General internal audit model

Reviews
Shared by: paolo scuri
Categories
Tags
Stats
views:
252
rating:
5(1)
reviews:
0
posted:
1/5/2008
language:
pages:
0
[Company Name] Audit Plan Worksheet [Date] General controls General control area Control environment Control Company has a formal ethics committee and a communication policy to ensure that ethical standards are documented and communicated to all employees. Company has a formal audit committee, consisting of independent external board members. Include in testing? Yes Testing frequency Annually Notes In light of recent ethical issues within the industry, pay close attention to this item. Control environment Yes Quarterly Business planning Management uses a formal business planning process to drive the allocation of resources and to provide direction to the business. Business and operating plans are reviewed on a regular basis to ensure that the company is achieving its planned objectives. Management has implemented formal processes for reviewing operational data to assist with day-today decision-making. Systems are maintained to store all transactional and accounting data required to produce financial statements. (Note: If systems are relied upon to produce financials, consider whether information technology controls should be evaluated.) The company maintains a formal records retention policy, which enforces the minimum standards required by the Internal Revenue Service (IRS). Management has developed a business continuity policy, which states that the procedures should be enforced if a situation were to arise where business is interrupted. Key documents, including employee records, checks, contracts, customer information, and other confidential materials, are kept in locked or otherwise physically secure locations. No Business planning No Management reporting No Financial reporting No Records retention No Business continuity No Physical security No Business process audit areas Control area Procure to pay Control Duties are segregated so that the person who authorizes vendor payments is not responsible for generating purchase orders or writing checks. Formal purchase orders are used for every purchase. Include in testing? Yes Testing frequency Notes Procure to pay No Procure to pay A list of authorized vendors is maintained; purchase orders can be written only against an authorized vendor. Vendors are audited on a quarterly basis to determine if conflicts of interest exist between procurement personnel and vendors. Vendor invoices are checked against signed purchase orders and delivery receipts before a check is cut. Numbered purchase orders and delivery receipts are kept in a locked area and are logged in sequential order. New sellers of the company's product are required to pass a prospective customer credit review before credit terms can be offered. A subsidiary ledger of all purchase and accounts payable transactions is maintained and is stored within a physically secure area. Customer records are maintained, including a purchase history for each transaction during the audit year. A cash collection log is maintained for all cash receipts. Such receipts are deposited at the end of each business day. An accounts receivable ledger is kept for all customer credit purchases. An aged accounts receivable report is generated to monitor cash collections. A log for journal entries that affect the monthly closing process is kept to document all adjustments made for reporting purposes, such as depreciation or amortization. An employee roster is maintained, including status (exempt/non-exempt), pay rate, and tax jurisdiction. State and federal taxes are withheld properly for all payroll, based on tax jurisdiction. No Procure to pay No Procure to pay No Procure to pay No Procure to pay No Procure to pay No Order to cash No Order to cash No Order to cash No Book to report No Payroll No Payroll No Fixed assets A log of all fixed assets, along with a depreciation schedule, is maintained in a secure location. No Inventory An inventory valuation method (such as weighted average, FIFO, or LIFO) is used consistently throughout the audit period. An inventory ledger including a cost-of-goods-sold analysis should be maintained. No Inventory No [Company Name] Audit Worksheet [Date] General controls General control area Control environment Control Company has a formal ethics committee and a communication policy to ensure that ethical standards are documented and communicated to all employees. Company has a formal audit committee, consisting of independent external board members. Management uses a formal business planning process to drive the allocation of resources and to provide direction to the business. Business and operating plans are reviewed on a regular basis to ensure that the company is achieving its planned objectives. Management has implemented formal processes for reviewing operational data to assist with day-to-day decision-making. Systems are maintained to store all transactional and accounting data required to produce financial statements. (Note: If systems are relied upon to produce financials, consider whether information technology controls should be evaluated.) The company maintains a formal records retention policy, which enforces the minimum standards required by the Internal Revenue Service (IRS). Management has developed a business continuity policy, which states that the procedures should be enforced if a situation were to arise where business is interrupted. Key documents, including employee records, checks, contracts, customer information, and other confidential materials, are kept in locked or otherwise physically secure locations. Test in current period? Yes Test of controls Control evaluation Notes on results Ensure that ethics policy is updated during next audit. Control environment Yes Review minutes of board meetings to determine whether ethics board was active; Effective review ethics policy to determine when last update was made; review employee handbook to determine if ethics policy is being communicated to employees. Review composition and background of audit committee board members to determine independence. Review recent business plan to determine level of sign-off. Business planning No Business planning No Interview key executive and management personnel to document timing of plan reviews. Interview key management personnel to document process for reviewing operational data. Review sample of reports. Document key systems used to support financial statements; systems to document include the general ledger and order management applications. Management reporting No Financial reporting No Records retention No Review the retention policy; conduct a site visit to determine if historical records are stored in alignment with the retention policy. Review the business continuity plan; determine whether it is current and whether it has been tested recently. Review test results if available. Observe the physical locations for key business-related documents to gauge whether the level of security is appropriate. Business continuity No Physical security No No No No No No No No Business process audit areas Control area Procure to pay Control Duties are segregated so that the person who authorizes vendor payments is not responsible for generating purchase orders or writing checks. Formal purchase orders are used for every purchase. Test in current year? Yes Test of controls Review organizational charts; interview key personnel to understand job responsibilities. Review purchase orders matched to checks to review signatures. Sample 5% of the procurement log to ensure that signed purchase orders were available and that the data matches. Randomly sample raw materials inventory, and trace back to log and purchase order(s). Review log and determine when last updated. Conduct confirmation with sample of vendors to determine authenticity. Review results of last audit. Control evaluation Effective Notes on results Create a uniform purchase order form that needs two signatures to keep spending in check. Procure to pay No Procure to pay A list of authorized vendors is maintained; purchase orders can be written only against an authorized vendor. Vendors are audited on a quarterly basis to determine if conflicts of interest exist between procurement personnel and vendors. Vendor invoices are checked against signed purchase orders and delivery receipts before a check is cut. Numbered purchase orders and delivery receipts are kept in a locked area and are logged in sequential order. New sellers of the company's product are required to pass a prospective customer credit review before credit terms can be offered. A subsidiary ledger of all purchase and accounts payable transactions is maintained and is stored within a physically secure area. Customer records are maintained, including a purchase history for each transaction during the audit year. A cash collection log is maintained for all cash receipts. Such receipts are deposited at the end of each business day. An accounts receivable ledger is kept for all customer credit purchases. An aged accounts receivable report is generated to monitor cash collections. A log for journal entries that affect the monthly closing process is kept to document all adjustments made for reporting purposes, such as depreciation or amortization. An employee roster is maintained, including status (exempt/non-exempt), pay rate, and tax jurisdiction. State and federal taxes are withheld properly for all payroll, based on tax jurisdiction. No Procure to pay No Procure to pay No Procure to pay No Observe Accounts Payable during disbursement cycle. Review sample of disbursement file to determine that checks are cut only against signed purchase orders with delivery confirmation. Review logs and check against samples of purchase orders and receipts. Procure to pay No Sample customer list, and match selections to credit review analysis. Procure to pay No Review subsidiary ledgers, and match previous period totals to closed amounts on the financial statements. Review history for a sample of customers, and match to accounts receivable and/or cash receipts records. Review deposit records for a sample period, and match to deposit receipts. Order to cash No Order to cash No Order to cash No Review subsidiary ledger and aged accounts receivable report. Tie ledger to financial statement totals for previous periods. Review general journal entries to determine if appropriate sign-off on material transactions is present. Trace a sample of journal entries to the financial statements to ensure proper posting. Take sample of current employee information, and verify with Human Resources and with direct manager that information is kept accurately. Review tax deposits, and match to employee detail for a sample period. Book to report No Payroll No Payroll No Fixed assets A log of all fixed assets, along with a depreciation schedule, is maintained in a secure location. An inventory valuation method (such as weighted average, FIFO, or LIFO) is used consistently throughout the audit period. An inventory ledger including a cost-of-goods-sold analysis should be maintained. No Review fixed asset log and capital asset depreciation schedule. Ensure that totals equal amounts on financial statements for previous periods. Discuss with management the valuation method used, to determine appropriateness. Note if any changes in valuation method were used, and if so, obtain justification from management. Review ledger and cost-of-goods-sold analysis for period, and tie to financial statement results. Inventory No Inventory No No [Company Name] Audit Plan Recommendations [Date] General controls Audit recommendations Business process audit areas Audit recommendations

Related docs
Technical skills HOw tO DEvELOP a mODEL INtErNaL auDIt PrOGram (mIaP)
Views: 8  |  Downloads: 0
INTERNAL AUDIT CHARTER General SAICA is establishing an internal
Views: 3  |  Downloads: 1
POLICY ON INTERNAL AUDIT
Views: 22  |  Downloads: 3
Internal Audit Service . Internal Audit Report no.0602 to
Views: 96  |  Downloads: 14
Internal audit - the new model
Views: 0  |  Downloads: 0
Internal IT Audit Report Excel Template
Views: 5824  |  Downloads: 746
Audit Committees
Views: 5  |  Downloads: 2
Government Internal Audit Certificate Internal Audit Training and Development
Views: 34  |  Downloads: 3
Internal Audit-Best Practices
Views: 22  |  Downloads: 6
MODEL OF INTERNAL CONTROL REPORT
Views: 5  |  Downloads: 0
Model Audit Rule Survey Results
Views: 0  |  Downloads: 0
Internal Audit Checklist for Inforamtion System in an Organisation
Views: 488  |  Downloads: 67
The Auditor'sConsiderationof the Internal Audit Function in an Audit
Views: 5  |  Downloads: 1
Other docs by paolo scuri
Political Islam in Egypt
Views: 102  |  Downloads: 2
someone_cares_med[1]
Views: 88  |  Downloads: 8
rules_for_happy_living[1]
Views: 106  |  Downloads: 14
robin_lo[1]
Views: 92  |  Downloads: 3
Resurrection
Views: 97  |  Downloads: 4
resolutions_med[1]
Views: 75  |  Downloads: 5
resist_discouragement
Views: 77  |  Downloads: 1
really_matter_med[1]
Views: 61  |  Downloads: 0
real_love[1]
Views: 95  |  Downloads: 6
quotes_by_Henry_Ward_Beeher[1]
Views: 68  |  Downloads: 2
packing_your_parachute_lo[1]
Views: 54  |  Downloads: 1
Outlaw_lo
Views: 44  |  Downloads: 0
out_in_the_fields_with_God[1]
Views: 41  |  Downloads: 2
our_humble_savior_lo[1]
Views: 41  |  Downloads: 0
one_solitary_life
Views: 43  |  Downloads: 0