Preventative Controls
Different people should be responsible for activities that are related (separate responsibilities for record keeping, physical custody, and authorization)
Separation of Duties
Procedures in place to review the internal control procedures to detect deficiencies or fraudulent behaviors
Audits
Locks, pass codes, access cards. Fences, gates, video monitors.
Examples of physical controls
Coins, currency, paper money, checks, money orders, and money in a bank
What is cash
Control features that physically limit the access to assets to Locks, passcodes, access cards.
specific authorized personnel.
Physical controls
______________ are post-transaction procedures designed to find errors, fraud, or irregularities that have already occurred and to ensure their prompt correction
What are detective controls
Only designated people sign checks. Only designated people are allowed to make purchases.
Short term or highly liquid investments that are readily convertible to a known amount of cash and no more than 3 months to maturity
Cash equivalents
Procedures designed to prevent improper use of the company's resources by limiting access to only authorized personnel
Proper authorization
Periodic independent verification of actual performance of employees and overall performance to expected results.
What are performance reviews
Firewalls and antivirus software. Limiting password approvals for elect. transactions
E-commerce controls
Cash that is NOT available for current operations
Restricted cash
Providing employees with appropriate guidance to ensure they have the knowledge necessary to carry out their job duties
Employee management
Periodic independent verification of physical asset such as cash, supplies, inventory, and other property to ensure agreement with the accounting records.
What is reconciliations?
Comparing an employees actual sales to the sales reported to accounting
Performance reviews
Three parts of the fraud triangle
Motivation
Opportunity
Rationalization
(define each)
Procedures specifically designed to ensure that only authorized personnel are able to conduct e-commerce transactions
Procedures specifically designed to ensure that only authorized personnel are able to conduct e-commerce transactions
A ________ ________ is a proactive measure or mechanism implemented to stop undesirable events, risks, or failures from occurring in the first place, rather than detecting them after they happened.
Preventative controls
An employee who authorizes a vendor relationship should not receive orders or perform record keeping for inventory or payment of orders.
Examples of separation of duties
Explain what the fraud triangle is
(....)