Question

1）Describe the four ways that management can use to respond to risk. Provide an example for each of them.

2）Identify possible problems associated with receiving goods and appropriate actions in response to the problems.

3）Discuss the threat of unauthorized changes to the payroll master file and its consequences.

4）Identify ten threats and applicable control procedures in the expenditure cycle.

Answer 1

1.

The risk management process usually includes four steps:

1. Identifying possible risks
2. Assessing their probability and impact on your project
3. Planning a risk response for each risk
4. Monitoring the project

2.

When a shipment of goods arrives, the quantity of goods received may not be the same as the quantity ordered; the goods may have been damaged in shipment and therefore are not suitable for use; and, goods may be received that are inferior in quality and fail an inspection. Whenever any of these problems occur, the purchasing department should deal with the vendor and issue a debit memo to record an adjustment to the order. The vendor should then issue a credit memo in acknowledgment of the problem and the pending adjustment.

3.

Many problems may result when there are unauthorized changes to the payroll master file. Unauthorized changes may be made to employee pay rates, resulting in the company paying too much in wages. "Ghost" or "phantom" employees may be added to the payroll master to divert funds to dishonest employees through the issuance of paychecks to such "employees." Likewise, terminated employees may still be paid, resulting in the fraudulent diversion of payroll funds. Two controls that should be implemented and maintained to provide overall control of the payroll master file: proper segregation of duties and controlling access to the file. Good internal control dictates that only authorized HRM personnel be allowed to update the payroll master file for any hiring, termination, pay raise, and promotion. HRM personnel, who have such access to the payroll master file, should never be allowed to directly participate in actual payroll processing or paycheck distribution. This way an adequate control is created to match actual paychecks (or earnings statements when direct deposit is in place) with employees when a manager, supervisor, or other third party hand out the checks (or earnings statements). Also, a different individual should approve all changes to the payroll master file in writing other than the individual who recommends or initiates the changes. User IDs and passwords should always be used to control access to the payroll master file, and an access control matrix should be established to define what actions each authorized employee is allowed to make and confirms the files the employee may access.

4.

1: Stock-outs Controls: Inventory control system, accurate perpetual inventory, and vendor performance analysis is needed to prevent this problem 2: Requesting goods nat needed forms, and restricted access to blank purchase orders 3: Purchasing goods at inflated prices orders and price list consultations are needed to prevent this problem 4: Purchasing goods of inferior quality Controls: Use experienced buyers who know good vendors, review purchase orders, and incorporate approved vendor fist into formal procedures 5: Purchasing from unauthorized vendors Control: Pre-numbered purchase orders should be approved; restrict access to approved vendor list and have procedures in place for any change to the 6: Kickbacks paid to buyers to influence their decisions a Controls: Clear conflict of interest policy prohibiting the acceptance of any gift from vendors disclosure of financial interest policy for purchasing agents, and vendor audits 7: Receiving unordered goods Controis: Receiving department must reject any goods for which there is no approved purchase order 8: Errors in counting goods received count goods, provide incentives for counting goods 9: Theft of inventory Controls: Secure inventory storage locations; make transfers of inventory with proper approval and documentation; do periodic physical count and reconciliation with recorded amounts 10: Emors in vendor invoices Controls: Invoice accuracy should be verified and compared to P.O.s and receiving report data 11: Paying for goods not received payments 12: Failure to take available purchase discounts due date: use a cash budget to plan for cash needs 13: Paying same invoice twice ones should be canceled so they cannot be used again; do not pay invoices marked "Duplicate" or "Copy

Controls: Review and approval by supervisors, use of pre-numbered requisition

Controls: Competitive bidding and proper supervision approved purchase

list

Controls: Use "blind" P.O. copies to force receiving personnel to actually

Controls: Voucher package and original invoice should be necessary for

Controls: File approved invoices by due date, track invoices by

Controls: Invoices should be approved only with a full voucher package and paid

14: Recording and posting errors for purchases and payments Controls: Data entry controls, and periodic reconciliation of subsidiary ledger with general ledger control account