- The sales principal documentation, processes, and records that should be put in place.
In order to achieve maximum benefits the process should be clearly outlined to follow a certain predetermined and generally accepted code. Winford services Plc will adopt a real time system for the entire swimming pool activities from the single visit tickets, seasonal tickets and the vending machines. Real time accounting systems will process and record individual transactions immediately as they occur and therefore there exists no time lags between the transaction occurrence and recording.
The real time ticketing procedure will be initiated in a manual step, whereby the visitors upon arrival find a strategically positioned clerk(s) who will record the details of the visitors such as age, names, origin, and the type of ticket preferred by the visitor. The details obtained by the clerk will then be fed into the computer system which is directly linked to the ticket issuing machine. To prevent any cases of impersonation at the ticket issuing machine, there will be a finger scanner at the clerk’s desk to record the finger of the visitor.
The automated vending machines around the pool will be programmed to utilize cash payments and other payment means such as VISA and master cards to pay for the drinks and snacks. If the visitor selects the cash option, he/ she will be prompted to insert the cash into a slot and then select the item intended to purchase. The machine will then dispatch the item as long as it is in stock. Those who opt to make payments using the cash cards will still swipe the cash cards and get their preferred items.
The sales system will also incorporate a master file back up to prevent against loss of client information as well as sales achieved data. This is a standard procedure in transaction processing systems to maintain master file integrity in the event of, an update error corrupting the files being updated, undetected errors cause a file corruption or in the event of a disaster that destroys the current master files.
B.Principal risks of error, fraud or theft, associated with the new sales system and features of an effective internal control system to address the risks.
Fraud is the intentional/ deliberate act or omission designed to deceive others and results in a loss for the victim whereas the perpetrator derives a certain benefit/ gain from the fraud. Just like any other system dealing with the receipt of cash, the sales system for Winford is a potential victim of the fraudster encounters from the operators as well as system designers.
The risk of theft is both an internal as well as an external issue. The external aspect of theft as a risk to the sales system can be addressed by deploying tight and armed security personnel in the pool to guarantee security.
An error is an unintentional and unforeseen mistake which occurs in the process of discharging a certain obligation without the motive of such on the part of the perpetrator. The risk of error is imminent in all human designed and operated systems. The sales system which operates on the command of instructions fed by a human being will duplicate the same errors as contained in the command issued. Computer systems do not eliminate the risk of errors in the systems operation.
-An effective internal control system to address the risks of error, fraud or theft.
All internal control systems are continuous methods and measures designed and applied in any business with the aims of safeguarding the assets of the organization from employee theft, robbery and unauthorized use as well as enhancing the accuracy and reliability of its accounting records by reducing the risks of errors, irregularities/ fraud in the process of accounting. The relevant internal controls that can serve to prevent the occurrence of the above risks include the following:
-Establishment of a sound control environment with such features as whistleblowing, and mechanisms to investigate fraud allegations and suspicions.
-Regular fraud and error risk assessment: this will reduce the chances of such risks persisting without detection.
-Anti-fraud control activities: The existing controls should be modified to entail preventive and detective mechanisms for fraud.
-Information and communication: The employees of the organization should be taken through intensive training on fraud detection and prevention.
-Establishment of responsibility: This involves the segregation of specific responsibilities to specific people in the organization. The control of responsibility over the individuals is easier when a particular person is known to be responsible for a particular task. For example in the sales system for Winford, a particular clerk(s) should be assigned the duty of picking the details of the visitors, another clerk picks the cash and another one issues an automated card. The ushers at the gate should also operate independently from the clerks. There should be a clear authorization and approval of tickets and entry.
-Electronic and physical controls: These will serve to safeguard the assets of the organization as well as increasing the accuracy and reliability of the sales records. They could include reinforced doors at all cash catchment sections, armed security personnel, alarms to detect any break in, finger scanners, as well as garment sensors to prevent theft. The vending machine should also be fitted with a reinforced metal safe to prevent any attempted theft.
-Independent internal verification: This is an internal review, comparison and reconciliation of the data made by all employees. It should be carried out impromptu to avoid any instances of collusion to conceal any inconsistency of the records. The independent verification will for instance compare the amount of cash collected and remitted by the clerks to the actual amount recorded by the automated system.
-Impromptu relocation of employees: The employees and especially the clerks and the ushers should be relocated randomly without notice to avoid any opportunity for colluding to perpetrate any inconsistent activity such as fraud.
-The work of winford’s external auditors in respect of internal controls of the new sales system.
The external auditor will be on a mission to establish and give his opinion on whether the new sales system adopted and used by the organization gives the true and fair view of the actual sales achieved. The auditor will first examine the reliability of the internal controls of the organization to ascertain the extent of reliability to be dedicated upon them. The external auditor will evaluate the internal controls to ascertain whether they give a reasonable assurance so as to decide upon the appropriate substantive procedures to use in the audit exercise. The external auditor will evaluate such issues as:
-Obtaining an understanding of the internal control function.
The external auditor will evaluate the internal controls to establish their weaknesses and strengths. The auditor will use this knowledge to predict the extent of accuracy and reliability of the sales records maintained by the organization. . The external auditor will seek all the relevant information to develop a clear understanding of the internal controls. Such information can be obtained from the top management and the other staff members in the organization.
-The control environment.
The control environment is defined by such factors as integrity, ethics and competence of the people in the organization’s internal control. The auditor will investigate to ascertain whether the internal controls are being enacted and enforced by qualified personnel. The internal control department for this matter should be qualified auditors.
-Independence of the internal control function.
The external auditor will investigate to ascertain the extent of independence of the internal function. He will seek to ascertain whether the function is by any ways influenced of affected by any party including the top management. Ideally, the internal control should be an independent organ if the external auditor is to rely on extensive information from the internal control system. This endeavor will confirm whether there is any compromise on the part of the entire sales system. An independent control function should be acting free of undue influence from the management or any other party.
-Evaluation of the control activities: the auditor will evaluate the control activities put in place to steer the sales control function. Such activities include authorizations, Verifications, reviews and reconciliations. The auditor will investigate to ascertain that such activities are carried out without undue influence of the management or any other interested party as well as the reliability of the same activities in the overall audit process.an example, controls over who verifies the discounting rates, who reviews the same and who effects them.
-Risk controls evaluation
The auditor is mandated by the law to evaluate all the relevant and existing internal controls meant to address the risks of fraud and error in the entire sales process. This is due to the material potential of causing inaccurate and unreliable records. This will involve an in depth evaluation of the internal controls to confirm the extent to which they address the risks of material misstatement due to fraudulent activities
-System testing, and documentation of the control.
The auditor will also conduct an in depth evaluation of the system controls installed to ensure that the system is for example accessed by the authorized personnel, as well as looking in to the validity and consistency of the documentation of the activities involved in the ticket sales and the vending. The external auditor will utilize computer aided audit programs to test the reliability of the system controls installed within the system. The auditor will carry out all the above activities to ascertain the reliability and certainty of the internal controls for the swimming pool sales system.
-substantive testing of the sales
Substantive procedures are activities or procedures carried out by the auditor to detect any element of material misstatement or fraud especially at the assertion level. The auditor will carry out several substantive procedures to confirm the major assertions in auditing: Occurrence, completeness, accuracy, cut-off and classification of all transactions recorded.
Occurrence of the sales transactions can be ascertained by a thorough evaluation of the system to verify that the recorded number of visitors who accessed the pool were the actual entrants. This can be verified by comparing the list from the clerks with the system record at the entrance as well as the finger scanner record. The matching of these records would imply that the occurrence of the recorded transactions is true.
Completeness of the sales records in the system will be ascertained by obtaining a sample of transactions, say several single visit transactions and several season transactions, and follow their trail from reception to completion to test for any inconsistency or irregularity.
The accuracy of the sales records given can be ascertained by reviewing the information in the system to verify issues such as the right discounts for the right visitors and also confirm whether the sales figures issued from the clerks are actually in agreement with those retrieved from the system and the actual figure obtained.
Cut-off procedures in this new sales system will be basically to ascertain whether the sales records are actually recorded in the right period. A sample of transactions will be picked and cross checked in the final sales report to confirm that all transactions are posted in their right period.
Classification of the sales figures will be done to confirm that the actual discounts have been effected are the right discounts which should be allowed.
James. A. H, Accounting Information systems, Cengange Learning, 2010, USA.
Leonard. W. V, Fraud Risk assessment: building a fraud audit program, Wiley & Sons Inc, 2012, Canada.
Tomie.W .S, & Singleton. A.J, Fraud Risk Assessment, Wiley & sons Inc, 2011, Canada.
Spencer. P. K. H, Audit Planning: A risk based approach, Wiley & Sons, 2006, Canada.
Ephrim. B, Planning for the internal audit function, institute of internal auditors research foundation, 1983, Canada.
Phil. G, Risk based auditing, Gower Publishing, 2005, England
David. C, Internal Audit: Efficiency through automation, Wiley & sons Inc, 2009, canada