Professional Documents
Culture Documents
1.2 Cloud storage 1 High Failure to maintain •The auditor must review the contracts of Ne
. an ethical with the AWS to look for any clause, breach
relationship with which could cause the relationship with AWS
amazon break down
warehousing
service could
cause Netflix to
even shut down
1.3 Monolithic 1 Medium While making any •Making sure that the system is equipped wit
. architecture changes in the monolithic architecture, since if in place
back end code of protects the whole database even when
the platform, if engineers make changes to any one elemen
any glitch takes the platform
place, the whole
website could
down for hours
causing damage to
business
1.4 Quality of 1 Low Seamlessly
. streaming on running files of
devices different format
on every unique
device used a
single account is
Audit:
Operations-
Production
and Licensing
2.1 Multi-year 1. High Talent Check if the agreement defines the working
commit- agreements relationship between both the parties, leaving
ments for are not little room for miscommunication.
production properly
and defined or
licensing of not complied Verify if various clauses to the agreement are
content. with. adhered to and payment is as per the
agreement.
2.2 Original 1. Medium Bifurcation of various Ascertain the various disciplines wherein
content disciplines Netflix is building out expertise.
production developed has not
(Netflix been reflected
Verify if the expenses are allocated to
Originals) properly in the books
the right head and there is no inter-head
of accounts.
adjustments.
6. High Flow of cash is not Check the trends in cash flow and look
properly reflected for any suspicious activity.
-Avika Bishnoi(A011)
Sr. No. Sub processes Ris Risk Risk Test
k Gradin Description Step
No. g
3.1. Types of 1 High Distinction •Proper authorization of the members should be
Memberships between done to prevent fraud.
types of •Proper recognition for subscription fees of every
membershi type of membership plan should be there.
p
4.1 Prohibition of 1 Low Prohibition of •Auditor can ask the senior or the upper
Discriminatory Discriminatory Tariffs management whether the company is
Tariffs for for Data Services having any tie ups with any service
Regulations, 2016
Data Services (Net Neutrality) states
provider to promote its services.
that Netflix cannot get
into any agreement
with any network
provider for
promoting its services.
4.2 Personal Data 1 Medium The Personal Data •Auditors can hire a systems expert to
Protection Protection bill,2018 check whether the security strength of
essentially makes the company is strong or not.
individual consent
central to data
sharing. It has been
imposed on the
collection and
storage of personal
and financial
information and
also processing of
the same for
commercial use
Sr. Sub processes Risk Risk Risk Description Test
No No. grading Step
4.3 Copyright Act 1 Medium This act states •Auditor should ensure that there
that the Netflix should be an internal process in order
cannot upload to check the licenses and
or show any authorization.
such content
which is
unauthorized/u
nlicensed.
4.4 Indecent 1 Medium This act
Representation prohibits
of Women indecent
(Prohibition) Act representation
(IRWA), 1986 of women
through crudity,
sexual , vulgar
actions, nudity,
and immodesty
on web series
or movies by
Netflix.
Audit:
IT and
Database
Management
--Chhavi Gupta (A014)
Sub Sub processes Risk Risk Risk Description
No. Grading
Process
5.2 Applicati Capacity 1 High Ensuring that the computer systems will
on Planning continue to provide a satisfactory level of
Controls performance in the longer term. This will involve
IT operation staff having to make estimates of
future CPU requirements, disk storage capacity
and network loads capacity.
Media 3
Management Mediu Includes the control of disks and tapes, CD
m ROMs, etc.
Sub Sub Risk Risk Risk Description
Proce No.
ss
processes Gradi
ng
Help Desk and 6 Mediu Help desks are the day-to-day link between users with
Problem m IT problems and the IT department. They are the ones
Management users call when they have a printer problem or they
forget their password.
6.1 Revenue 1 High Internal control on •Internal control for allowing access
Audit Verification of users to the platform, no unauthorized
and plans so as to user should access the content.
differentiate various •Proper control should be in place to
types of plans differentiate the plans shown to the
provided to users users based on their purchase plan.
along with the
benefits available to
them.
•Proper matching of revenue during the
2 Mediu Matching of revenue accounting period should be made. E.g.:
m during the 1 year subscription from Feb-Jan should
accounting period. be accounted proportionally during
Proper bifurcation relevant accounting periods.
should be made in •Revenue from advertisement should be
terms of advance accounted for.
payments or •Incase of advance payment, revenue
deferred payments. should be recognized on accrual basis
and balance should be shown as liability.
•All other revenue streams should be
analyzed and verified with respect to its
accuracy and completeness.
Sub Sub Risk Risk Risk Description Test
No. Grading
Process processes Step
Revenue 3 High Billing and accounting •Since the billing and other
Audit system should be accounting is based on IT system,
cross verified. Most of the IT system should be checked
the fraud happens in based on certain pre-defined sets of
this area because of inputs and outputs. For E.g. a
misappropriation in dummy user can be created , plan
accounting. should be selected for 2 months and
payment should be made. The
system should automatically show
the expiry date after 2 months.
•The billing should be proper and
spontaneous.
Sub Sub Risk Risk Risk Description
No. Grading
Test
Process processes Step
6.2 Expenditures 1 High Verification of Cash and •Expenses paid in cash should
Audit bank expenses especially be verified with supporting
transactions involving memos and vouchers.
intercompany wires, •Counterfoil of cash receipt
automated clearing should be verified.
house (ACH) transfers, •Ensuring that teeming and
and check payments lading method is not followed.
because most of the
revenue generated by
Netflix is denominated in
foreign currency.
6.4 Liability 1 Low As of now, Netflix accounts • Examine the loan agreement
for $10,360,058 borrowed and ensure that the terms of
capital. This figure has been agreement relating to interest,
increasing over quarters. repayment etc., are duly
$3817685 has been raised complied with.
alone in 2018. • Calculation of interest rates on
the borrowed amount.