Sunday, January 24, 2016

Kunci Jawaban Sistem Informasi Akuntansi - REVENUE CYCLE

Accounting Information System - Marshall B. Romney & Paul John Steinbart

CHAPTER 12 

THE REVENUE CYCLE: SALES AND CASH COLLECTIONS

SUGGESTED ANSWERS TO DISCUSSION QUESTIONS

12.1     Customer relationship management systems hold great promise, but their usefulness is determined by the amount of personal data customers are willing to divulge. To what extent do you think concerns about privacy-related issues affect the use of CRM systems?
            The basic issue concerns the willingness of consumers to divulge the kind of information that would allow companies to personalize the sales interaction versus concerns that such information would be misused or sold to other parties.  In addition, with the growing problem of identity theft, consumers are becoming increasingly concerned about the safety and security of their personal information.  Companies that wish to collect this data will most likely have to demonstrate the need for this information to the consumer as well as the company’s ability to keep this information secure.

12.2     Some products, like music and software, can be digitized. How does this affect each of the four main activities in the revenue cycle?
            Digitized products do not change the four basic business activities of the revenue cycle.  For all products, whether digitized or not, an order must be taken, the product shipped, the customer billed, and cash collected. 

            The only thing that digitized products change is inventory management as products do not need to be removed from a warehouse to be delivered. However, a copy of a product must be shipped (usually electronically, but in some cases it may need to be burned on a DVD and then shipped). 


12.3     Many companies use accounts receivable aging schedules to project future cash inflows and bad-debt expense. Review the information typically presented in such a report (see Figure 12-8). Which specific metrics can be calculated from those data that might be especially useful in providing early warning about looming cash flow or bad-debt problems?
The accounts receivable aging report shows dollar amounts outstanding by number of days past due by customer and by invoice.  The following metrics can provide useful early warnings about looming cash flow or bad-debt problems.
·         The percentage of total accounts receivable categorized by days past due would alert management of categories that are increasing.  This could also be reported by customer and by invoice.  This way if a particular invoice was not being paid, the company could more quickly identify the invoice, contact the customer, and potentially resolve any problems or disputes about the particular invoice. 
·         Reporting by customer can help to identify chronic “slow paying” customers so that corrective action could be taken such as offering discounts for quick payment, changes in terms, and notifying the credit manager to restrict credit for this particular customer. 
·         The company may have a threshold for each category of past due accounts either in percentages or absolute dollars.  A metric could be calculated and presented that highlights the categories exceeding that threshold.    


12.4     Table 12-1 suggests that restricting physical access to inventory is one way to reduce the threat of theft. How can information technology help accomplish that objective?
           Possibilities include:
·         Electronic locks on all entrances and exits to the inventory area.
·         Smart card technology where employees must scan their ID card prior to entering/exiting the inventory area.
·         Biometric access controls (fingerprint reader, face recognition software, etc.)
·         Attach RFID tags to inventory items and install RFID tag scanners at each exit of the inventory area.
·         Install and monitor surveillance cameras in the inventory area.

12.5     Invoiceless pricing has been adopted by some large businesses for B2B transactions. What are the barriers, if any, to its use in B2C commerce?
            Many companies are trying to incent their customers to sign up for automatic bill-pay. The primary barrier is consumer resistance to or fear of online bill payment in general. However, there are also problems on the seller side – particularly in regards to billing disputes. A related issue is the threat of asset misappropriation – how easily can the seller attempt to recover items sold to the consumer?

12.6     The use of some form of electronic “cash” that would provide the same kind of anonymity for e-commerce that cash provides for traditional physical business transactions has been discussed for a long time. What are the advantages and disadvantages of electronic cash to customers? To businesses? What are some of the accounting implications of using electronic cash?
            Any form of electronic or digital cash has the same audit risks as physical cash: susceptibility to theft and loss of an audit trail. In addition, digital “cash” also has risks associated with the durability of the store of value – to what extent can the cash be recovered if the storage media becomes defective?
            Another issue concerns the potential loss of privacy, because the digital currency can be “marked” in a manner that enables tracing its path through the economy.
            Finally, there is the question of how to provide and maintain an adequate audit trail to prevent unscrupulous businesses from “skimming” digital cash sales and thereby under-reporting sales for tax purposes.


SUGGESTED ANSWERS TO THE PROBLEMS
12.1     Match the term in the left column with its definition in the right column.
1. __d__ CRM system
a.  Document used to authorize reducing the balance in a customer account
2. __g_ Open-invoice method
b.  Process of dividing customer account master file into subsets and preparing invoices for one subset at a time
3. __a__ Credit memo
c.  System that integrates EFT and EDI information
4. __h__ Credit limit
d.  System that contains customer-related data organized in a manner to facilitate customer service, sales, and retention
5. __b__ Cycle billing
e.  Electronic transfer of funds
6. __c___ FEDI
f.  Method of maintaining accounts receivable that generates one payments for all sales made the previous month
7. _n__ Remittance advice
g.  Method of maintaining customer accounts that generates payments for each individual sales transaction
8. _j__ Lockbox
h.  Maximum possible account balance for a customer
9. _k__ Back order
i.  Electronic invoicing
10. _m__ Picking ticket
j. Post office box to which customers send payments
11. _l__ Bill of lading
k. Document used to indicate stock outs exist

l. Document used to establish responsibility for shipping goods via a third party

m. Document that authorizes removal of merchandise from inventory

n. Turnaround document returned by customers with payments



12.2       What internal control procedure(s) would provide protection against the following threats?

a.      Theft of goods by the shipping dock workers, who claim that the inventory shortages reflect errors in the inventory records.

                  Inventory clerks should count and document goods (on paper or by computer) as they leave inventory storage.  Shipping personnel should be required to count and document receipt of goods from the finished goods storeroom to acknowledge responsibility for custody of the goods transferred.

                  Counting goods when they are received and when they are sent to inventory storage as well as when goods leave inventory storage and are sent to shipping helps maintain control over inventory.  Reconciling the two sets of counts makes it more difficult for employees to steal inventory as it is received and shipped. 

       b. Posting the sales amount to the wrong customer account because a customer account number was incorrectly keyed into the system.
                 
                  If the transactions are being entered online, closed loop verification could be used.   The system could respond to the operator entering the account number by retrieving and displaying the customer's name for the operator to review.

                  If the transactions are being entered in batches, redundant data such as the first five characters of the customer's name could be included in each input record; after finding a match on customer account number, the system would also verify that the name characters match before posting the transaction. 

                  Note that a validity check would only tell you if a valid customer number was entered, not if the correct valid customer number was entered.  Likewise, check digit verification could tell you if the customer number existed, but not if it was the right customer number.

            c.   Making a credit sale to a customer who is already four months behind in making payments on his account.
                 
                  Up-to-date credit records must be maintained to control this problem.  During the credit approval process, the credit manager should review the accounts receivable aging schedule to identify customer’s with past-due balances to prevent additional sales to those customers. Alternatively, the computer system could be programmed to determine if the customer had any past due balances over a specified length of time (such as 60 days).  If not, the sale would be approved.  If they had a past-due balance, a notice could be sent to the credit manager who could review the sale and make a decision about extending additional credit.

                  A credit limit check would not be sufficient, because a customer could have a balance below the credit limit but be past due.  A computer system could be programmed to check both credit limit and past due accounts and authorize sales.  Sales not passing either the credit limit or the past due test would be sent to the credit manager for a decision.

            d.   Authorizing a credit memo for a sales return when the goods were never actually returned.
                 
                  A receiving report should be required before a credit for sales returns is issued. The system should be configured to block issuance of credit memos without the required documentation that the goods have been returned.

            e.   Writing off a customer’s accounts receivable balance as uncollectible to conceal the theft of subsequent cash payments from that customer.
                 
                  The problem usually occurs because the same individual writes off accounts and processes cash payments. Therefore, the best control procedure to prevent this problem is to separate the function of authorizing write-offs of uncollectible accounts from the function of handling collections on account.

            f.    Billing customers for the quantity ordered when the quantity shipped was actually less due to back ordering of some items.
                 
                  Shipping personnel should be required to record the actual quantity shipped on the order document and/or enter the quantity shipped into the accounting system, in order that bills can be prepared based upon the quantity shipped rather than the quantity ordered. The system should be configured to generate invoices automatically based on the quantity shipped.

            g.   Theft of checks by the mailroom clerk, who then endorsed the checks for deposit into the clerk’s personal bank account.
                 
                  In order to cover up this theft, the mailroom clerk has to be able to alter the accounts receivable records. Otherwise, a customer who is subsequently notified that they are past due will complain and provide proof that they sent in payment. Therefore, the critical control is to segregate duties so that whoever opens the mail does not have the ability to maintain customer accounts.

                  If accounts receivable updates the records based on a cash receipts pre-list instead of the actual checks, the mailroom clerk could conceivably lap payments.  To prevent this, the cash receipts pre-list could be compared to the checks before the list is sent to accounts receivable.  The checks should not be sent to accounts receivable as the accounts receivable clerk could perform the lapping.

                  Other deterrents used to deter theft of checks by the mailroom clerk include having two people open the mail, using video cameras to tape the check opening process, and utilizing a bank lockbox.


            h.   Theft of funds by the cashier, who cashed several checks from customers.
                 
                  In order to cover up this theft, the cashier has to be able to alter the accounts receivable records. Otherwise, a customer who is subsequently notified that they are past due will complain and provide proof that they sent in payment. Therefore, the critical control is to segregate the duties of handling cash and making deposits from the maintenance of accounts receivable records.

                             
                  One way to control cash receipts is shown below.  The mailroom creates a cash prelist, sends a copy to a 3rd party, and sends the checks to the cashier.  The cashier prepares duplicate deposit slips, sends the original to the bank with the checks, and sends a copy to the 3rd party.  When the checks are deposited, the bank sends a copy of the validated deposit slip to the 3rd party, who compares all three documents to make sure all cash is deposited.

i.        Theft of cash by a waiter who destroyed the customer sales ticket for customers who paid cash.

In a manual system, all sales tickets should be prenumbered and accounted for so management can detect missing sales tickets.

In many restaurant systems, waiters cannot get food out of the kitchen without entering a customer order into the system.  The system creates a prenumbered sales document that must be cleared by the waiter that day.  This prevents the waiter from destroying sales tickets and giving people free food. 

These systems also are capable of some reasonableness tests such as:

                  Beginning inventory of food
·         Food used in the sales orders that day
=    Ending inventory of food

The ending inventory of food is counted and compared to the projected ending inventory to determine if food items are missing.  This check is most frequently used for expensive items of food like steak, shrimp, lobster, etc.

j.        Shipping goods to a customer but then failing to bill that customer.

To prevent this from occurring deliberately, it is necessary to segregate the shipping and billing functions.

To prevent this from happening by accident, the system needs to automatically bill customers for shipments.  The system should also be configured to periodically reconcile all shipments with a billing and generate reports of unbilled shipments for management review and corrective action.

k.      Lost sales because of stockouts of several products for which the computer records indicated there was adequate quantity on hand.

Regular physical inventory counts need to be made, the results compared to recorded amounts on hand, and needed adjustments to inventory quantities made.

In this scenario, it is possible that the judgment as to what is “adequate quantity on hand” was inaccurate.  This quantity can be improved using an accurate sales forecasting system and frequently reviewing and revising the forecasts as needed.

l.        Unauthorized disclosure of buying habits of several well-known customers.
Access to customer information should be restricted using User IDs, passwords, and an access control matrix. 
Employees given such access need to be trained to follow the organization’s privacy policies.
In addition, encryption of the data would prevent snooping by IT employees who do not have direct access to the application system. Otherwise, such employees may be able to use their access to the operating system to be able to view data.

m.    Loss of all information about amounts owed by customers in New York City because the master database for that office was destroyed in a fire.

Data:  Regular backups with copies being stored off-site.
Hardware and software:  Hot or cold site arrangements for both
Recovery:  Disaster recovery plan developed, tested, and in place

n.      The company’s Web site was unavailable for seven hours because of a power outage.

A UPS can power a system for a time, but most are unlikely to be able to power a system for seven hours.

Two better options are
·         Backup power generators capable of running the web site for seven hours
·         Real-time mirroring, with the system switching over to the other site when the system went down.

o.      Interception and theft of customers’ credit card numbers while being sent to the company’s Web site.

Encryption of credit card information prior to transmitting over the Internet. Typically this involves using SSL.

p.      A sales clerk sold a $7,000 wide-screen TV to a friend and altered the price to $700.
  • All product prices and sales discounts maintained in the system
  • Use of barcodes and RFID tags to identify the product and sales price
  • A system configured to give sales clerks read-only access to pricing data to prevent them from changing the price.
  • Supervisor approvals for any needed changes or discounts to the listed price
  • A log of all system overrides and supervisor changes to prices


q.      A shipping clerk who was quitting to start a competing business copied the names of the company’s 500 largest customers and offered them lower prices and better terms if they purchased the same product from the clerk’s new company.
  • Shipping clerks should not have access to customer account information.
  • Access (and attempted access) to customer records should be logged and reports reviewed to verify that only authorized employees see that information.

r.       A fire in the office next door damaged the company’s servers and all optical and magnetic media in the server room. The company immediately implemented its disaster recovery procedures and shifted to a backup center several miles away. The company had made full daily backups of all files and stored a copy at the backup center. However, none of the backup copies were readable.

Periodically practicing and testing the backup and restoration process would verify its effectiveness.

12.3     For good internal control, which of the following duties can be performed by the same individual?
1.   Approve changes to customer credit limits
2.   Sales order entry
3.   Shipping merchandise
4.   Billing customers
5.   Depositing customer payments
6.   Maintaining accounts receivable
7.   Issuing credit memos
8.   Reconciling the organization’s bank accounts
9.   Checking inventory availability

Cells with an “X” indicate duties that can be performed by the same individual:

Duty
1
2
3
4
5
6
7
8
9
1









2









3









4









5









6



X





7









8









9

X








For sound internal control, most of these duties need to be performed by different people. There are two exceptions:
·         The same person can take customer orders and check inventory availability because this combination does not provide any way to commit and conceal a theft.
·         The same person can create invoices (bill customers) and maintain accounts receivable.

Key duties to segregate include:
·         Approving changes to customer credit and sales order entry.  If both duties are performed by the same person, they could authorize sales to friends that are subsequently not paid.
·         Shipping and billing.  If the same person performs both duties, they could ship merchandise to friends without billing them.
·         Depositing customer payments and maintaining accounts receivable.  If the same person performs both duties, they could commit the fraud known as lapping (stealing payments and covering it up by adjusting the accounts so that the customer does not complain about a missing credit).
·         Depositing customer payments and issuing credit memos.  If the same person performs both duties, they could steal payments and create a credit memo to cover up the theft and adjust the customer’s account so that they do not complain about a missing credit.
·         Depositing customer payments and reconciling the bank account.  If the same person did both duties, they could steal cash and cover up the difference by listing fraudulent bank expenses to adjust the cash balance.
·         Maintaining accounts receivable and issue credit memos.  If the same person performed both tasks, they could write off their friends’ accounts.
·         The remaining combinations are not desirable because they involve tasks that require significantly different skills and knowledge, so would be unlikely to be efficiently performed by the same person.

12.5      For each of the following activities identify the data that must be entered by the employee performing that activity and list the appropriate data entry controls:

a.      Sales order entry clerk taking a customer order

Data that must be entered
Appropriate Data Entry Edit Controls
User ID
Validity check
Compatibility test (is user authorized to perform this task?)
Completeness check (cannot be null)
Password
Validity check
Compatibility test (is user authorized to perform this task?)
Completeness check (cannot be null)
Customer number
Select from pull-down menu (validity check)
Closed loop verification (system displays name that matches number selected)
Completeness check (cannot be null)
Delivery method
Choose from pull-down list of options
Desired delivery date
Field check (date)
Reasonableness check (compare difference between desired date and today’s date to preset tolerance limit)
Item number
Field check
Validity check
Check digit
Item quantity
Field check
Reasonableness check

Note: All other fields on the sample sales order entry screen (see Figure 12-6) can be completed by the system.


b.      Shipping clerk completing a bill of lading for shipment of an order to a customer
Data that must be entered
Appropriate Data Entry Edit Controls
User ID
Validity check
Compatibility test (is user authorized to perform this task?)
Completeness check (cannot be blank)
Password
Validity check
Compatibility test (is user authorized to perform this task?)
Completeness check (cannot be blank)
Carrier name
Choose from pull-down list of approved carriers
Completeness check (cannot be blank)
Customer name (consigned to)
Choose from pull-down list of customers
Completeness check (cannot be blank)
Number of packages
Field check (numeric only)
Sign check (>0)
Completeness check (cannot be blank)
Description
Completeness check (cannot be blank)
Weight
Field check (numeric only)
Completeness check (cannot be blank)
Class or rate
Choose from pull-down menu of options
Completeness check (cannot be blank)

Note: All other fields on the sample bill of lading (see Figure 12-11) can be completed by the system.

12.6     Create a questionnaire checklist that can be used to evaluate controls for each of the four basic activities in the revenue cycle (sales order entry, shipping, billing, and cash collections).

a.   For each control issue, write a Yes/No question such that a “No” answer represents a control weakness. For example, one question might be “Are customer credit limits set and modified by a credit manager with no sales responsibility?”

A wide variety of questions is possible. Below is a sample list:

Question
Yes
No
1.      Is access to master data restricted?


2.      Is the master data regularly reviewed and all changes investigated?


3.      Is sensitive data encrypted while stored in the database?


4.      Does a backup and disaster recovery plan exist?


5.      Have backup procedures been tested within the past year?


6.      Are appropriate data entry edit controls used?


7.      Are digital signatures required for online orders?


8.      Are physical counts of inventory taken regularly and used to adjust the perpetual inventory records?


9.      Are the credit approval and sales order entry tasks performed by separate individuals?


10.  Are picking list quantities compared to sales orders?


11.  Is physical access to inventory controlled?


12.  Are reports of open sales orders regularly created and reviewed?


13.  Are shipping documents reconciled with sales orders?


14.  Are the shipping and billing functions performed by different individuals?


15.  Are monthly statements mailed to customers?


16.  Are the functions of processing customer payments and maintaining accounts receivable performed by separate individuals?


17.  Is the bank account reconciled by someone other than the person who processes customer payments?


18.  Are lockbox arrangements used?


19.  Are customer credit limits set and modified by a credit manager with no sales responsibility?




b.   For each Yes/No question, write a brief explanation of why a “No” answer represents a control weakness.

Question
Reason a “No” answer represents a weakness
1
Unrestricted access to master files could facilitate fraud by allowing employees to change account balances to conceal theft
2
Failure to investigate all changes to customer master data may allow fraud to occur because unauthorized changes to credit limits may not be detected.
3
Failure to encrypt sensitive data can result in unauthorized disclosure of personal information about customers
4
If a backup and disaster recovery plan does not exist, the organization may suffer loss of important data.
5
If the backup plan is not regularly tested, it may not work.
6
Without proper data entry edit controls, errors in sales order entry may occur resulting in shipments that are not billed, sending the wrong items, etc.
7
Without a digital signature, orders may be processed and sent that the customer later refuses, resulting in increased costs
8
Without periodic physical counts, the perpetual inventory records are likely to be incorrect, creating problems in filling customer orders on time
9
If the same individual approves changes in credit and takes customer orders, they can increase credit limits for friends which may result in sales that are not collected.
10
Not comparing picking lists to sales orders can result in shipping the wrong merchandise or the wrong quantities to customers.
11
If physical access to inventory is not restricted, theft may occur.
12
Failure to monitor sales orders may result in delays in filling customer orders
13
Failure to compare shipping documents to sales orders may result in errors in filling customer orders
14
Not segregating the billing and shipping functions increases the risk of deliberately not billing for shipments
15
Not mailing monthly statements to customers increases the risk of not detecting errors or fraud in maintaining accounts receivable
16
Not segregating handling of customer payments and maintenance of accounts receivable creates the possibility of lapping
17
If the bank account is reconciled by the same person who processes customer payments, theft can occur and be covered up by adjusting the bank balance on the bank reconciliation
18
Not using lockboxes, where feasible, creates delays in receiving customer payments which could result in cash flow problems
19
If credit limits are set by someone with sales responsibility, that person may be tempted to grant credit to customers to maximize sales (and thereby commissions or bonuses earned) without regard to the risk of having to write off the sales as uncollectible.

12.7     O’Brien Corporation is a midsize, privately owned, industrial instrument manufacturer supplying precision equipment to manufacturers in the Midwest. The corporation is 10 years old and uses an integrated ERP system. The administrative offices are located in a downtown building and the production, shipping, and receiving departments are housed in a renovated warehouse a few blocks away.

Customers place orders on the company’s website, by fax, or by telephone. All sales are on credit, FOB destination. During the past year sales have increased dramatically, but 15% of credit sales have had to written off as uncollectible, including several large online orders to first-time customers who denied ordering or receiving the merchandise.

Customer orders are picked and sent to the warehouse, where they are placed near the loading dock in alphabetical sequence by customer name. The loading dock is used both for outgoing shipments to customers and to receive incoming deliveries. There are ten to twenty incoming deliveries every day, from a variety of sources.

The increased volume of sales has resulted in a number of errors in which customers were sent the wrong items. There have also been some delays in shipping because items that supposedly were in stock could not be found in the warehouse. Although a perpetual inventory is maintained, there has not been a physical count of inventory for two years. When an item is missing, the warehouse staff writes the information down in log book. Once a week, the warehouse staff uses the log book to update the inventory records.

The system is configured to prepare the sales invoice only after shipping employees enter the actual quantities sent to a customer, thereby ensuring that customers are billed only for items actually sent and not for anything on back order.



Identify at least three weaknesses in O’Brien Corporation’s revenue cycle activities. Describe the problem resulting from each weakness. Recommend control procedures that should be added to the system to correct the weakness.  
                                                                                    (CMA Examination, adapted)


Weaknesses and Potential Problem(s)

 

Recommendation(s) to Correct Weaknesses

1. Orders from new customers do not require any form of validation, resulting in several large shipments being sent and never paid for.
Require digital signatures on all online orders from new customers.
Require a written customer purchase order as confirmation of telephone and fax orders.
2. Customer credit histories are not checked before approving orders, resulting in excessive uncollectible accounts.
Customers’ credit should be checked and no sales should be made to those that do not meet credit standards.
3. Outgoing shipments are placed near the loading dock door without any physical security. The loading dock is also used to receive incoming deliveries. This increases the risk of theft, which may account for the unexplained shortages in inventory.
Separate the shipping and receiving docks.
Physically restrict access to the loading dock area where customer orders are placed.
4. Physical counts of inventory are not made at least annually. This probably accounts for the inaccuracies in the perpetual inventory records and may also prevent timely detection of theft.
Physical counts of inventory should be made at least once a year.
Inventory records discrepancies should be corrected and investigated.
5. Shipments are not reconciled to sales orders, resulting in sending customers the wrong items.
The system should be configured to match shipping information to sales orders and alert the shipping employees of any discrepancies.
6. The perpetual inventory records are only updated weekly. This contributes to the unanticipated shortages that result in delays in filling customer orders.
The warehouse staff should enter information about shortages as soon as they are discovered.


12.8      Parktown Medical Center, Inc. is a small health care provider owned by a publicly held corporation. It employs seven salaried physicians, ten nurses, three support staff, and three clerical workers. The clerical workers perform such tasks as reception, correspondence, cash receipts, billing, and appointment scheduling. All are adequately bonded.

Most patients pay for services rendered by cash or check on the day of their visit. Sometimes, however, the physician who is to perform the respective services approves credit based on an interview. When credit is approved, the physician files a memo with one of the clerks to set up the receivable using data the physician generates.

The servicing physician prepares a charge slip that is given to one of the clerks for pricing and preparation of the patient’s bill. At the end of the day, one of the clerks uses the bills to prepare a revenue summary and, in cases of credit sales, to update the accounts receivable subsidiary ledger.

The front office clerks receive cash and checks directly from patients and give each patient a prenumbered receipt. The clerks take turns opening the mail. The clerk who opens that day’s mail immediately stamps all checks “for deposit only.” Each day, just before lunch, one of the clerks prepares a list of all cash and checks to be deposited in Parktown’s bank account. The office is closed from 12 noon until 2:00 p.m. for lunch. During that time, the office manager takes the daily deposit to the bank. During the lunch hour, the clerk who opened the mail that day uses the list of cash receipts and checks to update patient accounts.

The clerks take turns preparing and mailing monthly statements to patients with unpaid balances. One of the clerks writes off uncollectible accounts only after the physician who performed the respective services believes the account will not pay and communicates that belief to the office manager. The office manager then issues a credit memo to write off the account, which the clerk processes.

The office manager supervises the clerks, issues write-off memos, schedules appointments for the doctors, makes bank deposits, reconciles bank statements, and performs general correspondence duties.

Additional services are performed monthly by a local accountant who posts summaries prepared by the clerks to the general ledger, prepares income statements, and files the appropriate payroll forms and tax returns.


Identify at least three control weaknesses at Parktown. Describe the potential threat and exposure associated with each weakness, and recommend how to best correct them. (CPA Examination, adapted)

1.   Weakness: The employees who perform services are permitted to approve credit without an external credit check.

      Threat: Sales could be made that turn out to be uncollectible.

      Control: Someone other than the physician performing the services (probably the office manager) should do a credit check. Credit limits should be established and used to control the amount of credit offered.

2.   Weakness: The physician who approves credit also approves the write-off of uncollectible accounts.

      Threat: Accounts receivable could be understated and bad debts expense overstated because write-offs of accounts could be approved for accounts that are, in fact, collectible. Accounts receivable could be overstated and bad debt expense understated because write-offs may not be initiated for accounts that are uncollectible.
     
      Control: Separate the duties of approving credit and approving the write-off of accounts receivable.

3.   Weakness: The employee who initially handles cash receipts also prepares billings and maintains accounts receivable.

      Threat: Theft by lapping could occur. Fees earned and cash receipts or accounts receivable could be understated because of omitted or inaccurate billing.

      Control: Segregate the functions of cash receipts handling and billing/accounts receivable.

4.   Weakness: The employee who makes bank deposits also reconciles bank statements.

      Threat: The cash balance per books may be overstated because all cash is not deposited (i.e. theft).

      Control: Bank reconciliation should be done by an employee with no other cash handling responsibilities.



5.   Weakness: The employee who makes bank deposits also issues credit memos.
     
      Threat: The office manager could steal cash and cover up the shortage by issuing a credit memo for the amount stolen.

      Control: Cash deposits should be made by an employee who does not have authority to issue credit memos and who also does not maintain accounts receivable.

6.   Weakness: Trial balances of the accounts receivable subsidiary ledger are not prepared independently of, or verified and reconciled to, the accounts receivable control account in the general ledger.

      Threat: Any of fees earned, cash receipts, and uncollectible accounts expense could be either understated or overstated because of undetected differences between the subsidiary ledger and the general ledger. Also, fees earned and cash receipts or accounts receivable could be understated because of failure to record billings, cash receipts, and write-offs accurately.

      Control: Periodic reconciliation of the subsidiary accounts receivable ledger to the general ledger control account for accounts receivable.

12.9      Figure 12-18 depicts the activities performed in the revenue cycle by the Newton Hardware Company.                                                  (CPA Examination, adapted)

a.   Identify at least 7 weaknesses in Newton Hardware’s revenue cycle. Explain the resulting threat and suggest methods to correct the weakness.


Weakness

Threat/Problem
Recommendation
Credit approval by bookkeeper A has no effect on shipping.
Uncollectible sales.
Credit approval must occur prior to shipping merchandise to customers.
Warehouse clerk (who has physical access to the inventory) initiates posting to inventory records by preparing shipping advice.
Failure to prepare shipping advice would result in inaccurate inventory records; could release goods to friends with no invoice.
Inventory posting should be done by the sales clerk once sales are approved.
Warehouse clerk does not retain copy of the shipping advice.
Cannot easily identify loss if the carrier has accident.
Use a 4-copy shipping advice and retain one copy in the warehouse.
Bookkeeper A authorizes customer credit and prepares source documents for posting to customer accounts.
Sales to friends that exceed credit limit.
Credit manager should approve all credit.
Bookkeeper A prepares invoices without notification about what was shipped and when.
Billing mistakes.
Prepare invoice only after receipt of a copy of the shipping advice indicating the quantities shipped and the date.
Bookkeeper A authorizes write-offs of customer accounts and approves credit.
Can approve sales to friends and later write them off.
Someone else should authorize the write-off of customer accounts.
Bookkeeper B does not periodically verify that all sales orders and shipping advices have been invoiced.

Failure to bill customers.
Prenumber all sales orders and shipping documents and periodically account for them
 Verify that all sales orders and shipping advices have been invoiced.
Bookkeeper C does not reconcile the subsidiary A/R with the general ledger.
Potential imbalances due to posting errors.
Reconcile the subsidiary A/R ledger with the general ledger.
Bookkeeper C maintains journals and posts to ledgers.
No independent check on accuracy of recording process.
Bookkeeper B should record in journals and Bookkeeper C post to ledgers.
Collections Clerk does not deliver postdated checks and checks with errors to an employee independent of the bank deposit for review and disposition.
Possible theft of checks.
Deliver all checks not deposited to another employee who has no bank deposit/reconciliation duties.
Collection Clerk initiates posting of receipts to subsidiary accounts receivable ledger and has initial access to cash receipts.

Theft by lapping.
Checks should be opened by someone who does not have bookkeeping or accounting duties. That person should then send a list of cash receipts to the collections clerk to be used to record cash receipts.
Cash collection clerk does not deposit checks promptly.
Possible loss of checks; loss of interest.
Deposit all receipts promptly.
Cash collection clerk reconciles bank statement and has initial access to cash receipts.
Can cover up theft by “fudging” the bank reconciliation.
Have bank reconciliation performed by an employee with no other involvement in cash receipts processing.


b.   Identify ways to use IT to streamline Newton’s revenue cycle activities.  Describe the control procedures required in the new system.

Some ways that Newton could use IT to improve efficiency include:

·         On-line data entry by sales staff. The system should include credit checks on customers as well as check inventory availability

·         Email notification of each department (shipping, billing, etc.) whenever another department performs an action (e.g., billing is notified whenever shipping enters data indicating that an order has been released)

·         EDI billing of customers

·         Establishment of electronic lockboxes with banks so that customer payments go directly to company’s account

Controls that should be implemented in the new system include:
·         Passwords to limit access to authorized users, and to restrict the duties each employee may perform and which files they may access

·         A variety of input edit checks (limit checks, range checks, reasonableness tests, etc.) to ensure completeness of data entry and accuracy


12.10    The Family Support Center is a small charitable organization. It has only four full-time employees: two staff, an accountant, and an office manager. The majority of its funding comes from two campaign drives, one in the spring and one in the fall. Donors make pledges over the telephone. Some donors pay their pledge by credit card during the telephone campaign, but many prefer to pay in monthly installments by check. In such cases, the donor pledges are recorded during the telephone campaign and they are then mailed pledge cards. Donors mail their contributions directly to the charity. Most donors send a check, but occasionally some send cash. Most donors return their pledge card with their check or cash donation, but occasionally the Family Support Center receives anonymous cash donations. The procedures used to process donations are as follows:

Sarah, one of the staff members who has worked for the Family Support Center for 12 years, opens all mail. She sorts the donations from the other mail and prepares a list of all donations, indicating the name of the donor (or anonymous), amount of the donation, and the pledge number (if the donor returned the pledge card). Sarah then sends the list, cash, and checks to the accountant.

The accountant enters the information from the list into the computer to update the Family Support Center’s files. The accountant then prepares a deposit slip (in duplicate) and deposits all cash and checks into the charity’s bank account at the end of each day. No funds are left on the premises overnight. The validated deposit slip is then filed by date. The accountant also mails an acknowledgment letter thanking each donor. Monthly, the accountant retrieves all deposit slips and uses them to reconcile the Family Support Center’s bank statement. At this time, the accountant also reviews the pledge files and sends a follow-up letter to those people who have not yet fulfilled their pledges.

Each employee has a computer workstation that is connected to the internal network. Employees are permitted to surf the Web during lunch hours. Each employee has full access to the charity’s accounting system, so that anyone can fill in for someone else who is sick or on vacation. Each Friday, the accountant makes a backup copy of all computer files. The backup copy is stored in the office manager’s office.
a.   Identify two major control weaknesses in the Family Support Center’s cash receipts procedures. For each weakness you identify, suggest a method to correct that weakness. Your solution must be specific—identify which specific employees should do what.  . Assume that no new employees can be hired.

1.  Weakness - Sarah opens all mail and prepares a list of donations (cash and checks). Sarah could misappropriate anonymous cash donations.

Control - Mail should be opened by both Sarah and the other staff member. The use of lockboxes would also eliminate this problem, but would cost the charity money to implement.

2.  Weakness - The donations and donation list are sent to the accountant for recording and to prepare the bank deposit.  Therefore, the accountant has custody of the donation and records the donation.

Weakness - Bank reconciliation is performed by the accountant, who also makes the bank deposit.

Control - The donations should be sent to the office manager for deposit and the donation list sent to the accountant for recording. This corrects both weaknesses.

3.  Weakness - Each employee has full access (create, read, update, delete) to the accounting system.

Control - Only the accountant and the office manager should have full access to the accounting system.

b.   Describe the IT control procedures that should exist in order to protect the Family Support Center from loss, alteration, or unauthorized disclosure of data.

·         The weekly back-up should be stored off-site, not in the manager's office.

·         The files both on-site and off-site should be password protected and encrypted to guard against alteration and unauthorized disclosure. 

·         The backup files should be kept locked in a secure place.



12.11   Match the threats in the first column to the appropriate control procedures in the second column (more than one control may address the same threat).

Threat
Applicable Control Procedures
1.      _a,p__ Uncollectible sales
a.   Restrict access to master data.
2.      _g,i__ Mistakes in shipping orders to customers.
b.   Encrypt customer information while in storage.
3.      __o_ Crediting customer payments to the wrong account.
c.    Backup and disaster recovery procedures.
4.      _f,m,o__ Theft of customer payments.
d.   Digital signatures.
5.      _e,j,k__ Theft of inventory by employees.
e.    Physical access controls on inventory
6.      __l_ Excess inventory.
f.    Segregation of duties of handling cash and maintaining accounts receivable.
7.      _a__ Reduced prices for sales to friends.
g.   Reconciliation of packing lists with sales orders.
8.      _d__ Orders later repudiated by customers who deny placing them.
h.   Reconciliation of invoices with packing lists and sales orders.
9.      _h,q__ Failure to bill customers.
i.     Use of bar-codes or RFID tags.
10.  _h__ Errors in customer invoices
j.     Periodic physical counts of inventory
11.  _m,n_ Cash flow problems
k.   Perpetual inventory system.
12.  _c__ Loss of accounts receivable data
l.     Use of either EOQ, MRP, or JIT inventory control system.
13.  __a,b_ Unauthorized disclosure of customer personal information.
m. Lockboxes or electronic lockboxes.
14.  _g,r__ Failure to ship orders to customers.
n.   Cash flow budget

o.   Mail monthly statements to customers.

p.   Credit approval by someone not involved in sales.

q.   Segregation of duties of shipping and billing.

r.    Periodic reconciliation of prenumbered sales orders with prenumbered shipping documents.