In: Accounting
Wares king supplies custom-fitted curtains and blinds to retail customers. It has recently expanded to offer a wide variety of home decorating products through its six stores across the state. After some initial problems with stock control it installed a new automated inventory system in April this year. The system replaced another automated system that had been modified so often over the years that the auditor had advised Wares’s management that they did not regard it as reliable. That is, the auditor was unable to rely on the old system sufficiently to assess control risk for inventory as anything less than high. Required:
a) Explain the normal process an auditor would expect to find in the client’s systems governing changes to computer programs. Why is an auditor concerned about program changes? ( maximum 100 words)
b) Wares kings’ financial year-end is 31 December. Does the auditor need to obtain evidence about the performance of the inventory control system from every month in the year or from a sample of months? Explain. (, maximum 100 words)
c) If the auditor conducts test of the inventory controls at an interim date, is it appropriate to conclude that the controls also relate to the end of period date? Why?
A. Auditors should anticipate to find proper documents of the program modifications. Documentation should comprise what are the alterations made, what reports to be produced by the system, comprising who established the alterations, who verified the alteration before putting into practice and who ratified the alteration such that the developer is not the approver and the approver has no entree to the development setting of the system.
During planning meeting with customers, auditors are obligatory to ask customers to debate business updates, comprising alterations in the IT environment. This empowers the auditor to appropriately plan their audit. Noteworthy changes in the IT environment, like in the case above, positions a lot of inherent risks or the vulnerability of the account to material misstatements in the absence of internal controls. Auditors should confirm to correctly classify and evaluate these inherent risks eg., the intricacy of use of the system, the system executes intricate calculation, the system is considerably patterned from the old system hence erratic, proper training of employees who use the system, etc. so that they can be suitably addressed by their processes. Program alterations may also lead to fraud. Intricacy of changes will provide a prospect for management to commit fraud ie., overstating ending inventory to overstate net profit.
B. Test of controls ought only cover 9 months, from April to December because IT controls for the first 3 months are not dependable, lest there were alterations from prior year that would lead the auditors to trust that it is appropriate to test the IT controls from January to March. For the test of controls from April to December, though not mandatory, auditors should test every month to gather more dependable confirmation, given the history with client's accounting records and given the noteworthy perils linked with the request of new system by the entity. Auditors should gather adequate confirmation as it plays a vital role to the joint risk assessment of inventory account and magnitude of substantive procedures to be performed.
C. Auditors are obligatory to update their assessment of IT controls at year end, as well as their documentations, as there might be significant changes made that are unknown to the team. Inquiry on changes alone is not sufficient. The auditors must test and confirm the operating effectiveness of the IT controls before concluding that they are reliable.