QUESTION ONE
- You have recently been appointed as the external auditor of XYZ Ltd. Explain the
stages you would in the conduct of your audit. (4 marks)
- In the context of the Companies Act (Cap. 486), outline the procedure for the
removal of an auditor. (6 marks)
- The auditor should obtain sufficient and appropriate audit evidence to be able to draw reasonable conclusions on which to base the audit opinion.
Identify and briefly explain any three procedures for obtaining audit evidence. (6 marks)
Briefly explain the meaning of the following terms in relation to audit reports:
- ―Except for‖ opinion. (2 marks)
- Disclaimer of opinion.(2 marks)
(Total: 20 marks)
QUESTION ONE
Before Appointment
- The auditor should assess whether it has the adequate resources to carry on the audit to completion. This is in terms of staff available and timing of the client.
- The issue of independence should then be looked into i.e. is the firm related in any way with the client.
- The auditor should communicate with the previous auditor of the client to get some background information about the potential client before he can accept nomination.
- The auditor should ensure his appointment follows the proper channels i.e.
Companies Act Cap 486
Letter of Engagement
On accepting nomination the auditor should communicate this to his client via a letter of engagement, outlining the scope of his duties.
The Actual Audit
The auditor should then obtain a list of all the books kept by the client, including the signatures of the officers who were in charge of them, and their signatures.
The auditor should then schedule an appointment with the relevant officer in the company e.g. the director, to discuss matters pertaining to the audit.
The auditor should then examine the accounting system and any weakness should be communicated immediately and corrective action taken.
Should there be a system of internal controls, the auditor should obtain a documentation of this and should set out to assess its strength or weakness.
The auditor should ask the client for a file of all vouchers in order of occurrence of transaction.
The auditor should obtain the Memorandum and Articles of Association, Partnership deeds etc. to assess whether the client‘s activities are in order as per the documents.
The auditor should prepare an audit programme so that he can start his audit work.
Carry out verification of Balance Sheet items.
Review the audit work.
Prepare the audit report.
- An auditor can only be removed by shareholders regardless of the party that appointed him.
- If any shareholder wishes to nominate another person in place of the existing auditor, he should give a special notice of 14 days to the company
- The company would in turn send a notice to the retiring auditor within 14 days of the AGM.
- The retiring auditor would then have to send a written representation to the company. The company would then have to circulate the representation to shareholders provided that it is received in good time before the AGM.
- Nevertheless, if the representation cannot be sent to shareholders, the auditor will have to read them at the AGM.
- However if the representations are defamatory in nature then the company may refuse to send them to shareholders, especially so if the court is satisfied, on application of the company or any aggrieved party that the right representation have been misused or abused by the auditor. The court may order the auditor to pay expenses incurred by the company in this respect.
- The auditor being removed has the right to attend AGM, discuss his removal and also has equal right to speak at the meeting. This is to prevent directors from removing auditor without reason to the shareholders as to the reason behind his
removal.
- If it is the first auditor of the company appointed by the directors to hold office until conclusion of the next AGM, such may be removed before expiry of his term of office, provided a notice of 23 days has been given to him.
Vouching
This is the process by which the auditor examines vouchers to see:-o Whether these are for the business.
- Whether they have been authorized o Whether they are for the current financial period.
- Whether they are properly recorded
This means that the auditor will try to substantiate the validity of information contained in vouchers representing the transactions.
Verification of assets and liabilities
This is done by scrutinizing the entries indicated in the balance sheet for:- o Disclosure. o Ownership. o Value of assets. o Existence.
Observation
This method is used to gather evidence concerning the company‘s procedures, operations, use and handling of assets. This is used in situations such as:-
- Mail opening
- Wages payment
- Counting of cash especially petty cash and cash in hand
- Stock taking
Enquiries and Third party confirmation
This is obtained either orally or in writing to parties who have had some dealings with the company to gather information about the accuracy of the company‘s own records e.g. from debtors, creditors, bankers and trustees e.t.c.
Re -Checking and Re-Computation
The auditor will have to re-check and re-compute the arithmetic accuracy of transactions e.g. in the Trial Balance, depreciation, taxation, goodwill and reconciliations, all of which must be recomputed before they are passed.
( i)
|
“Except for Opinion”
The opinion is qualified by stating that the financial statements give a true and fair view except for the effects of any adjustments that might have been found necessary had the limitation not affected the evidence available to the auditors. |
( ii)
|
Disclaimer of Opinion
Occurs when the auditors conclude that they have not been able to obtain sufficient evidence to support, and accordingly are unable to express an opinion on the financial statements. |
QUESTION TWO
―The auditor must not only be independent, but must be seen to be independent.‖
Briefly comment on this statement. (4 marks) (
Suggest how the independence of an auditor may be strengthened (4 marks)
Explain the challenges that auditors face in the process of being independent.
(4 marks) Outline the ways in which an auditor may be held criminally liable in the course of his audit duties.(6 marks)
( Briefly explain what is meant by ―the auditor‘s duty of due professional care.‖
(2 marks)
(Total: 20 marks)
QUESTION TWO
The auditors are supposed to give an objective opinion regarding the financial statements at the end of their audit exercise. The auditor should be fair and should not allow prejudice or bias, conflict of interest or influence of others to override objectivity. Independence of an auditor can be defined in the next paragraphs.
Independence of mind which is the state of mind that permits the provision of an opinion without being affected by influences that compromise professional judgement allowing an individual to act with integrity and exercise objectivity and professional of scepticism.
Independence in appearance which is knowledge of all relevant information, including any safeguards applied to enable the auditors to give objective opinion.
- The auditor or any one closely connected with the firm should avoid accepting gifts in kind from the client or an officer of the client company, unless the value of the benefit is modest.
- Similarly, to strengthen independence, an audit practice or any one closely connected with it should not make loans to its client nor receive loans from clients.
- The auditor should be allocated free working space clear of management offices and
only interacting with staff when necessary.
- The auditor should avoid unnecessary encounters with management outside office hours, unless the meeting is of an official nature, for as long as the auditor is the auditor of the client.
- In the event of the auditor having a relation in the client company, the auditor‘s independence may be jeopardized due to potential influence from the relative.
- The director(s) may insist in being overly friendly. This may put the auditor in a difficult position since he may not be in a position to handle his independence
- The auditor could be having some business relationship with the client whose
accounts are being audited. His independence here is likely to be compromised.
- In the provision of other services to the client e.g. accounting services, the auditor may be faced with the challenge of not knowing how far to go, without putting his
independence at a risk.
- Threatened litigation. Should there be a pending court case lodged by the client, for instance against the auditor, the auditor will be at a disadvantaged position as far as his independence is concerned.
- If he destroys any document, vouchers books e.t.c with a view to deceive any
person
- If he makes a false statement either in the Balance sheet, or any document. Vouchers or document with the view of deceiving another party.
- Where the auditor colludes with management to embezzle the client company money.
The auditor once hired by the shareholders has the obligation of carrying out his duties as per the contract signed and this involves protecting the interests of the owners of the company. He is to carry out his duties with the competence and independence required by his profession.
The auditor enters into a contract with the owners of the client company. This means that he is answerable to them for any matter connected with the audit of the client‘s accounts. He therefore owes the owners of the business(shareholders) a duty of care since he is expected to perform his duty with diligence.
QUESTION THREE
The information acquired by the auditor from his client in the course of his professional work should not be disclosed to any third party except where consent has been obtained from the client.
Required:
Explain five circumstances under which an auditor can disclose such information to an appropriate authority without client‘s permission (5 marks) (b) (i) Explain the meaning of the term ―audit committee‖(2 marks)
List and briefly explain the main functions of an audit committee. (8 marks)
Explain the purpose and principal contents of a letter of engagement (5 marks)
(Total: 20 marks)
QUESTION THREE
- Where the auditor discovers that the client business is involved in criminal activities that may be harmful to society, e.g. terrorist activities.
- In the event that the client company has not filed tax returns for a considerable period of time and management is not taking any steps to meet the requirement
despite the auditor‘s recommendations.
- In a legal suit filed against the auditor by the shareholders, the auditor has the right, in his defense, to give information about the company to his lawyer, in order to save his case.
- If the auditor feels as if his life is in danger from third party attached to the client company, as a result of his audit work which may end up exposing the third party, he should report the matter to the police, giving detail about his relationship with the client.
- The auditor has the duty to report the client to the local authority, if it is involved in dumping toxic wastes that may endanger the public. This is a step he will take if
management is not responsive to his recommendation with respect to the same.
(b)(i)
An audit committee is a panel of independent personnel in the client company that act as
‗watchdogs‘ over the company‘s auditing functions. They monitor the functions of the internal and external auditors and how management is implementing auditor‘s recommendations.
- Evaluate the competence and independence of the external auditor, especially of the partner who is leading the team. This is important for instance when the auditor involves himself in assisting the client in preparing accounts.
- Probe to find out the nature and extent of issues management and auditors give considerable attention to. The committee should especially wary of the areas of conflict between management and the auditor.
- Address issues to do with hiring and firing of staff. In the event of management hiring former employees of the company‘s audit firm into key positions, the audit committee should look into the matter.
- Keep management on their toes when it comes to implementing the recommendations of both the internal and external auditors.
- Ask and receive frank assessment of the competence of the financial management team.
- Question and enter into discussion with management on key financial policies and
the need, if any to alter or review the existing ones.
- The audit committee should be the champions of corporate codes of conduct.
A letter of engagement is a formal document issued by the auditor to the directors of a client company outlining the auditor‘s scope and nature of work that he is to undertake. The letter is meant to minimize misunderstanding between auditor and client. The letter of engagement also acts to educate the directors of the auditor‘s duties.
Contents
- The board‘s responsibility to prepare proper accounting records and financial statements which show a true and fair view and also comply with the Act .
- The auditor‘s responsibility to report on the financial statements and on the
consistency of view of the directors‘ report.
- The scope of the auditors work.
- Matters relating to sending letters of weakness to management with respect to the
systems of internal control.
- The need for a letter of representation from management.
- With respect to irregularities and frauds, the letter will include; The auditor‘s primary responsibility.
- The auditor‘s planning of his audit to have a reasonable expectation of discovering material misstatements in the accounts.
- Non-reliance on the auditor to uncover irregularities and frauds.
Revision Questions and Answers
QUESTION FOUR
- Identify and explain the functions of the internal audit department in an
organization. (4 marks)
- Outline and briefly explain the procedures that the internal auditor can conduct on behalf of the external auditor. (6 marks)
- State the factors that the external auditor should consider before placing reliance on the work of the internal auditor. (5 marks)
- Briefly explain the methods which an auditor might use to ascertain a client‘s
internal control system. (5 marks)
(Total: 20 marks)
QUESTION FOUR
- The main function of an internal audit function is to find out whether the internal control system is working successfully or not.
- The internal audit function usually carries out consistent and regular reviews of the strength and weaknesses of the internal control system and this will act as a deterrent against perpetrators of frauds.
- This unit also advices management to put up appropriate controls to remove existing weaknesses in the internal control system and how to improve on the
strengths.
- By reviewing the company‘s actual performance against the budget on a continuous basis, and the follow up of any significant variances, the audit function will highlight the possibilities of errors or frauds in the business, if these variances are unaccounted for.
- The internal audit function ensures that proper books of account are maintained.
- This unit will also be involved in setting up procedures for new areas of operations
and thus help in sealing off any loopholes which can be used to perpetrate frauds.
- The unit will also follow up the recommendations raised by the external auditor hence keep management on toes about implementing them.
- The internal auditor can pinpoint to the external auditor the weak points in the systems of internal controls, thus enabling him to focus his attention only on critical areas rather than on the whole system hence save on time.
- The internal auditor can prepare internal audit working papers, review the accounting system, programs etc. on behalf of the external auditor hence when the
latter comes, he need not write notes afresh.
- The internal; auditor can undertake the physical verification and inspection of fixed assets on behalf of the external auditor who will only come to crosscheck existing assets against recorded values.
- The internal auditor may be used to perform the following on behalf of the external
auditor;
- Stock taking exercise
- Cash counts
- Branch visits
- Follow-up confirmation of debtors, creditors, bank balances e.t.c.
- The internal auditor‟s qualifications. He should be a qualified end experiencedaccountant with experience in an auditing environment.
- Past experience. If the external auditor has had some prior relationship with theinternal auditor, he is in a good position to assess the degree of reliance on the latter‘s work.
- Internal auditor‟s independence. The external auditor should first ascertainwhether the internal auditor did his work independent of management or perhaps his duties were compromised by pressure from management.
- Conflict of interest. If the internal auditor has some stake in the company‘s shares,then he may not be in a position to provide the external auditor with reliable, unbiased information.
- Duration of service. The external auditor should ascertain the duration the internalauditor has worked for the client company. If he has worked for long, he will be in a better position to provide relevant and reliable information to the external auditor.
Internal Control Questionnaire (ICQ)
This is a set of questions the auditor poses to his clients and require short answers
e.g. ‗YES‘ or ‗NO‘. A ‗YES‘ answer indicates a strong internal control system and a ‗NO‘ answer indicates a weakness.
Flow Charts
These are diagrammatic representations of accounting function and procedures. The flowcharts reflect the movement of goods and documents from one department to another or movement of documents within one department.
System Notes
The purpose of the system notes is to describe and explain the system, while making any comments or criticism which will help demonstrate an intelligent understanding of the system.
Third Party Confirmation
These are confirmations from third parties e.g. debtors, creditors, bankers e.t.c. Any differences between these parties‘ replies and the company‘s own records may be a sign of weakness in internal controls.
Compliance Tests
These are tests carried out in the existing internal controls to see whether they comply with the design. Non-compliance indicates a weak internal control.
Substantive Tests
These are tests on the transactions to see whether they are correct. The tests can also be carried on the balances to see whether they are genuine e.g. for bank balances, request a bank to confirm the balance. Any difference with the company‘s cash book will indicate a weakness in internal controls.
QUESTION FIVE
The auditor should prepare working papers which are sufficiently complete and detailed to provide an overall understanding of the audit.
Required:
State four benefits that an auditor would obtain from working papers that satisfy the
above requirement. (4 marks)
List five items of information you would expect to be contained in a permanent audit file and explain why each of these items of information should be
readily available. (10 marks)
- In the audit or purchases, list four examples of the type of information that would be contained in the detailed audit working papers. (4 marks)
- Give any two reasons why a director should examine the directors‘ minute book.
(2 marks)
(Total: 20 marks)
QUESTION FIVE
- They are used as a basis for planning current year‘s audit
- Through review of the working papers, the auditor can be able to control the current year‘s audit through a review.
- Working papers collected in investigating one part of the company‘s audit can be used for verification of another part.
- The audit working papers can be used as evidence of work done, in particular if the auditor has been sued for negligence.
- They can also be used as an accountability tool when each audit clerk has to give evidence of work done when questioned.
- Audit working papers are also used to assist in investigating the company‘s financial affairs.
- Statutory material governing the conduct, accounts and audit of theenterprise. These documents should be availed so that the nature of the business can be ascertained e.g. for a company, the Companies Act should be in the permanent file, for a partnership, a partnership deed would be necessary.
- Rules and regulations of the enterprise. This means Memorandum ofAssociation for a company or a partnership agreement for a partnership. These documents are necessary at any one time to settle any disputes should they arise.
- An organizational Chart. This shows the various departments and their heads.This information is important to ensure accountability in decision making.
- Lists of books and other records and where they are kept, names, positions,specimen signatures and initials of persons responsible for books and documents. This ensures certain people will be responsible in the event of their loss or destruction.
- List of accounting matters of importance g. accounting policies used formaterial areas such as stock, work-in-progress, depreciation e.t.c. This ensures consistency.
- An outline history of the organization. Special mention should be made ofthe history of the reserves, provisions, share capital and acquisition of subsidiaries. This verifies that the firm‘s finances are well managed within the proper legal framework.
- For cash purchases the auditor will need to include information such as copies of cash memos, bills etc. as supporting evidence of transaction carried out.
- For credit purchases the auditor will need copies of the day book, credit notes, and
invoices for comparison with information collected from other sources.
- A copy of the purchases register for comparison with the above mentioned.
- Statements of confirmation from suppliers who will actually verify that they are being owed money for sales made to the company.
- To get an accurate figure for purchases the auditor would need a copy of the purchases returns day book, to verify the deductions from gross purchases.
- To ensure that shares and debentures were issued at the quoted prices and uniformly to all qualified allotees.
- Should there be forfeiture of shares at any one time, it should be clearly stated that defaulters were given adequate warning concerning monies owed.
- For contracts signed for capital projects, the auditor needs to ensure that ALL signatories actually appended their signatures to the contract.
- Verify that title deeds for land owned actually exists and clearly indicates the company as the legal owners of the assets as stated in the Balance sheet.
QUESTION SIX
Cash in hand and cash at bank are commonly referred to as liquid assets. Because of this liquidity, these assets represent the most vulnerable of all the assets of an
entity. You have recently been employed by Korir and Associates (Certified Public – Accountants) as an audit assistant. During your first audit assignment at Viwanda Ltd you have been allocated the audit of cash in hand and cash at bank.
Required
- State and explain any the audit procedures you would undertake in order to determine whether or not there has been any misappropriation of cash.
(6 marks)
- Explain any five controls over cash you would expect to be instituted by a business entity in order to minimize cases of embezzlement of cash,
(5 marks)
List the procedures you would follow to verify the following items:
- Petty cash balance. (3 marks)
- Revaluation reserve. (3 marks)
- (3 marks)
(Total: 20 marks)
QUESTION SIX
Cash sales
The following are the audit procedures that I would undertake in order to determine whether or not there has been any misappropriation of cash:-
- Obtain analyses of cash balances and reconcile them to the general ledger: The auditors will prepare or obtain a schedule that list all of the client‘s cash accounts. For cash in bank accounts this schedule will typically list the bank, the account number, account type and the year-end balance per books. The
auditors will trace and reconcile all accounts to the general ledger as necessary.
- Confirmation letters: send standard confirmation forms to financial institutions to verify amounts on deposit.
- Bank reconciliations: obtain or prepare reconciliation of bank accounts as of the balance sheet date and consider need to reconcile bank activity for additional montus. Also obtain a cut off bank statement containing transactions of at least seven days subsequent to balance sheet date.
- Cash count: the auditor should count and list cash on hand. Cash on hand consists of undeposited cash receipts, petty cash funds and change funds. Auditors should make a surprise count of these funds.
- Analyze bank transfers for the last week of audit year and first week of
following year to discover whether there is kiting.
- Investigation: investigate any checks representing large or unusual payments to related parties.
- Evaluation: evaluate proper financial statement presentation and disclosure of cash.
Credit Sales
- For amounts collected from debtors, the auditor should verify the counterfoil or the carbon copy of the receipts issued to customers.
- For large firms where transactions are voluminous, the receipts issued should be traced into the serially numbered cash book to check the correctness or otherwise of the entry.
- The auditor should the amount is entered on the same day of the receipt i.e. the dates of the receipt should correspond to the date on which the receipts are recorded in the cash book.
- For discounts allowed to customers, the auditor should ensure that the company policies regarding the same are followed and further authorized by the responsible officer.
- The cashiers who operate cash tills must be properly trained and sincere to
- The activities of the operators should be checked and controlled by supervisor on
- The cashiers should not be involved in preparation of ledger accounts. This practice reduces opportunities of committing ‗teeming and lading‘.
- The cashiers should work in shifts then the supervisor on duty should remove the till roles to which the cashiers do not have any access. A new till roll should be inserted for the new operator at the start of a new shift.
- All cheques for payment should be signed by ALL the signatories before issue to
creditors.
- The individual responsible for banking daily collections should be a person working in a department other than the cashiers. This reduces chances of collusion with
creditors.
- At the end of every day, the cashier should be made to sign against the amount of cash she/he has handled- monies collected, banked and carried forward.
Petty cash balance
- The auditor should verify that the petty cash float is not allowed to contain expenses
supported by IOUs unless these have been authorized by a responsible official.
- Verify the use of petty cash control account in the general ledger.
- Verify that petty cash vouchers for which payment has been made bear the ‗paid‘
stamp.
- For substantial petty cash transactions, the auditor should check whether there are supporting documents attached.
Revaluation Reserve
- Whether the revaluation was carried out on assets that have actually in existence for
a considerable period of time.
- In the case of land, the new value of land leading to the revaluation must have been certified by experts in the field i.e. land valuers and certificate of valuation availed to
the auditor.
- The auditor should probe to find out more information where exorbitant amounts
of money have been transferred to the reserve account.
- The auditor should check to find out the frequency of revaluation; revaluations carried out after every other year should be probed into.
Copyrights
- The existence of Copyrights should be verified by examining the actual copyright and it should be seen that the same has been duly registered.
- If the copyright has been purchased, the assignment should also be seen together with a receipt for the purchase consideration.
- The copyright register should be inspected to see that the copyright has been included therein.
- It should be verified that the copyright is carried in the books at cost less depreciation. The registration cost should form part of the cost while periodic renewal fee paid should be charged in the profit and loss account.
- Incase of joined registration of a copyright, registered assignment by the other party should be examined. The copyright may otherwise be subjected to litigation about its title.
QUESTION SEVEN
In the context of ISA 240 (The Auditor‘s Responsibility to Consider Fraud and Error in, anAudit of Financial Statements):
Questions – Past Papers
(a) | Define: – | |
(i) Fraud | (3 marks) | |
(ii) Error | (3 marks) |
- Outline the respective responsibilities of an entity‘s management and the external auditor with respect to the prevention and detection of fraud and error. (8 marks)
- Outline the procedures an external auditor should follow if he suspects that fraud;
or error have been perpetrated. (6 marks)
(Total: 20 marks)
QUESTION SEVEN
- Fraud
This term is used to refer to irregularities involving the use of criminal deception to obtain unjust or illegal advantage. For instance misappropriation of stock by the store-keeper, followed by altering of records.
- Error
This refers to an oversight by a staff in the recording of a transaction, for instance an accountant, whereby an incorrect value for money is entered in the books unintentionally. In this case the intention of obtaining illegal advantage may not be the cause of such an oversight.
- The primary responsibility for prevention and detection of errors and irregularities rests with management
- This responsibility arises out of a contractual duty of care by directors and managers and also because directors and other managers act as stewards with regard to
property entrusted to them by the shareholders.
- This duty may be discharged by them by instituting and maintaining a strong system of internal controls.
- The auditor is not required to assist the directors in the task the draft guideline does suggest that an auditor should remind the directors of their responsibility through an engagement letter or other means, and the need to have a system of internal controls as a deterrent to errors and irregularities.
- In regard to errors and irregularities, the auditor should have sufficient, relevant and reliable audit evidence to support his opinion or to conclude that no material errors and irregularities have occurred or if they have occurred, then they have either been corrected or properly disclosed in the financial statements.
- Consider materiality. If the matter could not be material in the context of the accounts then take no further action, but if material, appropriate action must be taken. Again if he matter is material, perform appropriate additional tests.
- If it appears that irregularities have occurred and may be material, then consider the effects on the financial statements and ensure that these have been prepared with such adjustments and amendments as may be required.
- If further investigation is required and the accounts cannot be delayed, then the auditor‘s report may have to be qualified for uncertainty.
- In the event where errors or irregularities have occurred, ensure that top management is aware of such events.
Any weakness in the system of accounting and internal control which may give or have given rise to error or irregularity should be fully discussed with and reported to top management
QUESTION EIGHT
Your are currently engaged in planning the audit of the payroll system of Ujenzi Ltd a manufacturing company, for the year ending 30 June 2005, Ujenzi Ltd‘s payroll system is fully computerized.
Required:
- Explain four ways in, which the use of a computerized payroll system by Ujenzi Ltd, would affect your work as the auditor. (8 marks)
- Explain three controls which should be instituted by Ujenzi Ltd to ensure that only authorized persons are allowed access to information on personal files and to input updates for the calculation of wages. (6 marks)
- Outline how audit tests could be performed ―around the computer‖ in relation to
Ujenzi Ltd‘s payroll (4 marks)
- List any two fraudulent activities likely to be perpetrated in relation to Ujenzi Ltd‘s
payroll (2 marks)
(Total: 20 marks)
QUESTION EIGHT
- The auditor will have to gain an understanding of the programs to be tested otherwise he will not do a good job. This will call for some kind of training, which in consequence will affect the audit plan.
- The auditor will have to seek other means of following up transactions from initiation to final recording, since use of audit trail may not be practical.
- When evaluating the system of control, the auditor should avoid becoming too immersed in detail. He must obtain an overall view of the system, including the user-accounting staff and the computer department who maintain the payroll system. These are primary controls which cover completeness i.e. all input data is processed and accuracy.
- Having identified the primary controls, the auditor will know at which point the system controls is being established. In most cases, most of the work will be of clerical nature and that done by the computer is of secondary importance. In this case, it will be unnecessary to examine the program and system development controls in details and administrative controls will only become important if clerical controls are exercised in the computer department
- When the system of control is largely dependent on program control, it becomes necessary to review those in details and in addition to examine the system development and administrative controls so as to ensure that the program control have been designed and implemented correctly.
- Use of test packs: This consists of test data which will be processed in the same way as actual data. By using them in the payroll system, the program being tested will process normal data correctly and react correctly to deliberately invalid data.
- Issuing of passwords to the staff that process personal files will prevent other
parties not concerned with the process from gaining access to the files.
- These passwords should be changed frequently since it is possible for others to crack the existing ones with time.
- Any update on the wage system e.g. to incorporate overtime rate should be authorized by a higher authority.
- Constant review of the personal files should be carried out to verify that only authorized alterations have been effected. This could be checked against the master file.
- Checking authorization: Here, the auditor is only interested in verifying whether a certain entry was authorized or not, for instance whether a given pay increment was
authorized before being effected in the payroll.
- Checking output totals for reasonableness. Here, the auditor may compare the total salaries to staff between two or more periods.
- Checking the output against source documents and clerical control totals.
- Verifying consistency in the system of coding, for the various departments in the organization.
- Existence of ghost workers. In this case, there could be workers who‘ve passed away but their names still appear on the payroll. Some party somewhere could be
benefiting from the remissions without knowledge of the company.
- The absence of an audit trail may be a loophole for the accountants to embezzle some money and alter the programs to disguise the fraud.