1. Internal control in auditing and accounting refers to the processes or tools used to ensure that the operations of the business are carried out in an effective and efficient manner (Feng, McVay and Skaife 2014). These operations include day to day business transactions, recording transactions in books of accounts, compliance with law, regulations and policies of the company. Internal control system is important for business as it is useful in audit procedure. A company which has a strong internal control assures the auditor that there is effectiveness and efficiency in operations and management of the company.
There is an auditing standard which deals with auditor’s responsibility of identifying the risk of material misstatements and assessing them in consideration with the company’s internal control. The standard is Australian Standards of Auditing (ASA) 315 (Auasb.gov.au. 2017). As per this standard internal control is defined as the processes which is implemented and maintained by the management of the company with regards to financial reporting in the business. As per ASA 315 the auditor need to have a proper understanding of the internal control of the business. The role of the management is very important in designing, implementing and maintaining proper internal control. For the purpose of analyzing an entity’s internal control an auditor will take the following steps:
i. The auditor first need to understand whether there exist an internal control and if it exist whether it is implemented and properly maintained or not.
ii. The auditor will then carry out risk assessment procedures like making enquires within and outside the entity for confirming or dispelling doubts of material misstatement occurrence.
iii. The auditor will then try to have an understanding of the business’s nature and relevant accounting rules which applies to them. The auditor shall also obtain a clear understanding of the internal control processes and also on control environrnent.
iv. The auditor will also check the internal control system and decide on its effectiveness and efficiency. The auditor will also consider the relevance of internal control and other audit evidences in the audit process.
The auditor is then required to make a record of his understanding as a content of documentation which the auditor is required to maintain. The auditor will make a record of mater like discussions with the management of the business and significant agreements, understanding of the nature of the business and relevant regulations which are associated with the business, the risks associated with internal control on which the auditor has obtained a clear understanding. The auditor will be conducting test to confirm the effectiveness of internal control.
The internal control management is the responsibility of the management and not of the auditor therefore the management cannot expect the auditor to create or design or comment on the internal control. If proper internal control is present in a business then the auditor undertake less audit procedure and believe the evidences which the management provides and depends more on evidences acquired internally as well on management representations.
2. The audit of a company depends on the judgement of the auditor entirely. The audit procedure considers the strength or weakness of an internal control while collecting audit evidences. There are two types of audit strategies which an auditor can adopt while conducting audit. These strategies are lower assessed level of control risk approach strategy (Reliance Strategy) and Predominately Substantive approach policy (No Reliance Strategy). If reliance strategy is adopted then auditor will try to obtain an understanding of the internal control of the business, conduct test control procedures. In such a strategy the auditor assumes that there is low or medium possibility of control risks and relies on the internal control of the company to collect audit evidences. If such a strategy is adopted by the auditor then he will be relying on the internal control and assume that everything in records is proper. The auditor will believe management representations and every evidences collected from the internal sources. The auditor will undertake less analysis of audit procedures in such a case.
1. As per the case study an audit is being conducted of Caroma Bathrooms Australia limited. The company is specialised in making bathroom fittings. The internal control policies in the area of sales are as follows:
a. Policy of the company to allow a credit sale period of maximum 30 days.
b. The preparation of sales order and the use of three copies out of which, one is filed with them and two other are send to shipping department and invoicing department.
c. Pre numbering of sale orders and whole billing process.
The internal control policies in accountant receivable area are:
a. Appointment of two officers especially for account receivable and collection of funds only.
b. Matching of the receipts with remittances so that no discrepancies in payment occur.
c. Preparation and management of account receivable account by a separate person and bank reconciliation done for matching of both books of accounts.
2. The internal control in sales area prevents fraud or misstatement in certain areas. The 30 days maximum credit policy control the credit sales in the company and so funds coming from credit sales can be ascertained. The preparation of three copies of sale order is helpful in creating a trail which links shipping, docket, invoicing and ultimately accounting department therefore proper scrutiny is possible. Proper numbering of sales order prevents fake sale orders and systematic record keeping of information. In account receivable area, appointment of separate officers ensures proper collection and matching of receipts with remittances ensures exact amount is received and nothing is due. Bank reconciliation allows bank records to match the cash records of the company for proper maintenance.
3. The key assertions which are made by sales area are helpful in proper recording. Maximum 30 days sales keeps the collections from credit sales in check and debtors records can be analyzed. The three copies of sales orders are effective to create a trail of information which is helpful if the information is needed to be cross checked. The numbering allows the business to keep a track record of purchase orders and with sales order to ensure that nothing is omitted.
4. The weaknesses of internal control of Caroma in sales area are as follows:
a. The complexity of the sales recordings
b. Discrepancies can be created by the sales department which can then affect the whole process of control.
c. Introduction of computer invoicing and preparation of sale orders or technological advancements requirement.
The weaknesses of internal control in account receivable area are follows:
a. The officers who are there for collection can abscond with the cash so collected.
b. Recording of transactions like sales return and discounts can affect the control process.
c. Scrutiny with accounting sales department with account receivable is necessary,
5. The complexity of sales recording and overall transactions can make the internal control process difficult to understand. Thus sales account will be at risk. In second weakness also sales account is affected. In the third weakness the billing and accounting department will be at risk. In all the weakness of accounting department the risk is on sales and accounting department.
6. The main figures at risk due to the weaknesses of the internal control are sales and account receivable and cash figures in a financial records.
Auasb.gov.au. (2017). Australian Auditing Standards.
Feng, M., Li, C., McVay, S.E. and Skaife, H., 2014. Does ineffective internal control over financial reporting affect a firm's operations? Evidence from firms' inventory management. The Accounting Review, 90(2), pp.529-557.