Internal Control And System Design

pages Pages: 4word Words: 890

Question :

College: Central College

Code: FNS50215

Task 1:

Internal Management report.

ABC Company is a medium size retail store operating in western suburb in NSW. Last three years Company’s profits have been declining and the shareholders were worried about this. Last general meeting shareholders requested to change the CEO. New CEO has been appointed and internal audit has been p e r f o r m e d . As a qualified accounting professional you are asked to prepare an internal management report to address weaknesses of the operation and recommend the changes to be made to them to ensure the organization remains compliant with statutory requirements.

Procedure: This is a medium size retail business. Using the internal audit report provided you need to complete the following steps:

1. Develop a report to :

- Address weaknesses of the operation.

- Identify all noncompliance issues and

- Change to be implemented to address the non-compliance

- Expected duration or time requirement to address identified areas


A small state agency has four employees: an executive director, a deputy director, a fiscal analyst (FA), and an administrative assistant (AA). All employees have been with the agency since it was formed about two years ago.

The agency has been using purchase cards for about a year. The FA and AA each have a purchase card that they ordered themselves. They also each set their own spending limits on their cards. They each order goods and services. They are careful to follow the state purchasing rules, and use state contracts whenever possible. The FA and AA each verify that their own goods and services were received, and sign the packing slip or invoice. The FA authorizes payment on both purchase cards.

The executive director does not have a purchase card in his name. However, the AA has written the account number for her purchase card in his planner so that he can occasionally order goods and services. He usually does not keep the credit card receipts for his purchases, but he does tell the AA what he purchased and instructs her on what expenditure coding to use. The AA then forwards the bill to the FA for payment. The AA purchases most of the goods and services for the agency with her purchase card. She always keeps her purchase card with her in her purse. She also keeps receipts for all  purchases that she has m a d e  in a folder in her desk drawer, verifies that the goods and services were received, and reconciles all receipts to her purchase card statement before sending to the FA for payment. The FA has known the AA since high school. Since he has known her for so long, he trusts her and takes h e r word that she has reconciled all receipts to her statement. He always authorizes and makes payment on her purchase card based on her word, especially since he knows that she keeps all documentation. The FA also purchases goods and services with his purchase card. Most of the charges on his card are for recurring payments, like the lease of office space, agency phone bills, etc. Since these are all agency charges, he authorizes and makes payment on his purchase card. The agency has written policies on purchase cards, but they aren’t specific to the agency yet. They were obtained from a friend at another agency, and the AA is eventually going to make some modifications so that they are specific to the agency. Training is not formally provided since only two people in the agency are primarily using purchase cards. They tell each other when problems are encountered with the cards, so they feel that they are informed enough to be able to use them.


Given the objective, risks, and control activities, identify at least 5 violations of internal control in the example case study.

Show More

Answer :

Task 1

Internal Management report


The Company is a medium size retail store that operates within the suburb of NSW. As observed, there has been a decline in the Company’s due to which the shareholders were worried such scenario. In the previous general meeting shareholders had requested to change the CEO. However, new CEO has been appointed and internal audit has been formulated. The internal management report has been assessing eth Company’s weakness, noncompliance issues, strategies and process of implementation.

Weaknesses of the operation:

The weakness of the company lies in the fact that there are no effective sales teamthat are able to deliver the entries of customer’s feedback, in handling the customer and sales person relationship, checking the invoices of customer complaints. In addition, the accounts clerk prepares and evaluates the report all by himself. The company is unable to pay the debts due to shortage of funds. 

Noncompliance issues:

The company witnesses several pitfalls deteriorating sales structure as its has no limits in reference to the size of the order approval while the account team is occupied and unable to assess the credit ratings of every order; unauthorized discounts has been transacted without any authorized supervision; the customer queries and feedbacks have been registered in unnumbered sales book resulting in the abstract and unidentified sources of customer details (Sun et al. 2014) Besides, the payable clerk is busy and therefore is unable to supply and register invoices compared with goods receiving record. All these factors attempt to weaken the company’s work force and sales target.  

Change to be implemented to address the non-compliance:

The company needs to be efficient in its sale production and monitor its sales team. Government rules and regulations need to be followed and be applied by the company staff in regulating their business. It needs to cater towards reporting its everyday issues and register them accordingly under proper professional guidance (Sun et al. 2014). Besides the company needs to address the requirements both of the company and the customers prior to the targeted deadline. Compliance is not only the responsibility for the large companies rather need to be assessed by the small firms. It needs to constantly check the constraints addressing the set of regulations. The company needs to comply and coordinate with its management and sales team and strengthen its communication and foster business processes; evaluate the security measures  and the procedures that can be applied in maintaining and assessing future risks, examine privacy measures and automate compliance measures; document, report and evaluate the data collection and records (Sadiq & Governatori, 2015)

Expected duration or time requirement to address identified areas:

The time required in evaluating the rules and regulations in relation to business processes is one month and in reference to the operations of sales management will be needing two weeks time that will include three levels of certification- assessment, record analysis and implementation.

Identified areas
Time duration
Identification of rules and   regulations
One month
Coordination and assessment   of  sales management 
one weeks
Privacy measures
two weeks 
Data collection assessment
one weeks


The CEO of the company need to assess and monitor eth previous and the existing rules and regulations and accordingly manage its production and sales. The CEO' need to be solely responsible for everyday management decisions and data collected from eth overall management and sales and implement the strategies towards the Company's long and short term plans. The CEO attempts to bridge the gap between the Board and management of the Company and communicates to the Board in relation to the business and management process and foster production. 

Task 2: 


The objective of eth small state agency is to formulate its own policies and make modifications that are agency-specific. The agency has been using purchase cards for about a year. However, it was used only by the two personnel the fiscal analyst and the administrative assistant. The agency aims at training the employee of the agency in using the purchase card. Besides, since the cards are used only by the two members it is important to address the issues and keep records of the purchases so that  they are informed enough to be able to use the cards efficiently.


There are several risks associated with the use of purchasing cards. The risks pose both threats and change the existing set of policies. The risks that cause tension and pressure are lost funds, litigation, brand or company reputation risk, employee-fraud, misuse of purchase policy compliance, transaction penalties, data theft, selling of data, scamming, and phishing. 

Control activities:

The purchasing card is used in controlling the expenditures where the duties are divided only to two members of eth agency that are fiscal analyst and the administrative assistant who reports and records the purchasing products and registers the cost and expenditure (Holma, Bask & Kauppi, 2015). In fact, the transactions are tracked and print is generated in keeping regular documents. The agency tends to control the risks associated with the purchasing card or the p-card. However, the agency under professional guidance it is important to address the expected risks and how it can impact the overall production and operations. It is important to determine the control activities that will be able to study the exposed frauds and financial loss (Feng, McVay & Skaife, 2014). The most important thing is to appoint members who will asses and record the day-to-day transactions and keep o a track of every purchase and product. The agency need to control the internal barrier caused due to the emergence of risks that can harm the image and reputation of the agency. 

 Violations of internal control: 

It is important to account internal control that stands as one of the most important element under the company ensuring achievement of the targeted objectives effectiveness and efficiency. It helps in documenting important financial reporting in compliance with laws, regulations and policies. Besides it helps in controlling the threats posed by the risks, reduce asset and financial loss and ensure that recorded details and articulated plan is complete and accurate, financial statements are reliable, and that the plan complies with laws and regulation (Cumming et al. 2015).  In coordinating the process of the internal control it is important to address five components of an internal control system that involve  the control environment, the entity's risk assessment process, the information system, control activities and the monitoring of controls. The agency needs to address the violations against the control activities, control environment, risks, monitoring, data analysis and collection.