AuditNet® Ask the Auditor Forum
Miscellaneous Questions
Also post your question at AudiTalk The AuditNet Discussion Forum
What
kind of risks are associated with the payroll functions? When payroll is
carried out, are two employees required to ensure that risks are
minimized? What documents should I be looking for in testing payroll
from a financial review point of view?
Payroll is an area frequently reviewed by internal auditors due to the risk associated with the function. Start a review of this area by determining the objectives, purpose and scope of the audit. For example here are some risks:
-
Entries/transactions not adequately monitored and evaluated may result in fraud or errors.
-
Incomplete or inaccurate reporting of employee wages.
-
Unauthorized and/or inaccurate payroll disbursements and deductions, time and attendance and unreliable financial information.
-
Employees on the payroll may not be bona fide employees (ghost employees)
The functions of hiring employees and firing employees should be separated from those functions associated with paying employees.
The AuditNet inventory of audit programs includes many of the procedures (including documents reviewed) in an audit of payroll and human resources. AuditNet developed a monograph on Developing Audit Work Programs, Questionnaires, Control Matrices and Checklists which includes sample objectives for payroll as well as other standard audit areas. The monograph is available to subscribers.
I am looking for a IS business continuity plan to use as a template or foundation to assist a rapidly growing co. IS function. Any advice?
There are business continuity/disaster recovery plans available on many sites on the Internet. AuditNet has a page devoted to disaster recovery/business continuity. Go to the AuditNet Library page. I also suggest you use Google to find additional templates.
How do I get a
detailed flowchart analysis of a manufacturing concern?
Flowcharts are usually developed within an organization based on unique policies and procedures. While there are some generic flowcharts for basic cycles such as accounts payable, accounts receivable, cash collections, purchases etc. manufacturing flowcharts would be highly dependent on industry standards. Therefore a flowchart for an airplane manufacturer would be different than an automobile manufacturer. The best way to find this information would be through networking with other auditors in the same industry sector or by using Internet meta-information search techniques.
Question:
What Data Extraction Methods/Processes do other internal audit departments
use regarding JD Edwards data? For example...dedicated audit department staff
vs. IT staff; reporting environment vs. production processes (standard or
customized for audit), data warehouse, a combination of above or other methods.)
Answer: Data Extraction
Methods/Processes vary depending on the abilities of Audit Department, and
particularly IT Audit Unit, staff. In addition, a selected Data Extraction
Method/Process is dependent on the amount of independence an auditor wants
associated with audit evidence. Preferably, competent IT auditors obtain
computer stored audit evidence without interfering with production processing.
The best way to find out the methods used by other internal audit departments is
to post your query on one of the audit-related discussion groups such as
CISACA-L or
AUDIT-L. You should also consider
JD Edwards
technical discussion lists to
network with
other users.
Question:
What is the bidding process for a nonprofit organizations and what are the
related resources?
Answer: The bidding
process requirements for non-profit organizations may be dictated by funding
sources. Usually organizations have established limits for competitive versus
non competitive bidding. I would recommend that you network with other similar
nonprofit organizations to determine how they handle bidding. The U.S. Federal
Government OMB
Circular A-122 covers cost principles for non-profit organizations. Not for
profit (nfp) organizations that receive grant funds usually have to comply with
competitive bidding requirements of the state or local government.
Question:
What is the recommended vacation time individuals performing payroll
processing should take? One week or two weeks?
Answer: All employees
should be required to take annual vacations regularly. The specific length of
time is set by management policy. The vacations should be of sufficient length
to allow other employees to perform the absent employees' duties.
Question:
Are there any samples or standard formats for Annual Audit plans?
Answer:
Go to the Audit Process link from the AuditNet
Library page and you will find information on audit plans. Also the page for
local government audit has sample audit plans.
Question:
I need an audit plan for reviewing a marketing strategy for introducing an
electronic assurance program such as eSac. I also need a business plan for
introducing the assurance program to the board of directors based on the audit
results of the marketing strategy.
Answer:
The Electronic Systems Assurance and Control (eSac) model sets the stage for
effective technology risk management by giving companies a framework to guide an
evaluation of their e-business control environment. It serves as a user-friendly
resource guide, providing reference to world-class practices and delivering
tools and techniques designed to examine and assess the risks that accompany the
organizational components of customers, competitors, regulators, communities,
and owners. As the model was developed by the IIA, the research foundation
publication would be the best source of information for developing a marketing
strategy and a program for corporate boards. Start by visiting the IIA's eSac
gateway. The Executive Summary and SAC Model are available online, the rest
of the information is by subscription only. However this is where the power of
Internet meta-information comes into play. If you look on the Executive Summary
you will see the names of the project team and reviewers. Use a search engine to
locate their email addresses and contact them directly for assistance.
Question:
I am doing a presentation regarding to the internal and the external audit
functions in connection with the Corporate Governance. I would like to know if
you have any source of information where I can find something about the
cooperation between Internal and external auditors. I will appreciate your
suggestion.
Answer:
Recent events surrounding Enron and WorldCom highlight the need for cooperation
between the internal and external auditors as well as communication with the
audit committee. For a good comparison of the responsibilities of each click here.
PricewaterhouseCoopers has a publication called Corporate
Governance Accepting Responsibility which may be helpful. The IIA's Internal
Auditing and the Audit Committee: Working Together Toward Common Goals is
another possible resource. AuditNet® has a page
with links to corporate governance and internal audit.
Perhaps when you have prepared your presentation you would be willing to share it with the rest of the global audit community.
Question:
What do you all think if the payroll of an organization is done by the
Accounts Department? What are the weaknesses in term of the internal control
since the Accounts department also authorized the
check payments as well?
Answer: What you are
referring to is segregation of duties. This principle refers to the idea that
employees within a workplace which have conflicting jobs in the eyes of the
company's security policy should be separated from one another. This segregation
of duties attempts to prevent the interaction of key positions that potentially
have a detrimental effect on the organization (fraud).
Generally the person who prepares the payroll voucher should not distribute or have custody of the payroll checks.
However in your scenario you have not mentioned individuals but rather a department. It is therefore possible to have the payroll unit operating as part of the accounting department as long as the job responsibilities are clearly defined. Following as some sample policies:
Policy of segregation of duties in a payroll department
Question:
IIA Standards require us to evaluate risk management, control and governance
systems. According to the IIA's Quality Assessment Manual:
The nature of IA activity or scope of work is discussed in Standard 2100
and represents a significant departure from Standard 300 in the prior
Standards. Standard 2100 reflects the new definition of internal auditing,
stating the IA activity should add value and evaluate and improve the
organization's risk management, control, and governance processes.
Standard 2110 states that the IA activity should assist the organization
in managing risk by (1) identifying and evaluating significant exposures
to risk and (2) contributing to the improvement of risk management and
control systems. Standard 2120 states that the IA activity should evaluate the
effectiveness and efficiency of the organization's control processes. Standard
2130 describes the role of the IA activity in the governance process. Internal
auditors should assist the organization by evaluating and improving the process
through which (1) values and goals are established and communicated, (2) the
accomplishment of goals is monitored, (3) accountability is ensured, and (4)
values are preserved.
Standard 2110.A1 - The internal audit activity should monitor and evaluate the
effectiveness of the organization's risk management system.
Additionally, the IIA Handbook, Implementing the Professional Practices
Framework, states that "Identifying and evaluating risk exposures and
using risk analysis to plan audits, two other risk activities required by
the standards, are not enough to satisfy the mandate for evaluations of
risk management processes.
I'm curious how folks are planning on complying with IIA Standard 2110.A1.
Answer:
The best way to get feedback on how other auditors are addressing these
requirements is by posting a message in an audit discussion forum such as audit-l.
Question: I
need a definition or explanation of what is a high risk, medium risk and low
risk.
Answer:
On the surface this seems like an uncomplicated question. What you are actually
referring to is risk classification. In other words, what constitutes a high,
medium or low risk when implementing a risk based audit methodology? Risk
assessment in auditing is as much an art as it is a science. Risk is generally
comprised of four main elements:
- Financial impact
- Vulnerability
- Complexity
- Trust
Risk can be defined numerically (as a range points) or ordinarily (as
rankings of high-3, medium-2, or low-1). But before you even decide on either a
high, medium or low risk, you will have to determine the factors or criteria
that are part of your risk assessment For example risk factors may include:
- Management and internal controls
- Dollar value of revenue and expenditures
- Significance and complexity of an entity or activity;
- Changes in operations and organizational structure;
- Extent and complexity of computerization;
- Major cost centers with potential savings;
- Major problem areas in the organization;
- Specific problems in a process, organization or function;
- Part of a specific audit cycle;
- Political and public sensitivity;
- Legislative and regulatory requirements
Once you have determined your factors, you can then decide through interviews with stakeholders or analysis of data, the likelihood of occurrence and the impact on the auditable unit. The factors would be evaluated for each auditable unit and ranked accordingly using the high, medium or low rating. High would constitute the most risky or sensitive while low would be the least risky or sensitive. Examples of risk based internal auditing can be found at www.auditnet.org/rbia.htm
Here are more links:
GAO Risk Factors
Risk
Based Methodology for Colleges and Universities from the Risk Based Audit
Work Group.
Risk Factors
Question: I
am performing a City government compliance audit on Restaurants, clubs and bars
I have started with the market survey IRS Bars and Restaurant guide and I have
put together an Audit program but I need audit software I have over 800
restaurants to audit in about 2 years alone !!! I need audit software and help
with my program.
Answer:
The primary issue for you to consider is whether you have sufficient audit
resources available to perform these audits. If you are a small audit shop
you might want to consider outsourcing these audits or hiring staff. In
order to do that you will need to know approximately how long it will take
to audit each entity. You might consider a combination of in-house plus
outsourcing to accomplish these audits. There are many different types
of audit software applications if you choose to do these audits yourself.
The first step would be to define your needs. Will you be using the software
to manage the administration of these audits or actually use the software in
the audit process? Audit management software vendors include AuditLeverage,
Paisley Consulting, Pentana,
Galileo and
Magique and TeamMate.
As these audits will be similar another option would be to create templates
using Microsoft Office applications such as Word, Access, and Excel to
manage the process. You might also consider networking with other municipal
auditors to find out how they manage the process of gross receipts auditing.
Consider posting a message on the N.A.L.G.A. or Audit-l discussion
forums.
Question:
I have been asked to perform an audit of my organizations Internet Security.
However, my knowledge and experience in the IT arena is very limited. Do you
know of any resources available that would help familiarize myself with the very
basics even before talking to IT personnel?
Answer:
A good question that actually relates directly to Internal Audit Standards.
Attribute Standard 1210 relates to proficiency of the auditor and requires that
you are competent to audit the area. If you do not have the knowledge, skills or
competencies you must obtain them either yourself or find someone who does
(outsource). The IT area is one that many small to medium size audit
organizations find themselves reviewing with external assistance. If you decide
to perform the audit yourself here are some resources that may help.
AuditNet - Internet Security Audit Program and other Information Technology audit areas.
ISN Security Audit Resources Guide
SecuritySearch: The Internet Security Resource
Internet Security Policy A Technical Guide
Question:
I need information on the differences between CoCo and COSO framework. Which
is the better of the two?
Answer:
This is an excellent question that has no easy answer. The Canadian Institute of
Chartered Accountants Criteria on Control (CoCo) and the Committee of Sponsoring
Organizations of the Treadway Commission (COSO) frameworks both address control
and governance issues within organizations and reporting on the adequacy of
controls to external parties. Other ingredients to add to the "stew"
are the Cadbury and the King Commission reports issued respectively by the UK
and South Africa.
Each of the respective frameworks attempt to narrow the gap between practice and expectation in disclosing control and governance issues. The question then becomes not which is better but which is more appropriate depending on the physical location of the organization. The City of Seattle Internal Audit Department prepared a report called Different Frameworks; Same Goals which provides an excellent comparison of the COSO and CoCo frameworks. I might also suggest that you look at some of the books available on the subject from the IIA and the Canadian Institute of Chartered Accountants.
Question:
I am interested in finding an auditor's report on Southwest, United &
Delta Airlines 2000 financial statements. I would like to know what they
discovered when they audited their books? If you have any information on where I
can find this - I would REALLY appreciate. I am really just looking for
someone's opinion on how the company stated their finances (eg. net income,
taxes, etc.).
Answer:
Each of these companies are publicly traded which means you can request a copy
of their financial reports. Also most publicly traded companies now have their
financials online. Go to each respective Web site and look under company
information or investor relations. You can also go to the Securities and
Exchange Commission site and review financial filings via EDGAR.
Question:
Could you please advise a little information CISA certification? I have
browsed their website but what I would like to know are possibly pros and cons
with CISA certification?
Question 2: what are the requirements for CISA certification (eg number of
auditing hours) and how does one have to reapply for certification - does this
process include a mechanism for logging of auditing hours?
Answer:
For information about the Certified Information System Auditor (CISA) program go
to the Audit Career Links on this site and then click on Certifications and then
on CISA. As far as the pros and cons of certification that is something that you
will have to determine yourself based on your career objectives.
Question:
I am the new internal auditor at a bank. I am looking for a sample of a
confirmation letter to use for our deposit/loan customer accounts.
Answer:
The AICPA provides standard bank confirmation letters that were developed with
the American Bankers Association and Bank Administration Institute. Perhaps the
following will help:
Completed
Standard Bank Confirmation Form
Loan Confirmation Letter
Sample confirmation letters for
deposit accounts, CDs, savings, installment loans and commercial loans
Question:
I was wondering if you could help me please. I am doing a university assignment
in Australia in the financial field and the case study is the Pennsylvania Box
Company, Basically it is about evaluating the business and presenting the
information to the Bank. My problem is they Bank assesses the Company using the
Altman Z Score. Would you please be able to tell me how this is used and what
figures or ratios are used in the analysis. Or is it a made up term?
Answer:
An interesting question! According to the Financial Dictionary/Glossary at http://www.ventureline.com/glossary.htm
"ALTMAN Z-SCORE predicts whether or not a company is likely to enter
into bankruptcy within one or two years." The definition goes into more
detail so check it out. At the JaxWorks Small Business Spreadsheet Factory web
site they have a worksheet for
performing the analysis. Another example of the utility of the Internet when it
comes to sharing information and solving business analysis issues.
Question:
Might there be such an audit as an "airport security audit"?
Answer:
A very timely question in light of recent events. I searched the Internet using
Google and found a number of references to airport security they are as follows:
Aviation Security at www.avsec.com has links and information on airline security. They offer services for airport security audits.
The FAA's Civil Aviation Security site at http://cas.faa.gov/ is sure to have information on this subject.
GAO recently added links to airport security reports from 1980 to present at http://www.gao.gov/audit.htm
I would check the Internet for more information on this subject as the airline industry and airport security come under intense review both internally and externally.
Question:
Some of the companies in our group are outsourcing their internal audit functions in total. I thought a list of issues / criteria similar to those requested in 1) might be useful for the audit committee that needs to make the final choice .
Answer:
The Mid America Intergovernmental Audit Forum prepared a comprehensive
guide on the subject. This should help with the criteria.
Grant Thornton also prepared guidance for audit committees for NPOs on evaluating external auditors.
You should look at the IIA's Perspective on Outsourcing Internal Audit as it may help you in addressing the audit committees concerns.
Question:
I am looking for stats on labor burden rates being charged by construction
managers and/or sub contractors. Have you seen data of this nature?
Answer:
Labor burden is the contractor's actual costs for worker's compensation and
liability insurance, payroll taxes, social security and employees' fringe
benefits (including employer paid health insurance) imposed on the basis of
payrolls. This burden must reflect the variability of some burdens, i.e. social
security. The burden may be itemized and include all small tools and
miscellaneous supplies. The total labor burden for such small tools shall not
exceed a specific percentage (e.g. two percent (2%)) of the Direct Labor cost.
Labor burden rates vary based on industry, geographic area and type of contract
(union or non union). You need to determine what the standard or acceptable
burden rate is for your industry as well as the geographic area for
construction. In my business a 36% labor burden rate is not considered
excessive.
Another potential source would be the RS Means Company the leading supplier of construction cost information. Their Web site can be found at www.rsmeans.com
Some additional resources include:
The Cost of Doing Business Cookbook
How Much Should You Charge to Earn a Profit
Question:
What is the liability of the auditors for failure to detect fraud? Where can
I find suitable case law about auditors & fraud on the web ?
Answer:
It depends! Each professional audit organization has incorporated fraud
detection and prevention into their respective standards. Additionally
countries have differing laws on the auditors responsibility for detecting
fraud. The internal audit profession addressed fraud in the standards according
to http://www.theiia.org/standard/sias3-98.html.
Government auditing standards can be found at http://www.gao.gov/govaud/ybhtml/toc.html
and the AICPA standards can be found at www.aicpa.org.
SAS 82 addresses fraud in financial statements.
Miscellaneous
Question: My company is preparing for a year-end physical inventory count next month. Please advise how as an internal auditor of the company I can assist management, the costing section and the external auditor during the process of the physical count.
Answer: By asking them that very same question.
Question: Am trying to find out what companies offer internal audit services to others (i.e., cosourcing or outsourcing) and whether outsourcing internal audit really works.
Answer: Most of the Big 5 accounting firms offer such services. As to whether it really works? It can if there is a need for specialized expertise that the internal auditors don't have
(co-sourcing) or it can if the internal auditors are not adding value to their organizations.
Here are some links of interest:
- What Audit Directors Disclose About Outsourcing
- Benefits and problems associated with independent auditors taking on the role of internal auditor
- A local practitioner's guide to internal audit services
- PriceWaterhouseCoopers Internal Audit Services
- Ernst & Young Internal Audit Services
Question: I have 7 shares of stock in your company. How do I close my account and sell them back to the company and where do I send the certificate for the one share that I hold?
Answer: If you hold your 7 shares through the Progress Plus Stock Plan, then follow the instructions on the back of your most recent statement for selling your shares.
If you still have questions, call 1-800-352-1121.
Question: Can statistical sampling be used as audit evidence in court?
Answer: Sure. However, it's
admissibility is subject to the same rules of evidence as anything else. Assuming the statistical sampling evidence is associated with an expert witness, then it may be admitted into evidence if:
(1) the expert is qualified to testify competently regarding the matters he intends to address;
(2) the methodology by which the expert reaches his conclusions is sufficiently reliable as determined by inquiry; and
(3) the testimony assists the trier of fact, through the application of scientific, technical, or specialized expertise, to understand the evidence or to determine a fact in issue.
You can explore this issue further at this web site: Statistical Evidence in Litigation
Question: Do you have any guidelines concerning proper audit trails concerning paperless transactions (electronic timesheets, documents, etc.)?
Answer: Click here.
Question: Is it time to regulate the audit?
Answer: External audits are regulated by every state. If you mean internal audits, the Standards provide sufficient guidance.
Question: Has the EDP Examination Handbook been updated since January 1992? If so, where can I get a copy?
Answer: I'm not familiar with the EDP Examination Handbook. Please send me the exact title, date of publication and publisher's name.
These resources are available:
Question: I am looking for a firm with experience auditing statistical information primarily in the education field.
Answer: Here are three candidates that you may want to consider (I provide these links for information only and do not endorse any particular firm):
Question: I am an internal auditor from the Philippines. I would like to ask if there is a website for the review materials for the exam for the CIA?
Answer: Here's two good net resources for you:
Question: Can I get info on seasonal billing?
Answer: Click on the link for information about Florida Power Corporation's Seasonal Rate.
Question: Why Stone &
Webster (SW)? Typical construction audit problem?
Answer: Please be more specific with your question so I can understand what information you're seeking.
Question: I am looking for information concerning SunGard's OmniPlus and
OmniStation. Specifically on security and performance.
Answer: Click on this link to Sungard's OmniPlus web site for information.
Question: How do I get my (investor) name and address change communicated to all departments?
Answer: I've forwarded your question to our Investor Relations Department who will help you.
Question: Give examples of lack of visible evidence in computer audits?
Answer: Here are several examples:
- The absence of input documents (e.g., order entry in on-line systems) or the generation of accounting transactions by computer programs (e.g., automatic calculation of discounts) may preclude the auditor from examining documentary evidence.
- The lack of a visible audit trail will preclude the auditor from visually following transactions through the computerized accounting system.
- The lack of visible output may necessitate access to data retained on files readable only by the computer.
Question: I am considering solar power for my home. Does Florida Power have a policy regarding this?
Answer: Since this is a customer service related question, you should contact our customer service department for information. You can contact them by email or by using the 24 hour toll-free telephone number listed at this location. They will help you contact the right person that can answer your question.
Question: I am a UK citizen wishing to immigrate to Florida; In the UK my job is that of a
stock taker for the liquor industry (simply put that is one who physically counts alcoholic beverages and reconciles usage with cash received). Where can I get information on similar opportunities in Florida, as I am unsure of the name of the equivalent job title in the USA? This service is for to owners of bars, clubs, hotels etc.
Answer: The North American Association of Inventory Services has a website that contains a list of members with contact information that you can use to determine stocktaking employment opportunities.
Just click on the Membership List link on their home page.
Question: best practice
Answer: Please state the specific best practice area you're interested in.
Question: Where can I find Information on Audit Committee Charters?
Answer: The Report and Recommendations of the Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees discusses what should be included in an Audit Committee Charter and contains 5 examples of charters. Click on the link to download the report in PDF format.
Question: I am a graduate student in environmental engineering. I would like to know if you have information about average energy consumption in offices, bathrooms, hallways, etc.
Answer: Please contact our customer service department for information. You can contact them by email or by using the 24 hour toll-free telephone number listed at this location.
Question: Why is a sample size of 30 statistically sound?
Answer: It most likely is not, if you are talking about a probability (statistical) sample of the kinds of things that most auditors sample: attributes. An attribute would be something like the number of errors in a file, the number of inventory items out-of-balance, etc. As noted in Herbert Arkin's book, Handbook of Sampling for Auditing and Accounting, McGraw-Hill, 1974, a valid statistical attribute sample would most likely have a sample size of 80 items or more. It depends on the Precision (sampling error) and Confidence Level that is specified for the sample. We have a statistical sampling tool that you can use to determine proper sample sizes.
The notion of a sample size of 30 being universally statistically valid probably arose from the large-sample/small-sample approach to the one-sample test for a mean when the variance is unknown that was taught in basic statistics courses. The only distinction for a sample size of 30 was that it was considered to be a "large" sample, not that it meant you could take any type of sample of 30 items and expect it to be "statistically sound". For an academic treatment of the subject, click here (if you dare!).
While judgement samples are fine for many audit purposes, they do not have two important characteristics: estimation of the required sample size and objective projection or evaluation of the sample results. In other words, the only way to objectively demonstrate the validity of the sample chosen to describe the field audited is to devise and select a probability sample.
Question: How do audit trails work?
In a manual system, audit trail documents are retained in a hard copy format for a certain length of time. The length of time depends on the nature of the related transactions, company policy and any retention requirements imposed from outside (e.g., IRS). In an automated system, audit trail records are retained on magnetic media.
Answer: An audit trail comprises all of the records, either printed or online, that enable someone to reconstruct a transaction. A good audit trail will be able to answer Who?, What?, Where?, When?, Why? and How? questions.
Question: Will Florida Progress' Audit Services Department continue to exist after the acquisition of Florida Progress by Carolina Power & Light?
Answer: There will be an audit group located in Florida.
Question: Profile of internal audit directors?
Answer: I suggest contacting Bob Ferst at the Institute of Internal Auditors (407)830-7600. The IIA GAIN (Global Audit Information Network)Product has information on internal audit directors for many industries. Bob would also be aware of any IIA research products available on this subject.
Question: How far back can a customer go to search for possible errors or overcharges on their bills?
Answer: Since this is a customer service related question, you should contact our
Question: I'm doing a practice in a local government as an internal audit and I'm not sure if my auditing activities must be known by all employees or only for the Directors?
Answer: As noted in the book, Sawyer's Internal Auditing, Institute of Internal Auditors, Altamonte Springs, Florida, 1996, "Financial auditors deal mainly with figures. Management oriented internal auditors deal mainly with people. To obtain the information they need and to ensure corrective action on their audit findings, internal auditors must develop and maintain good relations with auditees (or customers as we call them). Yet internal auditors can find themselves buffeted by conflicting objectives that appear to be in complete opposition. The problem is a knotty one:
- On the one hand, to secure cooperation from auditees; on the other hand, to be alert to the possibility of fraud.
- On the one hand, to gain the confidence of an operating manager; on the other hand, to record deficiency findings in a report going to the manager's superior.
- On the one hand, to be on the chief executive officer's payroll; on the other hand, to report to the board of directors derelictions in an enterprise for which the CEO has complete responsibility."
Question: Receivables fraud methods?
Answer: As noted in the book, Foozles and Frauds, Institute of Internal Auditors, Altamonte Springs, Florida, 1977, "receivables are believed to be the vehicle most used by defrauders to conceal thefts. The manipulations of receivables may be of a permanent or temporary nature. A permanent manipulation involves the introduction of false data to the system; for example, a false credit posted to an account in lieu of cash embezzled to balance a
customers account.
A temporary manipulation is one that entails switching entries from one customers account to another in order to conceal a theft. But it requires a series of moves to continue the concealment. Lapping is the term used to describe the manipulation."
Please refer to the above referenced book for examples of receivables fraud.
The Ask the Auditor question answers highlight general information on a particular matter and are not exhaustive reviews of such subjects. Accordingly, the information in this website is not intended to constitute legal, accounting, tax, investment, consulting, or other professional advice or services. Before making any decision or taking any action which might affect your
business or personal finances , you should consult a qualified
professional advisor.