Upload
donhi
View
228
Download
0
Embed Size (px)
Citation preview
AGENDA
Introduction to internal controls
What happens when internal control is weak
Payroll Control and Objectives
You wake up one morning with the flu. Would
you
1 2 3 4
8% 8%
75%
8%
1.Stay at home and rest.
2.Stay at home and work.
3.Go to work but avoid
socializing with people.
4.Go to work but socialize only
with the people you don’t like
What is a Internal control?
a) b) c) d)
0% 0%8%
92%
a) What auditor are only
concerned with
b) A procedure designed to
help the organization
accomplish specific goals or
objectives
c) The activity we perform just
before the auditors arrive
d) Don’t know, Don’t Care
Internal control is a process designed to provide reasonable assurance regarding the achievement of which objective?
1 2 3 4
8%
50%
25%
17%
a. Effectiveness and efficiency
of operations
b. Reliability of financial
reporting
c. Compliance with applicable
laws and regulations
d. All of the above
Why are Internal Controls Important ?
• Internal controls are designed to provide reasonable assurance regarding the achievement of objectives
• Provides management with confidence that the entity is operating according to standards which are monitored-someone is watching
• Indicates to staff that what they are doing is important and that QUALITY is important
• Sends a signal that certain behaviors will not be tolerated.
Types of Controls
Preventive Controls
– Forestall errors and thereby avoid the cost of correction
– Discourage fraud
Detective Controls
– Measure the effectiveness of preventive controls
– Uncover errors and misappropriations
– Provide the means to establish accountability
Why have internal controls?
• Promote operational efficiency and effectiveness
• Provide reliable financial information
• Safeguard assets and records
• Encourage adherence to prescribed policies
• Comply with regulatory agencies
Internal Control Objectives
• Recorded transactions are valid
• Transactions are property authorized
• Existing transactions are recorded
• Transactions are properly valued
What happens when internal control is weak?
• Poor or missing internal controls enables:– Fraud and error to occur– Poor or No segregation of duties– Unrestricted access to assets or sensitive data – Not recording transactions resulting in lack of
accountability– Unauthorized transactions
What are example of Compensating or
Mitigating Controls?
• Compensating or mitigating controls:
– Proper segregation of duties is important at all times. No one employee would have more than two of the key duty types. If duties can’t be properly segregated, then compensating or mitigating controls must be implemented
– Policies and procedures
– The process of reviewing and approving transactions
– Reconciliations
– Verifications
– Staff Training
Payroll
• Payroll disbursements represent the single largest
expense category to the Group
• Payroll Risks
– Non-compliance with Government regulations.
– Non-compliance with company policies.
– Penalties/fines.
– Fraud/theft.
– Overpayments/unallowable costs
– Information security
– Personal/employer tax liabilities
– Civil liability/lawsuits
You’re having breakfast in a crowded restaurant and
overhear two colleagues discussing confidential
information about a client. They mention the client by
name. Would you
1 2 3 4
18%
0%
36%
45%1.Mind your own business.
2.Talk with your colleagues about the
matter and leave it at that.
3.Report your colleagues to a
supervisor.
4.Secretly record them with your cell
phone video camera and post the
clip on YouTube
Control Objectives
1. Only employees of the organisation are paid, for all and only the work performed, for the organisation (Appointments, Terminations, Timekeeping, Payroll costs).
2. Payroll data is timeous, valid, accurate and complete – input from business units and processing of data (Appointments, Master file, Payroll Costs, Increases, Payments, Terminations, Timekeeping)
3. All deductions are timeous, valid, accurate and complete and are processed in accordance with legislation and company policy (Deductions – Bargaining Council, Funeral Policy, Garnishees/Admin Orders, Company benefit policies , Medical Aid, UIF, SDL, Income Tax).
4. The security and confidentiality of payroll data and payments is maintained in accordance with company policy (Payments to employees and third parties – Electronic and manual data).
5. All leave taken by the employee is appropriately authorised, accurate, and timeously captured on SAP.
6. Maternity leave and benefits are appropriately authorised, accurate, and timeously captured on SAP.
7. Valid and correct amounts are paid to employees belonging to Bargaining Councils and unpaid leave is correctly processed and accounted for.