Question

 

A. Should internal auditors be members of systems development teams that design and implement an AIS? Why or why not?

 

B. What internal control procedure(s) would provide protection against the following threats?

 

1. Theft of goods by the shipping dock workers, who claim that the inventory shortages reflect errors in the inventory records.

 

2. Posting the sales amount to the wrong customer account because a customer account number was incorrectly keyed into the system.

 

3. Making a credit sale to a customer who is already four months behind in making payments on his account.

 

 

Answer 1

Answer A

No, auditor's role in systems development should be limited to an independent review of systems development activities. To maintain the objectivity necessary for performing an independent evaluation function, auditors should not be involved in developing the system.

Many people believe that the internal auditors should be involved in systems development projects in order to ensure that newly developed systems have effective controls. However, if the auditor is involved too much in the development process, then his or her independence may get harmed with respect to subsequent review and evaluation of the system. Accordingly, the auditor should not be a member of a systems development team, or be otherwise directly involved in designing or implementing new systems.

Answer B

Internal control procedure that provide protection against the following threats:

Theft of goods by the shipping dock workers, who claim that the inventory shortages reflect errors in the inventory records.

Solution: Proper documents should be maintained as and when goods are received and sent. Inventory clerks should count and document goods (on paper or by computer) as they leave inventory storage. Shipping personnel should be required to count and document receipt of goods from the finished goods storeroom to acknowledge responsibility for custody of the goods transferred.

It will help maintain control over inventory. Reconciling the two sets of counts makes it more difficult for employees to steal inventory as it is received and shipped.

2. Posting the sales amount to the wrong customer account because a customer account number was incorrectly keyed into the system.

Solution:

This kind of error can lead to disputes between the entity and the customers, during the time of finalisation of books as the account balances would not match, so this error should be rectified as soon as it is noticed. A validity check would tell if a valid customer number was entered, not if the correct valid customer number was entered. Also, check digit verification could tell you whether the customer number existed, but not if it was the right customer number.

If the transactions are being entered in batches, redundant data such as the first five characters of the customer's name could be included in each input record; after finding a match on customer account number, the system would also verify that the name characters match before posting the transaction.

If the transactions are being entered online closed loop verification could be used. The system could respond to the operator entering the account number by retrieving and displaying the customer's name of the operator to review.

Also,check digit verification could tell you whether the customer number existed, but not if it was the right customer number.

3. Making a credit sale to a customer who is already four months behind in making payments on his account.

Solution: During the credit approval process, proper accounts receivable aging schedule should be maintained and provided to the credit manager so that he can identify customers with past due balances to prevent additional sales to those customers. Up-to-date credit records must be maintained to control the problem. Alternatively, the computer system could be programmed to determine if the customer had any past due balances over a specified length of time (such as 90 days). If not, the sale would be approved. If they had a past due balance, a notice could be sent to the credit manager who could review the sale and make a decision about extending additional credit.