Question: Read the following scenario, then: identify three risks within the scenario. Propose one control to address each risk. Please use the names for controls provided
- Read the following scenario, then:
- identify three risks within the scenario.
- Propose one control to address each risk. Please use the names for controls provided in the textbook where possible.
- For each control you propose, also identify:
- whether it is preventative, detective, or corrective, and
- its type (physical control, IT general control, IT application control, and if IT application control whether it is an input, processing, or output control)
SmallCo sells small toys and paperback books, with order dollar totals typically being in the $10-$100 range. The clerks in the Accounts Receivable (A/R) group have worked together for a number of years. The system they use permits all employees in the group to access all parts of the A/R system. However, management is aware of the concept of segregation of duties, and has assigned some employees to processing payments, while others are assigned to maintain the A/R records.
The employees are generally fairly careful. However, the computers in the area are somewhat old, and sometimes keys stick, resulting in multiple extra characters such that for example a payment of $100 is entered as $10000, or a customer ID number doesn't match any in the database because of extra digits. The clerks rely on the accountants to catch such errors at month end. The accountants do check for such errors, but sometimes miss some because they aren't sure how many transactions the clerks have entered for the month, and so aren't sure how many should have been processed by the end of the month.
For convenience, the employees share login IDs and passwords so they can manage each other's work if one is away for a period. The supervisor of the group has been there a long time, and routinely leaves early and arrives late, on the grounds that the group knows what it is doing and doesn't need her there every second of the workday. She does find the information on customer account balances useful, as she has a small home business also selling toys and uses the customer list and payment history to determine who to target with ads as creditworthy customers.
| S/N | Risk | Control | Function | Type | |
| 1 | |||||
| 2 | |||||
| 3 | |||||
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help