ACC 707 Auditing and

Assurance
Tutorial 6 Solutions –
Chapter 7& 8
7.1 Why does the auditor
assess control risk?
The auditor assesses control
risk to determine whether the
accounting data were
developed
under a system of internal
control that is likely to ensure
their accuracy and reliability.
If the
auditor is able to assess control
risk as being less than high,
then the detection risk can
afford
to be higher, resulting in less
substantive testing being
required.
7.3 Explain the difference
between management controls
and transaction controls.
Management controls are the
activities undertaken by senior
management to mitigate
strategic risks to the entity and
to promote the effectiveness of
decision-making and the
efficiency of business
activities. Management
controls tend to focus on
overall effectiveness
and efficiency within an entity,
rather than on details of
individual transactions or
activities.
Generally, they are designed to
provide an overall indication
that processes and activities
are
functioning properly, and to
provide an effective response
to risk in a timely manner.
Transaction controls are
performed by staff employees
and lower-level management
as part
of the various processes within
the entity. These controls are
generally focused on internal
risks within systems and
processes and reflect the
formal policies and procedures
defined by
senior management. Such
controls deal primarily with
the reliability of accounting
information and compliance
with rules and regulations. For
example, assigning
responsibility
for authorising transactions to
specific individuals is a form
of transaction or process
control.
The objectives of these
accounting controls are to
control the flow of transactions
through the
accounting system and to
safeguard the related assets by
authorising transactions,
recording
transactions, restricting access
to assets and checking for
existence of recorded assets.
7.4 Explain what is meant by
incompatible accounting
function and how an
appropriate segregation of
functions can be achieved.
Incompatible accounting
functions are functions that,
when combined, allow an
individual to
perpetrate an irregularity and
not be detected. Appropriate
segregation of functions is
achieved by separating the
authorisation, execution and
recording of transactions, and
custody of the related assets.
7.5 What is the internal control
environment and why is it
important?
According to ASA 315.A77
(ISA 315.A77) the internal
control environment includes
governance and management’s
overall attitude, awareness and
actions regarding internal
control and its importance in
the entity. The internal control
environment is important
because it sets the tone of an
entity. It influences the control
consciousness of all personnel
and is the foundation for the
other components.
ACC 707 Auditing and
Assurance
Tutorial 6 Solutions –
Chapter 7& 8
7.1 Why does the auditor
assess control risk?
The auditor assesses control
risk to determine whether the
accounting data were
developed
under a system of internal
control that is likely to ensure
their accuracy and reliability.
If the
auditor is able to assess control
risk as being less than high,
then the detection risk can
afford
to be higher, resulting in less
substantive testing being
required.
7.3 Explain the difference
between management controls
and transaction controls.
Management controls are the
activities undertaken by senior
management to mitigate
strategic risks to the entity and
to promote the effectiveness of
decision-making and the
efficiency of business
activities. Management
controls tend to focus on
overall effectiveness
and efficiency within an entity,
rather than on details of
individual transactions or
activities.
Generally, they are designed to
provide an overall indication
that processes and activities
are
functioning properly, and to
provide an effective response
to risk in a timely manner.
Transaction controls are
performed by staff employees
and lower-level management
as part
of the various processes within
the entity. These controls are
generally focused on internal
risks within systems and
processes and reflect the
formal policies and procedures
defined by
senior management. Such
controls deal primarily with
the reliability of accounting
information and compliance
with rules and regulations. For
example, assigning
responsibility
for authorising transactions to
specific individuals is a form
of transaction or process
control.
The objectives of these
accounting controls are to
control the flow of transactions
through the
accounting system and to
safeguard the related assets by
authorising transactions,
recording
transactions, restricting access
to assets and checking for
existence of recorded assets.
7.4 Explain what is meant by
incompatible accounting
function and how an
appropriate segregation of
functions can be achieved.
Incompatible accounting
functions are functions that,
when combined, allow an
individual to
perpetrate an irregularity and
not be detected. Appropriate
segregation of functions is
achieved by separating the
authorisation, execution and
recording of transactions, and
custody of the related assets.
7.5 What is the internal control
environment and why is it
important?
According to ASA 315.A77
(ISA 315.A77) the internal
control environment includes
governance and management’s
overall attitude, awareness and
actions regarding internal
control and its importance in
the entity. The internal control
environment is important
because it sets the tone of an
entity. It influences the control
consciousness of all personnel
and is the foundation for the
other components.
ACC 707 Auditing and
Assurance
Tutorial 6 Solutions –
Chapter 7& 8
7.1 Why does the auditor
assess control risk?
The auditor assesses control
risk to determine whether the
accounting data were
developed
under a system of internal
control that is likely to ensure
their accuracy and reliability.
If the
auditor is able to assess control
risk as being less than high,
then the detection risk can
afford
to be higher, resulting in less
substantive testing being
required.
7.3 Explain the difference
between management controls
and transaction controls.
Management controls are the
activities undertaken by senior
management to mitigate
strategic risks to the entity and
to promote the effectiveness of
decision-making and the
efficiency of business
activities. Management
controls tend to focus on
overall effectiveness
and efficiency within an entity,
rather than on details of
individual transactions or
activities.
Generally, they are designed to
provide an overall indication
that processes and activities
are
functioning properly, and to
provide an effective response
to risk in a timely manner.
Transaction controls are
performed by staff employees
and lower-level management
as part
of the various processes within
the entity. These controls are
generally focused on internal
risks within systems and
processes and reflect the
formal policies and procedures
defined by
senior management. Such
controls deal primarily with
the reliability of accounting
information and compliance
with rules and regulations. For
example, assigning
responsibility
for authorising transactions to
specific individuals is a form
of transaction or process
control.
The objectives of these
accounting controls are to
control the flow of transactions
through the
accounting system and to
safeguard the related assets by
authorising transactions,
recording
transactions, restricting access
to assets and checking for
existence of recorded assets.
7.4 Explain what is meant by
incompatible accounting
function and how an
appropriate segregation of
functions can be achieved.
Incompatible accounting
functions are functions that,
when combined, allow an
individual to
perpetrate an irregularity and
not be detected. Appropriate
segregation of functions is
achieved by separating the
authorisation, execution and
recording of transactions, and
custody of the related assets.
7.5 What is the internal control
environment and why is it
important?
According to ASA 315.A77
(ISA 315.A77) the internal
control environment includes
governance and management’s
overall attitude, awareness and
actions regarding internal
control and its importance in
the entity. The internal control
environment is important
because it sets the tone of an
entity. It influences the control
consciousness of all personnel
and is the foundation for the
other components.
7.16 Supremo Ltd is a major manufacturer of industrial machinery. When the stores
department requires items to be purchased, they issue a three-part pre-numbered purchase
requisition that needs to be approved by the store manager.

Copy 1 is sent to the purchasing department,

Copy 2 is sent to the accounts payable department
and Copy 3 is filed in the stores department.

On receipt of an approved purchased requisition, the purchasing department issues a

five-part pre-numbered purchase order.

Copy 1 is sent to the supplier,

copy 2 and 3 are forwarded to the receiving department,
copy 4 is forwarded to the accounts department and
copy 5 is filed in the purchasing department.

When goods are received, the receiving department just stamps ‘order received’ on its two
copies of the purchase order, which then forms its receiving record.
One copy of the receiving record is filed in the receiving department and the other is
forwarded to the accounts payable department. The accounts payable department checks
that there is a purchase requisition, purchase order and receiving record for each supplier
invoice and then approves it for payment. The accounts department prepares a pre-
numbered payment voucher and forwards it, along with the supplier’s invoice, purchase
requisition, purchase order and receiving record, to the financial accountant, who signs the
payment voucher, completes the payment by bank transfer to the supplier and returns the
supporting documents to the accounts payable department.

(3)At the end of the month, the assistant accountant undertakes a sequence check of all
pre-numbered documents. The financial accountant receives the monthly bank statement,
prepares a bank reconciliation and investigates any reconciling items.

REQUIRED

(a) identify the weaknesses in Supremo’s internal control concerning the purchase and
payments functions (2)
(b) Explain why each is a weakness and provide a recommendation as to how to overcome
the weakness.

Điểm yếu:
- Nhận hàng không đúng chất lượng, số lượng do không có quy trình kiểm hàng (just
stamps ‘order received’)
 Phải có quy trình đối chiếu hàng đã mua có đúng như khi đặt hàng hay không?
- Chứng từ thanh toán chưa được check, số lượng, đúng giao hàng, invoice
(accurancy): payment procedures, không đóng dấu đã thanh toán
 Ký tên đã thanh toán,
- Vi phạm segregation activities vì financial accountant : kiêm nhiệm quá nhiều hoạt
động
 Phải có individuals function