CCL oans by D5D29A5

VIEWS: 0 PAGES: 33

									This is the AuditNet Standard Risk Control Audit Matix which incorporates formats
used by many audit organizations in their documentation working papers. There are
format templates for risk control, audit procedures, questionnaires and checklists.
There is a blank workpaper and a report summary that can in used by audit
organizations. AuditNet has prepared a monograph for guidance on preparing and
developing audit work programs, checklists, questionnaires and matrices. The
monograph is available to AuditNet subscribers. For more information go to
www.auditnet.org
Library Name
Objectives                                                                                               Risks
Objective Type   Objective Category   Objective Title   Objective Description   Objective Library Type   Risk Ref
Optional         Optional             Unique            Mandatory               Optional                 Unique
Risks                                          Controls                                                               Areas
        Risk Description   Risk Library Type   Control Ref   Control Description   Control Library Type   Area ref    Area desc
        Mandatory          Optional            Unique        Mandatory             Optional               Mandatory   Mandatory
Test
Test Ref    Test Title   Test Description   Test Type
Mandatory   Mandatory    Mandatory          Optional
Library Name
                  Areas                                 Test                            Risks      Controls
Area ref       Area desc      Test Ref    Test Title   Test Description   Test Type   Risk Ref   Control Ref
Mandatory      Mandatory   Mandatory     Mandatory     Mandatory          Optional    Optional   Optional
AREA:



   Process   Control Objective   Risk
                         Assertion                            Documentation W/P
Control Considerations   E,A,C,V,P   Description of control         Ref.
                               Testing
Do controls meet
                             exceptions
   objective?
                    Test       noted?     Resolution / remediation/ comments
    Yes/No
                   W/P Ref     Yes/No                    W/P Ref
Audit Program Area: Credit Card Loans

                                AUDIT PROCEDURES                                        WP Ref
Audit Objectives
1. To determine that g/l balances are properly recorded.
2. To determine that loan documentation is adequate and in compliance with the
credit policy and regulatory requirements.

3. To determine that loan information is properly recorded on the subsidiary records.
4. To determine that management's policies and procedures are followed for the
collection of delinquent accounts.
5. To insure compliance with corporate policies regarding charge-off.
6. To determine that credit card operations are effectively controlled.

Section A – Reconciliations
Audit Objective
Determine that g/l balances are properly recorded.
 1. Select asset accounts over $100,000, all liability accounts, and all internal
 demand deposit accounts (DDA), which are reconciled by the department. Review
 and test the reconciliations as follows:
       A. Determine that the proper reconciliation format was used and all
       reconciliation standards were adhered to.
       B. Determine that there are no g/l balances rolled forward from a previous
       month included in the reconciled total.
       C. Foot reconcilements on a test basis.
       D. Trace totals to the g/l and to subsidiary ledgers as appropriate.
       E. Verify that adequate supporting documentation exists and each
       reconciling item is listed with an initial date of entry.
       F.     Verify that the reconcilement is signed and dated by the preparer and a
       reviewer.
       G. Determine that information regarding any unreconciled accounts,
       unsubstantiated reconciling items, and any items 90 days old was
       communicated to the chief financial officer (CFO) along with the certification
       of all departmental accounts.
 2. For the remaining accounts not already tested, select all g/l suspense
 accounts, “in process” accounts, and any off-balance sheet accounts.
       A. Test reconcilements in accordance with attributes described above.

       B. Age all items that make up the account balance and determine the
       reason for any items over _______ days old (depends on the nature of the
       transaction involved; could be more than one day before item clears).


 Suspense Account Definition: A balance sheet account used to post transactions
 that, due to timing differences, have not cleared. An account to temporarily post
 items to, pending a decision of final treatment. Items must be capable of
 identification.
 3. Determine how interest income is recognized and trace the flow of income from
 vendor reports to the g/l.
 4. Summarize results of testing and conclude as to whether the audit objectives
 have been met.
Section B - Documentation Review
Audit Objectives
Determine that loan documentation is adequate and in compliance with the credit
policy and regulatory requirements.
Determine that loan information is properly recorded on the subsidiary records.
 1. Document process for approving and initial setup of new accounts.
 2. Select a sample of new applications covering a recent six- month period. For
 each account selected, review loan file for the following attributes:
        A. Fully completed application, particularly the following information: amount
        of credit and date of application.
        B. Completed loan checklist for the specific loan type.
        C. Credit report and/or financial information.
        D. Underwriting documents completed in accordance with bank policy
        including approval within authorized limits.
 3. Using available reports, list cardholder accounts with unrealistically high credit
 limits. (For individuals credit limits are up to $15,000, and up to $25,000 for
 businesses.) Inspect the customer file for evidence of senior lender approval
 according to policy.
 4. Credit Limit Increases:
        A. Determine if credit limit increase decisions are automated. Determine what
        credit criteria the bank uses for account management decisions.

         B. Select a sample of credit limit increases. Determine the increases are
         properly authorized and meet bank policy requirements for granting the
         increase.
  5. Summarize results of testing and conclude as to whether the audit objectives
  have been met.
Section C - Past Dues, Collections, Charge-offs
Audit Objectives
Determine that management's policies and procedures are followed for the collection
of delinquent accounts.
Ensure compliance with corporate policies regarding charge-off.
  1. Determine and document procedures followed to compile month-end
  delinquency and non-accrual figures for purposes of reporting to the board of
  directors. Ensure procedures include the following:
         A. Monthly review of delinquencies/non-accruals by management.
         B. Minimal, or no, adjustments to the system delinquency/non-accrual
         figures.
  2. Obtain the system generated delinquency and non-accrual reports and the
  management prepared reports submitted to the board as of the audit date. Ensure
  all loans reported as delinquent/non-accrual per the mainframe reports were
  included in the board reports in the proper delinquency/non-accrual category. Verify
  the legitimacy of removing any delinquent loan by reviewing any payments at/near
  month-end.
  3. Determine if credit card collection policy provides direction with regard to when
  certain "holds" are put on accounts and document whether collection personnel are
  following policy.
 4. Determine that losses from fraud, bankruptcy, and deceased accounts are
 charged off when the loss is determined.
 5. For one test month, trace the g/l entries for credit card charge-offs to the detail
 documentation. Determine that charge-offs have been properly approved and are
 in conformance with the company's policy.
 6. Summarize results of testing and conclude as to whether the audit objectives
 have been met.
Section D- Other
Audit Objectives
Determine that credit card operations are effectively controlled.
 1. OVER CREDIT LIMIT: Using available reports, select a random sample of
 accounts that have exceeded the credit limit by 10 percent of the credit line:
       A. Determine what procedures are in place to block the account, collect on
       the balance, stop future charges, and capture the card if necessary.

        B. Determine whether an established over-line authorization limit has been
        established and whether it is reasonable.
 2. Review internal reports on over-limit activity. If over-limit amounts are significant
 or if negative trends are evident, discuss with management.
 3. Review payment processing for segregation of duties between input and
 reconciliation.
 4. Review account maintenance procedures to determine account changes, other
 than credit limits, are authorized by the customer.
 5. Review annual fees and investigate any fee waivers.
 6. Review accounting for annual fees to insure income recognition over the period
 of renewal.
Auditor    Time      Date     Date           Checked
Initials   Spent   Expected Finished Remarks   By:
Audit Program


Audit Procedure   Control Objective
                                                Workpaper   Performed     Date
Risk if Objective Not Met   Control Technique   Reference       By      Expected
  Date      Budget   Actual   Document
Completed   Hours    Hours    Reference   Source   Reviewed By
Remarks/Comments
       Audit Program Area

Global Audit Procedure      Control Objective Risks Control     Control      KeyControl? Frequency
Ref No,                                             Activity   Description
                                                    Number
Owner Exceptions Type   Document    Mapping to
                        Reference   Standards
AREA:



   Process   Control Objective   Risk
                         Assertion                            Documentation W/P
Control Considerations   E,A,C,V,P   Description of control         Ref.
                               Testing
Do controls meet
                             exceptions
   objective?
                    Test       noted?     Resolution / remediation/ comments
    Yes/No
                   W/P Ref     Yes/No                    W/P Ref
                              Client Name
                      Internal Control Framework

          Date Completed:
          Completed By:
          Reviewed By:

          Question                                                  Yes No* Comments /Description




              To the best of my knowledge, the answers and comments noted above are accu



          Name and Title of Person Completing Form (please print)                            Name and Title of Department Dire


* For a “No” answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed.                            Questionnaire
                   Signature of Person Completing Form                                                Signature of Department


                            10/4/2012
                          Date Form Completed                                                     Date of Department Directo




* For a “No” answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed.                            Questionnaire
                           Employee Responsible for Task




s noted above are accurate and reflect the current



Name and Title of Department Director (please print)


            * For a “No” answer, cross-reference to either a compensating control or to audit work which has been performed
            or is to be performed.                            Questionnaire
   Signature of Department Director



Date of Department Director's Signature




      * For a “No” answer, cross-reference to either a compensating control or to audit work which has been performed
      or is to be performed.                            Questionnaire
Finding Ref #   Control Testing   Finding
Management Response & Treatment

								
To top