Internal Control and Risk Evaluation
Essay by Kill009 • September 10, 2012 • Term Paper • 1,036 Words (5 Pages) • 2,554 Views
Internal Control and Risk Evaluation
ACC 542
December 19, 2011
Kudler Fine Foods has decided to go forward with the recommended course of action
from Learning Team C, which was to buy an out of the box Accounting Information System
(AIS). As with any implementation, consideration is given to existing internal and external
controls. At the same time, external and internal risks should be evaluated and measures taken
to reduce these risks. Internal controls can be created using the data diagrams provided by
Learning Team C based on the new system. The review of the application of the internal
controls is an integral part of this process. Lastly, other control issues, both inside and outside
of the new system should be addressed.
"An organization's financial resources must be protected from such activities as loss, waste,
or theft. Protecting such assets requires an organization to develop and implement an internal
control system with its AIS, as well as within other parts of the organizational system"
((Bagranoff, Simkin, & Strand, 2008). This is a key concept for a company going
through a new software implementation. At Kudler Fine Foods, creating policy and procedure
for the new system will be vital to its success. Currently, there are no written policies for the
accounting department or the embedded security system. Without the documentation of
policies, there is a lack of control of the business. How can one know if the proper procedure
for entering accounts payable is being done, when there is no reference? How can an audit of
the accounting department be done with no documentation of the policies and procedures?
There is no way to provide control of accounting information, both internal and external,
without proper records.
The biggest risk to Kudler Fine Foods is that there is no documentation for its policies and
procedures. There are several different risks because of the lack of these records. For example,
since there is no record of how to pay a vendor, how can an audit be done of the payment?
This poses an internal risk of fraud and theft. An employee could set himself or herself up as a
vendor and then process a payment. The lack of documentation provides an opportunity for an
external risk as well. An outside source can enter into the system and upload credit card
information on file for the customers. Since there is no documentation of the current security
system, tracking outside threats to the system would be difficult.
Kudler Fine Foods has the opportunity to put into place new internal and external controls
during the implementation period. Kudler Fine Foods has already been provided with a tool to
aid them through this process, the data flow diagrams done by Learning Team C. A review of
each diagram can be done to determine internal and external risks and then identifying what
controls
...
...