|
|
|
|
In my discussion of the audit product I have taken a general approach to auditing. Audits will be tailored to the client's needs. My experience suggests that the major problem of any entity centres around internal control. Areas of internal control that need special attention are: Ø Customers satisfaction, and competition from legal, extralegal and illegal systems Ø Quality of forecasting to meet peak periods Ø Scheduling Ø Revenue control system Ø Maintenance of existing system and stock control Ø Personnel matters as these affect productivity Ø Risks associated with the above
Solution: A solution to the problem is proper Internal Control. Internal control systems are collections of procedures and processes that work to ensure that the goals and objectives of an organization are accomplished. If the organization is to achieve its mission the internal control system must improve the reliability of financial information, allow for safeguarding of assets ensuring the maintenance of viability and prevent and detect fraud and error. The key components of this system are as follows Ø Competent, trustworthy employees Ø Adequate segregation of duties Ø Proper authorization procedures Ø Physical barriers to asset and records Ø Adequate documentation of activities and processes Ø Periodic review and evaluation Ø Design Controls over Electronics Data Processing Activities
Implementing Solution:The first strategy towards the implementation of a solution to the problem facing organization is risk assessment. This assessment is to ensure that the internal and external factors that could adversely affect the Company’s operations are identified and evaluated. An example of internal risk for a transportation company is what percentage of the payload pays the correct fare. An example of external risk is how taxis reduce the percent of potential payload of the entity.
Given the nature of an organization operations it is necessary to identify and consider the risk of disruption and misappropriation of data and technological facilities and consequently the protective security techniques bearing in mind the degree of the risk. Specifically, in my experience I have seen where the computer is used to assist in the unauthorized obtaining of assets, the production of financial information that is not derived from authorized transactions and seemingly the destruction of data.
Risk assessment is a periodic process. The process of risk assessment, if it is to be useful, must identify the risks that can be controlled and those that cannot be controlled. ‘Activities Control’ for controllable risk follows assessment. This procedure involves the following steps:
Ø Establishment of policies
Ø The performance of procedures in accordance with those policies
Ø Verification that the policies are being complied with.
I feel that we possess the necessary skills, experience, expertise and competence to provide management and the Board of Directors of any entity with the assurances based on the records of the organization.
Approach to the Tasks:
In my approach to the task of auditing I will bear in mind the following as they affect organizations
Ø Changes in the operating environment
Ø New personnel
Ø New or obsolete information system
Ø Areas of rapid growth
Ø Corporate restructuring
Ø Expansion or acquisitions
I will perform an appropriate level of transaction testing to verify”
Ø The adequacy of internal policies
Ø The adherence to internal policies, procedures and limits
Ø The accuracy and completeness of management reports with particular emphasis on revenue intake
Ø The reliability of specific controls identified as key to the internal control element being assessed
In order to effectively evaluate the key elements of the system identified above we will:
Ø Identify the internal control objectives that are relevant to the organization
Ø Evaluate the effectiveness of the internal control elements by reviewing policies and procedures and more importantly reviewing documentation and discussing operations with various levels of the organization personnel.
Ø Observe the operating environment and test transactions, particularly as these affect revenue
Ø Share concerns with supervisors and management to elicit feedback
Ø Make recommendations for the improvement in internal control system to management and the Board of Directors on a timely basis
Determine that where deficiencies are noted, corrective action is taken in a timely manner Final Phase Reporting our Findings:
My reports, the third phase of our work, will be based on the fact-finding and audit performance phases and in a general way will cover the following:
Ø Audit report and opinion on the financial statements of the organization. Where necessary we will assist in drafting financial statements to endure compliance with generally accepted accounting principles
Ø Report and opinion of our understanding of the internal control systems and recommendations for discussion with management
Ø Report on the degree of compliance with applicable laws, regulations and agreement terms or contracts
I am also a partner in Robinson Davis and Company. This company is continually looking for new and innovative ways in serving its clients. Where I am required tom send staff to a client's place of business Robinson Davis with a staff complement of over 24 have the available resources.
Whilst having a strong internal control culture does not guarantee that any organization will reach its goal the lack of such a culture provides greater opportunities for errors to go undetected and for improprieties to occur. We are confident that our presence as auditors can make a difference.
|
|
Send mail to
nevil@cybervale.com with
questions or comments about this web site.
|
![[Under Construction]](images/undercon.gif){kind=small}
