CHAPTER TEN

TESTS OF
CONTROLS
OBJECTIVES OF TESTS OF CONTROLS

Tests of controls involve;

• Control objectives - management
controls/statements put in place to prevent
identified risks in achieving objectives
• Control activities – actions/procedures put in
place to achieve objectives
• Tests of controls- control procedures to be
undertaken, involves analysis & explanations
to be carried on a sample basis.
AUDIT WORK OR AUDIT PROCEDURES
TEST
TEST OF
OF CONTROLS (Tests the
CONTROLS(Compliance SUBSTANTIVE TESTS (Tests
SUBSTANTIVE TESTSused to
Controls)
Tests) detect misstatements FS)
Carried out in order to Carried to verify true & fair
determine effective operations view of FS
Carried out in order to Carried to verify true & fair
of Internaleffective
determine controls operation
in view of FS
operation
of Internal controls in an
organisation
Only performed if the controls Nature, Extent & timing (NET)
appear effective in design depends on the effectiveness
Only performed if the controls Nature,
of ICS Extent & Timing (NET)
appear
Do noteffective in design
provide evidence depends on the
Substantive effectiveness
procedures always
about the true and fair view of of ICS due to limitations of
carried
financial statements ICS
Do not provide evidence Substantive procedures always
about the true and fair view of carried due to limitations of
financial statements ICS
WHEN TO USE TEST OF CONTROLS?
TEST OF CONTROLS AND WHEN TO USE THEM

Does risk  Decide whether CONDUCT

assessment to rely on TEST OF
include IF YES Control risk low controls or not CONTROLS
expectation that  And if cost
controls are effective
operating  Report control DESIGN &
effectively? IF NO Control risk high deficiencies to PERFORM
mgt. SUBSTATNTIVE
PROCEDURES
TEST OF CONTROL
Test must ensure the control :
 Properly designed
 Exist
 Operated throughout the period
Tests include enquiry in combination with:
o Observation
o Inspection
o Examination of evidence of mgt. review
o Re-performance
o Testing of control activities performed by computer, possibly
using Computer Assisted Audit Techniques (CAATs)
DESCRIPTION OF CONTROL PROCEDURES
• A test of control is an audit procedure to establish
whether a given control operated effectively
• When carrying out test of control, procedures
include the following:
• Action/procedure/work carried out by auditor –
inspect, review, re-calculate, compare, perform,
vouch, observe, re-perform, inquire, analyse.
• The items to which action is applied (Source)- usually
documents & physical items e.g. bank/supplier
statements (on a sample basis)
• Evidence of the control being tested e.g. signature,
annotation or action which confirms that the control
operated during the year.
 SALES CYCLE

1. ORDERING (Receipt of order/sales order)

2. DESPATCH OF GOODS (Raising of GDN)

3. DESPATCH OF INVOINCE (Invoicing)

4. RECORDING /ACCOUNTING (Updating ledgers)

5. RECEIPT OF CASH (Updating of Cash Book)

 SALES CYCLE
ASSERTIONS: (COCCA)
What to consider:
What can go wrong?
What are the risks?
What are the objectives?
o How can the risks be prevented
o What the controls?
o How can the controls be tested?
THE SALES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS & TEST
OF CONTROLS

1. Taking orders
Risks
Accepting orders from a customer who will not pay;
Orders taken down incorrectly;
Orders not fulfilled;
Orders not accepted at correct prices
Control Objectives
• To Ensure that goods & services are only supplied to customers with good credit rating
• To Ensure that recorded sales transactions represent goods or services provided
• To ensure that orders are fulfilled and accepted at correct prices
Controls
Credit check all customers/ approved customer list
Use of pre-printed order forms;
Sequential order forms and match orders to GDNs
Use authorised price list
Test of control

Obtain a sample of new customer accounts and review related credit rating documentation and authorisation

Observe the processing of orders through the sales cycle and inspect sign-offs to evaluate segregation of
duties

Review supporting documents for a sample of sales entries to ensure they contain correct details
THE SALES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS & TEST
OF CONTROLS
Despatch of goods to customer
Risks
Goods despatched wrong quantity & quality;
Goods not despatched;
No record of goods despatched;
Goods not received by customer
Control objectives
• To ensure that goods despatched are of the correct quantity and good quality.
• To ensure goods are despatched and signed off.
Controls
All goods checked to order by supervisor before leaving warehouse;
Review orders not matched to GDNs;
Supervision of goods despatched – GDNs;
 Customer signs Delivery Note
Test of control
Inspect a sample of GDNs for supervisor's signature confirming reconciliation of
quantities/quality despatched to customer order
THE SALES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS & TEST
OF CONTROLS
Invoicing
Risks
Goods despatched not invoiced;
Errors in invoicing;
Invoice not recorded in general ledger
Control Objectives
• To ensure that goods despatched are invoiced
• To ensure that there are no errors in invoicing and are correctly
posted to the general ledger
Controls
Periodic review of GDN not matched to invoices
Check invoice to GDN and order form
Sequence check of invoices posted to General ledger
Test of control
Inspect a sample of invoices tracing them with ledger entries
THE SALES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS & TEST
OF CONTROLS

Recording and Accounting

Risks
Sales not accurately recorded
Sales not completely recorded
Sales wrongly/delayed/not posted to the ledger
Control Objectives
• To ensure purchases are accurately recorded
• To ensures that Sales completely recorded
• To ensure that Sales correctly/ promptly/ posted to the relevant ledger
Controls
Review and approval of the recorded purchases
Second person review of Sales orders and agree with purchase invoices to ensure Sales
are completely recorded
Second person review of the ledgers for wrong/delayed posting in the ledgers

Test of Control
Inspect a sample of Sales orders to verify that they were signed as proof of second
person review and approval
Observe the posting process to ensure that it is done correctly/ promptly
THE SALES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS & TEST
OF CONTROLS

Receipt of cash
Risks
Cash not received or stolen;
Remittances not recorded;
Remittances not recorded in banking system.
Control Objectives
• To ensure that correct amount of cash is received and promptly banked
Controls
Formal mail opening procedures;
Prompt banking;
Regular bank reconciliation.

Tests of controls
Observe procedures over opening of mail from customers and evaluate their
adequacy
Review bank reconciliation statements & establish whether they are performed
regularly
 THE PURCHASES CYCLE

1. Requisition and Ordering (Purchases order).

2. Receipt of goods (Raising of GRN)

3. Receipt of Invoice (Invoicing)

4. Recording and Accounting (Updating ledgers)

5. Payment to supplier (Updating Cashbook)

THE PURCHASES CYCLE
THE PURCHASES CYCLE
Assertions: (COCCA)
What to consider:
What can go wrong?
What are the risks?
What are the objectives?
o How can risks be prevented?
o What are the controls?
o How can controls be tested?
THE PURCHASES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS
Requisition and Ordering of goods from supplier

Risks
Ordering of goods of poor quality & high price
Goods ordered not required
Goods ordered not received
Control Objectives
• To ensure that goods procured are of good quality and right price
• To ensure that the goods and services ordered are received
Controls
Use recognised supplier list.
Tendering process on large items
Requisitions should be approved
Follow up of overdue orders

Tests of controls:
Obtain a sample of purchase requisitions and inspect for signature of approving
authority
THE PURCHASES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS
Receipt of goods
Risks
Goods received not ordered
Goods received stolen/ damaged
Goods received of wrong quality/quantity
Control objectives
• To ensure that goods received are what was ordered are correct quantities and
condition
Controls
All goods received agreed to order notes before accepted
Secure storage
Agree to requisition order forms

Test of control:
Inspect a sample of GRN for signature of supervisor confirming
reconciliation of goods receives to purchase order
THE PURCHASES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS

Invoicing
Risks
Liability not recognised
Liability recognised for goods not received
Liability recorded incorrectly
Control Objectives
• To ensure that the liabilities recognized are for all goods received
Controls
Regular review and follow up of GRNs unmatched to invoice
Liability only recognised if supported by GRN
Invoices recalculated and agreed to GRN

Test of Control
Inspect a sample of invoices and trace them to customer statements
THE PURCHASES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS

Recording and Accounting

Risks
Purchases not accurately recorded
Purchases not completely recorded
Purchases wrongly/delayed/not posted to the ledger
Control Objectives
• To ensure purchases are accurately recorded
• To ensures that purchases completely recorded
• To ensure that purchases correctly/ promptly/ posted to the relevant ledger
Controls
Review and approval of the recorded purchases
Second person review of purchases orders and agree with purchase invoices to ensure
purchases are completely recorded
Second person review of the ledgers for wrong/delayed posting in the ledgers

Test of Control
Inspect a sample of purchase orders to verify that they were signed as proof of second
person review and approval
Observe the posting process to ensure that it is done correctly/ promptly
THE PURCHASES CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS
& TEST OF CONTROLS
Payment to supplier
Risks
Pay for goods not received
Payments not recorded
Duplicate payments
Payments not recorded
Control Objectives
• To ensure that the all payments made are for goods received
• To ensure that there are no duplicated payments made
Controls
Only make payment if supported by order, invoice & GRN
Stamp invoices PAID. Only pay on sight of original invoice
Bank reconciliation
Test of control:
Obtain a sample of payment vouchers raised during the year and review
appropriate supporting documentation
 THE PAYROLL CYCLE

1. Employing & contracting (HRD)

2. Calculating/recording of hours/work done (HR &

Production Dept.)

3. Running of payroll (recognising of payroll liability)

4. Authorisation of payment of taxes etc.

5. Payment to employees
 THE PAYROLL CYCLE

What to consider:
What can go wrong?
What are the risks?
What are the objectives?
o How can it be prevented?
o What are the controls?
o How can controls be tested?
THE PAYROLL CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS
Employing & contracting (HRD)
Risks
No records of employment (Contracts)
No HR department
Employees employed by other depts. other than HRD
Control Objectives
• To ensure that all employees have accurate and complete record with HRD
• To ensure that there is an established HRD responsible for employing and
contracting
Controls
Pre printed records to be completed by all employees kept by HRD
All employees contracted by HRD other than any Dept.
Test of control
Review preprinted employment record have been completed and signed by
each employee prior to starting
THE PAYROLL CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS
Calculating/recording of hours/work done
Risks
Failure to record a work done
Work recorded not actually done
Payments made for work not done
Control Objectives
• To ensure that the recorded work matches with work done
• To ensure that the work recorded is actually done
Controls
Sequence check on pre-numbered time sheets
Authorisation of hours by supervisor
Clocking-in system
Test of control
Observe procedures over signing of work sheets and authorization of
entries
 THE PAYROLL CYCLE- RISKS, CONTROL
OBJECTIVES, CONTROLS & TEST OF CONTROLS

Running the Payroll /Recognising payroll Liability

Risks
Wrong rate of pay used;
Incorrect deductions calculated.
Control Objectives
•To ensure that the accurate amount is paid
•To ensure that the deductions are correct and rate used is reasonable

Controls
Authorisation of pay rates and changes (by Personnel dept.)
Arithmetic checks;
Reconciliation to previous period;
Authorisation of rate changes on system.

Tests of control
Obtain a sample of work sheets entered and check for supervision authorization
signature
Review the rates used for reasonableness
THE PAYROLL CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS &
TEST OF CONTROLS
Payment
Risks
Payment to ghost/incorrect employees
Payment for work not done
Cash payment losses
Control Objectives
• To ensure that the paid amount is made to bona fide employees of the
entity
• To ensure that the payment is for work recorded and done
Controls
Cheque signing independent of payroll.
Sequence check of unique code e.g. tax no.
Identification check. Security of cash. Unclaimed wage controls
Test of controls
Obtain a sample of bank payments records and reconcile with work sheets
 THE INVETORY SYSTEM

1. RECEIPT OF GOODS

2. RECORDING OF RECEIVED GOODS

3. ISSUANCE OF GOODS

4. RECORDING OF ISSUED GOODS

THE INVENTORY CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS
& TEST OF CONTROLS

Receipt Of Goods
Risks

Receipt of wrong goods (not initially ordered)

Receipt of wrong quantity/quality goods

Control objectives
•To ensure that all inventory received is correct – initially ordered
•To ensure that inventory received is the correct quantity/quality

Controls

All inventory received is physically checked, agreed to the purchase order

Test of control

From a sample of GRNs review for signature as proof physical check.
THE INVENTORY CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS
& TEST OF CONTROLS

Recording Of Received Goods

Risks
All Inventory received is not accurately and completely recorded
Inventory received stated in the SOFP does not exist (overstated)
Unauthorised movement of inventory
Control objectives
• To ensure that all inventory movements are authorized and recorded
• To ensure that inventory stated in SOFP exits
Controls
Separate duties for maintenance of records and custodianship
Reconciliations of inventory records with general ledger
Test of control:
Review documents in use
Review a sample of reconciliations to confirm the recons were
performed
THE INVENTORY CYCLE- RISKS, CONTROL OBJECTIVES, CONTROLS
& TEST OF CONTROLS

Issuance Of Goods
Risks
Inventory stated in the SOFP does not exist (overstated)
Unauthorised movement of inventory
Control objectives
• To ensure that all inventory movements are authorized and recorded
• To ensure that inventory stated in SOFP exits
Controls
Separate duties for maintenance of records and custodianship
Reconciliations of inventory records with general ledger
Test of control:
Review documents in use
Review a sample of reconciliations to confirm the recons were
performed
REVENUE AND CAPITAL EXPENDITURE

Assertions: Authorisation; Classification; Completeness

Risks
Profit under or over-statement
Wrong classification of capital and revenue expenditure and vice versa
Control Objectives
• To ensure that expenditure is properly authorized
• To ensure that expenditure is correctly classified in the F/S as capital & revenue expenditure
• To ensure that all non-current assets are correctly recorded in the financial system
Controls
Orders for capital items should be authorised
Capital items should be written up in the non-current asset register
Asset register should be reconciled regularly to the general ledger and any differences
investigated and resolved promptly
Test of controls
Review policies and procedures
Examine a sample of orders for appropriate authorisation
Review reconciliation to ensure regular recons and reviewed by a senior person
Inspect invoices to verify invoices have correct general ledger code marked
 INTERNAL CONTROLS - NON-CURRENT ASSETS

 Authorisation of Capital expenditure

 Authorisation of disposal
 Capital vs. Revenue expenditure separation
 Non-current asset register
 Physical checks
 Authorisation of depreciation rates
 SUMMARY - TESTS OF CONTROLS
•  

Main points:
• When to use tests of controls
• Risks, controls and tests of controls in
transaction cycles (sales, purchases, wages etc.)
• How to describe a test of control
(action/procedure, item affected & purpose of
test)