Financial Reporting and Management Reporting Systems:Controlling the FRS

By -

Controlling the FRS

Sarbanes-Oxley legislation requires that management design and implement controls over the financial reporting process. This includes the transaction processing systems that feed data into the FRS. In previous chapters we studied control techniques necessary for the various transaction systems. Here we will examine only the controls that relate to the FRS. The potential risks to the FRS include:

1. A defective audit trail.

2. Unauthorized access to the general ledger.

3. GL accounts that are out of balance with subsidiary accounts.

4. Incorrect GL account balances because of unauthorized or incorrect journal vouchers.

If not controlled, these risks may result in misstated financial statements and other reports, thus mis- leading users of this information. The potential consequences are litigation, significant financial loss for the firm, and sanctions specified by SOX legislation.

SAS 78/COSO CONTROL ISSUES

This discussion of FRS physical controls will follow the SAS 78/COSO framework, which by now is familiar to you.

Transaction Authorization

The journal voucher is the document that authorizes an entry to the general ledger. Journal vouchers have numerous sources, such as the cash receipts processing, sales order processing, and the financial reporting group. It is vital to the integrity of the accounting records that the journal vouchers be properly authorized by a responsible manager at the source department.

Segregation of Duties

In previous chapters, we have seen how the general ledger provides verification control for the accounting process. To do so, the task of updating the general ledger must be separate from all accounting and asset custody responsibility within the organization. Therefore, individuals with access authority to GL accounts should not:

1. Have record-keeping responsibility for special journals or subsidiary ledgers.

2. Prepare journal vouchers.

3. Have custody of physical assets.

Notice that in Figure 8-5 transactions are authorized, processed, and posted directly to the general ledger. To compensate for this potential risk, the system should provide end users and GL departments with detailed listings of journal voucher and account activity reports. These documents advise users of the automated actions taken by the system so that errors and unusual events, which warrant investigation, can be identified.

Access Controls

Unauthorized access to the GL accounts can result in errors, fraud, and misrepresentations in financial statements. SOX legislation explicitly addresses this area of risk by requiring organizations to implement controls that limit database access to authorized individuals only. A number of IT general controls designed to serve this purpose are presented in Chapter 16.

Accounting Records

The audit trail is a record of the path that a transaction takes through the input, processing, and output phases of transaction processing. This involves a network of documents, journals, and ledgers designed to ensure that a transaction can be accurately traced through the system from initiation to final disposition.

An audit trail facilitates error prevention and correction when the data files are conveniently and logically organized. Also, the general ledger and other files that constitute the audit trail should be detailed and rich enough to (1) provide the ability to answer inquiries, for example, from customers or vendors;

(2) be able to reconstruct files if they are completely or partially destroyed; (3) provide historical data required by auditors; (4) fulfill government regulations; and (5) provide a means for preventing, detecting, and correcting errors.

Independent Verification

In previous chapters we have portrayed the general ledger function as an independent verification step within the accounting information system. The FRS produces two operational reports—journal voucher listing and the GL change report—that provide proof of the accuracy of this process. The journal voucher listing provides relevant details about each journal voucher posted to the GL. The general ledger change report presents the effects of journal voucher postings to the GL accounts. Figures 8-12 and 8-13 present examples of these reports.

image

image

INTERNAL CONTROL IMPLICATIONS OF XBRL

Although the potential benefits of XBRL and associated Web technologies have been extensively researched, less attention has been given to the potential control implications of using XBRL. There are three areas of specific concern, which are discussed here.

TAXONOMY CREATION. Taxonomy may be generated incorrectly, which results in an incorrect mapping between data and taxonomy elements that could result in material misrepresentation of financial data. Controls must be designed and put in place to ensure the correct generation of XBRL taxonomies.

TAXONOMY MAPPING ERROR. The process of mapping the internal database accounts to the taxonomy tags needs to be controlled. Correctly generated XBRL tags may be incorrectly assigned to internal database accounts resulting in material misrepresentation of financial data.

VALIDATION OF INSTANCE DOCUMENTS. As noted, once the mapping is complete and tags have been stored in the internal database, XBRL instance documents (reports) can be generated. Independent verification procedures need to be established to validate the instance documents to ensure that appropriate taxonomy and tags have been applied before posting to a Web server.

Comments

Post a Comment

Popular posts from this blog

The Conversion Cycle:The Traditional Manufacturing Environment

By -
Image
The Traditional Manufacturing Environment The conversion cycle consists of both physical and information activities related to manufacturing products for sale. The context-level data flow diagram (DFD) in Figure 7-1 illustrates the central role of the conversion cycle and its interactions with other business cycles. Production is triggered by customer orders from the revenue cycle and/or by sales forecasts from marketing. These inputs are used to set a production target and prepare a production plan, which drives production activities. Purchase requisitions for the raw materials needed to meet production objectives are sent to the purchases procedures (expenditure cycle), which prepares purchase orders for vendors. Labor used in production is transmitted to the payroll system (expenditure cycle) for payroll processing. Manufacturing costs associated with intermediate work-in-process and finished goods (FG) are sent to the general ledger (GL) and financial reporting system. Dependin
Read more

The Revenue Cycle:Manual Systems

By -
Image
Manual Systems The purpose of this section is to support the system concepts presented in the previous section with models depicting people, organizational units, and physical documents and files. This section should help you envision the segregation of duties and independent verifications, which are essential to effective internal control regardless of the technology in place. In addition, we highlight inefficiencies intrinsic to manual systems, which gave rise to modern systems using improved technologies. SALES ORDER PROCESSING The system flowchart in Figure 4-12 shows the procedures and the documents typical to a manual sales order system. In manual systems, maintaining physical files of source documents is critical to the audit trail. As we walk through the flowchart, notice that in each department, after completion of the assigned task, one or more documents are filed as evidence that the task was completed. Sales Department The sales process begins with a customer cont
Read more

HIPO (hierarchy plus input-process-output)

By -
Image
HIPO (hierarchy plus input-process-output) 64.1 Purpose The HIPO (Hierarchy plus Input-Process-Output) technique is a tool for planning and/or documenting a computer program. A HIPO model consists of a hierarchy chart that graphically represents the program’s control structure and a set of IPO (Input-Process-Output) charts that describe the inputs to, the outputs from, and the functions (or processes) performed by each module on the hierarchy chart. 64.2 Strengths, weaknesses, and limitations Using the HIPO technique, designers can evaluate and refine a program’s design, and correct flaws prior to implementation. Given the graphic nature of HIPO, users and managers can easily follow a program’s structure. The hierarchy chart serves as a useful planning and visualization document for managing the program development process. The IPO charts define for the programmer each module’s inputs, outputs, and algorithms. In theory, HIPO provides valuable long-term documentation. However
Read more