Question

Baker Manufacturing company has the recently implemented a new general and reporting systems. The systems allow the various accounting subsystems to enter and update the general ledger. All department all allowed to enter adjusting entries and chart of account changes. There are specific steps that must be followed in order to enter transaction and adjusting entry information. Specially, in the transaction entry input screen, the user is required to input the first letter of their first name and their last name. The user then enters the journal entries and adjustment entries. Baker Manufacturing company is striving to be a "paper-free" company. Therefore, no paper documents are required to support the entries. During the recent month, the following errors and concerns were identified:

a/ a number of journal entries were not approved by department managers prior to being entered into the system.

b/ a vendor accessed the reporting system and copied the financial statement of Baker.

c/ the computation of the depreciation adjusting entry was wrong- the formula used on the spreadsheet was missing a decimal.

d/ a number of managers reviewing the reports generated by the system complained the format of statements made it difficult to read but they agreed the amounts were accurate and a

e/ the journal entries entered by the revenue subsystem were deleted by the employee entering the payroll entries-the accounts were updated but there is no record of the revenue entries.

Required: Identify five control procedures that the Baker Manufacturing company should implement to address the problems.

Answer 1

The following Risk & Control Framework can be followed to understand the root cause of the issue reported and actions taken for risk mitigation.

Sl. No.	Risk Description	Nature of Risk	Control for Mitigation	Control Result
1	A number of journal entries were not approved by department managers prior to being entered into the system	Financial	As per segregation of duties matrix, the levels of journal entry preparer, checker & approve should be applied	All entries once entered by preparer will be audited by the checker and subsequently approved by the approving manager for posting.
2	A vendor accessed the reporting system and copied the financial statement of Baker.	Financial	This is an incident of bypassing login access or the vendor had secured a valid user's credentials which allowed him access to financial statement.	Identify the user id from audit trail which has been used by the vendor and block it from further use. Blacklist the vendor from future business with the organization
3	The computation of the depreciation adjusting entry was wrong- the formula used on the spreadsheet was missing a decimal.	Financial	This is a calculation error in the excel working which is outside the system. The reviewer/checker of the entry should review the working before allowing it for approval	All workings are verified before the journal entry hits the ledger
4	A number of managers reviewing the reports generated by the system complained the format of statements made it difficult to read but they agreed the amounts were accurate	Non-Financial	The formats can be modified based on request. However, this is only a presentation issue. The presentation doesn't impact the financial information.	Format modified based on request to make the reports readable for the managers\
5	The journal entries entered by the revenue subsystem were deleted by the employee entering the payroll entries-the accounts were updated but there is no record of the revenue entries.	Financial	No employee should have direct access to delete any entry after posting. There should be a separate form which is submitted for management approval if an entry needs to be deleted from the system.	Access to delete entry is revoked. Any entry can be deleted only after management approval documented with justified reasons.