Record-to-Report Risk Control Matrix

MILKY MIST DAIRY FOOD PRIVATE LIMITED
Risk & Control Matrix - Record-to-Report
Control# COSO Component COSO Principle
Principle 10: The organization selects and develops control activities that
MM_R2R_01 Control Activities contribute to the mitigation of risks to the achievement of objectives to
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
Principle 11: The organization selects and develops general controls over
MM_R2R_05 Control Activities
technology
acceptable levels.
acceptable levels.
Principle 12: The organization deploys control activities through policies that
establish what is expected and procedures that put policies into action.
acceptable levels.
acceptable levels.
technology
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
Principle 3: Management establishes, with board oversight, structures, reporting
MM_R2R_23 Control Environment
lines, and appropriate authorities and responsibilities in the pursuit of objectives.
acceptable levels.
acceptable levels.
technology
technology


Principle 16: The entity selects, develops, and performs ongoing and/or separate
MM_R2R_30 Monitoring evaluations to ascertain whether the components of internal control are present
and functioning.
Information and Principle 15: The entity communicates with external parties regarding matters
MM_R2R_31
Communication affecting the functioning of internal control
technology
acceptable levels.
technology
MM_R2R_36 Control Environment
technology
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
MM_R2R_42 Monitoring contribute to the mitigation of risks to the achievement of objectives to
acceptable levels.
acceptable levels.
acceptable levels.
acceptable levels.
Sub-Process Name Control Objective
Accounting of Payment is made only for the Goods that have been
Transactions received
Accounting of Fixed Assets under WIP are monitored and transferred to

Transactions fixed assets at the appropriate time
Accounting of
Arrive at correct financial position
Transactions
Accounting of
Arrive at correct financial position
Transactions
Cash and Bank Correct cash and bank balances reported in the Trial
Management Balance
Management Balance
Management Balance
Cash and Bank All bank accounts are operational and there is no misuse in
Management any dormant bank account
Cash and Bank Correct loan and deposit balances are reported in the Trial
Management Balance
Cash and Bank
Physical cash is matched with books
Management
All payments through online banking are duly authorised

Cash and Bank
and made directly to the bank account of the appropriate
Management
party
Cash and Bank All statutory payments are made directly to the Government
Management account
Cash and Bank All payments are under due authorization of the appropriate
Management authority
Statutory Compliance Correct and timely compliance of Statutory payments
Statutory Compliance Correct and timely compliance of Statutory filings
Statutory Compliance Matching of Books and balances as per Statutory Returns
Statutory Compliance Correct and accurate compliance of Statutory filings
Statutory Compliance Correct and accurate compliance of Statutory filings
Statutory Compliance Matching of Books and balances as per Statutory Returns

Statutory Compliance Compliance with Laws & Regulations
Statutory Compliance Compliance with Laws & Regulations
All transactions in ERP are entered by Authorized

Chart Of Accounts
Personnel from the Respective Teams
Chart Of Accounts Arrive at correct financial position
Bank Account
Only authorized personnel operate bank accounts
Opening
Bank Account
Opening
Bank Account
Opening
Bank Account
Opening
Closure of
Accounting Period of Arrive at correct financial position
Monthly basis
Closure of
Accounting Period of Arrive at correct financial position
Monthly basis
Defining the Financial
Reporting and Closing Arrive at correct financial position
process
Defining the Financial

Reporting and Closing Arrive at correct financial position
process
Preparing and
reviewing Financial Arrive at correct financial position
Statement
Preparing and
Statement
Preparing and
Review of variances and redefining Budgets which are in
reviewing Financial
line with the Actuals
Statement
Preparing and
Statement
Preparing and
Statement
Preparing and
Statement
Preparing and
reviewing Financial Inventory records are matched with Financial Books
Statement
Preparing and
Statement
Preparing and
reviewing Financial Inventory records are matched with Financial Books
Statement
Input Tax Credit as per books is matched with Input Tax

Statutory Compliance
Credit as per GSTR 2B
Misstatement Due to Fraud?
Account Balance/ Class of

Classification of Inherent
Risk Associated with the
Transactions/Disclosure
Existence/Occurrence
(High, Medium, Low)
(Normal, Significant)
Risk of Material
Completeness
Accuracy
Control
Cut off
Risk
Risk
Payments may be processed for goods that have not

been received or that are priced inappropriately given
Significant Yes High a a
the purchase order price due to Possibility of clerical
errors in feeding data in ERP
Capitalisation of Fixed Assets even before asset is

ready for commercial production / Capitalised after Significant No High a a a
substantial delay
Revenue Expenditure treated as Capital Expenditure

Significant No High a a
and vice versa
Inaccurate reporting of payments to parties as Deposits Significant No High
Inaccurate/ incomplete recording of bank accounts

resulting in incorrect presentation of cash and bank Significant Yes High a a
balances
Inaccurate/ incomplete recording of bank accounts
resulting in incorrect presentation of cash and bank Normal No Medium a a a a
balances
Inaccurate, incomplete and non-timely recording of

cash and bank transactions resulting in incorrect cash Significant Yes High a a a a
and bank balances
Unauthorized / inaccurate recording of Bank

Normal No Medium a a
transactions resulting in incorrect Bank balances
Unauthorized / inaccurate recording of Bank

Significant Yes High a a a
transactions resulting in incorrect Bank balances
Non-reconciliation of cash book to the general ledger
Normal No Medium a a a
resulting in unidentified discrepancies
Inappropriate/ unauthorized access to online banking

system (wire transfers etc.) resulting in fraudulent Significant Yes High a
transactions
Inappropriate/ unauthorized access to online banking

transactions
Inappropriate/ unauthorized access to on-line banking

transactions
Profession Tax - Delay in payment of collected taxes Significant No High a a
GST - Inappropriate or inaccurate filing of GST

Significant No High a a a
Returns including filing of ITC 04
GST - Closing balance is not matched with balance as

Significant No High a a a
per GST portal
GST - Reverse Charge Compliance not made / Input

Tax Credit claimed on ineligible supplies / Reversal of Significant No High a a
ITC towards Exempted Supplies
TDS Returns are not filed / filed inaccurately Significant No High a a
TDS not deducted Significant No High a a a
TDS receivable not accounted Normal No Low a a a a
Advance Tax not quantified correctly or not paid within

Normal No Low a a
time
Filing of charges - Creation of Charge, Modification of

Charge, Satisfaction of Charge with Registrar of Significant No High a
Companies
Appointment of Company Secretary for Secretarial
Normal No Low
Audit
Income Tax - Compliance with cash payment limits and

Significant No High a
limits for receipt of cash
CSR Expenses to be spent Normal No Low a
Unauthorized changes to Chart of Accounts can have

Significant Yes High
impact on financials.
Wrong Grouping of Ledgers Significant No High a
Unauthorized opening/ closing of bank accounts

Normal No Medium
resulting in misappropriation of funds
Unauthorized bank signatories resulting in invalid/

fraudulent transactions
Unauthorized bank signatories resulting in invalid /

Unauthorized bank signatories resulting in invalid /

Normal Yes High a a
Accounting records are not closed and/ or reconciled in

a timely manner. Transactions may be posted to an
inappropriate period thus misstating the financial
records.
Incomplete and invalid financial statements.
Unauthorized posting of journal entries may lead to Normal No Low a a a
financial statement misstatement.
Absence of accounting policy provide vague reference
to entity in terms of accounting treatment for Normal No Medium
transactions.
Inappropriate or inaccurate changes to financial
documents are made by users who are not authorized to
Normal No Medium
perform this task; this may result in an under or
overstatement of the general ledger.
Absence of review can act as deterrent for management
Normal Yes High a
confidence in number reported.
Changes in final value of General ledger will lead to

Normal No Low a
incomplete accounting of financials.
Changes in final value of General ledger will lead to

incomplete accounting of financials.
Non-existent receivables brought forward in Financials Significant No High a a
Depreciation charged at Higher or Lower Rates Normal No Low a
Sale of Fixed Assets - Profit / Loss on sale of fixed

Significant No High a a
assets not duly calculated ; GST not discharged
Physical verification and valuation of inventory Significant Yes High a a a
Provision for Gratuity Normal No Low a a
Inventory balances not matching with Physical

Significant Yes High a a a a
Inventory
Input Tax Credit is NOT eligible to be claimed in GST Normal No Medium a a

Returns since Supplier has NOT uploaded invoices in
GSTR 1 or Supplier has filed GSTR 1 with a delay
Presentation & Disclosure
Rights & Obligations
Valuation
Control Activity
Control Description Type (Preventive/
Detective)
Entry in ERP is based on manual matching of the invoice,GRN, and

Preventive
purchase order (3 way match).
Commencement of Commercial Production Certificate is obtained form

Production Team along with Production Report and copy of Sales
Preventive
Invoice within a reasonable period from Date of Commencment of
Commercial Production is verified
Nature of expenditure is fixed in the system at the time of Purchase

Order itself and verified by Finance Team. Invoice booking against
a Preventive
Purchase Order ensures correct accounting of Expenditure as Revenue
or Capital
Deposit payment to parties are grouped to a separate ledger and not
grouped to Accounts Payable GL. Payment entries are always made
a against particular invoices and any adhoc payments shall be reviewed by Preventive
GM Finance as to the exact nature of payment before authorising the
transaction for posting in GL
All the bank accounts recorded in ERP master are automatically mapped
a Preventive
in the trial balance generated from the ERP.
Periodic bank statements are obtained from the Banks to ensure that all
a bank accounts are recorded in the books. Detective
The Accounts team prepares daily bank reconciliation statements, which

a are reviewed and approved by the GM - Finance and significant Detective
/unusual /old reconciling items are resolved in a timely manner.
Idle / Unused bank accounts are reviewed by CIO on a yearly basis and
Detective
actions for closure are initiated after the board resolution.
Bank confirmation (for investments, borrowings, loans, corporate

guarantee, ICD's) is obtained on a quarterly basis and the same is
Detective
reconcilled with ERP by Finance Team and the same is reveiwed by
CIO
The cash book generated is mapped to the General Ledger in ERP
system. Recorded cash balances are compared to physical cash available
Preventive
on daily basis by Sr.Accountant and differences identified are
investigated and resolved timely and approved by AGM Finance
Addition to new payees in online banking system is done with required

a Preventive
approval of CIO
Authority to approve E-banking transactions for statutory payments

(income tax, customs duty, Excise and Service tax) and other payments
a is restricted to authorized signatories as per the board resolution. All E- Preventive
banking payments (RTGS/NEFT) are processed by Accounts Assistant
and the same is verified by CIO as authorised by board resolution
All cheques / e- payments are approved / signed by authorized

a Preventive
signatories as approved by the board resolutions.
Compliance Chart is maintained and reviewed by GM Finance on a

a monthly basis. At the beginning of the month, GM Finance lays down Preventive
responsibilities to various Team members to ensure Timely Compliance
Calculations made for GST are reviewed by AGM Finance before filing
Preventive
of GST Returns
Closing Tax GL Matching with GST Portal balances is reviewed by GM

Preventive
Finance before filing of GST Returns
Transactions for which reverse charge is applicable is mapped in the

system and also regular training is given to Accounts Team for
Preventive
identification and proper booking of Reverse Charge Liability at the
time of Invoice booking process itself
TDS Return prepared is reviewed by AGM Finance before filing Preventive
Transactions for which TDS is applicable is mapped in the system and

also regular training is given to Accounts Team for identification and
Preventive
proper booking of TDS Liability at the time of Invoice booking process
or payment of advance itself
Form 26AS is reconciled with books of accounts. Quarterly statement of

account is obtained from Customers to ensure all TDS deducted are Preventive
reflected in Form 26AS and matched with GL
Advance Tax is estimated based on profits upto completed period and

Preventive
projected based on seasonal demands
Documents required for Charge Creation, Modification or Satisfaction

a are submitted to Company Secretary within 7 days of the event and duly Preventive
filed Acknowledgement is obtained within a further period of 7 days
Company Secretary is appointed and Secretarial Audit Report is filed
a Preventive
within the due date provided for in law
Cash payments beyond Rs.10,000 are NOT disbursed by the Cash

Officer and Cash receipts from customers except Retail Sales are always Preventive
through Banking channels
GM Finance submits the CSR Amount to be spent to the Management

Preventive
in the Board Meetings and the Action Plan is drawn
ERP restricts authorized personnel the ability to create, change, or delete

GL Chart of Accounts Master Records among users of MMD.
1. Creation of new accounting code:
Requestor needs to get the approval from GM - Finance regarding
creation of new GL. Account created by EDP personnel and the same is
a reviewed by GM Finance. Preventive
Final GL account is being appraised by GM Finance.
2. Changing/Deleting the ledgers:

There is no option to change or delete the ledger accounts created in
ERP by users.
All ledger grouping are reviewed on a yearly basis for correct reporting
a Detective
in Financial Statement
For every new bank account opening, the Finance team provides
requests for opening a bank account to board through CIO.
a Preventive
Bank accounts are opened only based on approval of the authorized
signatories as per Board Resolution.
List of authorized signatories to open bank accounts/ authorize bank
a transactions is approved by the Board and is maintained by Company Preventive
Secretary.
Review /Reconciliation between the list of signatories as per bank
a records and the list of signatories available with Company Secretary is Detective
done yearly once to ensure on-going pertinence.
The Finance Team sends the authorized list of personnel approved by

a Preventive
board to the banks based on any specific requirment.
Accounting periods are closed on a monthly basis after the book closure
a and posting to prior periods is restricted in ERP. Once the period is Preventive
closed, the entries get locked automatically and cannot be edited.
Audit entries are recorded by Accounts Team and reviewed by GM

Preventive
Finance.
Accounting policies and procedures, standard chart of accounts and

a related guidance are appropriately created and updated on a requirement Preventive
basis.
Access to post Accounting entries are restricted to account users in ERP

a Preventive
and posted transactions are reviewed and approved by AGM Finance.
Workings / Calculation used for accruals, Prepaid expenses,
a Outstanding Liabilities, etc. done by Accounts Team and reviewed by Preventive
AGM Finance.
Monthly carry forward of GL balances is automated in ERP and yearly

a Preventive
carry forward has to be triggered by the IT team.
Monthly Variance Analysis Sheet (Budgeted vs Actual) is prepared by

GM Finance and variances are discussed with CEO, necessary entries
a Preventive
will be passed in subsequent month.
Balances are reconciled with counter-party statement and the differences

a Detective
are written off with due approval from Management
Depreciation is calculated by the ERP automatically based on the useful

a Preventive
life of the asset, salvage value which are entered as provided for in law
Profit/Loss on each fixed asset to be computed by the ERP based on

cost and accumulated depreciation; Sale of Fixed Assets to be routed
a Preventive
through a separate transaction type similar to regular sales invoice and
GST shall be auto-calculated based on the type of asset
Physical verification of inventory is being conducted on monthly basis

and differences if any are investigated and due impact is given for the
a a Preventive
quantity in the ERP; Valuation of inventory is reviewed on systematic
sampling method on monthly basis
Actuarial report is obtained and the provision is accounted for on yearly

Preventive
basis
a a
GSTR 2B reconciliation has to be made at Invoice level on Monthly

basis and payment to the supplier should only be based on invoices Preventive
reflected in GSTR 2B
IT Nature (IT
Control Nature
Dependent/Non IT- Frequency
(Manual/Automated)
Dependent)
Manual Non IT-Dependent Event Driven
Manual IT Dependent Event Driven
Automated IT Dependent Event Driven
Manual Non IT-Dependent Monthly
Manual Non IT-Dependent Yearly
Manual Non IT-Dependent Quarterly

Automated Non IT-Dependent Event Driven
Automated Non IT-Dependent Event Driven

Manual IT Dependent Event Driven
Automated IT Dependent Monthly
Manual IT Dependent Transaction level

Automated IT Dependent Monthly
Automated IT Dependent Quarterly
Automated IT Dependent Event Driven

Statutory Auditor
Results of Design
(No Exceptions
Process GAPS and
Control Owner Process Owner Noted /
enhancements
Exceptions
Noted)
GM Finance Accounts Team
GM Finance Production Head
AGM Finance Purchase Head
Head - IT Treasury Team
AGM Finance Accounts Team
CIO GM - Finance
CIO GM - Finance
AGM Finance Cash Officer
CIO AGM Finance
CIO AGM Finance
CIO AGM Finance
GM Finance AGM Finance
CIO GM Finance
Board of Directors GM Finance
GM Finance Cash Officer
Board of Directors GM Finance
Head - IT GM - Finance
CIO GM - Finance
CIO GM - Finance
CIO GM - Finance
CIO Accounts Team

Head - IT GM Finance
CEO GM Finance
AGM Finance Stores

Internal Auditor
Remarks Annexure
No major discrepancy noted
Asset capitalized before ready

to use. For.E.g.Purchase of
Annexure- 1
stone, bricks, steel capitalized
when it Purchased.
Point No.4 in IA report Annexure- 2
No major discrepancy noted.
Some banks give Excel sheet

some banks gives PDF on
which Designated officer
signature not available,
Point No.8 in IA report
Annexure- 5 &
Separate
Point No.41 - 48 of IA report
working file
attached
Now reviewd by DGM.

Previously not reviewed.
GST portal balance not

matched with books balance.
Annexure- 6
Entries given by Internal
auditors
No RCM ledger Annexure- 7
No checking has been done.
List of Non deduction of TDS

deduction parties available in Annexure- 8
TDS payable folder.
26AS Not matched with books.

TDS receivable matching
Annexure- 9
workings is in TDS receivable
Folder.
Point.No.45 in IA report Annexure- 10
No charge document
available in the hands of
MMD. All charge creation,
modification done by HDFC
bank.
Point No.1 in IA report
Eg: Interbranch Purchase

(Branch to HO) GST amount
grouped in CGST/SGST
receivable-TN Annexure- 13
Prior period entries yet to be

Annexure- 14
restricted.
Statutory audit entries

No prepaid entries Annexure- 15
After completion of statutory

audit also, closing balace of
Annexure- 16
previous F.Y not carry forward
to current Year
No budget in MMD
Wriiten off entries

Manual depreciation entry has
Annexure- 17
been posted via Jounal entry
As per book, sales entry

rcorderd as follows- Sales is
credited and debtors is debited.
Annexure- 18
No plant and machinery
credited and no accumulated
depreciation has been booked
ERP issues. Rs.5,187 crores

diff
After Acturial valuation only

the Gratuity has been
accounted. But actuarial report
received before end of the F.Y.
ERP issues. Rs.5,187 crores

diff
No GSTR-2B reconciliation
MILKY MIST DAIRY FOOD PRIVATE LIMITED
COSO Principles
Internal Control Component
Control environment
Risk assessment
Control activities
Information and communication
Monitoring
DAIRY FOOD PRIVATE LIMITED
COSO Principle No.

Demonstrate commitment to integrity and ethical values 1
Ensure that board exercises oversight responsibility 2
Establish structures, reporting lines, authorities and responsibilities 3
Demonstrate commitment to a competent workforce 4
Hold people accountable 5
Specify appropriate objectives 6
Identify and analyze risks 7
Evaluate fraud risks 8
Identify and analyze changes that could significantly affect internal controls 9
Select and develop control activities that mitigate risks 10
Select and develop general controls over technology 11
Deploy control activities through policies and procedures 12
Use relevant, quality information to support the internal control function 13
Communicate internal control information internally 14
Communicate internal control information externally 15
Perform ongoing or periodic evaluations of internal controls (or a combination of the two 16
Communicate internal control deficiencies 17

Record-to-Report Risk Control Matrix

Uploaded by

Copyright:

Available Formats

Record-to-Report Risk Control Matrix

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Record-to-Report Risk Control Matrix

Uploaded by

Copyright:

Available Formats

MILKY MIST DAIRY FOOD PRIVATE LIMITED

Risk & Control Matrix - Record-to-Report

Control# COSO Component COSO Principle

Principle 3: Management establishes, with board oversight, structures, reporting

Principle 3: Management establishes, with board oversight, structures, reporting

Accounting of Fixed Assets under WIP are monitored and transferred to

All payments through online banking are duly authorised

Statutory Compliance Correct and timely compliance of Statutory payments

Statutory Compliance Correct and timely compliance of Statutory filings

Statutory Compliance Matching of Books and balances as per Statutory Returns

Statutory Compliance Correct and accurate compliance of Statutory filings

Statutory Compliance Correct and accurate compliance of Statutory filings

Statutory Compliance Correct and timely compliance of Statutory payments

Statutory Compliance Matching of Books and balances as per Statutory Returns

Statutory Compliance Correct and timely compliance of Statutory payments

Statutory Compliance Correct and timely compliance of Statutory filings

Statutory Compliance Compliance with Laws & Regulations

Statutory Compliance Compliance with Laws & Regulations

All transactions in ERP are entered by Authorized

Chart Of Accounts Arrive at correct financial position

Defining the Financial

Input Tax Credit as per books is matched with Input Tax

Account Balance/ Class of

Risk Associated with the

Payments may be processed for goods that have not

Capitalisation of Fixed Assets even before asset is

Revenue Expenditure treated as Capital Expenditure

Inaccurate reporting of payments to parties as Deposits Significant No High

Inaccurate/ incomplete recording of bank accounts

Inaccurate, incomplete and non-timely recording of

Unauthorized / inaccurate recording of Bank

Unauthorized / inaccurate recording of Bank

Inappropriate/ unauthorized access to online banking

Inappropriate/ unauthorized access to online banking

Inappropriate/ unauthorized access to on-line banking

Profession Tax - Delay in payment of collected taxes Significant No High a a

GST - Inappropriate or inaccurate filing of GST

GST - Closing balance is not matched with balance as

GST - Reverse Charge Compliance not made / Input

TDS Returns are not filed / filed inaccurately Significant No High a a

TDS not deducted Significant No High a a a

TDS receivable not accounted Normal No Low a a a a

Advance Tax not quantified correctly or not paid within

Filing of charges - Creation of Charge, Modification of

Income Tax - Compliance with cash payment limits and

CSR Expenses to be spent Normal No Low a

Unauthorized changes to Chart of Accounts can have

Wrong Grouping of Ledgers Significant No High a

Unauthorized opening/ closing of bank accounts

Unauthorized bank signatories resulting in invalid/

Unauthorized bank signatories resulting in invalid /

Unauthorized bank signatories resulting in invalid /

Accounting records are not closed and/ or reconciled in

Changes in final value of General ledger will lead to

Changes in final value of General ledger will lead to

Non-existent receivables brought forward in Financials Significant No High a a

Depreciation charged at Higher or Lower Rates Normal No Low a

Sale of Fixed Assets - Profit / Loss on sale of fixed

Physical verification and valuation of inventory Significant Yes High a a a