Date: October 10, 2011
From: Rachael Melendez
To: PwC Auditor
BLUE Company operates under an enterprise planning system which allows an organization to automate and integrate its essential business processes. There are many weaknesses within BLUE’s expenditure process that lead to potential risks. The internal controls in this company are poor; for example, certain departments are authorized too much power, such as the purchasing clerk and the cash disbursement department. These duties need to be segregated among other departments. By pre-approving transactions, such as an approved vendor list, preventative controls can eliminate the ability to engage in fraudulent ...view middle of the document...
This is an authorized control and segregation of duties. The purchasing department reviews and approves the purchase requisition while also preparing the purchase order; this is the segregation of duties control. If BLUE Company incorporates a process that separates the inventory control department with the purchasing department, this will ensure completeness and accuracy. The purchasing department initiates the following steps in the transaction which is authorization.
Secondly, after the purchase order is prepared by the purchasing department, the purchase order needs to be sent to a number of areas within the firm. Purchase orders should be prepared for each approved vendor. The purchase order should be sent not only to the approved vendors but also to the inventory control department, accounts payable department, and the receiving department (blind copy). Finally, a copy should be place into an open purchase order file along with the purchase requisition. The open purchase order file allows the firm to update and make changes to the purchase order throughout the purchasing process. BLUE Company should take the initiative to involve all departments involved in the expenditure process to ensure that all documents can be reconciled with each other.
Thirdly, the purchasing clerk should not be able to create additional vendors. BLUE Company should create an approved vendor list, this is a preventative control. BLUE Company should strictly limit themselves to their approved vendors. If employees have the ability to create vendors in the system, they have the ability to make fictitious vendors. By developing an approved vendor list, a company has evaluated and approved each vendor’s abilities and products. Also, BLUE Company should limit the access to approve vendors. In this case, allow only the general manager with access to approve and create a new vendor within a system. This eliminates the ability of fraud within the company.
BLUE Company’s receiving department should conduct a physical count and inspection of the inventory arrived. These goods should be reconciled with the blind...