In each we will evaluate the effectiveness and potential risks, as well as how Cuddle Fine Foods can minimize those risks, thereby preventing substantial loss in revenue or more significantly, confidential employee, customer, and vendor data. The improvements to the system will include centralizing the accounting system at one location, automation of important functions such as accounting, inventory, and purchasing. The internal controls discussed herein will enhance fraud detection and prevention.
Risks in Processes The primary function of risk assessment is to identify all potential threats to he security of the organization, analyze potential costs and likelihood of the occurrence, and implement controls for in areas where damage would be more costly than the costs associated with controls (Beggaring, Siskin & Strand Norman, 2008). The risks associated with system processes will not fully diminish, even with security and process enhancements to Kidder’s systems; with new technology developing seemingly daily, so too are the number of potential threats.
To prevent fraud, part of the internal controls will not only regulate accesses and monitor activity, but it will also include testing the system for weaknesses. The four systems analyzed in week two were accounts payable, accounts receivable, inventory, and payroll. The most significant area of concern, without reviewing other areas of the system, is a clear absence of written policies and controls. There are no directions for employees to provide a clear image of what security protocols are and no guidance to prevent internal threats.
In addition to the absence of written controls, we begin with accounts payable, some of the risks are an absence of task separation, an issue among various accounting functions. Paper copies of invoices are an issue as well. Paper invoices are manually entered into the system, creating the opportunity for error. Paper invoices also allow employees to commit fraud by creating false invoices and setting up fictitious vendors, allowing them to embezzle funds by way of accounts payable payments.
Although invoices will begin to come in electronically via our company portal, some vendors will still choose to submit invoices via mail. This is another example of how task separation is necessary. With accounts receivable, the risks are mostly internal with the possibility of embezzlement and misapplication of payments received. Once again, task separation is crucial to prevent fraudulent activity. Cash for deposits as well as checks received can easily be stolen without proper controls in place.
Also, it is important that receivables are properly coded and accounted for, delegating this task to one or more individuals, and the task of data entry and invoice payment to two additional invoices, will minimize risk. The payroll risks are significant and a common form of fraud by employees as they attempt to manipulate the system by claiming hours worked that were not actually worked. Prior to the new system, employee hours were not easily racked and verified. With the new system, clock-in will be via finger print scanner. This will remove the opportunity for employees to clock each other in and claim hours that were not actually worked.
At employment, each employee scans his or her finger print into the system, they must scan their finger when they arrive, take lunch, and depart for the day. The new accounting information system will provide Cuddle Fine Foods with a streamlined inventory process. With the accounting function now centralized, all information related to inventory; sales, ordering, location tracking, and cost, will all be easily maintained and monitored. Potential threats involving inventory are theft, internally and externally, and over or under stocking.
The new system will monitor when product was ordered, the location of the product, cost, and date of sale on each item. Inventory, especially in retail, is Tracking what came in versus what was sold allows management to ascertain what product was lost as a result of theft. Internal Controls As previously stated, Cuddle Fine Foods management must first develop a game plan, a set of internal controls with the purpose of preventing and detecting fraudulent activity and ultimately achieve the business’ goals of operational effectiveness and efficiency in financial reporting and operations.
Cuddle Fine Foods must implement required passwords for each employees, controlling access to only those areas that are needed by employee according to his or her tasks. In upgraded firewall along with a detection system will protect Kidder’s network and report on any suspicious activity. Employees will receive training and documentation on the new controls as well as directions for the new system upgrades. As to accounts payable, and all other counting functions, tasks are to be separated accordingly to ensure minimal opportunity for fraud.
Where possible, invoices will be submitted electronically with one person responsible for data entry. Another individual will be responsible for issuing payment, preferably electronically where possible. All payments that exceed the predetermined threshold will require two signatures from approved authorizers. Cash receipts will be more easily tracked with the new POS system as each employee will have a station login identification and must electronically sign off on the starting cash and end of shift cash. All voids will be reviewed and compared against inventory as will all sales.