More Related Content
What's hot
Business Analyst Online training in hyderabad, India, USA, UK, Australia, sa...Business Analyst Online training in hyderabad, India, USA, UK, Australia, sa...United Global Soft
Similar to 7 Excel Control Template
Similar to 7 Excel Control Template (20)
7 Excel Control Template
- 1. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Sales orders are sequentially pre numbered and accounted for. A manual or system
check is performed to ensure documents are not missing or duplicated or fall outside
of a specified range of numbers. All rejected, suspense, or missing items are
researched, corrected and re-entered on a timely basis.
Sale orders have fields for all pertinent order information including: item
Revenue & Orders are recorded
Order Processing descriptions, quantities, price, price adjustment mechanisms, delivery requirements, C C A M P
Receivables completely and accurately.
freight terms, taxes, and payment term. Key data fields must be populated to
process a sales order.
Any entries with invalid, missing or incomplete information are rejected for re-entry
(online environment) or stored in a suspense file (batch) where they are researched,
corrected and re-entered on a timely basis.
Confirm by observation of sales entry process that customer
The order entry system automatically validates sales order data input (e.g. customer
details, product details, prices, sales taxes and sales order
Revenue & Orders are recorded name and number, prices, terms, and credit limits) against master file data. Entries
Order Processing A A V A P total values are automatically determined by the system.
Receivables completely and accurately. with invalid, missing or incomplete information are rejected for re-entry or stored in
Test system data validation by entering erroneous data and
a suspense file for follow-up.
verifying that the system rejects incorrect data.
A one-for-one check between the sales order source documents (i.e. customer
Revenue & Orders are recorded initiated purchase order, signed contract etc.) and the sales order occurs. Any
Order Processing A A E/O RO V M D
Receivables completely and accurately. discrepancies are identified and re-entered. The check occurs again for re-entered
data.
In an automated order entry system where the customer enters sales order data via a
public Website, an Extranet portal or through a Value Added Network (VAN)
utilizing EDI, customers are responsible for ensuring the completeness and accuracy
of sales order information. Controls are in place to ensure that EDI interfaces are
maintained and are accurate.
Revenue & Orders are recorded Functionality is often built into the system to allow a customer to verify the
Order Processing C A A C E/O V A P
Receivables completely and accurately. accuracy and completeness of their order, as well as the ability to edit their order
before actual order submission.
Note: If client utilizes an online order entry system that is processed through the
Internet or through an EDI VAN, assessing the application controls could require
the use of the Systems and Process Assurance (SPA) if the system is considered
complex.
Copyright © 2005 1 of 13
- 2. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
For orders that are input into a temporary file before sub-ledger updates - Batch
totals are utilized before processing is complete. Input documents are grouped and a
numerical total is calculated (i.e. number of documents, monetary amount, hash
totals). These totals are compared to post input/update reports. All out of balance
conditions are researched and re-entered on a timely basis.
Periodic updates for batch
Revenue &
Order Processing processing are complete and Sales order information that is transmitted via EDI can be verified for completeness C A A C V A D
Receivables
accurate. and accuracy by setting up specific EDI transaction codes. If sales that are
processed via EDI are considered significant, then a separate review of EDI controls
should be performed by SPA.
Likewise, if sales that are processed via a public Website or Extranet are considered
significant, then a review of controls should be performed by SPA.
Edit checks exist within the system that reject the input of a sales order number that
Revenue & Duplicate sales are not
Order Processing was already entered. Rejects are placed into a suspense file where they are C A A C V A M P
Receivables recorded.
researched, reviewed and reentered (if necessary) on a timely basis.
Examine sales file and verify that sales orders are
Sales orders are sequentially prenumbered/ automatically numbered by the system.
Revenue & Duplicate sales are not sequentially numbered. Confirm by inquiry and
Order Processing Missing or duplicate sales orders are investigated and followed-up by the sales C C A M P D
Receivables recorded. examination of evidence that the sales supervisor
supervisor.
investigates missing and duplicate sales orders.
Revenue & Duplicate sales are not Computer-generated sales order confirmations are sent to customers for order
Order Processing C A V A C E/O RO A M D
Receivables recorded. acknowledgement at the end of each day or on the next working day.
Confirm by inquiry with management that:
.. sales orders exceeding a specified sales amount
Sales terms and prices are Sales orders over a set threshold require approval by management before acceptance .. sales orders with special prices or conditions
Revenue &
Order Processing approved by the appropriate by the system. The lack of approval creates a suspense file that is reviewed by V E/O RO A M P are reviewed and approved.
Receivables
level of management. management for clearance on a regular basis.
Examine samples of sales orders with the above conditions
and sight evidence of management review and approval.
Sales terms and prices are Approval limits per management level are built into the order entry system. The
Revenue &
Order Processing approved by the appropriate system will reject orders submitted if the total amount supersedes the employee V R A A P
Receivables
level of management. limit.
Confirm by detailed inquiry with management and
Sales terms and prices are
Revenue & Management review and approve discounts and allowances in excess of predefined examination of a sample of sales orders showing evidence
Order Processing approved by the appropriate V E/O RO A M D
Receivables limits. of management approval of sales orders with discounts and
level of management.
allowances in excess of predefined limits.
Sales to fictitious customers Verify customer information against approved customer standing data (i.e.
Revenue &
Order Processing (on credit) are prevented addresses, credit limits, etc.). Items that are not matched are researched, corrected A V A E/O V A M P
Receivables
and detected. and re-entered as necessary on a timely basis.
Copyright © 2005 2 of 13
- 3. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Confirm by inquiry that orders are recorded and created
only on the basis of customer purchase orders or other
evidence documenting the customer's initiation of the order
Sales to fictitious customers Orders are recorded and created only on the basis of customer purchase orders or from authorised sources, e.g. designated purchasing officers
Revenue &
Order Processing (on credit) are prevented other evidence documenting the customer's initiation of the order from authorised V E/O RO M P at the customer.
Receivables
and detected. sources, e.g. designated purchasing officers at the customer.
Examine samples of sales orders and verify that they are
supported by the customers' purchase orders, fax, email or
other documentary evidence.
Sales to fictitious customers
Revenue &
Order Processing (on credit) are prevented Management review transaction files periodically for delinquent orders. V E/O RO M D
Receivables
and detected.
Confirm by observation that orders that breach customers'
credit limits are suspended pending management review
Credit limits are established as part of accepting new customers. Sale orders and
and approval. Confirm by inquiry with management that
Revenue & Customers' credit limits are outstanding receivables are compared to established credit limit before a new order
Order Processing V E/O A M P D suspended sales orders are reviewed and approved by
Receivables controlled. is processed. Orders in excess of credit limit are stored in a suspense file to be
management. Examine samples of sales orders that exceed
resolved on a timely basis.
customers' credit limits and sight evidence of management
review and approval.
Confirm by inquiry with management and examination of
documented roles and responsibilities of a sample of key
Appropriate segregation of duties should be maintained. (For example, consider
staff and verify that they do not include conflicting
segregation of the following functions and duties: order entry, determining credit
functions, e.g. customer record maintenance, order
limits, inventory custody, shipping, invoicing, returns acceptance, returns approval,
Revenue & Duties are adequately processing, shipping, invoicing and cash receiving.
Order Processing credit note approval, cash receipts, cash disbursements, bank reconciliations, R E/O M P
Receivables segregated.
approval of bank reconciliations, A/R accounting/maintenance, and G/L
Examine a report of application access privileges of key
maintenance functions.) Exceptions noted are investigated and resolved. If
staff and verify that they do not have access to privileges
management accepts incompatible duties, appropriate mitigating controls exist.
that may breach segregation of duties. (This test may need
to be performed by SPA/Performance Improvement).
Formal authorization by application owner is required for access to specific
accounting records. Management reviews access rights periodically to ensure only
authorized individuals have access and for segregation of duties. Exceptions noted
Ability to post to the
are investigated and resolved. Note: Depending on the system, authorization of user
Revenue & accounting records is
Order Processing access and determining segregation of duties may require use of a SPA resource. R E/O M P D
Receivables restricted to authorized
Access may be obtained indirectly - which can only be determined with a system
users.
access review. Also, observing an approved access form does not ensure that other
incompatible access for the person exists. Only by reviewing all access for a user is
it possible to determine if segregation of duties is maintained.
Copyright © 2005 3 of 13
- 4. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Confirm by inquiry with management that physical and
logical security measures are implemented to prevent
Unauthorized access to the Access controls such as user IDs and passwords are utilized and specific to each
Revenue & unauthorized access to the order entry database. Examine
Order Processing accounting records is application. Multiple failures to log on invalidate the user ID and is reported via an R E/O A M P
Receivables report of the system access permissions to the order entry
prevented and detected. exception report. Management investigates and resolves all items.
database and verify that access is restricted to authorised
personnel. (This test may need to be performed by SPA).
Confirm by observation that shipping documents are
generated once the order has been picked and the status of
The shipping system automatically generates work orders or inventory “pick” the picking slip is changed to "completed" on the system.
documents based on feeds from the sales order system. Edit checks against the sales Examine a sample shipping document and verify that the
order system ensure that these documents are complete and accurate. associated picking slip's status in the system is
Revenue & Distribution and Goods are completely and "completed". Check that the date and time of completion is
C A A C V A M P D
Receivables Delivery accurately recorded. The work orders or inventory “pick” documents are sequentially numbered and close to the date and time of the shipping document.
accounted for. A manual or system check is performed to ensure that the numerical Examine order and shipping documents and verify that they
sequence of these documents is maintained. All rejected, suspense, or missing items are sequentially prenumbered. Scan list of order and
are researched, corrected and re-entered on a timely basis by appropriate personnel. shipping documents and follow-up missing documents with
management to confirm that they are appropriately
followed-up.
Warehouse employees complete the work order or “pick” the items from inventory
Confirm by observation of the picking and shipping process
and stage the item(s) for shipping on the shipping dock. Subsequently, the shipping
that products and quantities retrieved from storage are
manager performs a one-for–one check between the completed work orders or
compared to the customer order and/or product requisition
inventory “pick” documents and the item(s). Any discrepancies are identified and
Revenue & Distribution and Only goods ordered are by the picking staff and reviewed and verified by the
resolved. The check occurs again. A V A E/O V M D
Receivables Delivery shipped. despatch officer.
Once the check is completed and approved, the work order or inventory “pick”
Examine a sample of despatch notes for evidence of review
document is noted as “completed” in the shipping system which generates the
and verification by the despatch officer.
appropriate shipping document(s).
The warehouse/shipping supervisor/manager periodically verifies shipments (types
Revenue & Distribution and Only goods ordered are
and quantities of goods shipped) on a test basis to verify that only ordered goods are V A E/O M D
Receivables Delivery shipped.
shipped and shipments are despatched promptly.
Examine daily report of outstanding orders and confirm
All work orders or shipment On a daily basis, a system report of all open work orders or inventory “pick” that orders that remain unshipped for more than xx days are
Revenue & Distribution and
of goods are input for documents is provided to the shipping department manager. All items are C C A M D reviewed and investigated by the sales and shipping
Receivables Delivery
processing. investigated and resolved as appropriate. managers. Review the follow-up actions and assess the
appropriateness.
If client utilizes a warehousing system that automates the inventory picking and
All work orders or shipment
Revenue & Distribution and update of the accounting records, assessing the application controls could require
of goods are input for C A A C V A P
Receivables Delivery the use of Systems and Process Assurance (SPA) if the system is considered
processing.
complex and if inventory is considered significant.
Upon transfer of the shipment to the carrier, the shipping document is noted as
Revenue & Distribution and Deliveries are recorded in
“released/shipped” in the shipping system. (Note all shipments are FOB shipping A A CO E/O V A P
Receivables Delivery the proper period.
point.) This notation includes the date and time of release.
Correct postings, are made Based on the date and time of shipping, the shipping system appropriately updates
Revenue & Distribution and to cost of sales and inventory/COGS accounting records based on quantities shipped (partial shipment
A A CO V A P
Receivables Delivery inventory and are recorded of orders is permitted). If a partial order is shipped, the remaining items are held in
in the proper period. the shipping system as an open work orders or inventory “pick” documents.
Copyright © 2005 4 of 13
- 5. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Correct postings, are made
On a daily basis, total shipments from the shipping system/shipping log are
Revenue & Distribution and to cost of sales and
reconciled to total invoiced shipments per the billing system. Discrepancies are C A A C CO V M D
Receivables Delivery inventory and are recorded
investigated and resolved as appropriate and the reconciliation is performed again.
in the proper period.
Correct postings, are made
Revenue & Distribution and to cost of sales and Feedback such as customer complaints is monitored to assess completeness,
C A V A C E/O RO V M D
Receivables Delivery inventory and are recorded accuracy and validity of shipments.
in the proper period.
For systems where shipments are input into a temporary file before sub-ledger
Periodic updates for batch updates, batch totals are utilized before processing is complete. Input documents
Revenue & Distribution and
processing are complete and are grouped and a numerical total is calculated (i.e. number of documents, monetary C A A C V A D
Receivables Delivery
accurate. amount, hash totals). These totals are compared to post input/update reports. All
out of balance conditions are researched and re-entered on a timely basis.
Confirm by enquiry of management and performing a walk-
Periodic updates for batch through of an order to verify that the system generates
Revenue & Distribution and The system generates shipping documents directly from sales order records to
processing are complete and C A V A C E/O V A M D shipping documents directly from sales order records.
Receivables Delivery ensure the accuracy of information recorded on the documents.
accurate. Examine the record of batch/control totals reconciliation
and verify that differences are appropriately followed-up.
Confirm by inquiry with management and examination of
documented roles and responsibilities of a sample of key
Appropriate segregation of duties should be maintained. (For example, consider
staff and verify that they do not include conflicting
segregation of the following functions and duties: order entry, determining credit
functions, such as billing, accounts receivable, production
limits, inventory custody, shipping, invoicing, returns acceptance, returns approval,
Revenue & Distribution and Duties are adequately and receiving functions.
credit note approval, cash receipts, cash disbursements, bank reconciliations, R E/O M P
Receivables Delivery segregated.
approval of bank reconciliations, A/R accounting/maintenance, and G/L
Examine a report of application access privileges of key
maintenance functions.) Exceptions noted are investigated and resolved. If
staff and verify that they do not have access to privileges
management accepts incompatible duties, appropriate mitigating controls exist.
that may breach segregation of duties. (This test may need
to be performed by SPA/Performance Improvement).
Formal authorization by application owner is required for access to specific
accounting records. Management reviews access rights periodically to ensure only
authorized individuals have access and for segregation of duties. Exceptions noted
Ability to post to the
are investigated and resolved. Note: Depending on the system, authorization of user
Revenue & Distribution and accounting records is
access and determining segregation of duties may require use of SPA. Access may R E/O M P D
Receivables Delivery restricted to authorized
be obtained indirectly – which can only be determined with a system access review.
users.
Also, observing an approved access form does not ensure that other incompatible
access for the person exists. Only by reviewing all access for a user is it possible to
determine if segregation of duties is maintained.
Unauthorized access to
Revenue & Distribution and shipping and billing Blank shipping authorisation, numerically controlled shipping documents and bills
R E/O M P
Receivables Delivery documents is prevented and of lading are secured stored in locked cabinets.
detected.
Unauthorized access to the Access controls such as user IDs and passwords are utilized and specific to each
Revenue & Distribution and
accounting records is application. Multiple failures to log on invalidate the user ID and is reported via an R E/O A M P
Receivables Delivery
prevented. exception report. Management investigates and resolves all items.
Copyright © 2005 5 of 13
- 6. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Revenue & Distribution and Physical unauthorized
Security guards are posted at gates, docks and entry points whenever they are open. R E/O M P
Receivables Delivery access is prevented
Revenue & Distribution and Physical unauthorized Shipping bays and loading docks are closed and locked when goods are not being
R E/O M P
Receivables Delivery access is prevented shipped or loaded.
Upon approved release of a shipment from the warehouse the system automatically
produces invoices with the same date. Shipping dates cannot be modified with out
Examine log of invoices and verify that invoices are
Sales invoice is generated approval by the appropriate levels of management.
sequentially prenumbered/numbered by the system.
Revenue & for every approved
Invoicing C A V C CO E/O V A M P D Confirm by inquiry and examination of follow-up notes that
Receivables shipment and recorded in Invoices are sequentially pre-numbered and accounted for. A manual or system
missing and duplicate invoices are investigated and
the proper period. check is performed to ensure documents are not missing or duplicated or fall outside
followed-up.
of a specified range of numbers. All rejected, suspense, or missing items are
researched, corrected and re-entered on a timely basis.
Sales personnel reconcile control totals of the invoices generated for the day with
the total shipments per the shipping system. A manual or system check is
Revenue & Invoices generated represent
Invoicing performed to ensure data is not duplicated or falls outside a specified range of C A C E/O V A M D
Receivables the actual goods shipped.
numbers (check can be preventive or detective) . All rejected, suspense or missing
items are researched, corrected and re-entered on a timely basis.
Confirm by inquiry with management that the invoicing
system is integrated with related information systems.
System edits exist to validate invoice data input (for example, customer name and
Observe the creation of an invoice and verify that the
Price, amount, and other number, pricing, amounts and other information) against approved standing data and
Revenue & system uses details from correct and authorised files to
Invoicing information on the invoice the sales order system. Invalid data is rejected for re-entry or stored in a suspense C A A C V A P
Receivables record transaction information, such as quantities, product
are correct. file where it is researched, corrected and re-entered on a timely basis to ensure
codes, transaction dates, customer order details, and prices,
completeness.
and that it performs validation checks to ensure correctness
of input data.
Price, amount, and other
Revenue & The invoicing system automatically applies applicable sales or goods and services
Invoicing information on the invoice A A A P
Receivables taxes.
are correct.
Management's approval is required for invoices over specified amounts or unusual
Price, amount, and other terms or discounts and allowances in excess of predefined limits. Invoicing Examine sample of invoices over specified amounts or with
Revenue &
Invoicing information on the invoice personnel examine the sales order for evidence of appropriate approval before input. V E/O A M P unusual prices, terms, and discounts, and verify that there is
Receivables
are correct. The lack of approval creates a suspense file that is reviewed by management for evidence of management review and approval.
clearance on a regular basis.
Price, amount, and other
Revenue & Documentation to support the customers' tax-exempt status, in instances where taxes
Invoicing information on the invoice V A M P
Receivables are not billed are obtained and filed.
are correct.
Price, amount, and other
Revenue & Exception reports for invoices over a specified amount and invoices containing
Invoicing information on the invoice A V A E/O V M D
Receivables unusual prices, terms, and discounts are prepared and reviewed daily.
are correct.
A manual or system check is performed to ensure invoice numbers are not
Revenue & Duplicate recording of duplicated or fall outside a specified range of numbers (check can be preventive or
Invoicing C A A C V A M D
Receivables invoices is prevented. detective ). All rejected, suspense or missing items are researched, corrected and re-
entered on a timely basis.
Copyright © 2005 6 of 13
- 7. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Confirm by inquiry with management that the invoicing
system automatically generates invoices as soon as the sales
The invoicing system automatically generates invoices as soon as the sales order has order has been shipped or the service has been performed.
Revenue & Duplicate recording of been shipped or the service has been performed. Invoices are sequentially Examine log of invoices and verify that invoices are
Invoicing C A A C V A P
Receivables invoices is prevented. prenumbered / numbered by the system. Missing and duplicate invoices are reported sequentially prenumbered/numbered by the system.
and investigated. Confirm by inquiry and examination of follow-up notes that
missing and duplicate invoices are investigated and
followed-up.
For invoices that are input into a temporary file before sub-ledger updates - Batch
totals are utilized before processing is complete. Input documents are grouped and a
numerical total is calculated (i.e. number of documents, dollar amount, hash totals).
These totals are compared to post input/update reports. All out of balance
conditions are researched and re-entered on a timely basis.
Periodic updates for batch
Revenue & Invoice information that is transmitted via EDI can be verified for completeness and
Invoicing processing are complete and C A A C V A M D
Receivables accuracy by setting up specific EDI transaction codes. If invoices that are processed
accurate.
via EDI are considered significant, then a separate review of EDI controls should be
performed by SPA.
Likewise, if invoices that are processed electronically via a public Website or
Extranet are considered significant, then a review of controls should be performed
by SPA.
The invoicing system automatically generates reports of shipments that remain Examine sample of reports of unbilled shipments and verify
Periodic updates for batch
Revenue & unbilled for an unreasonable length of time. Management review the unbilled that management reviews shipments that remain
Invoicing processing are complete and C C A D
Receivables shipments report and follow-up outstanding items with the distribution and sales uninvoiced. Assess the reasonableness of the explanations
accurate.
departments. for long outstanding items.
Periodic updates for batch
Revenue & Amounts invoiced are reconciled daily to amounts debited into accounts receivable
Invoicing processing are complete and C A A C V M D
Receivables sub-ledger and credited into the general ledger.
accurate.
Confirm by inquiry with management that the invoicing
system automatically posts sales transactions into the sales
Correct postings, are made and receivable ledgers, and that discrepancies between
Upon approved release of a shipment from the warehouse the system automatically
Revenue & to sales and receivables and amounts posted to sales and accounts receivables are
Invoicing produces invoices. The invoicing system then appropriately updates Sale/receivable A A V A P
Receivables are recorded in the proper reported and reconciled by finance personnel. Examine
accounting records.
period. sample discrepancies reports and verify that the
discrepancies are reconciled and explained. Assess the
reasonableness of the explanations.
Confirm by inquiry with management and examination of
documented roles and responsibilities of a sample of key
Appropriate segregation of duties should be maintained. (For example, consider
staff and verify that they do not include conflicting
segregation of the following functions and duties: order entry, determining credit
functions, such as shipping and accounts receivable
limits, inventory custody, shipping, invoicing, returns acceptance, returns approval,
Revenue & Duties are adequately functions.
Invoicing credit note approval, cash receipts, cash disbursements, bank reconciliations, R E/O M P
Receivables segregated.
approval of bank reconciliations, A/R accounting/maintenance, and G/L
Examine a report of application access privileges of key
maintenance functions.) Exceptions noted are investigated and resolved. If
staff and verify that they do not have access to privileges
management accepts incompatible duties, appropriate mitigating controls exist.
that may breach segregation of duties. (This test may need
to be performed by SPA/Performance Improvement).
Copyright © 2005 7 of 13
- 8. Notes: *1. To rely on Automated controls, general computer controls must be tested.
*2. Prior to evaluating and validating client controls surrounding restricted access, review PwC Audit and related Masterdata steps with respect to fraud.
Information Contribution to financial statement Automated or Preventiv
Processing assertions Manual e or
Objectives control *1 Detective
Process Sub-process Control Objectives Example Control Activities C A V R*2 A C CO E/O PD RO V A M P D Suggestion of test to perform
Formal approval by application owner is required for access to specific accounting
records. Management reviews access rights periodically to ensure only authorized
individuals have access and for segregation of duties. Exceptions noted are
Ability to post to the
investigated and resolved. Note: Depending on the system, authorization of user
Revenue & accounting records is
Invoicing access and determining segregation of duties may require use of SPA. Access may R E/O M P D
Receivables restricted to authorized
be obtained indirectly – which can only be determined with a system access review.
users.
Also, observing an approved access form does not ensure that other incompatible
access for the person exists. Only by reviewing all access for a user is it possible to
determine if segregation of duties is maintained.
Confirm by inquiry with management that access to
invoicing information is restricted to authorised staff.
Unauthorized access to the Access controls such as user IDs and passwords are utilized and specific to each
Revenue & Examine report of the system access permissions to
Invoicing accounting records is application. Multiple failures to log on invalidate the user ID and is reported via an R E/O A M P
Receivables invoicing information and verify that access is restricted to
prevented and detected. exception report. Management investigates and resolves all items.
authorised personnel. (This test may need to be performed
by SPA).
The company directs all cash receipts to its lockbox(es) . A summary report and
Cash receipts are accurately electronic files of receipts are provided to the company on a daily basis. Total
Revenue &
Cash Receipting recorded and in the proper amount of cash receipts from the summary report is recorded as cash and unapplied C A A C V A M P
Receivables
period. accounts receivable. The electronic files are provided to the accounts receivable
clerk for application to customer accounts.
Cash receipts are accurately Cash receipts are recorded upon receipt and matched to customers' accounts and
Revenue &
Cash Receipting recorded and in the proper invoices via remittance advices. Prenumbered receipts are printed and issued to A V A E/O RO V M P
Receivables
period. payers on receipt of payments.
Cash receipts are accurately
Revenue &
Cash Receipting recorded and in the proper Cash receipts without remittances are separately followed-up by management. A V A E/O RO V M D
Receivables
period.
Confirm by enquiry of management that cash receipts are
Cash receipts are accurately Cash receipts are deposited daily. Total cash deposits are matched to cash receipts deposited daily. Examine cash deposit slips and sight
Revenue &
Cash Receipting recorded and in the proper as part of the day-end process. Unmatched cash receipts are reported and C A A C V A M D evidence that total cash deposited is matched to total cash
Receivables
period. investigated on the next working day. received. Follow up on any discrepancies and verify that
there is adequate investigation and explanation.
Cash receipts are accurately Bank statements are reconciled to cash accounts. Discrepancies are researched,
Revenue &
Cash Receipting recorded and in the proper corrected, and adjusted as necessary on a timely basis. The reconciliations are C A V A C CO E/O V M D
Receivables
period. reviewed and approved by appropriate management.
Cash receipts are accurately
Revenue & Accounts receivable balances are compared to budgeted amounts, prior period
Cash Receipting recorded and in the proper C A V A C V M D
Receivables amounts and industry statistics in monthly management accounts.
period.
The electronic file of receipts into the lockbox interfaces with the accounts
Cash receipts relate to sales
Revenue & receivable sub-ledger and applies cash receipts to the customer accounts based on a
Cash Receipting and are recorded against the C A V A C E/O V A M P D
Receivables matching of customer name, customer number, invoice number etc. Unmatched cash
correct customer account.
receipts are investigated and manually applied.
Cash receipts relate to sales
Revenue & Cash receipts are applied to invoices specified in the remittance advices. If there is
Cash Receipting and are recorded against the C A A C V M P
Receivables no remittance advice, cash receipts are applied to the oldest invoices first.
correct customer account.
Copyright © 2005 8 of 13