ZeePedia

Construction of an ICQ

<< Flow Charts and Internal Control Questionnaires
Audit evidence through Audit Procedures >>
img
Fundamentals of Auditing ­ACC 311
VU
Lesson 19
INTERNAL CONTROL QUESTIONNAIRE
Having ascertained, confirmed and recorded the system, the auditor now needs to carry out a preliminary
evaluation of the system in order to make a decision as to whether he will:
·  Rely on internal controls and adopt a systems audit approach, or,
·  Perform extensive substantive testing. Using a verification approach to the audit.
Internal Control Questionnaire
An ICQ is a formal and usually standardized document which comprises:
3. A list of internal controls in existence and
4. Highlights any weaknesses.
Features:
·  Used in large company audit
·  Used to place reliance on internal controls
·  Used to design audit approach
Objectives:
(i)
To ascertain a clients systems of accounting and internal control
(ii)
To evaluate the control system thus recorded, and hence
(iii)
To identify those controls which indicate strengths in the system upon which the auditor
will seek to place reliance, and
(iv)
To identify those areas over which there are weak or no controls and which therefore
must be subjected to more extensive substantive testing and reported by inclusion in the
Management Letter.
Construction of an ICQ
(I) It is good practice when designing ICQs to state, as a brief introduction:
(a) a list of control objectives which each sub-system under consideration should seek to achieve
(b) any business considerations specific to the enterprise under review which should be taken into
account.
The reason for this is essentially to highlight for the audit staff key areas for their consideration to the audit
staff.
II) The questions in an ICQ should be designed to ascertain whether the control objectives are being
achieved and should therefore cover such aspects as:
(a) instructions given to staff in the performance of their duties
(b) authorization procedures
(c) documents and procedures used to originate transactions
(d) recording procedures
(e) sequence of procedures
(f) custody procedures
(g) relative independence of the persons involved at each stage of a transaction (i.e. segregation of
duties).
(III) The questions should be framed such that a Yes/No answer is given, with a No answer usually
indicating a control weakness.
(IV) An ICQ should carry such basic information as:
(a) the name of the document (ICQ)
(b) the system to which it relates (e.g. purchasing cycle)
(c) the client to whom it relates
(d) the accounting period under review
(e) evidence of who has prepared and reviewed the document
(f) the provision of columns for:
- Yes and No answers
- comments where neither Yes or No are applicable
- indicating the significance or otherwise of apparent weaknesses
68
img
Fundamentals of Auditing ­ACC 311
VU
- references to audit programs
- references to Management Letters.
Example of part of an ICQ
INTERNAL CONTROL QUESTIONNAIRE
Prepared by: ________
Date: ________
CLIENT: ___________
PERIOD: _____
Reviewed by:________
Date: ________
THE PURCHASING CYCLE
(a) Control objectives.
(b) Business considerations.
(c) The questionnaire
a) Control objectives
To ensure that:
(i)  Purchased goods/services are ordered under proper authorities and procedures
(ii) Purchased goods/services are only ordered as necessary for the proper conduct of the business
operations and are ordered to suitable suppliers
(iii) Goods/services received are effectively inspected for quality, quantity and condition
(iv) Invoices and related documentation are properly checked and approved as being valid before
being entered as trade payables
(v) All transactions relating to trade payables are valid (suppliers invoices, credit notes and
adjustments), and only those valid transactions should be accurately recorded in the accounting
records.
b) Business considerations
Points
Effect on audit procedures and on financial statements
(i) Nature of the company's
- Auditor must be aware of the
purchases.
Varying nature of goods purchased.
(ii) The existence of a
- As far as possible ordering should
purchasing department.
be centralized.
(iii) The company's
- The fixing of minimum/maximum
purchasing policy.
Inventory and re-order levels should ensure efficient control. However,
buying in bulk, with resulting higher inventory levels may be part of a
company policy to reduce unit costs, in which case inventory
obsolescence and storage cost problems may arise.
(iv) The selection of suppliers.  - The purchasing department should maintain a supplier's register to
record past purchases, prices, and satisfaction received etc. The constant
seeking of alternative sources of supply at keener prices is an indication of
efficient management
69
img
Fundamentals of Auditing ­ACC 311
VU
(C) Questionnaire
Yes/ No
Comments References
Initiation and authorization
·
Are standard (Purchase) order
forms (SOFs) issued showing
names of suppliers, quantities
ordered and prices?
·
Are copies of SOFs retained on
file?
·
Who authorizes orders and
what are their authority limits?
·
Are the persons in 3 above
independent of those who issue
requisitions?
·
Is a record kept, of orders placed
but not executed? (If yes, specify
type of record kept and filing
sequence).
Custody
·
Are goods from suppliers
inspected on arrival as to quantity
and quality?
·
How is the receipt of supplies
recorded (e.g. by Goods Received
Notes)?
·
Are these records prepared by a
person independent of those
responsible for:
- ordering functions?
- processing and
- recording?
Criticism on ICQs
·  ICQs represent an attempt at a formalized, systematic, approach to the audit of large complex
organizations.
·  It is however increasingly apparent that such questionnaires can become too complex, lengthy and
detailed for meaningful evaluation of accounting systems.
·  There is a danger that ICQs can provoke too formalized an approach to an assignment; that will be
concentrating as they do on the controls themselves rather than upon the fraud or irregularity that the controls
are designed to prevent.
Internal Control Evaluation Checklists
To overcome the above discussed possible shortcomings, many auditing practices have amended their
approach to internal control evaluation by the adoption of a different type of document, Internal Control
Evaluation Checklists (ICEC).
The ICEC is designed to determine; whether desirable internal controls are present?, using key control
questions to ascertain where specific frauds or errors are possible.
It is normally employed where system's information has already been recorded (usually in the form of
flowcharts).
Key questions are asked in an ICEC, the answers to which prompt further supplementary questions.
Reference is made to a supporting flowchart which is the means of ascertaining the existing systems. This
makes the ICEC document shorter and less complex, but it may require more skill and judgment on the
part of the auditor to interpret the completed form.
Note that virtually all the rules applicable to the construction of an ICQ apply to the construction of an
ICEC.
70
img
Fundamentals of Auditing ­ACC 311
VU
Example of ICEC
INTERNAL CONTROL EVALUATION CHECKLIST
Prepared by: ________
Date: ________
CLIENT: ___________
PERIOD: _____
Reviewed by:________
Date: ________
PURCHASES ­ PAYABLES ­ PAYMENTS
(a) Control objectives.
(b) Business considerations.
(c) The checklist
a) Control Objectives
As per ICQ
b) Business Consideration
As per ICQ
c) The Checklist
1 Purchases
Comments
Reference
1.1 Can goods be purchased without authority?
(a) purchase requisitions and order approvals?
(b) limit of buyers authority to order?
(c) purchasing segregated from receiving,
accounts payable and inventory records?
(d) un issued orders safeguarded against loss?
1.2 Can liabilities be incurred although goods
not received?
(a) receiving segregated from purchasing,
accounts payable and inventory records?
(b) are all goods passed directly to stores?
(c) GRNs or equivalent prepared independently?
(d) adequate comparison with order, claims for
short shipment etc?
(e) invoices, GRNs, direct to accounts payable not
purchasing?
(f) invoices checked to order and GRNs, prices
checked?
(g) check of extensions, additions, discounts?
(h) documents cancelled to prevent re-use?
(i) unmatched documents investigated regularly?
(j) freight checked, bills matched to
consignments?
(k) purchase returns and allowances controlled -
follow-up?
(I) forward purchases controlled?
1.3 Can cut-off errors occur?
(a) time lapse from receipt of goods to invoice processing?
(b) valuation of unmatched GRNs?
(c) adequate control and recording of receipts?
1.4 Can invoices be wrongly allocated?
(a) nominal ledger analysis?
(b) analysis independently checked?
(c) staff purchases controlled?
(d) independent and regular review?
71
img
Fundamentals of Auditing ­ACC 311
VU
1.5 Can liabilities be recorded for goods or services not ordered?
(a) goods received without authority?
2 Payables
2.1 Can liabilities be incurred but not recorded?
(a) payables balances agreed periodically?
(b) suppliers statements independently reconciled?
(c) invoice register?
(d) forward contracts?
(e) order backlog follow up?
(f) debit balances controlled?
3 Payments
3.1 Can payments be made if not properly supported?
(a) discounts taken?
(b) control over invoices before validating complete?
(c) cheque signatories independent of purchasing, receiving, accounts payable and cheque
preparation?
(d) signatories examine support for payment,
check completeness, cancel support?
(e) control over signature plates or pre-signed
cheques?
(f) control where one signature?
(g) frequency with which cheques mailed?
(h) independent regular bank reconciliation, with
cheques directly from bank and review
reconciliation?
(i) cheques crossed account payee only,
continuity accounted for, control over unused
cheques?
(j) bank transfers controlled - standing orders?
(k) issue of bearer or cash' cheques?
(I) advances and loans controlled?
(m) bank transfer payments, traders credits, direct
debits?
3.2 Can payments for non-routine purchases be made if not authorized or properly
supported?
(a) services, expense accounts, taxation payments
in advance, staff purchases and goods on
consignment?
3.3 Can non-current assets be acquired or removed without proper authorization and recording?
(a) approved work orders for non-current assets
and major repairs?
(b) approval of cost over-runs?
(c) reporting of scrapping or disposals?
(d) detailed non-current asset register, regular
physical inspection and review of values?
(e) periodic insurance appraisals, adequate
coverage?
(f) control over loose tools?
Limitations of the effectiveness of Internal Control
It is possible to reduce the volume of transaction testing required in conducting an audit if the internal
controls are sound and are operating effectively, but it is not likely that an auditor will be able to rely on
internal controls entirely. This is because all control systems have inherent limitations such as:
a)
The need to balance the cost of the control with its benefits
72
img
Fundamentals of Auditing ­ACC 311
VU
b)
The fact that internal controls are applied to regular, recurring transactions, not one off year
end adjustments or unusual transactions, which are often large and subject to error.
c)
The potential for human error
d)
The possibility of fraudulent collusion (two or more persons operating together) to `get round'
controls that segregate duties. For example; the supervisor responsible for checking and
authorizing overtime claims could collude with employees, to enable excess overtime payments
to be claimed.
e)
The abuse of authority and override of controls by senior managers or the owners of the
business. Abuse of authority might involve ordering personal goods through the firm. It is very
easy for directors and managers of organizations of any size to instruct staff to bypass normal
procedures such as the requirement for authorization for payments.
f)
The obsolescence of controls which have not changed to reflect changes in the business
activities or organization.
In practice, the training of auditors always involves a warning never to rely on internal controls entirely, no
matter how effective they may appear to be. Hence some verification of transactions is always carried out as
part of the auditor's work.
73
Table of Contents:
  1. AN INTRODUCTION
  2. AUDITORS’ REPORT
  3. Advantages and Disadvantages of Auditing
  4. OBJECTIVE AND GENERAL PRINCIPLES GOVERNING AN AUDIT OF FINANCIAL STATEMENTS
  5. What is Reasonable Assurance
  6. LEGAL CONSIDERATION REGARDING AUDITING
  7. Appointment, Duties, Rights and Liabilities of Auditor
  8. LIABILITIES OF AN AUDITOR
  9. BOOKS OF ACCOUNT & FINANCIAL STATEMENTS
  10. Contents of Balance Sheet
  11. ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT
  12. Business Operations
  13. Risk Assessment Procedures & Sources of Information
  14. Measurement and Review of the Entity’s Financial Performance
  15. Definition & Components of Internal Control
  16. Auditing ASSIGNMENT
  17. Benefits of Internal Control to the entity
  18. Flow Charts and Internal Control Questionnaires
  19. Construction of an ICQ
  20. Audit evidence through Audit Procedures
  21. SUBSTANTIVE PROCEDURES
  22. Concept of Audit Evidence
  23. SUFFICIENT APPROPRIATE AUDIT EVIDENCE AND TESTING THE SALES SYSTEM
  24. Control Procedures over Sales and Debtors
  25. Control Procedures over Purchases and Payables
  26. TESTING THE PURCHASES SYSTEM
  27. TESTING THE PAYROLL SYSTEM
  28. TESTING THE CASH SYSTEM
  29. Controls over Banking of Receipts
  30. Control Procedures over Inventory
  31. TESTING THE NON-CURRENT ASSETS
  32. VERIFICATION APPROACH OF AUDIT
  33. VERIFICATION OF ASSETS
  34. LETTER OF REPRESENTATION VERIFICATION OF LIABILITIES
  35. VERIFICATION OF EQUITY
  36. VERIFICATION OF BANK BALANCES
  37. VERIFICATION OF STOCK-IN-TRADE AND STORE & SPARES
  38. AUDIT SAMPLING
  39. STATISTICAL SAMPLING
  40. CONSIDERING THE WORK OF INTERNAL AUDITING
  41. AUDIT PLANNING
  42. PLANNING AN AUDIT OF FINANCIAL STATEMENTS
  43. Audits of Small Entities
  44. AUDITOR’S REPORT ON A COMPLETE SET OF GENERAL PURPOSE FINANCIALSTATEMENTS
  45. MODIFIED AUDITOR’S REPORT