Checklist for Evaluating Internal Controls

1137 Words5 Pages
Company-level controls: 1. Is the internal structure of the company set up in a way where management override would be accomplished with minimal effort? 2. Does management conduct thorough risk assessments at periodic intervals, and are the risk assessments documented and used for application in the internal control environment? 3. Does the IT system limit access to programs, data, and other applications on an as-needed basis? 4. Do all employees have a copy of the policies and procedures manuals, and have all employees indicated that they understand the information and directives in these manuals? 5. Has the tone-setting at the top (also called tone at the top) been established? 6. Are internal communication processes of adequate or above adequate quality? Significant processes: Inventory: 1. Are inventory records maintained and subsequently audited by an internal auditor on a regular basis? 2. Are physical inventory counts documented at least once per year? A/P: 1. Is there a proper segregation of duties in the A/P cycle, and particularly in the check or payment preparation phases of the cycle? 2. Are vendor lists randomly verified to validate all new vendors as actual vendors? 3. Are the main vendors' account balances verified against the vendors' balances from their own records, at least once per year? Payroll: 1. Are employee addresses and bank account numbers (for direct deposit) checked through accounting software at periodic intervals, to determine that there are no two employees with the same bank account number (which would indicate a fake employee, also called a ghost employee)? 2. Are time cards secured and delivered to the payroll department under a proper segregation of duties? A/R: 1. Are checks coming into the company received by a different employee than the employee entering the checks into the accounting system? 2. Are bank

More about Checklist for Evaluating Internal Controls

Open Document