Chapter 8 part 1 Flashcards
- Involves the creation of roles, processes, and formal reporting relationships in an organization
- Includes establishing departmental relationships
- Involves personnel reporting structures, such as chain of command and approval levels
Organizational design
Separates the four basic functions of even processing:
Function 1: authorizing events
Function 2: executing events
Function 3: recording events
Function 4: safeguarding resources resulting from consummating events
Segregation of duties
PREVENTS UNAUTHORIZED EXECUTION OF EVENTS and helps PREVENT FRAUD by ensuring that ONLY VALID EVENTS are recorded
Segregation of duties control
Requires that different units (departments) carry out each of the four phases of event processing
Ideal segregation
Would need to occur between one or more persons (or departments) to exploit the system and conceal abuse
Collusion
A plan or process to guide actions and achieve goals. Can guide behavior towards actions that achieve desired goals
Policy
Can compel behaviors and enforce penalties
Laws
Identify the skill requirements needed in employees to accomplish the firms goals
Personnel planning control plans
Forecast the number of employees needed in each position, take turnover into consideration, and develop a strategy for filling necessary positions
Management control plans
Requires an employee to alternate jobs periodically
Rotation of duties
Requires an employee to take leave from the job and substitutes another employee in her or her place
Forced vacations
Indemnifies a company in case it suffers losses from defalcations committed by its employees. Employees who have access to cash and other negotiable assets are usually bonded
Fidelity bond
Management assessment to determine whether control plans are functioning appropriately
Monitoring
Monitoring consists of:
- Putting controls in place to periodically follow up on the operation of control plans. Determine a BASELINE to know when a control is operating effectively, to identify if there is a CHANGE in a process or a control plan, and to periodically TEST that a control is operating
- Ensuring that appropriate communications of control weaknesses occur
Monitoring control plans vs normal control plans
- A normal control plan only serves to DETECT AND CORRECT ERRORS
- Monitoring control plans lead to the identification of the ROOT CAUSE OF THE ERROR