11.1.1 Definition of Control Management control is a systematic effort to fix or establish the standard of performance through planning objectives, designing information feedback systems, comparing true performance with the fixed standard, determining whether there are any disadvantages or weaknesses and taking suitable actions to ensure all resources within the organisation can be used in the most effective and efficient way in achieving the objective of the organisation.
Control is the process of ensuring that organisational activities are running according to plan. This process can be carried out by comparing the true performance with the standard that has been established and taking corrective actions in order to rectify any distortion that does not comply with the standard.
The main purpose of control in management is to prepare managers to face future or existing problems before they turn critical. In general, an organisation with a good control mechanism will have the advantage of competing strength compared to organisations without a good control system. The following are several examples of the importance of control for organisations:
11.1.2 Quality Assurance The smooth running of a particular process can be monitored and problems can be avoided by having control. Control is able to stimulate the organisation to monitor and increase the quality of products and services offered. Through the activities related to the control process, members of the organisation will always be driven to act according to the plans that have been established.
11.1.3 Preparation to Face Changes Change cannot be avoided. Change in environmental factors such as markets, competitors, technology and legislation makes the control process important for managers in responding towards opportunities and threats. Control helps the organisation to suit its products to the needs and wants of consumers in the market.
11.1.4 Steps in the Control Process A control process has three basic needs: fixing of standards to be used in measuring the level of growth; monitoring decisions and comparing it to the standards, that is, the comparison of the organisationââ‚¬â„¢s true performance with the planned performance; and finally, taking corrective actions in rectifying any disadvantages and weaknesses that occurred in achieving the performance that has already been set.
Establishing Standards Standard is the base for comparison to measure the level of performance of a company in order to find out whether the company is compliant. Standard is the point of reference in making comparisons to another value. Standard can be defined as what is required out of a particular job or an individual. In management control, standards are usually derived from the objectives. Standards should be easy to be measured and interpreted. A specific objective that can be measured makes it more suitable to be used as a standard. If this standard is not clearly and specifically stated, it may be interpreted in a different way and will then raise various difficulties that can affect the goals of the organisation.
In general, there are three types of standards: physical standard such as quantity of products and services, number of customers and quality of products and services; financial standard which is stated in the form of money, and this includes labour cost, sales cost, material cost, sales revenue, profit margin and others; and lastly, time standard which includes the performance rate of a particular task or the time period required to complete a particular task.
Measuring Performance and Making Comparisons Performance measurement is a type of control. Actual results need to be monitored to ensure that output produced is according to the specific standard. The main purpose of performance monitoring is to gather data and detect deviation and problem areas. Measurement has no meaning if it is not compared to the standard. The next step is performing the comparison of standards. Comparison of standard is a process where comparison is made between the true performances with the standard set. This step is important because it allows any deviation or distortion to be detected and corrective actions can be taken in order to achieve the goals that have been set.
Corrective Actions It is often found that managers establish standards and monitor decisions but do not take suitable actions. The first and second steps in control will be meaningless if corrective actions are not taken. Before taking any steps in correcting, detailed analysis must be carried out in order to find out the factors that caused the particular deviation.
This corrective action may involve change in one or more operation activities of the organisation such as modification, repairing of machines, preparation of certain courses and others, or it might also involve a change in the fixed standard. Corrective action is a process of identifying the distorted performance, analysing the distortion and developing and implementing programmes in order to rectify it.
11.2 THE CONTROL PROCESS The running of a control process is a continuous act. This process cannot be done only once in order to gain the achievement expected. This is considered as a dynamic process. This dynamic process begins with looking at the true performance and measuring the achievement level of that particular performance.
Managers will then compare the performance achieved with the performance that has been fixed. If there happens to be any difference, it must be analysed in order to identify the cause of the differences and this is followed by the correcting act. This process must be done repeatedly and must be given full attention by the manager in order to achive the performance goals set.
11.2.1 Basic Methods of Control According to Williams (2000), a control process consists of three basic methods which are identified as future control, concurrent control and feedback control.
11.2.2 Future Control This type of control is also known as prevention control. This involves the use of information, including information from the latest results, is to forecast what will happen in the future so that preventive measures can be taken. It is implemented to prevent the occurrence of deviation between what had really happened with what is expected to happen. Prevention is carried out through detailed analysis on the input before it is accepted into the process of organisation transformation. Input is ensured to comply with the quality standards established so that the results obtained are as expected.
One example of the use of this control is when a manager ensures that the sample of raw material that is going to be used complies with the standard established by the organisation or based on certain specifications to avoid damage towards the product in the future.
11.2.3 Concurrent Control Concurrent control is carried out during the process of transformation. When this control is carried out, restoration actions, corrective actions or modifications are done after distortion is detected. For a production-oriented organisation, this controlling action is taken while input is being processed while for service-oriented organisations, it is taken while service is being provided.
Through this method of control, organisations will monitor their operations and simultaneously take the necessary corrective actions before the transformation process is completed. This will help to reduce mistakes in the outputs being produced. Examples of this method of control are mid-term examinations, control of accounts, control of inventories and others.
11.2.4 Feedback Control Feedback control involves gathering information related to the weaknesses of controlling measures after an incident takes place. This type of control is implemented after the transformation process has been completed with the purpose of finding out whether the whole activity ran properly with results as expected.
This control is also able to determine whether the plan that is going to be carried out has the continuity with the previous programme. It is also able to evaluate the effectiveness and efficiency of the involved parties in performing the activities of the organisation. An example of this method of control is the use of low-quality raw materials that resulted in the production of low-quality products. The act of changing the raw materials used is one of the examples of feedback control.
11.2.5 Types of Control According to Williams (2000), there are five forms of control that can be used by managers in implementing the process of control ââ‚¬” bureaucratic, objective, normative, concertive and self. Figure 9.3 illustrates these five forms of control.
Bureaucratic Control This method uses hierarchy authority to influence employees. Rewards are given to employees who obey and punishment is meted out to employees who do not obey the policies, regulations and procedure of the organisation.
Objective Control This method uses the measurement of observation towards the behaviour of employees or output produced to evaluate work performance. Managers are more focused on the observation or measurement towards the behaviour of employees or outputs rather than the policies or rules. Objective control consists of two forms of control; behaviour control and output control.
Behaviour control Behaviour control is the rule of behaviour and actions that controls the behaviour of employees in their tasks.
Output control Output control is the form of control that controls the output of employees by granting rewards and incentives. Important features in the implementation of output control are reliability, fairness and accuracy, convincing employees and managers to achieve the expected results while rewards and incentives depend on the performance standard that has been established.
Normative Control Normative control is a method that arranges the behaviour of employees and results through norms and beliefs shared together among all the members within the organisation. There are two main substances in this type of control which are, sensitivity towards selection of employees based on their attitude and norms, and obtaining inspiration based on experience and observation of employees.
Concertive Control This is a method that uses the norms and behaviour discussed, formed and agreed by the work group. This form of control plays a role in an autonomous work group. An autonomous work group is a work group that operates without the presence of a manager and is fully responsible for the control of process, task group, output and behaviour. Autonomous work groups gradually grow through two stages of concertive control. First, members work and learn from each other, supervising the work of each member and develop norms and beliefs that guide and control them. Secondly, the appearance and acceptance of objectives as guide and control of behaviour.
Self Control It is a system where managers and employees control their own behaviour by establishing their own goals; monitor their own progress and their own achievements of goals, and reward themselves when goals have been achieved.
EXERCISE 9.2 11.3 FACTORS THAT NEED TO BE CONTROLLED Determining the matters to be controlled is as important as making decisions on whether to control or in what method should control be done. There are several perspectives that need to be controlled by a manager in order for the organisation to be able to achieve the goals expected.
11.3.1 Financial Perspective One of the important areas that need to be controlled is finance. There are times when the financial performance does not reach the expected standard. If this condition remains undetected and relevant actions are not taken, the existence of the company might be in jeopardy. Financial perspective is generally related to activities such as sales, purchases and others.
Financial statements are important sources of financial information for an organisation. A balance sheet shows how strong the financial position, assets, liabilities and the position of the equity holder for a certain financial period. A profit-loss statement or income statement shows the summary of the operational activities and the relationship between expenditure and revenue for a particular financial year.
There is a new approach in the financial perspective known as economic value added. Economic value added is the total profit of a company which exceeds the capital cost in a particular year. In this perspective, a manager must impose control so that the total profit of a company always exceeds the capital cost for the company to continuously gain economic value added.
11.3.2 Human Resource Perspective The control towards human resources is vital for organisations. If an organisation is unable to control its human resources properly such as losing expert workforce hence it will jeopardise the performance and achievement of the company. Organisations need to have planning that is able to motivate the employees. For example, organisations need to be concerned regarding the problems faced by the employees by creating harmonious discussions between the management and the employees union.
11.3.3 Quality Perspective Internal operations of organisations are usually measured through quality. Operations control is very important for every organisation especially for manufacturing firms. This is because efficiency and effectiveness of operations control will determine the level of production and organisational performance as fixed by the standard. The quality value of products and services produced based on the standard will be able to strengthen the perception of the customers towards the quality of goods that they had purchased. For example, the control of product quality is able to reduce waste and product defects and this will further save cost. Inventory control is also effective in reducing the costs of investments related to inventory
11.3.4 Consumer Perspective In order to measure the performance of customers, an organisation needs to impose control on customers who leave the organisation and not based on the survey of customer satisfaction. In this perspective, the manager will make evaluation by measuring the percentage rate of customers who left the organisation. By controlling customers from leaving the organisation, a company will be able to increase profits. For example, the cost in obtaining a new customer is five times more compared to the cost of retaining an existing customer.
SUMMARY The main purpose of management control is to prepare managers to face existing or future problems before it becomes critical.
Management control has three basic needs: establishing standards; monitoring decision and comparing it to the standard; and making corrections on any distortion that occurred between the true decision and the standard.
Control is a dynamic process because it is a continuous process.
Control process consists of three basic methods: future control which is also known as prevention control; concurrent or present control; and feedback control.
There are five forms of control that can be used by managers in implementing the control process: bureaucratic, objective, normative, concertive and self.
In order to ensure that the organisation can achieve its goals, several important perspectives must be controlled ââ‚¬” finance, human resource, quality and customers.
Purpose and Use of Different Accounting Records
Accounting record is defined as the all of the documentations involved in the preparation of financial statements and records which are relevant to financial review and audits which include recording of assets and liabilities, ledgers, journals, and any other supporting documents like invoices.
Ledger: – Maintaining ledger is a must in all accounting system. Ledger is used for preparing trial balance which checks the arithmetical accuracy of the accounting books. Ledger is the store-house of all kind of information which is used for preparing final accounts and financial statements.
Prime entry books: – The other one is prime entry books which are also known as books of original entry are books where transactions are first recorded. The main books of prime entry consists of sales day book, purchase day book, sales return day book, purchase return day book, general journal and cash book (Ducha, et.al, 2008).
Accounting plays important and useful role by developing the information for providing answers to many questions faced by the users of accounting information. It provides information how good or bad the financial condition of the business is, which activities or products have been profitable. Accounting is important for a business entity for the following reasons: –
Accounting record, set on the base of even practices, will assist a business to compare results of one period with another period.
Insulating records, backed up by proper and genuine vouchers are good evidence in a court of law.
Increased volume of business results in large number of transactions and no businessman can remember everything. Accounting records avoid the necessity of remembering various transactions.
Fundamental concepts of accounting Accruals concept of accounting: Other than the cash flow statement, the accounts have been set on an accruals basis. The accruals basis of accounting involves the non-cash of transactions to be mirrored in the financial statements for the period in which those effects are experienced and not in the period in which cash is actually received or paid (Open University Course Team, 2006).
Going concern: The accounts have been prepared on a going concern basis which means that the accounts have been prepared on a going concern basis. It further clears that the accounts have been prepared on the assumption that the authority will continue to operate for the foreseeable future. The Avenue account and Balance Sheet assume no intention to significantly curtail the city Council’s operations (Open University Course Team, 2006).
Consistency concept: There are a number of different ways in which some concepts can be applied. Each business must choose the approach that gives the most reliable picture of the business, not just for this period, but over time also. According to the consistency convention, when a method has been adopted for the accounting treatments of an item, the same method will be adopted for all subsequent occurrences of similar items. However, it does not mean that the firm has to follow the method until the firm closes down. (Open University Course Team,2006).
Prudence Concepts: The account should be prudent when preparing financial statements. In other words, if something is in doubt, plan for the worst and, if a transaction has not yet been completed ignore ant possible benefits that may arise from it (Open University Course Team, 2006).
Business entity concept: It is one of the main accounting principles of accounting this concept says that Business should be treated separately from the property owner or investor In simple words we can say owner of the business should be treated separately from the business whatever profits come in to the business should be taken in company account. Under the business entity concept, the activities of a business are recorded separately from the activities of its owners, creditors, or other businesses (Ducha, et.al, 2008).
Different factors of accounting system:
Computerised accounting system: Keeping accurate accounting records is a vital part of managing an organisation. Apart from helping to keep it afloat financially and legally, it is also a requirement of funding bodies. Smaller groups can usually manage with simple book-keeping procedures but bigger groups juggling with larger sums of money and more complex financial transactions may find their workload eased by using a computerised accounting system. The good news is that there are easy to use and reasonably priced computerised accounting packages on the market that are either aimed at, or can be adapted to, voluntary sector organisations (Ducha, et.al, 2008).
Manual Accounting Systems: Accounting systems are manual or comprised. Understanding a manual accounting system is useful in identifying relationships between accounting data and reports. Also, most computerised systems use principles from manual systems. In other words, Manual accounting and bookkeeping systems are the traditional form of maintaining a businesses accounts and records. They involve keeping various ledgers and files which typically include a cash book, sales and purchase day books and petty cash sheets. Although the use of basic manual bookkeeping systems requires little knowledge or skill in accounting, they are still the preferred method of accounting for those who have used them in the past (Drew, et.al, 2000).
Considering factors when using computerised and manual accounting system:
The capacity to generate sales /increase invoices; the necessity to compute/include VAT in accounting; cost how much can a firm truthfully afford on software, updates and support, the capability to process payroll, and stock control are the considering factors of computerised accounting system.
Meaning of business risk: Business risk is associated with the uncertainty of a company’s future cash flows, which are affected by the operations of the company and the environment in which it operates. It is the variation in cash flow from one period to another that causes greater uncertainty and leads to the need for greater compensation for investors. For example, companies that have a long history of stable cash flow require less compensation for business risk than companies whose cash flows vary from one quarter to the next, such as technology companies (Fabozzi, et.al, 2007).
Components of business risks: Operational risks: The risk of loss resulting from insufficient internal processes, people and systems, or from external events which includes legal risk. In other words, the risk of loss resulting from failure to comply with laws as well as prudent ethical standards and contractual obligations which includes the exposure to litigation from all aspects of an Institution’s activities. The definition does not focus strategic or reputational risks. In other words, operational risks are concerned to enhance operational risk assessment efforts by encouraging the industry to develop methodologies and collect data related to managing operational risk. Strategic and reputational risk is not included in this definition for the purpose of a minimum regulatory operational risk capital charge which focuses on the causes of operational risk and the Committee believes that this is appropriate for both risk management and, ultimately, measurement (Fabozzi, et.al, 200).
Compliance Risks: Compliance risk can be defined as the current and potential risk to earnings or money arising from violations of, or non-conformance with, laws, rules, approved practices, internal policies, and methods, or moral standards which arises in situations where the laws or rules prevailing certain bank products or activities of the Bank’s clients may be unclear or unverified. This risk exposes the institution to fines, civil money punishments, payment of damages, and the voiding of contracts (Fabozzi, et.al, 200).
Liquidity risks: Liquidity risk can be explained as the current and approaching risk to earnings or capital arising from a bank’s incapability to meet its obligations when they come due without incurring unacceptable losses. Liquidity risk includes the inability to manage unplanned decreases or changes in funding sources. Liquidity risk also arises from the failure to recognize or address changes in market conditions that affect the ability to liquidate assets quickly and with minimal loss in value (Neu, and Malz, 2007).
Meaning of risk management: The true connotation of managing the risks is combined with the activities of human wherein the identification of the risk, risk evaluation, adapting techniques to manage it and lessening of risks by using managerial strategies is done. The various ways in creating risk management includes moving the possible risk to other group, preventing the risk from happening, lessening the risk’s negative effects and recognizing all the consequences that a specific risk might bring (Blokdijk, 2007)
According to Cadbury Report, Corporate governance is ‘the system by which companies are directed and controlled where the role of the shareholders is to appoint the directors and the external auditors, and to satisfy themselves that an appropriate governance structure is in place where directors are responsible for setting the company’s strategic aims, providing the leadership to put these into effect, supervising the management of the business and reporting to shareholders on their stewardship. Corporate governance involves a set of relationships between a company’s management, its board, its shareholders and other stakeholders. Corporate governance also provides the structure through which the objectives of the company are set, and the means of attaining those objectives and monitoring performance are determined. (Gupta, 2005)
The Cadbury Report, formally entitled ‘The Report of the Committee on the Financial Aspects of Corporate Governance’ was published in December 1992, following the recommendations of the Cadbury Committee. The establishment of the Committee in May 1991 by the Financial Reporting Council, the London Stock Exchange, and the accountancy profession arose in response to the occurrence of financial scandals in the 1980’s involving UK listed Companies, which had led to a fall in investor confidence in the quality of company’s financial reporting (Cadbury, 1992).
Fraud Risk Assessment
To be protective of itself and its stakeholders efficiently and effectively from fraud, an organization should recognize fraud risk and the specific risks that directly or indirectly relate to the organization. A structured fraud risk assessment, tailored to the organization’s size, complexity, industry, and goals, should be performed and updated periodically. The assessment may be integrated with an overall organizational risk assessment or performed as a stand-alone exercise, but should, at a minimum, include risk identification, risk likelihood and significance assessment, and risk response (ww.acfe.com/documents/managing-business-risk).
Managing the risk of fraud, the risk based approach:
A risk-based approach enables organisations to target their resources, both for improving controls and for pro-active detection, at problem areas. Developments in corporate governance, including the requirement for statements on internal control, create the atmosphere in which fraud can be considered as a set of risks to be managed alongside other business risks. Managing the risk of fraud should be embedded in the entirety of an organisation’s risk, control and governance procedures. In wider sense, assessing and managing the risk of fraud involves assessing the organisation’s overall exposure to fraud, recognising the areas most vulnerable to the risk of fraud, assigning ownership, calculating the scale of fraud risk, responding to the risk of fraud; and determining the success of the fraud-risk strategy (ww.acfe.com/documents/managing-business-risk).
Assessing the Organisation’s Overall Vulnerability to Fraud: Vulnerability to fraud can be assessed at different levels in an organization where a quick assessment of the overall level of risk an organisation is exposed to is often a good starting point and may highlight particular vulnerabilities where some action needs to be taken immediately rather than wait for the results of a more in-depth risk assessment to be completed. A fraud risk assessment should additionally be carried out during the development of any new policies, activities or operations to ascertain whether any new risks arise that need to be managed. The risk assessment should also be reviewed and re-assessed whenever a change in policy occurs or when changes are made to the way in which a policy is to be implemented (ww.acfe.com/documents/managing-business-risk).
Fraud risk identification may include gathering external information from regulatory bodies, industry sources, key guidance setting groups), and professional organizations, the American Institute of Certified Public Accountants (AICPA), the Association of Certified Fraud Examiners (ACFE), the Canadian Institute of Chartered Accountants (CICA), The CICA Alliance for Excellence in Investigative and Forensic Accounting. Internal sources for identifying fraud risks should include interviews and brainstorming with personnel representing a broad spectrum of activities within the organization, review of whistleblower complaints, and analytical procedures. A proper and working fraud risk identification process includes an calculation of the incentives, pressures, and chances to commit fraud. Employee incentive programs and the metrics on which they are based can provide a map to where fraud is most likely to occur. Fraud risk assessment should consider the potential override of controls by management as well as areas where controls are weak or there is a lack of segregation of duties (Vallabhaneni, 2008).
The speed, functionality, and accessibility that created the enormous benefits of the information age have also increased an organization’s exposure to fraud. Therefore, any fraud risk assessment should consider access and override of system controls as well as internal and external threats to data integrity, system security, and theft of financial and sensitive business information (Costa Lewis, 2004).
Assessing the likelihood and significance of each potential fraud risk is a subjective process that should consider not only monetary significance, but also significance to an organization’s financial reporting, operations, and reputation, as well as legal and regulatory compliance requirements. An initial assessment of fraud risk should consider the inherent risk8 of a particular fraud in the absence of any known controls that may address the risk.
The control environment
Information and communication
Monitoring (Costa Lewis, 2004).
THE COSO MODEL: In the United States many firms have adopted the internal control concepts existing in the report of the Committee of Sponsoring Organizations of the Tread way Commission (COSO). Published in 1992, the COSO report describes internal control as: A process, affected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
effectiveness and efficiency of operations,
reliability of financial reporting, and
Compliance with applicable laws and regulations.
COSO describes internal control as consisting of five essential components. These components, which are subdivided into seventeen factors, include:
The control environment
Information and communication
Monitoring (Vallabhaneni, 2008).
Duties and responsibilities of auditor In most countries the auditor has a statutory duty to make a report to the entity’s members on the truth and fairness of the entity’s annual accounts. As we have seen in the foregoing section, this report must state the auditor’s opinion on whether the statements have been prepared in accordance with the relevant legislation and whether they give a true and fair view of the profit or loss for the year and state of affairs at the year end. The duty to report on the truth and fairness of the financial statements is the primary duty associated with the external audit.
The auditor has a duty to form an opinion on certain other matters and to report any reservations. The auditor must consider whether:
1. The entity has kept proper accounting records;
2. The entity’s balance sheet and income statement agree with the underlying accounting records;
3. All the information and explanations that the auditor considers necessary for the purposes of the audit have been obtained and whether adequate returns for their audit have been received from branches not visited during the audit;
4. The entity has complied with the relevant legislation’s requirements in respect of the necessary disclosures. If the entity has not made all the disclosures required the audit report should, if possible, contain a statement of the required particulars (Vallabhaneni, 2008).
Relationship between internal and external audit
The coordination of internal audit activity with external audit activity is very important from both points of view: from external audit’s point of view is important because, in this way, external auditors have the possibility to raise the efficiency of financial statements audit; the relevancy from internal audit’s point of view is assured by the fact that this coordination assures for the internal audit a plus of essential information in the assessment of risks control
The role of internal auditing is determined by management, and its objectives differ from those of the external auditor who is appointed to report independently on the financial statements. The internal audit function’s objectives vary according to management’s requirements. The external auditor’s primary concern is whether the financial statements are free of material misstatements; the external auditor should obtain a sufficient understanding of internal audit activities to identify and assess the risks of material misstatement of the financial statements and to design and perform further audit procedures. The external auditor should perform an assessment of the internal audit function, when internal auditing is relevant to the external auditor’s risk assessments. Liaison with internal auditing is more effective when meetings are held at appropriate intervals during the period. The external auditor would need to be advised of and have access to relevant internal auditing reports and be kept informed of any significant matter that comes to the internal auditor’s attention which may affect the work of the external auditor. Similarly, the external auditor would ordinarily inform the internal auditor of any significant matters which may affect internal auditing (Diamond, 2002).
Appropriate audit tests
Meaning of audit test: An audit test is a procedure performed by either an external or internal auditor in order to assess the accuracy of various financial statement assertions. The two common categorizations of audit tests are substantive tests and tests of internal controls. Both types of tests are used in external and internal audits in order to reach established audit objectives, as can be outlined in audit checklists or determined based on the results of audit questionnaires. Audit tests typically are performed on a sample basis over an existing group of similar transactions. Sampling approaches can either be statistical or non-statistical, with the ultimate goal being to obtain the most representative sample of the population before testing begins (Diamond, 2002).
Types of audit tests
It is essential for internal auditors to understand how this method works, as well as its purpose. Also, given the variety of testing methods that may be used during the audit process, it helps to distinguish sampling from other types of examination. Identifying the qualities that distinguish sampling as a distinctive form of testing will provide good understandings for beginning auditors to know why it is used under certain circumstances and determine when to employ this process. During an operational audit, an internal auditor might use observation as an aid in evaluating a unit’s procedures (Diamond, 2002).
Simple Random Sampling: – In auditing, this technique practices sampling without replacement; that is, once an item has been selected for testing it is not included in population and is not subject to re-selection. An auditor can implement simple random sampling in one of two ways: computer programs or random number tables (Beasley, et.al, 2005).
Systematic (Interval) Sampling: – This method describes the choice of sample items in such a way that there is an unchanging interval between each sample item. In this method, every “Nth” item is selected with a random start (Beasley, et.al, 2005).
Stratified (Cluster) Sampling: – This method describes the selection of sample items by breaking the population down into strata’s, or groups. Each stratum is then treated separately. For this strategy to be effective, distribution within clusters should be greater than distribution among clusters. An example of cluster sampling is the inclusion in the sample of all payments or cash disbursements for a particular month. If blocks of homogeneous samples are selected, the sample will be subjective (Beasley, et.al, 2005).
Process mapping analysis: Develop process maps of the supplier delivery and accounts payable/ approval processes and analyse these maps to identify potential for suppliers to refuse to deliver supply
Survey techniques: Perform a supplier satisfaction survey to identify details, magnitude and external perspective of supplier concerns over the accounts payable process.
Analytical review: Perform benchmarking analytical tests to compare key process operating statistics with industry best practices and compare specific processes with best practice procedure.
Inquiry through facilitated groups: Conduct a focus group involving several major suppliers, key members of the accounts payable process and major departments required to authorize invoices (Beasley, et.al, 2005).
Difference between management and auditor’s responsibilities:
In considerable certainty, management’s responsibility is to create internal control. Internal control includes the whole system of controls and procedures, both monetary and operational, which are established to lessen risks and their impact, safeguard assets, and ensure efficiency and to inspire devotion to College policies and directives where, it is Internal Audit’s role to carry out an independent evaluation of the efficiency of these controls. Audit is not part of line management where internal audit does not grow and install procedures, make records or involve in any activity which could compromise its independence (Wilkinson, et. al, 2008).
Audit planning: Initial audit planning takes place before the thorough audit work begins, and in planning for a specific audit assignment an auditor must take on a plan with regard to the timing, nature and degree of the audit work to be carried out. The aims of the plan are to ensure proper attention is dedicated to the different areas of the audit and potential problems are identified. On the other hand, audit plan have to be observed as a organized plan of action plotting out the audit processes to be carried out with the aim of reporting on whether a stated set of accounts show a factual and fair-minded view. However, the fact that the audit assignment is the commercial motion of the audit firm should be recognised, and if the costs of carrying out the planned procedures are likely to exceed the client entities budgeted fee then this unevenness should be informed at the planning stage by discussing with the management of the entity (Gupta, 2009).
Scope of audit planning: It is importance to keep in mind the formal scope of audit work when considering audit’s role in risk management. Based on the results of the risk assessment, the internal audit activity should evaluate the adequacy and effectiveness of controls encompassing the organization’s governance, operations, and information systems which should include reliability and integrity of financial and operational information. Effectiveness and efficiency of operation, Safeguarding of assets, compliance with laws, regulations, and contracts are the scope of audit planning (Spencer Pickett, 2006).
Audit testing: Direct tests of account balances and transactions are designed by determining the most efficient manner to substantiate the assertions embodied in the account or transactions. There are many alternatives open to the auditor in planning audit tests. The following are the types of audit tests.
Tests of effectiveness: It is essential to determine whether the controls are effective over cash disbursements. Utilize the information performing an integrated audit of controls and account balances.
Dual-Purpose Tests of Controls and Account Balances: It is useful to determine whether the controls are effective to help plan the nature, timing, and extent of other audit tests, and test the accuracy of recording the related transactions.
Substantive Analytical Tests: It is essential to determine whether account relationships meet expectations, including the possibility that some of the receivables are not collectible.
Direct Tests of Account Balances: It is essential to test the existence and dollar accuracy of account balances as stated at historical cost.
Direct Tests of Transactions: It is essential to test the existence of sales transactions (Gramling, et.al, 2009, Auditing: A business risk, Cengage Learning Publishing (Gupta, 2009).
Evidences that auditors collect from audit files and working papers: There are 7 broad categories of evidence from which the auditor can choose which are physical examination, confirmations, documentation, analytical evidence, written representations, mathematical evidence, oral evidence, and electronic evidence(Online resource: accessed at 20th May 2010, www.issai.org/media).
Audit files and testing papers:
Working papers provide evidence that an effective, efficient, and economic audit has been carried out. They should therefore be prepared with care and skill.
Importance of working papers: Working papers are important because they are necessary for audit quality control purposes provide assurance that the work delegated by the audit partner has been properly completed provide evidence that an effective audit has been carried out increase the economy, efficiency, and effectiveness of the audit contain sufficiently detailed and up-to-date facts which justify the reasonableness of the auditor’s conclusions retain a record of matters of continuing significance to future audits(Online resource, accessed at 18th May 2010: www.accaglobal.com/pubs/students).
Meaning of Statutory Audit
Statutory Audit is a checking of accounts required by law where a municipality may be required by its own law to have an annual audit of financial records or a company which is governed by any Law, the Law may require the audit to be conducted and the manner in which audit should be conducted and to whom the report of auditors should be presented (Stittle, 2003)
Statutory Audit Report
Statutory Auditors’ Report is prepared in accordance with Article L(225-235) of the French Commercial Code, on the report prepared by the Chairman of the Supervisory Board of Peugeot S.A., on the Internal Control procedures relating to the preparation and processing of financial and accounting information(Stittle , 2003).
Purpose of statutory Audit Report
The purpose of Statutory Audit Report is to present the fair presentation and the consistency with the financial statements of the information given in the Management Report of the Board of Directors, and in the documents addressed to the shareholders with respect to the financial position and the financial statements; the fair presentation of the information provided in the Management Report of the Board of Directors in respect of remuneration and benefits granted to certain company officers and any other commitments made in their favour in connection with, or subsequent to, their appointment, termination or change in function(Stittle , 2003).
Contents of Audit Report
The subjects of audit report are title, addressee, opening or Introductory Paragraph, Scope Paragraph, opinion paragraph, signature, place of signature, and date of report. Auditor’s view of a financial statement, given without any reservations, such view basically states that the auditor feels the company followed all accounting rules properly and that the financial reports are an accurate demonstration of the company’s financial condition opposite of qualified opinion(Stittle, 2003).
Statutory audit report: The Audit Commission’s auditors issue two types of statutory reports:
reports in the public interest (RIPIs) issued under Section 8 of the Audit Commission Act 1998
immediate referrals to the Secretary of State issued under Section 19 of the Audit Commission Act 1998
Reports in the public interest
Where matters are serious and an auditor decides a matter should be brought to the attention of the public he does this by issuing a report under S8 of the Audit Commission Act 1998
This report is issued to the health body concerned and copied to the Secretary of State. It is for the health body concerned to make this public and to respond to the report and for the NHS Executive to ensure they do so( Sangster, and Wood, 2008)
Qualified and unqualified report:
An unqualified report is a report from an independent auditor who has examined the accounting records and found no irregularities which has the following demerits
a) Lack of consistent application of generally accepted accounting principles
b) Substantial doubt about going concern
c) Auditor agrees with a departure from promulgated accounting principles
d) Emphasis of a matter
e) Reports involving other auditors
A Qualified Opinion report is supplied when the auditor met one of two types of situations which do not comply with normally accepted accounting principles, however the rest of the monetary statements are properly presented. This type of judgement is very alike to an unqualified or “clean opinion”, but the report states that the monetary statements are clearly presented with a certain exception which is otherwise misstated. The two types of situations which would cause an auditor to issue this opinion over the unqualified opinion are:
Single deviation from GAAP this type of qualification occurs when one or more areas of the financial statements do not conform to GAAP, but do not affect the rest of the financial statements from being fairly presented when taken as a whole. (Accounting Standards Board, 1988)