Question

For the following five scenarios, identify the principle of internal control that is violated. Next, recommend what the business should do to ensure adherence to principles of internal control.

1. Tamerick Company is a fairly small organization but has segregated the duties of cash receipts and cash disbursements. However, the employee responsible for cash disbursements also reconciles the bank account monthly.

2. Stan Spencer is the most computer literate employee in his company. His boss has recently asked him to put password protection on all the office computers. Stan's main job at the company is to process payroll. Stan has put a password in place that now allows only his boss access to the file where pay rates are changed and personnel are added or deleted from the company payroll.

3. Starlight Theatre has a computerized order-taking system for its tickets. The system is active all week and backed up every Friday night.

4. Trek There Company has two employees handling acquisitions of inventory. One employee places purchase orders and pays vendors. The second employee receives the merchandise.

5. The owner of Holiday Helper uses a cheque protector to perforate cheques, making it difficult for anyone to alter the amount of the cheque. The cheque protector sits on the owner's desk in an office that houses company cheques and is often unlocked.

Answer 1

Each of the scenarios describes a violation of internal control principles such as segregation of duties, access controls, data backup and security procedures, and physical controls. Corrective actions should include appropriate segregation of responsibilities, improved access controls, frequent data backups, and secure storage of financial instruments.

Step-by-step explanation:

Scenario 1: The principle of internal control violated here is segregation of duties. The same person handling cash disbursements should not reconcile the bank account. To correct this, the company should assign the bank reconciliation task to another employee who is not involved in the cash disbursement process.

Scenario 2: This situation violates the internal control principle related to access controls. Stan should not have sole control over the payroll system as this can lead to a lack of checks and balances. The company should implement a system where multiple trusted individuals have access and oversight over changes to the payroll file.

Scenario 3: The violation here is inadequate data backup and security procedures. Backing up data only weekly leaves the theatre at risk of losing critical data. The company should consider more frequent, possibly daily, backups and ensure off-site storage of backups for data security.

Scenario 4: The principle of segregation of duties is again at risk. Having the same person order and pay for inventory can lead to potential fraud. The company should separate these duties, with separate employees responsible for ordering inventory and processing payments to vendors.

Scenario 5: The lack of security for check-writing functions violates the control of physical controls. The company should securely lock the cheque protector and cheques when not in use and limit access to authorized personnel only.

Answer 2

Internal control principles such as segregation of duties, access control, physical controls, documentation procedures, and independent internal verification are violated in the scenarios presented. The respective businesses should take corrective actions to comply with these principles and ensure the safeguarding of assets and accuracy of financial information.

Step-by-step explanation:

Identifying the principles of internal control that are violated in the given scenarios and recommending corrective actions are essential for maintaining strong internal controls within a business. Here are the violations and recommendations:

Segregation of Duties: The employee responsible for cash disbursements also reconciling the bank account is a violation because it grants too much control to one individual, which can lead to potential misappropriation of funds. The recommendation is to assign the bank reconciliation task to another person who is not involved in cash disbursements or receipts.

Access Control: Stan Spencer, responsible for payroll, placing password protection that only allows his boss access to payroll changes, creates a lack of oversight. To rectify this, there should be a segregation of duties, with independent verification of changes made to payroll files by a party other than those who have the ability to edit them.

Documentation Procedures: Starlight Theatre backing up its computerized system only once a week creates a risk of significant data loss. The theatre should increase the frequency of backups to at least daily to ensure data integrity.

Physical Controls: In Trek There Company, the lack of segregation of duty between placing orders and receiving merchandise can lead to fraud. Implementing a system where a separate employee verifies the receipt of goods against purchase orders can strengthen controls.

Physical Controls: The owner of Holiday Helper keeping the cheque protector in an often unlocked office violates secure asset protection. The cheque protector should be secured in a locked area with limited access to authorized personnel only.

In a retail store scenario, where a cashier is accused of theft due to their cash drawer being short, the principles of internal control such as monitoring, documentation procedures, and independent internal verification should be applied. The employee should request a review of the surveillance footage, ask for a comparison with the receipt records, and bring in an independent party to verify the cash drawer to deal with the label of theft.