously. 3) GENERAL ANALYTICAL PROCEDURES:

a) Salaries : Month TO Month any large fluctuations by division/branch/dept etc. b) Ratio & Trend :

i) Commission % of TOTAL SALES ii) Salaries as % of TOTAL EXPENSES

c) Payroll ledger accounts : STRANGE/’out of ordinary’ amounts eg 13 th cheque/ lump sum payments4) ASSERTIONS PERTAINING TO PRESENTATION & DISCLOSURE:

a) Disclosures in notes: i) Complete in terms of IAS (international acc. Standards) and 4th schedule eg directors emoluments& post employment benefitsii) Consistent with Evidence gathered on the auditiii) Amounts, facts details accurate & agree with evidenceiv) Classification: of info is appropriate.v) Wording Clear & Understandable

5) NOTE 1: illegal employees : if auditor has a suspicion :a) Do a reverse identification ( employee against list, not visa versa)b) Alert to unsupported paymentsc) Alert secret bank accounts.

6) NOTE 2 : Salaries by EFT:a) Obtain mnthly schedule of EFT from bank = 3rd party evidence used to gather substantive evidence

7) NOTE 3: Month to month Recon :a) Use it to vouch & verify movements on the Payroll Journal eg incr. means you check appointsments documentation and salary increase authorizations.

AUDIT PROCEDURES :WAGES & RELATED ACCOUNTS:

1) OCCOURANCE: a) We will assume the base week method has been chosen, for the following procedures:At the planning stage a number of weeks should be pre-selected at

which a surprise attendance at the wage payout will take place:i) Arrive after paypackets prepared but before payoutii) Take custody of all paypackets agree name number amounts to Payroll.


iii) Disribute wages :Accompany paymaster and check:(1) ID of each (2) Ask foreman if the employees are authentic(3) Unclaimed Wages :

(a) Check if noted in Unclaimed Wages Register + on Payroll(b) On later visit ask for the employees & ID .(c) Inspect the U.W. Register all entries since last attendance.

(i) Employees appearing Regularly :Check authentic each employee (ii) Confirm re-banked in reasonable time (deposit slips/ copies on UWregister/bank records)

iv) Personell Records (of a sample of employees at the attendance)(1) Check files for evidence (eg: contract, UIF/PAYE, advertisement, union details, medical details)(2) PAYE/ UIF – check their names were included on the returns.

b) EFT Payouts :i) ID : still check ID ‘s and physical inspection at workplace of employeesii) AUDIT SOFTWARE: Check masterfile for Error conditions which show fictitious employee

(1) Duplicated/missing ID no.(2) Duplicated/missing Tax No.(3) Duplicated: employee no (only duplicated)(4) Duplicated: bank acc. No.

c) CHECK HRS RECORDED WERE ACTUALLY WORKED (occourance) i) The following tests of control during the base week are done

(1) Observe if clocking controls limit fictitious people & hrs (in morning/evening) (2) Integrity Foreman : ask management of his integrity(3) Foremans Signature : inspect it authorizing the overtime(4) Reperform calc. of hrs worked on clockcard(5) Evaluate possibility of hrs could be credited to employee after ‘clocking’ eg during payroll preparation.

ii) The rest of the year is checked by comparing to he base week., any large fluctuations are followed up.2) ACCURACY , CUT-OFF, CLASIFICATION:

a) FOR WEEKS of surprise attendance :check payroll& supporting docs, to confirmi) Wage rates are authorized (employee list)ii) Total hrs calculated correct AND overtime+normal are correct.iii) Deductions correct as per tables

b) RECALCULATION: i) Extentions& casts correct ii) Gross wages- deductions=net pay iii) Classification: postings from Journal to legder are to correct accounts.

c) DEDUCTION CLEARING ACCOUNTS: check if cleared timeously – by inspect cheques and bank transfer documents.3) COMPLETENESS

a) If suspect wages paid not recorded(eg illegal immigrants)i) Reverse ID check (shelf to sheet)ii) Enquire senior mngmnt illegal workersiii) Alert to unsupported payments –esp.cash amountsiv) Check validity of ‘casual wages’

4) GENERAL / ANALYTICAL PROCEDURES a) on each subsequent visit after base week , b)c) Wages : week to week any large fluctuations by net wages,/division/branch/dept etc. d) To Total wages last year e) Production /or total no. employees vs Wages f) Trace Ledger wage balances to Trial Balance g) Ratio & Trend :

i) Commission % of TOTAL SALES ii) Salaries as % of TOTAL EXPENSES

h) Payroll ledger accounts : STRANGE/’out of ordinary’ amounts eg 13 th cheque/ lump sum payments5) ASSERTIONS AS TO PRESENTATION & DISCLOSURE:

a) Only related disclosures eg: post employment benefits.

THE USE OF AUDIT SOFT WARE (SUBSTANTIVE PROCEDURES)1) If weekly transaction files + computerized & on masterfile :

i) Masterfiles can be :(1) SCANNED for ERROR conditions :

(a) Missing names, employee numbers, tax reference no. etc.(b) No amounts in ”year to date’ earnings field(c) Negative earnings (there should be none)(d) Net wages > Gross earnings of employee (none should be found)

(2) STRATIFIED & SUMMARISED by(a) Section /branch / region / for Analytical review

(3) EXTRACT :(a) List of 1- employed 2- resigned/dismissed and COMPARE to PAF(b) Random Sample of employees for : physical identification.(c) Random Sample of employees for : pay rates /grades verified against physical documentation

(4) Masterfiles contain usually:(a) Name,number, address, grade, section/branch/region, leave entitlement, date employed, date dismissed/resign, earnings&deductions for

current week/month, same for current year .


HOW TO DO A RECONCILLIATION FOR SALARIES AND WAGES AS PER IAS ACC. STANDARDS IN THE NOTES TO THE FIN. STATS.

To Print DIPAC TEST 2 Auditing

Documents

Transcript of To Print DIPAC TEST 2 Auditing