Scribd Logo
Upload

Welcome to Scribd!

  • Task 4 - Risk Control Matrix Template

    Uploaded by

    Kritika Jain
    21 views2 pages
    This document provides a template for documenting controls over a purchasing process. It includes sections for listing controls over the purchasing process with corresponding identifiers, identifying weaknesses in existing controls, and describing how each control is designed and functions. Control weaknesses noted include incorrect reviewer assignment, purchases made without required approval, and a lack of vendor vetting. The document is intended to capture findings from process walkthroughs and testing of purchase controls.

    Original Description:

    Original Title

    Task 4- Risk Control Matrix Template (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a template for documenting controls over a purchasing process. It includes sections for listing controls over the purchasing process with corresponding identifiers, identifying weaknesses in existing controls, and describing how each control is designed and functions. Control weaknesses noted include incorrect reviewer assignment, purchases made without required approval, and a lack of vendor vetting. The document is intended to capture findings from process walkthroughs and testing of purchase controls.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views2 pages

    Task 4 - Risk Control Matrix Template

    Uploaded by

    Kritika Jain
    This document provides a template for documenting controls over a purchasing process. It includes sections for listing controls over the purchasing process with corresponding identifiers, identifying weaknesses in existing controls, and describing how each control is designed and functions. Control weaknesses noted include incorrect reviewer assignment, purchases made without required approval, and a lack of vendor vetting. The document is intended to capture findings from process walkthroughs and testing of purchase controls.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Risk Control Matrix Template

    a) Purchasing Process Controls

    Note: The below control references (e.g, C1,


    C2, C3) should correspond to the green circles
    shown within your drafted process flow.
    (Remember, green circles in this process flow
    exercise show that a control exists over the
    process shown.)

    The below template is set up for 10 controls


    simply as an example, so you are free to use Note: Create a concise and unique control name for each
    more or fewer controls. control identified.
    Control # Control Name
    C1
    C2
    C3
    C4
    C5
    C6
    C7
    C8
    C9
    C10

    Note: Based on the walkthrough, the client contact directed some of our questions to the Internal Audit and IT teams. Based on those follow-ups, any add
    should be added to the above listing.

    b) Purchasing Process Control Weaknesses

    Note: The weaknesses outlined below are per procedures performed during Task 1 (test of control details) and
    Task 3 (purchasing process walkthrough).

    Control Weakness # Finding #


    Incorrect Reviewer Assignment by Purchase
    Control Weakness 1
    Request Portal
    Control Weakness 2 Purchase Made Prior to Required Pre-Approval
    Control Weakness 3 No Vendor Vetting Process
    Note: Provide a detailed narrative of how the control is designed and
    functions (e.g., when and how control is performed).
    Control Description

    Audit and IT teams. Based on those follow-ups, any additional controls identified

    Note: Provide a detailed narrative of how the current control designed


    allowed for an exception to the designed purchase process to exist.

    Control Description

    You might also like