Untitled

Download as pdf or txt
Download as pdf or txt
You are on page 1of 124



© 2012 University of South Africa

All rights reserved

Printed and published by the


University of South Africa
Muckleneuk, Pretoria

AUE2602/1/2013–2016

98831836

Indesign

CGM_Style

ii


CONTENTS
Page

Preface v

Topic 1:  Corporate governance and statutory matters 1

Topic 2: 
Internal control 25

Topic 3: 
Business cycles 47

Topic 4:  Revenue and receipts cycle 55

Topic 5:  Acquisitions and payments cycle 73

Topic 6:  Inventory and production cycle 85

Topic 7:  Payroll and personnel cycle 93

Topic 8:  Finance and investment cycle 105

Bibliography 112

iii


PREFACE

1 Welcome
It is a great pleasure to welcome you to this module, AUE2602: Corporate Go­
vernance in Accountancy. This module deals with the underlying principles of
corporate governance.

We urge you to read this preface thoroughly. It outlines the purpose of this mo­
dule, gives the links with other auditing modules, explains our teaching strategy
and provides useful hints that will help you to enjoy your learning experience.
Refer back to it as often as you need to, since it will certainly make studying this
module a lot easier.

We hope that you will find this module valuable in your study of auditing.

2 Purpose of the module


The purpose of this module is to provide learners with knowledge and skills
regarding the principles of corporate governance, statutory matters and internal
controls in the business cycles.

Students credited with this module will be equipped with theoretical knowledge
of corporate governance and will be able to identify and evaluate the efficiency
of internal controls in different business cycles.

3 Links with other modules


This module does not stand alone. It is an integral part of various degrees o
­ ffered
by UNISA.

The Department of Auditing offers various modules in the field of auditing, inclu­
ding the following Auditing 200 modules:

Auditing 200:
AUE2601: Auditing Theory and Practice
AUE2602: Corporate Governance in Accountancy
AUI2601: Internal Auditing: Theory and Principles

v


4 Framework of the module


Diagram 1 below is a schematic representation of the content of this module.

Diagram 1

AUE2602
CORPORATE GOVERNANCE IN ACCOUNTANCY

Topic 1  Corporate governance and statutory matters


1.1 The background to corporate governance in South Africa
1.2 Statutory matters
1.3 The King III Report and Code on Governance for South Africa

Topic 2 Internal control


2.1 Internal control
2.2 Components of internal control
2.3 Controls in a computerised environment
2.4 Internal control from the perspective of the external auditor

Topic 3  Business cycles


3.1 Business cycles

Topic 4 Revenue and receipts cycle


4.1 Credit sales
4.2 Cash sales

Topic 5  Acquisitions and payments cycle


5.1 Acquisitions and payments cycle

Topic 6 Inventory and production cycle


6.1 Inventory and production cycle

Topic 7  Payroll and personnel cycle


7.1 Payroll and personnel cycle

Topic 8  Finance and investment cycle


8.1 Capital expenditure

vi


5 The teaching strategy

5.1 The study package


The study package that you will need to master this module consists of

•• the prescribed textbook(s)


•• the study guide, in which study material is grouped into topics with study
units (the study guide serves as a key to the study material you have to study
in the prescribed textbook(s) and also contains activities that will enable you
to test your individual learning progress.)
•• questions and answers which relate to the various study units (the questions
and answers are made available in the form of tutorial letters.)
•• assignments, which are contained in Tutorial Letter 101
•• tutorial letters, which contain information to which we wish to draw your
attention

5.2 Learning outcomes, assessment criteria and levels of mastery


We formulate the learning objectives for the various auditing modules to indicate
exactly what will be expected of you in order to complete each module successfully.

For each topic in the study guide, we indicate learning outcomes that you should
be able to achieve after studying a particular topic.

Assessment criteria are supplied in the study guide for each study unit and they
indicate what you should be able to do after having studied the particular study
unit. The formulated assessment criteria are based on various levels of mastery
which you are required to achieve as you learn the study material. The required
levels of mastery for this module vary from knowledge and comprehension to
the application of knowledge under given circumstances. Integration as a fur­
ther level of mastery only arises in the subsequent auditing modules and is not
­applicable to this module.

The first two levels as defined in the Education Requirements of the South African
Institute of Chartered Accountants (SAICA) (2010:13–14) are requirements for
the purposes of this module:

Level 1: Basic
At this level, the candidate is required to obtain a knowledge and understanding
of the core/essence of the subject matter, which includes the fact that the subject
matter exists and its significance, relevance and defining attributes.

Level 2: Intermediate
At this level, the candidate is required to obtain a detailed knowledge and under­
standing of the central ideas and issues that form the substance of the subject
matter.

vii


Level 3: Advanced
At this level, the candidate is required to obtain a thorough knowledge and rigorous
understanding of the subject matter. This level of knowledge and understanding
extends beyond a sound understanding of central issues, to include complexities
and unusual/exceptional aspects of the subject matter.

You will not be confronted with level 3 (advanced) material in this module. This
is covered in your further auditing studies.

The level of knowledge and understanding that you will require for the various
topics/study units covered in this study guide is indicated next to the learning
outcome(s) formulated for each study unit of the topic.

Note the following points regarding the level of mastery indicated for the various
learning outcomes for each study unit:

•• The highest level of mastery that applies to a study unit is indicated. In other
words, if a study unit is indicated as level 2 (intermediate) this implies that you
should also be able to deal with the topic at level 1 (basic).
•• Your mastery of the study material in terms of the specified learning outcomes
will be tested in the final examination paper, which you will have to pass in
order to complete the module successfully. Questions at both levels 1 and 2
will be included in the examination paper.

5.3 Study activities


Numerous study activities and self-evaluation questions are included in each
study unit to encourage your active participation in the learning process. These
are a combination of reading, studying, doing and reflecting activities that are
presented in a flexible manner throughout the study guide. They have been de­
signed to enable you to absorb the knowledge content of the topic, to develop
your understanding and to direct your thoughts.

This is a vital aspect of our learning approach because as you encounter these
study activities and actually perform them, you will become directly involved in
controlling the extent and quality of your learning experience. In short, how much
and how well you learn will depend on the extent of your progress through the
study activities, and the quality of your efforts.

5.4 Meaning of words


In this module we require you to understand the meaning of certain words to
enable you to interpret assessment criteria, comprehend what various doing
activities in the study guide require you to do and interpret assignments and
examination questions.

To indicate the length, scope and format of answers to study activities and ques­
tions, we have deliberately built limits or restrictions into the questions by using
action verbs. These action verbs give you an indication of how to tackle the given
problem and what style of writing is called for.

An analysis of the action verbs contained in a question will

viii


•• enable you to plan the answer systematically and organise your thoughts
logically
•• ensure that you comply with the lecturer’s requirements

You will also save yourself time and trouble by eliminating irrelevant material that
falls outside the scope of the answer.

For the purposes of this module, the following meanings will be attached to the
following action words:

Word Meaning
Advise Give advice to; express an expert opinion
Apply Use in a practical manner; use as relevant or suitable
Calculate Figure out; determine by a mathematical procedure
Clarify/demonstrate This means expound; make the meaning clear; provide
proof of; argue the truth of
Compare Place side by side in order to observe similarities, re­
lationships and differences
Complete Finish; accomplish; supply whatever is missing
Define Describe accurately; establish the exact meaning; ex­
plain the inherent meaning; make clear; give an account
of the overall character
Describe Give an account of the respective particulars or es­
sential characteristics; outline clearly; give an accurate
account
Determine Establish; reach a conclusion or decision
Discuss Examine; explain; examine by means of argument
Draft Prepare a provisional outline
Examine Inspect; investigate
Explain Make clear or comprehensible; elucidate; give the mean­
ing in detail
Identify Establish through consideration; recognise; pick out
Illustrate Explain; shed light on; use an example to elucidate
something
Interpret Explain the meaning of; explicate; construe; show the
nature or essence
List Note/specify matters or objects that are related to one
another
Name/mention/state Specify by name; give names, characteristics, items,
elements or facts
Organise Divide into classes or groups according to certain char­
acteristics; place in a particular order

ix


Word Meaning
Prepare Make ready in advance; finish; get something ready on
the basis of previous study
Record Put in writing; set down for reference and preservation
Substantiate Supply reasons or facts; support a view or argument
Summarise Give a brief account; briefly state the essence of a
matter
Tabulate Arrange in tabular form

5.5 Meaning of icons


The icons used in this study guide are listed below, together with an explanation
of what they mean:

Icon Description

Study. This icon indicates which sections of the prescribed book


or the study guide you need to study and internalise.

Read. This icon will direct you to read certain sections of the
prescribed book for background information.

Assessment. This icon indicates that you are required to test


your knowledge, understanding and application of the material
you have just studied.

6 Approach to your studies


The following are vital considerations that you should bear in mind when ap­
proaching your studies in auditing, and also some useful hints and aids that will
help you to improve your learning experience.

6.1 Allocation of time for this module


The study material for this module has been developed on the basis of the as­
sumption that you will have a total period of 15 weeks available to study the
module. You will need to use the final three weeks before the examination to
revise and prepare for it. You should devote a minimum of eight hours a week to
your studies for this module.

We have provided the following breakdown of the estimated time required to work
through the different topics contained in the study material, including the comple­
tion of assignment work. You can use it to compile your own study schedule for

x


this auditing module. Bear in mind that it is only a guideline. You may, however,
find certain topics more difficult and therefore require more hours to master them.

Topic Minimum hours of


study
Preface
1  Corporate governance and statutory matters 40
2  Internal control 15
3  Business cycles  1
4  Revenue and receipts cycle 10
5  Acquisitions and payments cycle  9
6  Inventory and production cycle  5
7  The payroll and personnel cycle  8
8  The finance and investment cycle  2
  Completion of assignments 10
  Revision for the examination 20
Total time 120 hours

6.2 Mastering the study material


Use the study guide to guide you through the study material. The prescribed
textbook(s) contain the information you are required to master and remain the
primary source(s) that you will need to study. Information, explanations and ques­
tions in the study guide, tutorial letters and assignments are included in order to
make the information in the textbook(s) comprehensible to you and to give you
an indication of how well you have mastered the study material.

Make use of the opportunities offered by the study guide. For example, use the
margin in the study guide to make notes, and write down keywords and any
problems that you have encountered. At the end of each study unit a page has
been left for notes where you can jot down information which fits in with your
particular study approach.

Particulars of the assignments that have to be completed for this module are
contained in Tutorial Letter 101. Unisa publications contain information on ad­
ministrative arrangements and the student support services offered. Make sure
that you are familiar with all the information contained in these publications.

6.3 Self-study and self-evaluation


Since self-study and self-evaluation are key components of distance education,
the study material contains various study activities that you are asked to do. Make
the most of these opportunities to determine whether you have made sufficient
progress to meet the assessment criteria in the various study units. Try to answer
the questions contained in the activities, the question bank and the assignments
independently, before looking at the suggested answers.

When you come across a subject-related problem in auditing, make a persistent


effort to get to the bottom of the uncertainty or problem. If you persevere until
you have solved the problem, you will find that you derive great satisfaction from

xi


doing so. As indicated in Tutorial Letter 101 for each auditing module, the auditing
lecturers responsible for the module are available to help you solve subject-related
problems. Take note of other opportunities for active learning, as contained in
Tutorial Letter 101 for each module and the Unisa publications, which may pos­
sibly meet your study needs.

7 What you can expect from Unisa


You can expect us to do the following:
•• We will provide you with up-to-date and relevant learning material.
•• We will keep the learning material in line with the needs of industry and commerce
by consulting regularly with the profession.
•• We will assist you as students by giving you the opportunity to
develop competencies and skills at a certain level. The outcomes correspond
to the National Qualifications Framework (NQF) level 6. You will be assessed
taking the level descriptors of the NQF into account.
•• We will support you whenever you require assistance. You may contact your
lecturers by making personal appointments; contact them by phone or via
e-mail or the internet. We understand that studying through distance education
is more challenging than attending a residential university.
•• We will provide you with clear indications of what we expect from you in terms
of your assessment.

8 Feedback from students


To enable us to continue improving and adapting study material in order to meet
students’ needs, we need feedback from you on any sections which are not clear
or any problems you may have experienced with the study material for this module.

If you wish to supply feedback on the study material or assignments for this mo­
dule, you may contact us either directly or in writing. Please take this opportunity
to bring problems and shortcomings to our attention.

9 Conclusion
We hope you will enjoy your studies! We are certainly looking forward to being
your partners in this endeavour.

Best wishes

Your lecturers FOR AUE2602

xii


TOPIC 1
Corporate governance and statutory matters

Topic overview
The aim of this topic is to explain and apply corporate governance in practical
situations by referring to statutory matters regarding company directors as con­
tained in the Companies Act 2008, as well as the provisions of the King III Report
and Code on Governance for South Africa.

This topic is divided into the following study units:

Study unit Title Page


1.1 The background to corporate governance in South
Africa 3
1.2 Statutory matters 5
1.2.1 Standards of directors’ conduct – section 76 5
1.2.2 Liability of directors and prescribed officers – section 77 5
1.2.3 Indemnification and directors’ insurance – section 78 6
1.2.4 Audit committees – section 94 6
1.3 The King III Report and Code on Governance for 8
South Africa

1
C orporate governance and statutory matters

Study unit Title Page


1.3.1 Ethical leadership and corporate citizenship 9
1.3.2 Boards and directors 9
1.3.3 Audit committees 14
1.3.4 The governance of risk 16
1.3.5 The governance of information technology 17
1.3.6 Compliance with laws, rules, codes and standards 17
1.3.7 Internal audit 18
1.3.8 Governing stakeholder relationships 20
1.3.9 Integrated reporting and disclosure 21

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
Study unit In this topic we focus on the following Level
learning outcomes:
1.1 The background •• Briefly describe the background to corporate 1
to corporate gov­ governance in South Africa.
ernance in South
Africa

1.2  Statutory matters •• Explain the requirements of sections 76 to 2


78 and 94 of the Companies Act, 71 of 2008,
regarding the standards of directors’ conduct,
liability of directors and prescribed officers,
indemnification and director’s insurance and
audit committees.

1.3 The King III Re­ •• Explain and apply the significant matters 2
port and Code covered by King III.
on Governance
for South Africa

2
The background to corporate governance in South Africa

STUDY UNIT 1.1

THE BACKGROUND TO CORPORATE


1

GOVERNANCE IN SOUTH AFRICA

Introduction
Statements like the following often appear in the media:

“Successful leaders in a turbulent world are bold, risk-taking


visionaries:

They studied what worked, figured out why it worked, and then put
ideas into effect” (The Globe and Mail, accessed at http://www .ctv.ca,
18 Oct 2011).

“In South Africa we still have a chance to prevail – if we all play our
part. He said there was an international consensus that out of every
ten people, one would never be corrupt, one would easily be corrupt,
and the rest would be swayed by pressure or temptation” (Corruption:
SA at tipping point – Fin24 26 Oct 2010, accessed at http://www.fin24.com,
18 Oct 2011).

You may be wondering how the above quotes relate to corporate governance?
In this study unit you will learn about corporate governance in South Africa, with
specific reference to the King III Report and Code on Governance.

As stated in the King III Report (2009:12), the success of companies in the 21st
century is bound up with three independent subsystems – the natural environ­
ment, the social and political system and the global economy.

The success of companies therefore depends not only on their profitability, but
also on the integration of social, environmental and economic issues, which
revolve around leadership, sustainability and corporate citizenship (cf the King
III Report 2009:10–11).

Study
The King III Report (2009:5–18) (included in the SAICA Legislation
Handbook)

Jackson & Stent (2012:4/3–4/7), sections 1 to 6

3
C orporate governance and statutory matters

Note that you should study the King III Report itself (included in the SAICA
Legislation Handbook).

Activity 1
Define good corporate governance and briefly explain why it is important to so­
ciety that companies operate within a framework of good corporate governance.

Feedback on activity 1
References: The King III Report (2009:6–14)
Jackson & Stent (2012:4/3), introduction

Corporate governance is the system or process whereby companies are directed


or controlled. It is about companies being good corporate citizens and all that this
entails. Companies are an integral part of modern society and it therefore follows
that healthy, honest, open, competently and responsibly controlled companies
will improve the quality of modern society.

Activity 2
Explain in your own words what the term “apply or explain” means. Do you think
that this allows directors to avoid adhering to the principles of good corporate
governance?

Feedback on activity 2
References: The King III Report (2009:6–7)
Jackson & Stent (2012:4/5)

“Apply or explain” means that King III follows a non-legislated approach, which
allows companies to explain if they choose not to apply the principles of King III.
They may make this choice if they believe that it would be in the best interests
of their company.

Directors can’t avoid adhering to the principles of good corporate governance,


because there is a link between good governance and compliance with the law.
The directors themselves have legal duties stipulated in the Companies Act 2008.

Note: 
The duties of directors as stipulated in the Companies Act 2008 will be
explained in more detail in study unit 1.2.

Summary
In this study unit you learned what good corporate governance in South Africa
means, with specific reference to the King III Report and Code on Governance.

The King III Report endeavoured to be at the forefront of governance internatio­


nally (King III Report 2009:5).

4
Statutory matters

STUDY UNIT 1.2

2 STATUTORY MATTERS

Introduction
“There is always a link between good governance and compliance with law.
Good governance is not something that exists separately from the law and
it is entirely inappropriate to unhinge governance from the law.” Mervyn E
King, SC, King Committee Chairman, 1 September 2009

Some of you may already have studied sections of the Companies Act 71 of
2008. As directors play a very important role in corporate governance, we want
to ensure that you have sufficient background knowledge of sections 76, 77, 78
and 94 of the Companies Act. These sections deal with the standards of directors’
conduct; liability of directors and prescribed officers; indemnification and direc­
tors’ insurance and audit committees. Once you have acquired this knowledge
you will study the King III Report in study unit 1.3.

Note the following about the study information below:

SAICA Legislation Handbook, 2010/2011, Volume 1 – Where instructed


below, ensure that you study the relevant sections in the Companies Act 71 of
2008.

1.2.1 standards of directors’ conduct – section 76


This section describes certain duties of directors.

Study
•• The Companies Act 71 of 2008: section 76
•• Jackson & Stent (2012:3/45–3/46)

1.2.2 Liability of directors and prescribed


officers – section 77
This section deals with instances where a director and prescribed officer may
be held liable for losses suffered by the company.

5
C orporate governance and statutory matters

Study

•• The Companies Act 71 of 2008: section 77


•• Jackson & Stent (2012:3/46–3/47)
1.2.3 Indemnification and directors’
insurance – section 78
As stated in section 78(2), any provision of an agreement, the Memorandum of
Incorporation or rules of a company, or a resolution adopted by a company, is
void if it directly or indirectly seeks to relieve a director of any of that director’s
duties. Section 78 does, however, allow certain “protection” of directors through
indemnification and directors’ insurance.

Study

•• The Companies Act 71 of 2008: section 78


•• Jackson & Stent (2012:3/47)
Activity 3
The King III Report (2009:21) sets out the board of directors’ responsibility to
provide effective leadership based on an ethical foundation. It states that the
deliberations, decisions and actions of directors should be based on the four
ethical values of responsibility, accountability, fairness and transparency.
It also states that directors have five moral duties, namely conscience, inclusi­
vity, competence, commitment and courage.

Briefly discuss how these values and duties tie up with sections 76 to 78 of the
Companies Act.

Feedback on activity 3
The principles highlighted above strongly relate to section 76, which states that
a director should exercise his or her powers in good faith, in the best interests
of the company and with reasonable care, skill and diligence.

The King III ethical values of responsibility, accountability and fairness are
clearly addressed in sections 77 to 78, where liability, indemnification and direc­
tors’ insurance are described.

As mentioned in activity 2 above, there is a link between good governance


and compliance with law.

1.2.4 Audit committees – section 94


Section 94 states that a public company, state-owned company or other company
that is required by its Memorandum of Incorporation to have an audit committee
must elect an audit committee at each annual general meeting.

6
Statutory matters

Study

•• The Companies Act 71 of 2008: section 94


•• Jackson & Stent (2012:3/52–3/53)

Activity 4
1. Briefly list the membership requirements for the audit committee according
to section 94 by referring to what a member must and must not be.
2. Briefly describe the main duties of the audit committee according to section
94.

Feedback on activity 4

•• The membership requirements for the audit committee in terms of section 94


are listed in Jackson & Stent (2012:3/52) and are not repeated here.
•• The main duties of the audit committee in terms of section 94 are described
in Jackson & Stent (2012:3/52–3/53) and are not repeated here.

Note that the requirements for audit committees in terms of the King III Report
are explained further in section 1.3.3 below.

Summary
In this study unit you studied sections 76, 77, 78 and 94 of the Companies Act,
which deal with the standards of directors’ conduct, liability of directors and pre­
scribed officers, indemnification and directors’ insurance, and audit committees.

Self-assessment
After having worked through the study unit and the references to the pre­
scribed study material, see whether you can do the following:

1. Explain and apply section 76 of the Companies Act, which deals with the
standards of directors’ conduct.
2. Explain and apply section 77 of the Companies Act, which deals with the
liability of directors and prescribed officers.
3. Explain and apply section 78 of the Companies Act, which deals with in­
demnification and directors’ insurance.
4. Link sections 76, 77 and 78 of the Companies Act, which deal with the
standards of directors’ conduct, liability of directors and prescribed officers,
indemnification and directors’ insurance, to the principles of good corporate
governance in King III.
5. Explain and apply section 94 of the Companies Act, which deals with au­
dit committees.

Refer to additional questions about statutory matters in your study material if you
are not sure that you can answer these self-assessment questions.

7
C orporate governance and statutory matters

STUDY UNIT 1.3

THE KING III REPORT AND CODE ON


3

GOVERNANCE FOR SOUTH AFRICA

Introduction
King III consists of a Code of Governance, which deals with the principles, and
a Report on Governance, which provides recommendations for best practice
for each of the principles.

Although the King III Report has adopted a voluntary basis for the application of
the principles of good governance, application of these principles is compulsory
for public companies listed on the Johannesburg Stock Exchange (JSE).

Paragraph 8.63 of the JSE Listing Requirements states that issuers of financial
reports should disclose, among others, the following information (JSE Listing
Requirements 2011:165):

(i) a narrative statement of how it has applied the principles set out in the
King Code, providing an explanation or explanations enabling its sharehold­
ers to evaluate how the principles have been applied; and
(ii) a statement dressing the extent of the company’s compliance with the
King Code and the reasons for noncompliance with any of the princi­
ples in the King Code, specifying whether the company has complied with
all the provisions of the King Code throughout the accounting period, and
indicating for what part of the period any noncompliance occurred.

The following are significant matters covered by the King III Report:
1.3.1 Ethical leadership and corporate citizenship
1.3.2 Boards and directors
1.3.3 Audit committees
1.3.4 The governance of risk
1.3.5 The governance of information technology
1.3.6 Compliance with laws, rules, codes and standards
1.3.7 Internal audit
1.3.8 Governing stakeholder relationships
1.3.9 Integrated reporting and disclosure

8
The King III Report and Code on Governance for South Africa

1.3.1 Ethical leadership and corporate citizenship


As stated in the King III Report (2009:20), responsible leadership is about effec­
tive responsible leadership, building sustainable businesses, reflecting on the
role of business in society, doing business ethically, not compromising the natural
environment and embracing a shared future.

Study

•• The King III Report (2009:20–27)


•• Jackson & Stent (2012:4/7–4/9) topic 1
Activity 5
List five responsibilities of the board with regard to ethical leadership and the
corporate citizenship of a company.

Feedback on activity 5
Reference:  The King III Report (2009:20–21)

The answer to the question is provided in the reference above, and is not re­
peated here.

1.3.2 Boards and directors


As the board of directors is responsible for the corporate governance of busi­
nesses, this is an important section of the King III Report. Familiarise yourself
with the different principles that apply to the boards and directors as stated in
the King III Report.

Study

•• The King III Report (2009:29–52)


•• Jackson & Stent (2012:4/9–4/17) topic 2
Section 66(1) of the Companies Act 2008 requires that the business and affairs
of companies must be managed by or under the direction of a board of directors
and section 84(4)(c) provides that every public company and state- owned com­
pany must in addition appoint an audit committee. The King III Report also
recommends that an audit committee should be appointed for companies other
than public and state-owned companies.

Section 72 of the Companies Act allows the board of directors to appoint any
number of committees (sub committees), with the King III Report and the
JSE Listing Requirements specifying at least a remuneration committee and,
if required, nomination and risk committees.

As mentioned above, section 72 allows for any number of board committees to


be appointed, depending on the requirements of the company. The King III Report
mentions the appointment of a social and ethics committee and governance, IT

9
C orporate governance and statutory matters

steering and sustainability committees. These board committees constitute an


important element of the governance process.

Please take note of the tables below, which contain a summary of the recommend­
ed composition and functions of the board of directors and its main board commit­
tees (cf the King III Code of Governance Principles 2009:21–31). The composition
and functions of the audit committee will be explained in section 1.3.3 below.

Board of directors

Chairman •• Independent non-executive director (principle 2.16).


•• CEO of the company should not also fulfil the role of
chairman of the board (principle 2.16).
•• The role of the chairman should be formalised (principle
2.16.5).
•• The chairman’s ability to add value, and his performance
against what is expected of his role and function, should
be assessed every year (principle 2.16.6).
Membership •• The board should comprise a balance of power, with a
majority of non-executive directors. The majority of non-
executive directors should be independent (principle 2.18).
•• The board, through its nomination committee, should
recommend the eligibility of prospective directors (principle
2.18.7).
Members •• Minimum of two executive directors of which one should be
the CEO and the other the director responsible for finance
(principle 2.18.5).
•• At least one-third of directors should rotate every year
(principle 2.18.6).
Meetings •• Meet at least four times a year (principle 2.1.2).
Functions •• The board should have a charter setting out its
responsibilities. The functions of the board are listed under
principles 2.1 to 2.17 of the Code of Governance.

Board committees
Remunera­ Nomina­ Risk committee
tion committee tion committee
Chairman •• Independent non- •• Independent non- •• Independent non-
executive director executive director executive director
(principle 2.23). (principle 2.23). (principle 2.23).
Member- •• Majority should •• Majority should •• Executive and
ship be non-executive be non-executive non-executive
directors of which directors of which directors
majority should majority should (principle 4.3.2.2).
be independent be independent
(principle 2.23.7). (principle 2.23.7).

10
The King III Report and Code on Governance for South Africa

Remunera­ Nomina­ Risk committee


tion committee tion committee
Members •• Not specified in •• Not specified in •• Minimum of
King III. King III. three members
(principle 4.3.2.3).
Meetings •• Not specified in •• Not specified in •• Meet at least
King III. King III. twice a year
(principle 4.3.2.4).
Functions •• Should assist the •• Should assist with •• Should consider
board in setting the process of the risk man-
and administering identifying suitable agement policy
remuneration members of the and plan and
policies (principle board (principle monitor the risk
2.25.2). 2.19.1). management
process (principle
4.3.2.1).

Note:  The principles refer to the King III Code of Governance.

Activity 6
The board should elect a chairman who is an independent non-executive director.
Explain what an independent non-executive director is.

Feedback on activity 6
Reference: The King III Report (2009:38–39) point 65–67

The concept “independent non-executive director” is explained in detail in the


King III Report and is not repeated here.

Activity 7
The collective responsibilities of management vest in the chief executive officer
(CEO). List the CEO’s main functions.

Feedback on activity 7
Reference: The King III Report (2009:37–38) point 60

The main functions of the CEO are set out in the King III Report and are not
repeated here.

Activity 8
Why should the CEO not fulfil the role of the chairman of the board?

11
C orporate governance and statutory matters

Feedback on activity 8
Reference: The King III Report (2009:37) point 59

Given the strategic and operational role of the CEO, and to prevent too much
power vesting in one person, this appointment should be separate from that of
the chairman of the board.

Activity 9
The board should delegate certain functions to well-structured committees. Are
the chairman of the board and the CEO allowed to be members of the follo­
wing committees?

1. Audit committee
2. Remuneration committee
3. Nomination committee
4. Risk committee

Feedback on activity 9
Reference: The King III Report (2009:46)

Committee Chairman CEO


Audit committee No No
Remuneration committee Yes Yes
Nomination committee Yes Yes
Risk committee Yes Yes

Activity 10
Recently, while skimming the annual report of Stadium Ltd, a company listed on
the JSE, you came across the company’s schedule of directors and committees.

These appeared as follows:

1. Board of Directors
Chief Executive Officer – Donald Winthrop
Managing Director – Administration – Charles Tree
Financial Director – Monty Mann
Operations Director – Christo Wells
Human Resources Director – Jerry German
Marketing Director – Koos Katswinkel
Non-executive Director – Caz Kallim
Independent Non-executive Director – Mary Maswai

 he company has not appointed a chairman. The most senior director who
T
arrives at the directors’ meeting acts as chairman.

12
The King III Report and Code on Governance for South Africa

2. Committees
2.1 Directors’ Appointment Committee – Donald Winthrop
– Charles Tree

This committee makes recommendations to the shareholders regarding


who should be appointed as directors. If the two directors on the committee
disagree, Donald Winthrop has the casting vote.

2.2 Remuneration Committee – Donald Winthrop


– Monty Mann
– Koos Katswinkel
2.3 Audit Committee – Monty Mann
– Christo Wells
– Mitchell Street (Internal Audit)
– External Audit
– Fred Carver

All committees meet as and when required. The Board meets every six
months.

3. Risk Committee
The risk committee was disbanded at the beginning of the year. The direc­
tors know the business and the risks involved.

Required
Comment on the information presented above in relation to the requirements of
the King III Report.

Feedback on activity 10
Stadium Ltd’s adherence to the King III Report appears to be less than adequate.

1. Board of Directors
Reference:  The King III Report (2009:34–40)
1.1 The company has no chairman. King III recommends that the board
should elect a chairman who is an independent, non-executive director.
1.2 The board of directors is the most important component of corporate
governance and important decisions must be taken at board meetings.
This requires that the meetings be knowledgeably and efficiently run.
This requires careful preparation for the meeting. At present this does
not take place and that the meeting is simply run by the most senior
director who arrives at the meeting. This also suggests that not all di­
rectors arrive for meetings.
1.3 The board should meet at least 4 times a year. At present the board
only meets every six months.

13
C orporate governance and statutory matters

2. Board committees
Reference:  The King III Report (2009:40–52)
2.1 King III recommends that a company such as Stadium Ltd should have
a nominations committee (which may be called the directors’ appoint­
ment committee). This committee should be chaired by an independent
non-executive director (for example the chairman of the board) and the
majority of members should be non-executive directors, the majority
of whom should be independent. At present Stadium Ltd doesn’t have
a chairman.
2.2 The recommendations for the appointment of directors should be made
by the Board as a whole and not by a select committee. A nomina­
tions committee should merely assist in the process.
2.3 The remuneration committee should be chaired by an independent
non-executive director and the majority of the members should be in­
dependent non-executive directors. At present this committee has no
independent non-executive directors.
2.4 In terms of King III, the audit committee should be chaired by an inde­
pendent non-executive director, which Monty Mann is not, and it should
be made up of independent non-executive members, which it is not.
2.5 Neither Fred Carver, the financial manager, nor Mitchell Street, the
internal audit manager, nor the external auditors should be committee
members. These three should work closely with the committee at vari­
ous times but they should not form part of the committee.
2.6 All committees should schedule meetings properly and should meet
a stipulated minimum number of times, not just on a random “as and
when” basis.

3. Risk committee
Reference:  The King III Report (2009:46)

3.1 Risk is an ever-present factor in any large company, and the nature of
risks changes. It is unrealistic for Stadium Ltd to think otherwise and
it is irresponsible to disband the risk committee because the directors
“know the business and the risks involved”.
4. General
4.1 On balance, this company appears to be dominated by the CEO, Donald
Winthrop.
Source:  Graded Questions on Auditing 2012 (Gowar & Jackson 2012: 21) – adapted

1.3.3 Audit committees


As mentioned in section 1.2.2 above, the Companies Act 71 of 2008: section
94 requires a public or state-owned company to appoint an audit committee
as well as a board of directors. The King III Report also recommends that an
audit committee should be appointed for companies other than public and state-
owned companies.

14
The King III Report and Code on Governance for South Africa

Study

•• The King III Report (2009:56–68)


•• Jackson & Stent (2012:4/17–4/21) topic 3
The table below provides a summary of the composition and functions of an
audit committee:

Audit committee
Chairman •• Independent non-executive director (principle 3.3).
•• The chairman of the board should not be the chairman or a
member of the audit committee (principle 3.2.3).
Member­ •• All members should be independent non-executive directors
ship (principle 3.2.1).
Members •• Minimum of three members (principle 3.2.2).
Meetings •• Meet at least twice a year (principle 3.1.4).
•• Should meet with internal and external auditors at least once
a year without management being present (principle 3.1.5).
Functions •• Should oversee integrated reporting (principle 3.4).
•• Should ensure that a combined assurance model is applied
(principle 3.5).
•• Should satisfy itself of the expertise, resources and experience
of the company’s finance function (principle 3.6).
•• Should oversee internal audit (principle 3.7).
•• Should be an integral component of the risk management
process (principle 3.8).
•• Should recommend the appointment of the external auditor
and oversee the external audit process (principle 3.9).
•• Should report to the board and shareholders on how it has
discharged its duties (principle 3.10).

Activity 11
The following is a summary of the composition and certain functions of the au­
dit committee of Mineco Ltd, a JSE listed company in the South African mining
sector.

Audit committee
Violet Mguni – Operations Director
William Smith – Government official (only attends board meetings)
Bob Cilliers – Financial Director

The audit committee meets annually. The audit committee evaluates the board’s
performance. During the recent meeting of the audit committee, it was decided
that Mineco Ltd would acquire shares in Africa Coal, a coal-mining company listed
on the JSE. A detailed analysis of the coal-mining sector supported this decision.

15
C orporate governance and statutory matters

Required
Comment on the information presented in terms of the requirements of King III.

Feedback on activity 11
Reference: The King III Report (2009:56–59)

1. In terms of King III, the audit committee should comprise at least three mem­
bers. Mineco Ltd has three members and complies with King III.
2. All members should be independent non-executive directors. Two members
of the committee are not independent non-executive directors, as they are
involved in the day-to-day running of the business.
3. The audit committee should meet as often as necessary, but at least twice
a year.
4. The board should be evaluated by the chairman or by an independent party,
not by the audit committee.
5. In line with the requirements for risk management, the audit committee is
not permitted to make decisions on the acquisition of shares in Africa Coal.
This should be the responsibility of the board (with the approval of the
shareholders).
Source:  Unisa – TOE412S/105/2011 — adapted

1.3.4 The governance of risk


According to the King III Report (2009:73), the essential focus of the governance
of risk is that “the board should exercise leadership to prevent risk manage­
ment from becoming a series of activities that are detached from the realities
of the company’s business”. Risk is positioned as a cornerstone of corporate
governance and it is emphasised that it is the board’s responsibility to ensure
that it is satisfied with the management of risk.

Study

•• Reference: The King III Report (2009:73–80)


•• Jackson & Stent (2012:4/22–4/26) topic 4
Who is responsible for what? The table below sets out responsibilities for the
governance of risk.
WHAT WHO
Governance of risk. The board (principle 4.1).
Design, implementing and monitoring The board should delegate to manage­
of the risk management plan. ment (principle 4.4).
Monitoring the risk management The board, risk committee, audit com­
process. mittee (principle 4.3.2.1).
Performing an objective assessment of Internal audit (principle 7.1.2.2).
the effectiveness of risk management.

Note:  The term “principles” refers to the King III Report.

16
The King III Report and Code on Governance for South Africa

Activity 12
Explain the responsibility of management and the CEO in the risk management
process.

Feedback on activity 12
Reference: The King III Report (2009:75–76)

The responsibility of management and the CEO in the risk management process
is explained under points 24 to 30 in the King III Report and is not repeated here.

1.3.5 The governance of information technology


The governance of information technology is dealt with in detail in the King III
Report.

Study

•• The King III Report (2009:82–87)


•• Jackson & Stent (2012:4/26–4/29) topic 5

Activity 13
Chapter 4 of the King III Report on Governance deals with the governance of
risk. Explain the role that information technology plays in the company’s risk
management.

Feedback on activity 13
Reference: The King III Report (2009:85, 87)

The role that information technology plays in the company’s risk management is
explained under points 5.5 and 5.7 in the King III Report and is not repeated here.

1.3.6 Compliance with laws, rules, codes and


standards
The board should ensure that the company complies with applicable laws, rules,
codes and standards. The board should monitor this and disclose details in the
integrated report (King III Report 2009:89).

Study

•• The King III Report (2009:89–91)


•• Jackson & Stent (2012:4/29–4/30) topic 6
17
C orporate governance and statutory matters

Activity 14
Explain the main functions of the board, management and the compliance
officer with regard to compliance with laws, rules, codes and standards.

Feedback on activity 14
Reference: The King III Report (2009:89–91)

The functions of the board, management and the compliance officer with regards
to compliance with laws, rules, codes and standards, is explained in the King III
Report, 2009: 89–91 and is not repeated here.

Note: The ultimate responsibility for complying with laws, rules, codes and stand­
ards lies with the board. The board’s right to delegate the implementation
of a compliance framework and process to management and to appoint
a compliance officer falls within the framework of appointing board com­
mittees, as explained in section 1.3.2 above.

1.3.7 Internal audit


Study

•• The King III Report, 2009:93–98


•• Jackson & Stent (2012: 4/30–4/32) topic 7

Activity 15
1. Explain in your own words what the term “risk-based audit approach” means
in the context of the King III requirements for internal audit.

Feedback on activity 15
Reference:  The King III Report (2009:94)

1. Risk-based internal auditing (RBIA) is the methodology which provides as­


surance that risks are being managed within the organisation’s risk appetite
(Risk based internal auditing: three views on implementation Griffiths 2006:1).

Activity 16
Stapleking Ltd is a manufacturer and wholesaler of a wide range of fasteners,
such as staples, tacks and drawing pins. Controls are sound and include an in­
ternal audit department which is staffed by competent internal auditors. Internal
audit activities are scheduled at the start of each financial year, but during the
year numerous requests are received from within the company for “internal audit”
to carry out various assignments. The following requests have been received:

1. Lindsay Haffejee, the chief audit executive, has been asked by the human
resources director to serve on a selection committee for the appointment of
a new company secretary.

18
The King III Report and Code on Governance for South Africa

2. The financial director has asked the internal audit department to design
and implement a costing system for a new type of product which is to be
manufactured.
3. The information technology manager has asked internal audit to conduct
a post-implementation review on a recently introduced telesales ordering
system.
4. The warehouse manager has requested internal audit to perform an audit to
determine whether the company is complying with all the necessary safety
regulations, for example the fire protection and ventilation regulations.
5. The financial director has requested internal audit to schedule an investi­
gation into the payroll and personnel cycle to determine whether there are
fictitious employees on the payroll.
6. The production director has requested internal audit to conduct inventory
cycle counts in the finished goods warehouse on an ongoing basis.
7. The external auditors have requested internal audit to assist them with the
verification of the existence of plant and equipment at an interim audit.
8. The board of directors has requested internal audit to assist in identifying,
evaluating and assessing significant organisational risks.

equired
1. Indicate, giving reasons, how Lindsay Haffejee, as the chief audit executive,
should respond to the above requests.

Feedback on activity 16
1. Feedback on Lindsay Haffejee’s requests:
Reference: The King III Report (2009:95–98)
1.1 This request could be accepted. The company secretary is an important
appointment in respect of corporate governance. In a sense the company
secretary is similar to internal audit in that both are “control mechanisms”.
1.2 This request should be refused. The design and installation of systems
is an operational responsibility from which the internal audit depart­
ment should be independent. Internal audit may review the proposed
system and be part of the post-implementation review, but should not
take responsibility for the system.
1.3 This request should be accepted. Part of internal audit’s basic function
is to perform objective assessments of the adequacy and effectiveness
of risk management and internal controls and post-implementation
reviews are part of this.
1.4 This assignment could be accepted. Although internal audit should follow
a risk-based approach to the internal audit function, compliance audits
(evaluating whether the company is complying with relevant laws and
regulations) are part of what internal auditors do. Ensuring compliance
with laws and regulations is part of risk management.
1.5 This assignment could be accepted. The board has direct responsibility
for risk management, and for implementing and monitoring the controls
which serve, inter alia, to safeguard the assets of the company (in this
case, cash). Internal audit is one means which the directors use to obtain
information relating to fraud and corruption.

19
C orporate governance and statutory matters

1.6 This request should be refused. Inventory control is an operational


activity and is the responsibility of the inventory controller/production
department. Internal audit could be used to review and evaluate cycle
counts from time to time.
1.7 This request could be accepted. External and internal audit should
co-operate in this kind of exercise, which is, in effect, an independent
verification procedure.
1.8 This request could be accepted, but internal audit must not assume the
functions, systems and processes of risk management. In other words,
internal audit must not become part of the operational internal controls.
The intention is that internal audit should assist and support the board
in fulfilling their responsibilities, one of which is to identify risk. This
request is in line with the risk-based approach to internal audit.
Source:  Graded questions on auditing (Gowar & Jackson 2012:25) – adapted

1.3.8 Governing stakeholder relationships


The King III Report emphasises a “stakeholder inclusive” approach to corporate
governance.

Study

•• The King III Report (2009:100–106)


•• Jackson & Stent (2012:4/32–4/37) topic 8
Activity 17
1. Define the term “stakeholder” according to King III.
2. Do you regard yourself as a stakeholder of your local municipality? Do you
think that they should adhere to the principles of the King III Report with
regard to stakeholder management? If so, how do your local municipality’s
operations affect you?

Feedback on activity 17
Reference: The King III Report (2009:100)

1. The term “stakeholder” is defined in the King III Report under point 6 and
is not repeated here.
2. You are indeed a stakeholder of your local municipality, to which you pay
rates and taxes every month. The Public Finance Management Act (PFMA)
does not make the application of the King III Report compulsory for govern­
ment institutions, but the same principles of good corporate governance are
embodied in the Act.
Sect 2 of the PFMA – The object of this Act is to secure transparency, ac­
countability and sound management of the revenue, expenditure, assets
and liabilities of the institutions to which this Act applies.

Your local municipality’s operations affect you in many ways, one of which is
service delivery.

20
The King III Report and Code on Governance for South Africa

1.3.9 Integrated reporting and disclosure


Study

•• The King III Report (2009:108–111)


•• Jackson & Stent (2012: 4/38–39) topic 9

Note the following from the study information:


•• King III’s integrated reporting is often referred to as “triple bottom line” reporting.
Triple bottom line – A company should report on its performance with regard
 
to economic, social and environmental issues.

Activity 18
Treelines Ltd is a large forestry company which grows and harvests trees and
transports them to its mills, where the timber is pulped (an operation which
uses a great deal of water and produces unusable waste) for the manufacture
of pulp- based products. Demand for pulp-based products is declining world­
wide, but demand for other timber products is stable.

The company’s forests are spread over numerous regions of the country and
the majority are in remote areas. A key element in the location of forests for
both replanting and new forests is the level of local rainfall as forests are not
irrigated.

Treelines Ltd employs a reasonably large workforce at its forest locations,


ranging from unskilled workers to skilled logging machine operators, all of
whom are vital to the operation. It also has a large administrative, financial,
marketing and support staff of mixed gender and race at its head office.

The board of Treelines Ltd follows sound corporate governance practices


regarding the way it conducts its business and reports to its stakeholders.
Integrated sustainability reporting and disclosure are regarded as important.

YOU ARE REQUIRED TO:


1. Discuss how frequently a company like Treelines Ltd should report to its
stakeholders on sustainability and other issues.
2. Identify the main stakeholders, other than shareholders, with whom Treelines
Ltd should be “building relationships and promoting respect” and indicate
briefly why you consider each of them to be stakeholders.

Feedback on activity 18
1. Effective reporting should take place at least once a year, but there is no
fixed number of times that it should take place. The objective is to keep all
stakeholders informed in a manner that satisfies the needs of each stake­
holder groupings.
2. Treeline Ltd’s main stakeholders are:

21
C orporate governance and statutory matters

Reference: The King III Report (2009:100)

2.1 Suppliers of goods and services without whom the company cannot
operate effectively.
2.2 Creditors arising from the supply of goods, services and finance, for
example loan providers. These parties are owed money and therefore
have a direct stake in the company.
2.3 Employees at all levels and in all activities – skilled, unskilled and
administrative.
2.4 Government and important parties in respect of other legislative mat­
ters, for example the granting of forestry licenses.
2.5 External auditors who require co-operation to fulfil their function.
2.6 Customers, who may range from individuals to large corporations to
government and who are the lifeblood of the company.
2.7 Industry at large – Treelines Ltd does not operate in a vacuum. It is
part of the broader economic community and the forestry/milling/pulp/
paper industry specifically. Co-operation and participation are key to
sustainability of the industry as a whole.
2.8 Local communities – Companies are part of the wider society and, as
in the case of Treelines Ltd, of numerous local communities. The com­
pany depends on these communities and vice versa.
2.9 Media – Financial, industrial and human interest journalists write about
the company and can enhance or damage a company’s reputation and
its image as a good corporate citizen.
2.10 Regulators – Treelines Ltd will probably be regulated by a number of
bodies that require compliance with rules, regulations or a code, for
example the Forest Stewardship Council regulations and code. A sound
working relationship between the company and the regulator must be
cultivated.

Source: Graded questions on auditing (Gowar & Jackson 2012:27) – adapted

Summary
In this study unit we explained and applied the provisions of the King III Report
and Code on Governance in South Africa.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:

1. Explain and apply the nine significant matters covered by King III.

22
The King III Report and Code on Governance for South Africa

CONCLUSION
In this topic, Corporate governance and statutory matters, we explained and
applied corporate governance principles by referring to the background of cor­
porate governance and statutory matters regarding company directors, as well
as the provisions of the King III Code on Governance.

In the next topic we will explain and apply the theory of internal control as an
important aspect of corporate governance.

23
TOPIC 2
INTERNAL CONTROL

Topic overview
The aim of this topic is to explain and apply the theory of internal control as an
important aspect of corporate governance. Internal control will be explained on
the basis of internal control objectives and the components of internal control.
General and application controls in a computerised environment will also be
explained and applied as part of control activities.

The need for the external auditor to obtain an understanding of a client’s internal
control in order to identify significant risks will also be explained.

This topic is divided into the following study units:

Study unit Title Page


2.1 Internal control 27
2.1.1 Definition of internal control and internal control objectives 27
2.1.2 Limitations of internal control 29
2.2 Components of internal control 31
2.2.1 Control environment 31
2.2.2 Risk assessment 31
2.2.3 Information system 33

25
Internal control

Study unit Title Page


2.2.4 Control activities 33
2.2.5 Monitoring of controls 36
2.3 Controls in a computerised environment 37
2.3.1 General controls 38
2.3.2 Application controls 39
2.4 Internal control from the perspective of the external
auditor 45
2.4.1 Obtaining an understanding of internal control 45
2.4.2 Significant risks 45

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
In this topic we focus on the following learning
Study unit Level
outcomes:
2.1 Internal •• Define and explain internal control and internal 2
control control objectives with reference to management
assertions.
•• Relate internal control objectives for financial 2
reporting to risks and internal controls.
•• Explain the limitations of internal control. 2

2.2 Components •• Describe, explain and apply the five components 2


of internal of internal control.
control

2.3 Controls in •• Describe and apply general controls in 2


a com­ a computerised environment.
puterised •• Describe and apply application controls in 2
environment a computerised environment.

2.4  Internal •• Discuss the need for the external auditor to obtain 2
control from an understanding of a client’s internal control in
the perspec­ order to identify significant risks.
tive of the
external
auditor

26
Internal control

STUDY UNIT 2.1

4 INTERNAL CONTROL

Introduction
The importance of good corporate governance to a business and its stakehol­
ders was explained in topic 1. As part of Principle 3.8, point 65.1, of the King III
Report (2009:64), it is stated that the audit committee should be responsible
for overseeing financial risk management and controls and ensuing that
the controls provide guidance that embeds internal financial control in the
business processes and evolves to remain relevant over time.

2.1.1 Definition of internal control and internal


control objectives
As stated in Jackson & Stent (2012:5/3), internal control is designed to address
and limit potential risks.

Study

Jackson & Stent (2012:5/3–5/4) section 1

Activity 1
Name and explain six key characteristics of internal control that you have learnt.

Feedback on activity 1
Reference: Jackson & Stent (2012:5/4) section 1.3

The characteristics are mentioned in your textbook and are not repeated here.
Please refer to the textbook for the answer.

From the above aspects of internal control it is clear that although the board of
directors is responsible overall for the governance of risk, everyone in the busi­
ness carries responsibility with regard to the implementation and execution of
internal controls.

27
Internal control

Study

Jackson & Stent (2012:5/5) section 3


Internal control can be defined as the process designed, implemented and main­
tained by those charged with governance, management and other personnel to
provide reasonable assurance about the achievement of an entity’s objectives
with regard to:
•• the reliability of the entity’s financial reporting
•• the effectiveness and efficiency of its operations
•• its compliance with applicable laws and regulations
The aim of reliable financial reporting (the first objective above) is to enable
management to ensure that transactions that are initiated, recorded, processed
and reported are valid (occurred and have been authorised), accurate and com­
plete. These are called internal control objectives for financial reporting and
internal controls are implemented to help achieve these objectives.

Management assertions relate directly to the internal control objectives for


financial reporting.

Study

Jackson & Stent (2012:1/19–1/20) section 7


The following table illustrates the relation between internal control objectives
and the assertions:

Internal control objectives Assertions


Valid (occurred and authorised) Occurrence
Existence
Rights and obligations
Accurate Accuracy
Classification
Valuation and allocation
Complete Completeness
Cut-off

Activity 2
1. Define what is meant by “assertions of management” in the financial
statements.
2. Give another word for assertions.
3. What do the assertions of occurrence, accuracy and completeness mean?
4. Explain the link between the terms occurred and authorised and a valid
transaction.

Feedback on activity 2
Reference Jackson & Stent (2012:1/21)
1. Assertions are in effect management’s representations about the company’s
assets, equity, liabilities, transactions and events in the financial reports.

28
Internal control

2. Another word for assertions is representations.


3. Occurrence: A transaction or event which has been recorded, took place
and pertains to the entity.
Accuracy: Amounts and other data relating to recorded transactions and
events have been recorded appropriately.
Completeness: All assets, liabilities, transactions or events which should
have been recorded have been recorded.
4. A valid transaction implies that it has occurred, has been authorised and
pertains to the entity.

2.1.2 Limitations of internal control


Your prescribed textbook, Jackson & Stent (2012:5/4), correctly indicates that
internal control does not provide absolute assurance that the risks that threaten
the achievement of the objectives of the business will be adequately responded to.

Study

Jackson & Stent (2012:5/4–5/5) section 2

Activity 3
Management has designed an internal control system which theoretically ad­
dresses risk. Give an example of a control risk that may have increased as a
result of the following limitation of internal control:

The possibility that procedures may have become inadequate owing to changes
in business processes while controls have remained static.

Feedback on activity 3
Reference: Jackson & Stent (2012:5/5)

Example:
A company may experience such a steady increase in sales that the only way
that its salesmen can keep up with the demand from customers is by ignoring
certain controls.

Note that this is an example of controls that have remained static, while risks
have changed. The King III Report (2009:73) states that the board should exercise
leadership to prevent risk management from becoming a series of activities
that are detached from the realities of the company’s business, as illustrated
here. This also reminds us that internal control is ultimately the responsibility of
the board.

Summary
In this study unit we explained the definition and limitations of internal control. We
also explained that internal control is a response to risk and that internal control
objectives are achieved by implementing internal controls.

29
Internal control

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:
1. Explain and define internal control.
2. Explain the limitations of internal control.
3. Name and explain the internal control objectives in a financial context with
reference to management assertions.
4. Illustrate the link between risks, internal controls and internal control objectives.

30
C omponents of internal control

STUDY UNIT 2.2

5 COMPONENTS OF INTERNAL CONTROL

Introduction
Internal control consists of the following five components (Jackson & Stent
2012:5/5):
Control environment
Risk assessment
Information system
Control activities
Monitoring of controls

Internal controls in a computerised environment are part of the system of


internal control of an entity. It is important to keep this in mind when studying
the components of internal control below. General and application controls in
a computerised environment will be explained in detail in study unit 2.3.

Study

•• Jackson & Stent (2012:5/5–5/6) section 4


•• Jackson & Stent (2012:8/4–8/6) section 2
The five components of internal control will now be explained in more detail.

2.2.1 Control environment


As stated in Jackson & Stent (2012:5/7), the control environment sets the tone of
the entity and creates the atmosphere in which employees go about their duties.
The desirable mindset is one of “doing things the right way”.

Study

Jackson & Stent (2012:5/7–5/8) section 4.1

2.2.2 Risk assessment


The King III Report (2009:76) states that the board should ensure that risk as­
sessments are performed on a continual basis. It also states under principle

31
Internal control

5.5 that information technology risks form an integral part of the company’s risk
management activities.

Risk assessment is important because internal controls are designed and im­
plemented as a response to assessed risks. It is therefore critical that the risk
assessment process should be comprehensive, accurate, thorough and complete
(cf Jackson & Stent 2012:5/8–5/9).

Study

Jackson & Stent (2012:5/8–5/10) section 4.2

Activity 4
1. Define the term “risk assessment” in the context of internal control.
2. What role do the internal control objectives of the entity play in the risk as­
sessment process?
3. Explain financial reporting risk with reference to the internal control objec­
tives for financial reporting, namely valid (occurred and authorised), accurate
and complete.

Feedback on activity 4
Reference: Jackson & Stent (2012:5/8–5/9)

1. Risk assessment
The risk assessment process involves assessing the likelihood and frequency of
risks identified and estimating the potential impact if the risk were to occur. This
relates to the risk of failing to achieve the internal control objectives of the entity.

2. Role of internal control objectives in the risk assessment


process
The internal control objectives of the entity should be defined so that the risks
of failing to achieve the objectives can be properly identified, assessed and
responded to. Objectives must be set for all departments and functions of the
entity and the risks which threaten achievement of the objectives can then be
identified, assessed and responded to.

Note how financial reporting risk relates to the objective of “reliable financial
reporting”. If this is not clear to you, go back to 2.1.1, where the internal control
objectives for financial reporting are explained.

3. Financial reporting risks


The risk that the entity has not achieved its objective of having an account­
ing system (part of the information system) which records and processes only
transactions and events which have occurred and have been authorised (valid
transactions) and which are recorded and processed accurately and completely.

32
C omponents of internal control

2.2.3 Information system


Your prescribed textbook, Jackson & Stent, (2012:5/10) explains an information
system in terms of the procedures and records that form part of it and states that
the objective of the information system is to produce information which is valid
(occurred and authorised), accurate and complete. The internal control objec­
tives for financial reporting were explained in 2.1.1 above. Note from the under­
mentioned study reference how these objectives fit into the information system.

Study

Jackson & Stent (2012:5/10–5/12) section 4.3

Activity 5
Describe the procedures that normally form part of an entity’s information system
for financial reporting.

Feedback on activity 5
Reference: Jackson & Stent (2012:5/10) section 4.3

The procedures established by the entity to:


•• initiate, record, process and report transactions
•• capture events and conditions other than transactions (such as depreciation)
•• accumulate, record, process and summarise information for the preparation
of the financial statements

Note that these procedures will usually take place in a combined manual and com­
puterised environment.

2.2.4 Control activities


The control objectives for financial reporting namely valid (occurred and autho­
rised), accurate and complete can only be achieved in the information system
with the implementation of control activities, which will now be explained.

2.2.4.1 General principles


Control activities are the actions which are carried out to manage or reduce risks
(Jackson & Stent 2012:5/12) and to achieve the entity’s internal control objectives.

Study

Jackson & Stent (2012:5/12–5/17) section 4.4

Note the following types of control activities:


•• Approval, authorisation
•• Segregation (division) of duties
•• Isolation of responsibility
33
Internal control

•• Access/custody (security)
•• Comparison and reconciliation
•• Performance reviews
Also note that the control activities can be preventive, detective or corrective in
nature.

Activity 6
1. For each of the six types of control activities mentioned above, give an ex­
ample of what could go wrong (risks) in the absence of the control activity.
2. Use the solution for 1 above and state the related internal control objective
for each of the risks identified. Give reasons for your answers.

Feedback on activity 6
Reference: Jackson & Stent (2012:5/12–5/16)

1. The following table provides a list of possible things that could go wrong
(risks) in an accounting system for each of the control activities. This is based
on the examples given in Jackson & Stent (2012:5/12–5/16).

Control activity Things that could go wrong (risks)


Approval, Credit sales could be made to customers who are not
authorisation creditworthy and who cannot pay their account, if a
credit sale is not approved by the credit controller first.
Segregation of Goods purchased could be stolen if no segregation of
duties duties exists between the authorisation, the placing of
an order and the issuing of the goods received note, as
the purchase clerk could order the goods for himself
at the company’s expense.
Isolation of An incorrect number of goods could be received if a
responsibility supplier delivers goods to a company and the receiving
clerk did not count the goods and sign the supplier’s
delivery note. The clerk could not be held responsible
and the mistake could be repeated.
Access/ custody Physical inventory could be stolen if not stored properly,
for example if not protected by a security guard at the
inventory warehouse entrance.
Comparison and The balance of the cash receipts and payments journal
reconciliation could be incorrect if it is not regularly compared with
and reconciled to the balance on the bank statement.
Performance An abnormal increase in transport costs as a result of
reviews thefts of fuel could go undetected if management fails
to compare the actual costs figure with the budgeted
transport costs.

Note that these risks are examples based on your study material and that
there are many other possible solutions.

34
C omponents of internal control

2. The following table provides the internal control objectives for financial
reporting at risk for each of the things that could go wrong.

Internal control objec­


Things that could go wrong
tive at risk
1. Credit sales could be made to customers Occurred and authorised
who are not creditworthy and who can­ are at risk as a sale could
not pay their account, if a credit sale is take place that was not
not approved by the credit controller first. valid.
2. Goods purchased could be stolen if no Occurrence is at risk as a
segregation of duties exists between the purchase transaction that
authorisation, the placing of an order does not pertain to the en­
and the issuing of the goods received tity has taken place.
note, as the purchase clerk could order
Accuracy is also at risk
the goods for himself at the company’s
as incorrect amounts and
expense.
other data may be recor­
ded. The inventory could
be overstated by the stolen
goods.
3. An incorrect number of goods could be Validity, accuracy and com­
received if a supplier delivered goods pleteness are at risk as
to a company and the receiving clerk goods could be over- or
did not count the goods and sign the understated, depending
supplier’s delivery note. The clerk could on whether too many or
not be held responsible and the mistake too few items are received.
could be repeated.
4. Physical inventory could be stolen if not Accuracy is at risk as the
stored properly, for example if not pro­ inventory figure in the finan­
tected by a security guard at the inven­ cial statements is incorrect
tory warehouse entrance. and is overstated by the
stolen inventory.

5. The balance of the cash receipts and Validity, accuracy and com­
payments journal could be incorrect if pleteness are at risk if the
it is not regularly compared with and cash receipts and payments
reconciled to the balance on the bank journal balance is incorrect,
statement. depending on whether it is
over- or understated.

6. An abnormal increase in transport costs Validity (occurred and


as a result of the theft of fuel could go un­ ­authorised) is at risk as
detected if management fails to compare purchase transactions take
the actual cost figure with the budgeted place for transport costs
transport costs. that do not pertain to the
entity.

The purpose of this activity is to illustrate the application of the theory of control
activities. Control activities will be applied in more depth to manual and computer­
ised activities in the various business cycles in the topics that follow. The activities
within the business cycles will also be explained in detail in the topics that follow.

35
Internal control

2.2.4.2 General and application controls


As mentioned in 2.2.3 above, transactions usually take place in a combination
of a manual and a computerised environment. So, it is fair to say that internal
controls in a computerised environment are an integral part of the total system
of internal control of an entity.

Although general and application controls are included in Jackson & stent 2012:5/6
as part of control activities, strictly speaking, general and application controls go
beyond the “control activities” component of the internal control process. To a
certain extent they affect all the other components (cf Jackson & Stent 2012:5/17).

General and application controls will be dealt with in 2.3 below. When studying
this section, you should note throughout how the general and application controls
relate to the components of internal control.

2.2.5 Monitoring of controls


As stated in Jackson & Stent (2012:5/17), the monitoring of controls involves the
assessment of internal control performance over time.

Study

Jackson & Stent (2012:5/17–5/18) section 4.5

Activity 7
Give five examples of different ways in which the monitoring of controls can take
place.

Feedback on activity 7
Reference: Jackson & Stent (2012:5/17–5/18)

Refer to your textbook for examples of monitoring.

Note that monitoring is part of the internal control system, which is achieved
by the ongoing assessment of internal control performance over time.

Summary
In this study unit we explained the five components of internal control.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:
1. Explain and apply the five components of internal control.

If you are not completely familiar with the application at this stage, you should
not be concerned because further guidance will be given in later topics.

36
C ontrols in a computerised environment

STUDY UNIT 2.3

CONTROLS IN A COMPUTERISED
6

ENVIRONMENT

Introduction
General and application controls in a computerised environment are an integral
part of the total system of internal control of an entity and touch on all compo­
nents of internal control.

The following diagrammatic representation of general and application controls


shows that the general and application controls relate to all the components of
internal control.

General controls
Control environment (Control environment)
Systems development and implementation controls
(Control activities)
Access control (Control activities)
Continuity of operations (Risk assessment, control
activities, control environment)
System software and operating controls (control
Internal control components activities)
Control environment Documentation (Control activities)
Risk assessment
Information system
Control activities Application controls

Monitoring Segregation of duties (Control activities)


Isolation of responsibilities (Control activities)
Approval and authorisation (Control activities)
Custody (Control activities)
Access controls (Control activities)
Comparison and reconciliation (Monitoring)
Performance reviews (Monitoring)

Although the information system component is not evident under general and
application controls, the information system underlies internal controls in a com­
puterised environment as this is where the controls are implemented.

General and application controls are discussed in more detail below.

37
Internal control

2.3.1 General controls


General controls are defined as those controls which establish an overall frame­
work of control for computer activities (Jackson & Stent 2012:8/7).

Note the following:


The term “computerised environment” refers to any particular and unique com­
bination of hardware, software and personnel (Jackson & Stent 2012:8/3).

Study

Jackson & Stent (2012:8/7–8/25)

Jackson & Stent (2012:8/7) categorise general controls as follows:

1. Control environment
2. Systems development and implementation controls
3. Access control
4. Continuity of operations
5. System software and operating controls
6. Documentation

Activity 8
Participation by those charged with governance is one of the characteristics of a
good control environment. Explain who is responsible for governance and what
participation entails in an Information Technology (IT) environment.

Feedback on activity 8
Reference: Jackson & Stent (2012:8/8) section 3.3

The participation of the board in the IT control environment is explained in your


textbook under section 3.3 and is not repeated here.

Activity 9
Access controls in a computerised environment are important as the conse­
quences of unauthorised access to a system can be disastrous for a company.

Required
1. Describe the general physical access controls that should be present to
ensure proper internal control in a computerised environment.
2. Give examples of preventative logical access controls in a computerised
environment.
3. Explain what control over passwords as part of logical access controls, entails.

Feedback on activity 9
Jackson & Stent (2012:8/17–8/21)

38
C ontrols in a computerised environment

1. Interpret the question as follows:


•• It requires general controls (not application controls).
•• It requires access controls (component 3).
•• It requires only physical access controls (not logical access controls).
General physical access controls include aspects such as:
•• control over visitors from outside the company to the IT building, for ex­
ample they should be escorted to the IT department
•• controlled access to company personnel other than IT personnel
•• physical entry to the data centre to be controlled, for example closed
circuit TVs at entrances
•• access control over remote workstations/terminals, for example terminals
should be secured to desks

2. Apply the steps in 1. to interpret the question.


All logical access controls are preventative in nature and consist of the
following:
•• identification of users and computer resources
•• authentication of users and computer resources
•• authorisation of the levels of access to be granted
•• logging of access and access violations
•• access tables
3. Controls over passwords is fundamental to successful, logical access controls.
This is explained in your textbook under section 5.4 and is not repeated here.

2.3.2 Application controls


Jackson & Stent (2012:8/27) define application controls as any control within an
application which contributes to the accurate and complete recording and pro­
cessing of transactions which have actually occurred, and have been authorised
(valid, accurate and complete information).

Note the following:


•• In other words, application controls are the activities within an application
carried out to ensure that the internal control objectives are achieved.
•• An application is a set of procedures and programmes designed to satisfy
all users associated with a specific task, such as the payroll cycle (Jackson
& Stent 2012:8/27).

Study

Jackson & Stent (2012:8/26–8/41) sections 1–4

Activity 10
The following control techniques and application controls, described according
to the stages a transaction passes through as it flows through the system, are
mentioned in your textbook:

39
Internal control

Input:

*  Access control
* Authorisation
Batching
Screen aids and related features
Programme controls – Input
Existence/validity checks
Reasonableness and limit checks
Dependency checks
Format checks
Check digits
Sequence checks
Logs and reports
* Training
*  Extraction from masterfiles

Processing:
* Version control
Programme controls – Processing
Programme edit checks
Programme reconciliation checks
Logs and reports
*  Identifying and resubmitting errors

Output:
Controls over distribution
User controls
Logs and reports

Masterfile:
Record amendments on masterfile amendment form (MAF)
Authorise MAF
Enter authorised amendments onto system
Review amendments

* Note that additional controls have been included in this list that are not explained
in your textbook. They are relevant application controls and you are expected
to study them.

Required
Link the control techniques and application controls mentioned above to the inter­
nal control objectives of valid (occurred and authorised), complete and accurate.

Feedback on activity 10
Jackson & Stent (2012:8/27–8/40) sections 1–4

40
C ontrols in a computerised environment

Input controls
Valid
(Occurred and Complete Accurate
Authorised)
1. Access control 1. Batching 1. Batching
2. Authorisation 2.  Sequence tests 2. Screen aids and related
3. Batching 3. Logs and reports features
4. Existence/validity checks
•• audit trails •• Minimum keying in of
•• Validation checks information
•• Matching checks •• Screen should be
•• Data approval/authori­ formatted
sation checks •• Screen dialogue and
prompts
5. Logs and reports
•• Mandatory fields
•• Override reports •• Shading of fields
•• Activity reports
•• Access/access 3. Reasonableness and limit
tests
violation reports
4. Dependency checks
5.  Format checks

•• Alpha-numeric
•• Size checks
•• Mandator y field/
missing data checks
•• Valid character and
sign check

6.  Check digits


7. Training
8. Extraction from masterfiles

Processing controls
Valid
(Occurred and Complete Accurate
Authorised)
1. Version control 1. Programme edit 1. Programme edit checks
2. Programme reconciliation checks
checks •• Arithmetic
•• Sequence test •• Reasonableness/
•• Valid operation code •• Matching consistency/ range
(assess control during tests
processing) 2. Programme
•• Limit test

3. Logs and reports


reconci­liation
checks
•• Accuracy test

•• Override reports •• Control totals 2. Programme reconciliation


•• Activity reports •• Run-to-run checks
•• Access/access totals
•• Parity checks
violation reports
3. Logs and reports •• Echo check
•• Equipment check
•• Audit trails
3. Identifying and resubmit­
ting errors

41
Internal control

Output controls
Valid
(Occurred and Complete Accurate
Authorised)
1. Controls over distri­bution 1.  User controls 1.  User controls
2.  User controls
•• Numerical •• Reconciliation of
•• Review of output for sequence check input to output
reasonableness •• Reconciliation of •• Review of output for
input to output reasonableness
3. Logs and reports
•• Review of •• Review and follow-up
•• Exception reports output for
reasonableness
of exception reports

Masterfile controls
Valid
(Occurred and Complete Accurate
Authorised)
1.  Authorise MAF 1. Record amendments 1. Enter authorised amend­
2. Enter authorised amend­ on MAF ments onto system
ments onto system 2. Enter authorised
amendments onto •• Screen aids
•• Write access
system
(Minimum keying
controls (ID and in of information,
passwords) •• Amendments screen formatting,
logged on automatically
3.  Review amendments sequenced logs generated
•• Amendments accounts)
supported by MAF
3.  Review amendments
•• Programme checks
•• MAFs sequence (Verification/
matching, alpha-
checked against
the logs numeric, range and
limit/data approval,
field size and
mandatory/ missing
data, dependency
check)

2.  Review amendments


•• Numbers and
amounts etc.

Please remember that the above is only a checklist for study purposes. In tests
and exams you must expand on the above. For example you could answer as fol­
lows: “The computer must perform a sequence test on invoice numbers and print
an exception report if there are any outstanding invoices.” This will be illustrated
when applied to the various business cycles in the topics to follow.

The above summary could also be arranged in the format below. You may find
this helpful when answering questions on application controls.

42
C ontrols in a computerised environment

Internal control
Input Processing Output Masterfile
objective
Valid (Occurred and
Authorised)
Complete
Accuracy

Follow these steps:


1. Determine which of the stages a transaction passes through as it flows
through the system is being addressed in the scenario. Does the scenario
deal with the:
•• input phase,
•• processing phase,
•• output phase, and/or
•• masterfile maintenance?
2. Determine which control objectives are being addressed. Does the question
require you to address:
•• valid (occurred and authorised),
•• complete, and/or
•• accurate?
Activity 11
Describe the application controls that the management of company X should
implement to ensure the completeness of amendments to a masterfile in the com­
puterised accounting system.

Feedback on activity 11
Apply the steps discussed above to the question.

1. Determine the business cycle:


•• In this instance the question does not specify which cycle. Generic con­
trols over any masterfile amendments are requested.

2. Determine the phase of the transaction process:


•• Masterfile amendments.
3. Determine the control objectives:

•• Completeness.
How would your table look?

43
Internal control

Control objective Masterfile amendments


Completeness 1. All amendments to be recorded on hardcopy
masterfile amendment forms (MAF) (no ver­
bal instructions).
2. MAFs should be pre-printed, sequenced
and designed in terms of sound document
design principles.
3. All masterfile amendments should be au­
tomatically logged by the computer on se­
quenced logs.
4. The MAFs themselves should be sequence
checked against the log to confirm that all
MAFs have been entered.

Note: The purpose of this activity is to illustrate the steps you should follow when
answering a question. The control components in a computerised environment
for the various business cycles will be explained in the topics that follow.

Summary
In this study unit we explained general and application controls in a computerised
environment as part of a system of internal control.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:

1. Explain and apply general controls in a computerised environment.


2. Explain and apply application controls in a computerised environment.

44
Internal control from the perspective of the external auditor

STUDY UNIT 2.4

INTERNAL CONTROL FROM THE


7

PERSPECTIVE OF THE EXTERNAL


AUDITOR

Introduction
The external auditor obtains an understanding of a client’s system of internal
control as part of his/her external audit.

2.4.1 Obtaining an understanding of internal


control
Jackson & Stent (2012:7/14) state that an understanding of a client’s internal control
assists the auditor in identifying types of potential misstatement and factors that
affect the risks of material misstatement, and in designing the nature, timing
and extent of further audit procedures.

Study

Jackson & Stent (2012:7/14–7/18)

2.4.2 Significant risks


Jackson & Stent (2012:7/19) define significant risks as risks that require special
audit consideration. Such risks relate to the auditor’s risk of material misstatement.
The auditor assesses risk so that he or she can determine the nature, timing and
extent of further audit procedures.

Study

Jackson & Stent (2012:7/19–7/20) sections 1–3

Activity 12
Name the six factors that the auditor should consider when assessing whether
a risk is a significant risk.

45
Internal control

Feedback on activity 12
Reference: Jackson & Stent (2012:7/19)

The six factors that the auditor should consider when assessing whether a risk
is a significant risk are explained in your textbook and are not repeated here.

Summary
In this study unit we explained the need for the external auditor to understand
internal control in order to identify significant risks.

Self-assessment
After having worked through the study unit and the references to the pre­
scribed study material, see whether you are able to do the following:

1. Describe the need for the external auditor to obtain an understanding of a


client’s internal control.

CONCLUSION
In this topic, Internal control, we explained and applied the theory of internal
control according to the five components of internal control. We explained that
internal control is a response to risk and that certain internal control objectives
are achieved by means of internal control. Internal control from the perspective
of the external auditor was also explained.

In the next topic we will explain and apply the various business cycles as part of
the accounting system over which internal controls are implemented.

46
TOPIC 3
BUSINESS CYCLES

Topic overview
The aim of this topic is to explain the various business cycles as part of the ac­
counting system over which internal controls are implemented. A condensed
example of the financial statements of a trading company is provided to illustrate
the main components of financial statements to which the transactions and bal­
ances relate in the business cycles.

This topic is divided into the following study units:

Study unit Title Page


3.1 Business cycles 49
3.1.1 The accounting system and business cycles 49
3.1.2 Financial statements 49

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
as indicated in the tutorial letter.

47
Business cycles

Learning outcomes
In this topic we focus on the following learn­
Study unit Level
ing outcomes:
3.1  B u s i n e s s •• Identify the different business cycles. 1
cycles
•• Relate the transactions and balances in the 1
statement of financial position and the statement
of comprehensive income to the various business
cycles.

48
Business cycles

STUDY UNIT 3.1

8 BUSINESS CYCLES

Introduction
In topic 2 we explained that management wants to achieve reliable financial
reporting by ensuring that transactions which are initiated, recorded, processed
and reported are valid (occurred and have been authorised), accurate and com­
plete. It is the accounting system which provides the foundation for achieving
these objectives of internal financial control. In other words, internal control is
designed and implemented over the accounting system.

3.1.1 The accounting system and business cycles


Your textbook, Jackson & Stent, (2012:5/12) describes an accounting system as
a series or collection of tasks and records by which transactions are processed
to create financial records. An accounting system identifies, assembles, analy­
ses, calculates, classifies, records, summarises and reports transactions and
other events. The major elements of the accounting system are people who
carry out procedures, for example write out a credit sales invoice, calculate a
price, enter the invoice in a sales journal; etc, and paper such as order forms,
ledgers, lists, invoices etc, which facilitate the initiation, execution and recording
of the transaction.

The accounting system consists of various business cycles, namely:


1. The revenue and receipts cycle
2. The acquisitions and payments cycle
3. The inventory and production cycle
4. The payroll and personnel cycle
5. The finance and investment cycle

The functions and actions in the business cycles, as well as the control activities
in each cycle, will be explained in detail in the topics to follow.

3.1.2 Financial statements


As mentioned above, financial records relate to the business cycles. The financial
records are summarised in a company’s financial statements. In other words,

49
Business cycles

the balances and totals of the transactions in the business cycles are reflected
in the financial statements.

In your financial accounting courses you may already have studied the drafting
of company financial statements. To give you a complete picture, we have re­
peated a condensed example of the financial statements of a company which is
trading as a commercial enterprise.

The purpose of the example is to indicate the transactions and balances in finan­
cial statements for the purpose of illustrating the business cycles. For the detailed
financial statement and disclosure requirements, please refer to your financial
accounting study material.

XY LTD

CONSOLIDATED STATEMENT OF FINANCIAL POSITION AS AT 31 DECEMBER 20X1

20X1 20X0
Notes
R’000 R’000
ASSETS
Non-current assets
Property, plant and equipment 16 069 14 696
16 069 14 696
Current assets
Inventories 192 085 149 002
Trade receivables 418 465 222 833
Cash and cash equivalents               – 1 465
610 550 373 300
Total assets 626 619 387 996
EQUITY AND LIABILITIES
Equity attributable to owners of the parent
Share capital 147 834 147 834
Revaluation surplus 8 500            –
General reserve 5 000 2 000
Retained earnings 22 192 18 375
183 526 168 209
Non-controlling interest 40 125 32 000
Total equity 223 651 200 209

Non-current liabilities 108 297


Long-term borrowings 236 000 23 100
Deferred taxation 28 875 131 397
264 875
Current liabilities
Trade payables 35 990 20 145
Current portion of long-term borrowings 83 042 24 639
Shareholders for dividends 17 409 11 606
Bank overdraft 1 652 –
138 093 56 390
Total liabilities 402 968 187 787
Total equity and liabilities 626 619 387 996

50
Business cycles

XY LTD
CONSOLIDATED STATEMENT OF COMPREHENSIVE INCOME FOR THE YEAR
ENDED 31 DECEMBER 20X1

20X1 20X0
Notes
R’000 R’000
Revenue 1 287 052 902 052
Cost of sales (1 098 187) (819 939)
Gross profit 188 865 82 113
Distribution costs (25 741) (14 010)
Administrative expenses (28 813) (10 345)
Other expenses (48 881) (22 237)
Finance costs (39 264) (20 862)
Profit before tax
46 166 14 659
Income tax expense
(10 927) (6 148)
Profit for the year
35 239 8 511
Other comprehensive income for the
year after tax
Revaluation surplus 10 625           –
Other comprehensive income for the 10 625           –
year, net of tax
Total comprehensive income for the
year 45 864 8 511
Profit attributable to:
–  Owners of the parent 28 039 1 711
–  Non-controlling interest (given) 7 200 6 800
35 239 8 511
Total comprehensive income attributable to:
–  Owners of the parent 36 539 1 711
–  Non-controlling interest 9 325 6 800
45 864 8 511

The following are components in the financial statements:

Statement of financial position:      Statement of comprehensive income:


•• property, plant and equipment • revenue (credit and cash sales)
•• investments • cost of sales (inventory)
•• loans granted • purchases
•• inventories • distribution costs
•• trade receivables • administrative expenses
•• cash and cash equivalents • other expenses
•• share capital • finance costs
•• reserves • other income
•• retained earnings
•• long-term borrowings
•• trade payables

51
Business cycles

Activity 1

1. Identify the five business cycles which are generally applicable to commer­
cial enterprises.
2. Based on the business cycles in an accounting system, identify the state­
ment of financial position balances and statement of comprehensive income
classes of transactions that relate to one another.

Feedback on activity 1

1. The business cycles which are generally applicable to commercial enter­


prises are:
1. The revenue and receipts cycle
2. The acquisitions and payments cycle
3. The inventory and production cycle
4. The payroll and personnel cycle
5. The finance and investment cycle

2. The balances in the statement of the financial position and the classes of
transactions in the statement of comprehensive income that relate to the
business cycles are:
Statement of Statement of
Business cycle financial position comprehensive income
(account balances) (classes of transactions)
Revenue and •• Accounts receivable •• Credit sales
­receipts cycle •• Sales returns
•• Discount allowed
•• Credit losses
•• Interest received
•• Cash and cash •• Cash sales
     equi­valents •• All receipts (revenue and
other)
Acquisitions and •• Accounts payable •• Credit purchases
payments cycle •• Cash purchases
•• Purchase returns
•• Discount received
•• Interest on late payments
•• Expenses
Inventory and •• Inventory •• Cost of sales
production cycle
Payroll and •• Bank and cash Wages and salaries (net of
­personnel cycle •• Accounts payable employee deductions such
(Accumulated leave, as PAYE, UIF, SDL, pension
unclaimed wages, fund, medical aid and other)
SARS, pension funds,
medical aids and other)

52
Business cycles

Statement of Statement of
Business cycle financial position comprehensive income
(account balances) (classes of transactions)
Finance and in­ •• Share capital •• Dividends paid
vestment cycle •• Reserves •• Profit or loss (reserves)
•• Long-term loans •• Interest paid
•• Property, plant and •• Profit or loss on sale of
equipment asset
•• Investments •• Profit or loss on invest-
   ment

Summary
In this study unit we identified the different business cycles and explained the ac­
counting system over which internal controls are implemented. The transactions
and balances in the statement of financial position and statement of comprehen­
sive income were also related to the various business cycles.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:

1. Identify the different business cycles.


2. Explain what an accounting system entails.
3. Relate the transactions and balances in the statement of financial position
and the statement of comprehensive income to the various business cycles.

CONCLUSION
In this topic, Business cycles, we identified the various business cycles and
explained what an accounting system entails. The balances in the statement of
financial position and the transactions in the statement of comprehensive income
were related to the various business cycles.

In the next topic we will explain and apply the revenue and receipts business
cycle as well as the applicable internal controls in the cycle.

53
TOPIC 4
REVENUE AND RECEIPTS CYCLE

Topic overview
In business, revenue is income that arises in the course of ordinary activities of
an entity, usually from the sale of goods and services to customers. Depending
on the type of business activities, some companies receive revenue from fees,
interest, dividends or royalties (see International Accounting Standard (IAS) 18).

The revenue and receipts cycle includes the following classes of transactions
and account balances:

Statement of financial position Statement of comprehensive


income
Accounts receivable Credit sales (turnover)
Sales returns
Discount allowed
Credit losses (bad debts)
Interest received

Cash and cash Cash sales (turnover)


equivalents All receipts (revenue and
other)

The focus in this topic is on a trading concern where revenue is earned through
the buying and selling of goods and services, which may consist of credit sales
and / or cash sales.

55
Revenue and receipts cycle

The aim of this topic is to explain and apply the activities, functions and documents
in the revenue and receipts business cycle. The risks in this cycle will also be
explained and internal controls applied to mitigate those risks, as well as internal
control over revenue transactions in a computerised environment.

This topic is divided into the following study units:

Study unit Title Page


4.1 Credit sales 57
4.1.1 Activities and functions in the cycle 57

4.1.2 Documents used in the cycle 58


4.1.3 Risks and internal control in the cycle 62
4.1.4 Computerisation of the cycle 65
4.2 Cash sales 70
4.2.1 Stages of a cash sale 70
4.2.2 Risks and internal control over a cash sale 70

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
Study unit In this topic we focus on the following learning Level
outcomes:
4.1 Credit sales •• Describe credit sales transactions by explaining 2
the activities, functions and documents associated
with these transactions.
•• Identify and explain the risks associated with credit 2
sales transactions and describe and apply the
internal controls that could be implemented to
mitigate the risks.
•• Describe and apply internal control over credit 2
sales transactions in a computerised environment.

4.2 Cash sales •• Describe cash sales transactions by explaining 2


the activities, functions and documents associated
with these transactions.
•• Identify and explain the risks associated with cash 2
sales transactions.
•• Describe and apply the internal controls that could 2
be implemented to mitigate the risks.

56
Credit sales

STUDY UNIT 4.1

9 CREDIT SALES

Introduction
Your prescribed textbook, Jackson & Stent (2012:10/2), explains revenue trans­
actions and indicates that this cycle deals with the business system and related
internal controls which are put in place to control the sale of the company’s goods
or services, and the collection of amounts owed in respect of those sales.

4.1.1 Activities and functions in the cycle


Although revenue and receipts systems can vary considerably, your textbook
Jackson & Stent (2012:10/2–10/5), describes a system for a business which has
conventional revenue and receipt functions. Note that the functions in the credit
sales cycle include the collection of payments from accounts receivable (trade
debtors).

Study

Jackson & Stent (2012:10/2–10/7)

Activity 1
Rearrange the following functions in a credit sales transaction in the correct order
and provide a brief explanation of each:

1. Invoicing
2. Credit management
3. Warehouse/despatch
4. Receiving and recording payment from debtors
5. Order department
6. Recording sales and raising the debtor

Feedback on activity 1
Reference: Jackson & Stent (2012:10/3–10/5)

57
Revenue and receipts cycle

Note the logical flow of documents through the different functions for credit sale
transactions in the flow charts on pages 10/8 to 10/9 of your prescribed textbook.
The normal order of the functions in a credit sales transaction is:

1. Order department
2. Warehouse/despatch
3. Invoicing
4. Recording sales and raising the debtor
5. Receiving and recording payment from debtors
6. Credit management

4.1.2 Documents used in the cycle


Study

Jackson & Stent (2012:10/6–10/7)

Activity 2

Match the documents explained in your textbook to the different functions in the
revenue / receipts cycle mentioned in 2.1 above.

Feedback on activity 2

Function Document
Order department Price lists
Customer order
Internal sales order
Back-order note
Warehouse/despatch Picking slip
Delivery note
Invoicing Invoice
Recording of sales and raising debtors Statement
Goods returned voucher
Credit note
Receiving and recording payments from debtors Remittance advice
Remittance register
Receipt
Deposit slip
Credit management Credit application form

58
Credit sales

Activity 3
The Consumer Protection Act, No. 68 of 2008 which came into effect on
1 April 2011, specifies in section 26 (3) the following minimum requirements
that should be stated on sales documentation:
1. the supplier’s full name, or registered business name, and VAT registration
number, if any;
2. the address of the premises at which, or from which, the goods or services
were supplied;
3. the date on which the transaction occurred;
4. a name or description of any goods or services supplied or to be supplied;
5. the unit price of any particular goods or services supplied or to be supplied;
6. the quantity of any particular goods or services supplied or to be supplied;
7. the total price of the transaction, before any applicable taxes;
8. the amount of any applicable taxes; and
9. the total price of the transaction, including any applicable taxes.

Required
Indicate in which respects the undermentioned tax sales invoice does not meet
the minimum requirements as stated in the Consumer Protection Act.

TAX INVOICE      INV 772


COPRO LIMITED       Date: 31 August 20xx
To: Customer A
PO Box A
Durban
4001

Description Total
No XL001 Stapler 2 430.00
No 1185 Paper 49 200.00
No 2.1 Pencils 2 100.00

Subtotal 53 730.00
VAT 522.22
Total 61 252.20

Feedback on activity 3
The following information required by the Consumer Protection Act 68 of 2008
is not indicated on the invoice:
1. the VAT registration number of Copro Ltd
2. the address of the premises of Copro Ltd
3. the unit price of the particular goods supplied
4. the quantity of the particular goods supplied

59
Revenue and receipts cycle

5. the amount of any applicable taxes


6. the total price of the transaction, including any applicable taxes

Activity 4
The following are examples of an order form, delivery note and tax invoice issued
by company XY Ltd for commodities sold by the company.

SALES ORDER    OD 1028

XY LIMITED
Po Box X
Pretoria
0001             Date: 30 May 20xx

To: Customer Y
Po Box Y
Durban
4001
Account number: Y4458

Description Quantity Unit price Total


No XL001 Stapler 85 28.60 2 430.00
No 1185 Paper 400 123.00 49 200.00
No 2.1 Pencil 1  000 2.10 2 100.00

Subtotal 730.00
VAT 7 522.20
Total 61 252.20

Authorised: OrderClerk

60
Credit sales

DELIVERY NOTE      DN 532

XY LIMITED
Po Box X
Pretoria
0001             Date: 3 June 20xx

To: Customer Y     Deliver to: 


Customer Y: Warehouse C
     
Po Box Y                1st Street 55
     Durban               Durban North
     
4001                  4001
Account number: Y4458

Description Quantity
No XL001 Stapler 85
No 1185 Paper 400
No 2.1 Pencil 1  000

Goods received in good order by customer: CustomerY


Date: 3/06/20XX

TAX INVOICE      NV 772


            
(Vat no 123456789)
XY LIMITED
Po Box X
Pretoria
0001              Date: 3 June 20xx

To:  Customer Y
     Po Box Y
     Durban
     4001
Account number: Y4458

Description Quantity Unit price Total


No XL001 Stapler 85 28.60 2 430.00
No 1185 Paper 400 123.00 49 200.00
No 2.1 Pencil 1  000 2.10 2 100.00

Subtotal 730.00
VAT 7 522.20
61 252.20
Total

61
Revenue and receipts cycle

Required
Indicate which of the information shown on the above documents demonstrates
that the internal control objectives for financial reporting have been addressed.

Feedback on activity 4
The following information on the order form, delivery note and tax invoice illus­
trates that the accounting system produces information which is valid (occurred
and authorised), accurate and complete.

Valid (occurred and authorised):


1. The name and address of XY Ltd appear on the order form, delivery note
and tax invoice.
2. A valid customer account number on the order form, delivery note and tax
invoice.
3. The signature on the order form, which indicates that it was approved.
4. The customer signature on the delivery note, which indicates that the goods
were received and accepted.
5. The existence of a corresponding order form and delivery note for the invoice.

Accurate:
1. The total amount (including VAT) of the credit sale on the invoice, which
accurately agrees to the sales order (to be recorded against the customer’s
account).
2. The credit sales amount and the VAT amount on the invoice, which accu­
rately agrees to the sales order (to be recorded against the sales revenue
and VAT accounts).
3. The order form and delivery note item descriptions, quantities and amounts
that agree to the invoice.
4. The correct customer name and account number on the order form, delivery
note and tax invoice.

Complete:
1. The date of the invoice to be recorded in the correct period in the accoun­
ting records of XY Ltd.
2. The invoice number to be sequentially recorded in the accounting records
of XY Ltd.

4.1.3 Risks and internal control in the cycle


The functions that can be distinguished for credit sale transactions were explained
in study unit 4.1.1.

Risks associated with each of these functions are mentioned in your prescribed
textbook; internal controls (control activities) that could be implemented to mitigate
the risks are described as well.

62
Credit sales

Study

Jackson & Stent (2012:10/10–10/19)

Activity 5
Answer the following questions regarding the order department of a trading con­
cern that sells goods on credit (credit sales):

1. Give a system description of the activities in the order department.


2. Name the documents usually encountered in an order department.
3. Explain the control risks that could exist in an order department.
4. Describe the internal controls (control activities) that could be implemented
to mitigate the risks in an order department.

Feedback on activity 5
1. System description of the activities in the order department.
Refer to Jackson & Stent (2012:10/3–10/4), where the activities in the order
department are described.

2. Documents usually encountered in an order department.


Refer to Jackson & stent (2012:10/10) where the documents used in the
order department are described.

3. Control risks that could exist in an order department


Refer to Jackson & Stent (2012:10/10–10/11), where the control risks in an
order department are described.

4. Internal controls (control activities) that could be implemented to mitigate


the risks in an order department
Refer to Jackson & Stent (2012:10/10–10/11), where the control activities for
an order department are listed.

Note that you should limit your answer to the order department, which includes
receiving customer orders and sales authorisation.

Activity 6
1. Describe the internal controls that can be implemented to minimise the fol­
lowing risks associated with credit sales transactions:
•• Goods may be removed from the inventory warehouse for fictitious/un­
authorised sales.
•• Incorrect goods or quantities could be despatched.
•• Goods despatched may not be invoiced.
•• Invoices could be duplicated in the sales journal.
•• Payments received from customers may not be banked, owing to theft
or carelessness.

63
Revenue and receipts cycle

2. Name the internal control objective(s) for financial reporting affected by each
of the risks mentioned in 1 above.

Present your answer in a tabular format.

Feedback on activity 6
Reference: Jackson & Stent (2012:10/10–10/19)

Risk 1. Internal control 2.  Control objective


Goods may be 1. Supervisory checks should be Validity (occurred and
removed from carried out by the warehouse authorised)
the inventory foreman to ensure that all goods
warehouse for picked are supported by signed
fictitious/unau­ picking slips.
thorised sales.
Incorrect goods 1. On receipt of the goods, picking Validity (occurred and
or quanti­ slip and delivery notes from the authorised) for the in­
ties could be warehouse, the despatch clerk correct goods.
despatched. should check quantities and
Accuracy for the in­
descriptions of goods against
correct quantities.
the authorised picking slip and
delivery note.
Goods des­ 1. The invoice clerk should prepare Completeness
patched may not a numerically sequenced invoice
be invoiced. and cross-reference it to the de­
livery note/customer order.
2. 
The file of delivery notes
matched against sales invoices
should be sequence-tested and
gaps in sequence investigated.
Invoices could 1. Prior to entry in the sales journal, Accuracy and vali­
be duplicated invoices should be added to ob­ dity (occurred and
in the sales tain a control total. This control authorised)
journal. total should then be compared
to the total in the sales journal
after entry of individual invoices.
Payments 1. Post must be opened by two Completeness
received from people.
customers may
2. All payments received in the
not be banked,
post should be recorded in a re­
owing to theft or
mittance register and a prenum­
carelessness.
bered receipt should be made
out for each payment received.
3. All amounts received should be
banked daily.

64
Credit sales

Risk 1. Internal control 2.  Control objective


4. 
The remittance register and
receipts issued should be re­
conciled to bank deposits by
an independent supervisory
employee.
5. Bank deposits should be re­
viewed regularly and gaps in
daily banking, investigated by
management.

4.1.4 Computerisation of the cycle


Your textbook, Jackson & stent, describes an integrated manual and computerised
credit sales system of telesales transactions that are entered and processed in
real time.

Study

Jackson & Stent (2012:10/20–10/39)

Activity 7
1. Describe the application controls that should be present in a computerised
environment to ensure that only authorised amendments are made to the
debtors’ masterfile in a credit sales system.
2. Mention the things that could go wrong (risks) if no application controls exist
over amendments to the debtors’ masterfile, for each of the internal control
objectives.

Feedback on activity 7
1. The application controls that should be present in a computerised environ­
ment to ensure that only authorised amendments are made are described
in Jackson & Stent (2012:10:23–10/25) and will not be repeated here.
2. Things that could go wrong (riks) if no application controls exit over amend­
ments to the debtors’ masterfile:
Reference: Jackson & Stent (2012:10/23–10/25)

Validity (occurred and authorised): Unauthorised and fraudulent amend­


ments could be made, to the detriment of the company. For example, a
debtor’s credit limit could be increased, thereby allowing the debtor credit
facilities which he or she cannot pay within the allowed payment terms.

Accuracy: Incorrect amendments could be made to the debtors’ masterfile,


for example a change in a debtor’s postal address could be recorded incor­
rectly, resulting in the debtor’s not receiving monthly statements and not
paying his or her account (accuracy); or an incorrect change to a debtor’s
account number could result in incorrect postings (classification).

65
Revenue and receipts cycle

Completeness: Amendments to the debtors’ masterfile could be incomplete.


For example, a new debtor might not have been loaded onto the debtors’
masterfile so that his or her purchase order would not be accepted and
processed (completeness) or amendments could be made in the incorrect
period (cut-off).

Activity 8
1. Explain what the term “real time” means and what the effect on the applica­
tion control of “batching” will be.
2. Describe the application controls that should be present to ensure that or­
ders received from customers are accurately entered into the computerised
credit sales system.
Use the framework described in study units 2.3.1 and 2.3.2 in topic 2 to
answer the question.

Feedback on activity 8
1. “Real time”
Reference: Jackson & Stent (2012:8/34) section 3.1.3

This term means that transaction data are entered immediately online as each
transaction occurs and relevant programme checks take place as information
is keyed in. This means that transactions are not batched before entering.

2. Application controls to ensure that orders received from customers are ac­
curately entered in the computerised credit sales system.
Reference: Jackson & Stent (2012:10/30)

Internal
Proces- Out- Master-
control Input
sing put file
objective
Validity
(Occurred/
Authorised)
Accuracy 1. Screen formatting: the screen
will be formatted to look like a
sales order document.
2. Minimum entry: for example
entering the inventory item code
will bring up the description of
the item being ordered and the
price.
3. Mandatory fields: for exam­
ple, to progress with the order a
number must be entered in the
quantity field and a customer or­
der reference must be entered.

66
Credit sales

Internal
Proces- Out- Master-
control Input
sing put file
objective
4. Alphanumeric check: for ex­
ample on the quantity field to
check that no alphanumeric
characters have been entered.
5. Limit/or reasonableness
check, to ensure that reason­
able quantities are entered. For
example, not 1 billion items, be­
cause this would exceed realis­
tic production targets.
6. Screen prompts will require
the order clerk to confirm de­
tails of the order and important
particulars.
Fields on the “on screen
7. 
sales order” which cannot be
changed by the order clerk.
8. The system will allocate a cus­
tomer reference number to
every sales order. This number
is given to the customer when
the order is placed, to allow the
customer to follow up on inac­
curate information on the sales
order.
Complete-
ness

Note that only application controls relevant to input and accuracy are included
in the solution, as required. Remember to use this table to limit your answer to
the information you were required to give.

Activity 9
Answer the following questions regarding application controls over a bank account:

1. Why is it important to restrict access to a bank account in a computerised


system?
2. Describe the access controls that should be implemented to ensure good
control over a bank account.
3. Provide a list of good password controls as part of access controls over a
bank account.

Feedback on activity 9
1. Restriction of access to a bank account

67
Revenue and receipts cycle

Reference: Jackson & Stent (2012:8/30–8/31) section 2.6

Access violations to the bank account in a computerised system can have


extremely serious consequences for the business. These include:

•• Destruction of data: The internet bank account itself or account details


could be deleted.
•• “Theft” of data: Bank account details could be stolen and abused.
•• Improper changes to data: Payment beneficiaries’ details could be changed
in order to channel payments to unauthorised accounts.
•• Recording of unauthorised or non-existent transactions: Unauthoised
transfers of money could be done.

2. Access controls over a bank account


Reference: Jackson & Stent (2012:10/33) point 1

The access controls that should be implemented to ensure good control


over the bank account are:

•• The terminal onto which the bank’s software is loaded should be in the
debtors’ section, usually the terminal of the senior debtors’ clerk.
•• Access to the bank’s site should be gained in the normal manner, but to
access the company’s bank account, the senior debtors’ clerk should be
required to enter a PIN and a password.
•• If this identification and authentication procedure is successful, a menu of
the functions available should be displayed, one of which will be “down­
load bank statement”.
•• This function should be linked to the senior debtors’ clerk’s user profile
to enable him or her to initiate the download.

3. Good password controls

Reference: Jackson & Stent (2012:8/20)

The strict control of passwords as part of access controls over the bank ac­
count is fundamental to successful, logical access controls. Good password
controls are the following:

•• Passwords to access the bank account should be unique to the senior


debtors’ clerk and group passwords should not be used.
•• Passwords to access the bank account should consist of at least six char­
acters, be random not obvious, and be a mix of letters, numbers, upper/
lower case characters and symbols.
•• Passwords and user IDs for terminated or transferred senior debtors’ clerks
should be removed or disabled at the time of termination or transfer.
•• Passwords to access the bank account should be changed regularly and
the senior debtors’ clerk should be forced by the system to change the
password.
•• The first time a new senior debtors’ clerk accesses the bank account, he
or she should be prompted to change the initial password.
•• Passwords to access the bank account should not be displayed on screens
at any time, be printed on any bank statements or logged in bank trans­
action logs.

68
Credit sales

•• Password files should be subject to strict access controls to protect them


from unauthorised read and write access. Encryption of password files
is essential.
•• The senior debtors’ clerk should be prohibited from disclosing his or her
passwords to others and subjected to disciplinary measures should he or
she do so.
•• Passwords to access the bank account should be changed if confidentiality
has been violated, or violation is suspected.
•• Passwords to access the bank account should not be obvious for example
birthdays, names, names spelt backwards or common words and should
not be the same as the senior debtors’ clerk’s user ID.

Note: Refer to chapter 8 of your prescribed textbook again if you need to remind


yourself of the theory of password control.

Summary
In this study unit we explained and applied the activities, functions and documents
relating to credit sales transactions. The risks and internal control in credit sales
were also explained and applied, as well as internal control over credit sales
transactions in a computerised environment.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, determine if you are able to answer the following required:

1. Explain the activities and functions relevant to credit sales transactions.


2. Describe the documents used in credit sales transactions.
3. Explain and apply risks and internal controls over credit sales transactions
in both a computerised and a noncomputerised environment.

69
Revenue and receipts cycle

STUDY UNIT 4.2

10 CASH SALES

Introduction
Cash sales transactions occur daily in many business entities. Cash transactions
carry a high risk of fraud and theft, over which management should implement a
strict system of internal control (see Jackson & Stent 2012:10/2 & 10/40).

4.2.1 Stages of a cash sale


In a cash sales transaction, payment is received from the customer when the
goods are supplied to the customer. In broad terms, a cash sale transaction fol­
lows the same process as a credit sales transaction.

Study

Jackson & Stent (2012:10/40) section 9.2

4.2.2 Risks and internal control over a cash sale


As stated in Jackson & Stent (2012:10/40), the main risk associated with cash
sales transactions is theft. This risk is increased in smaller businesses, which
do not always have the resources to implement the necessary internal controls.

Study

Jackson & Stent (2012:10/40–10/42) section 9.1 and 9.3

Activity 10
The following are a few of the things that can go wrong (riks) with cash sales
transactions:

1. Cash sales could be recorded without the cash being put in the cash register
drawer.
2. Cash could be received from customers without the cash sales transactions
being recorded.
3. Cash could be stolen after the cash register has been “cashed up” for the day.

70
Cash sales

4. Customers could leave without paying for goods that they have taken.
5. An armed robbery could take place, resulting in cash being stolen from
cash registers.

Required
Describe the internal controls that could be implemented to mitigate these risks.

Feedback on activity 10
Reference: Jackson & Stent (2012:10/40–10/42) section 9.3

The internal controls that could be implemented to mitigate the mentioned risks are:

Things that can go wrong Internal control


1. Cash sales could be recorded The cash in the cash register should be
without the cash being put in the reconciled with the total daily cash sales
cash register drawer. entered on the cash register roll.
The cash register roll should not be
alterable.
2. Cash could be received from cus­ Physical safeguards should be in place,
tomers without the cash sales for example signage encouraging cus­
transaction being recorded. tomers to request a receipt.
Cash receipts should be sequentially
numbered.
3. Cash could be stolen after the Whenever cash is transferred from the
cash register has been “cashed custody of one person to another, it
up” for the day. should be counted, reconciled, docu­
mented and signed for by both parties
in a safe location.
Cash should not be allowed to accumu­
late and should be banked daily.
4. Customers could leave without Physical safeguards should be in place.
paying for goods that they have For example, there should be limited
taken. entry and exit points with security guards
at the exit points to sign off the cash
sale receipts.
5. An armed robbery could take Physical safeguards should be in place,
place, resulting in cash being for example security guards and surveil­
stolen from cash registers. lance cameras.
Cash should not be allowed to accumu­
late and should be banked daily so that
the minimum amount of cash is exposed
to the risk of theft.

71
Revenue and receipts cycle

4.2.3 Summary
In this study unit you learned about the stages of a cash sales transaction as well
as the risks associated with cash sales. The internal controls over cash sales
transactions were also explained and applied.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see if you can do the following:
1. Describe the stages of a cash sales transaction.
2. Explain the main risks associated with cash sales transactions.
3. Explain and apply internal controls over cash sales transactions.

CONCLUSION
In this topic, Revenue and Receipts Cycle, we explained and applied the activ­
ites, functions and documents in the revenue and receipts cycle. The risks and
internal control in this cycle were also explained and applied, as well as internal
control over credit sales transactions in a computerised environment.

In the next topic we will explain and apply the acquisitions and payments busi­
ness cycle as well as the applicable internal controls in the cycle.

72
TOPIC 5
ACQUISITIONS AND PAYMENTS CYCLE

Topic overview
Goods, services and assets are acquired and paid for in order to continue with
business activities that will generate revenue.

The acquisitions and payments cycle includes the following classes of transac­
tions and account balances:

Statement of financial position Statement of comprehensive income


Accounts payable Credit purchases
Cash purchases
Purchase returns
Discount received
Interest on late payments
Expenses

The aim of this topic is to explain and apply the activities, functions and docu­
ments in the acquisitions and payments business cycle. The risks and internal
controls in this cycle will also be explained and applied, including internal control
over acquisitions and payments transactions in a computerised environment.

73
Acquisitions and payments cycle

This topic is divided into the following study units:


Study unit Title Page
5.1 Acquisitions and payments cycle 75
5.1.1 Activities and functions in the cycle 75
5.1.2 Documents used in the cycle 76
5.1.3 Risks and internal control in the cycle 77
5.1.4 Computerisation of the cycle 80

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
Study unit In this topic we focus on the following learning Level
outcomes:

5.1 Acquisitions •• Describe acquisitions and payments transactions 2


and pay­ by explaining the activities, functions and
ments cycle documents associated with these transactions.
•• Identify and explain the risks associated with 2
acquisitions and payments transactions and
describe and apply the internal controls that could
be implemented to mitigate the risks.
•• Describe and apply internal control over 2
acquisitions and payments transactions in
a computerised environment.

74
Acquisitions and payments cycle

STUDY UNIT 5.1

11 ACQUISITIONS AND PAYMENTS CYCLE

Introduction
Jackson & Stent (2012:11/2), indicate expenditure transactions for different core
business processes. As this module is concerned with a normal trading concern,
the two main activities for expenditure transactions are:

•• the ordering and receiving of goods (or services) from suppliers, and
•• the payment of amounts due for the goods ordered and received.

5.1.1 Activities and functions in the cycle


The ordering and receiving of goods from customers and the payment of amounts
due to customers are also referred to as the purchases and payments cycle.
The major balance produced by this cycle is accounts payable (including trade
creditors).

Study
Jackson & Stent (2012:11/2–11/5)

Activity 1

The following list identifies a number of the functions in a typical trading company.
1. Receiving of goods
2. Despatch
3. Payment preparation
4. Marketing
5. Production
6. Payment and recording of payment
7. Recording of purchases
8. Personnel
9. Ordering of goods
10. Wages

75
Acquisitions and payments cycle

Required
1. Identify, in logical order, the functions that you would normally encounter in
the acquisition of and payment for credit purchases in a company.
2. Briefly explain the main activities within the payment preparation function
in this cycle.

Feedback on activity 1
Reference Jackson & Stent (2012:11/2–11/5)

1. The functions of the acquisition of and payment for credit purchases are:

•• Ordering of goods
•• Receiving of goods
•• Recording of purchases
•• Payment preparation
•• Payment and recording of the payment
2. The main activities relevant to the payment preparation function are de­
scribed in Jackson & Stent (2012:11/14) and are not repeated here.

5.1.2 Documents used in the cycle


Study

Jackson & Stent (2012:11/5–11/6)

Activity 2
Match the documents explained in your textbook to the functions in the solution
to activity 1 above.

Feedback on activity 2

Function Document
Ordering of goods Requisitions
Purchase order forms
Receiving of goods Suppliers’ delivery note
Goods received note
Recording of purchases Purchase invoice
Credit note
Payment preparation Creditors’ statements
Cheque (payment) requisitions
Payment and recording of payment Remittance advice
Cheque or electronic payment
Receipt

76
Acquisitions and payments cycle

Note that various logs and variance reports exist that could be produced for
any of the functions and at any stage in the acquisitions and payments cycle.

In addition to the above documents, accounting records such as a purchase


journal, creditors ledger, the general ledger (creditors control account), and
a purchases returns and allowances journal are also used in the acquisitions
and payments cycle. These records are normally maintained in the accounting
department.

5.1.3 Risks and internal control in the cycle


As stated in the introduction to this topic, the two main activities for expenditure
transactions are:

•• the ordering and receiving of goods (or services) from suppliers, and
•• the payment of amounts due for the goods ordered and received.
The main internal control objectives associated with these activities are to ensure
that only goods that have been validly ordered and received are paid for and that
payment is authorised, accurate and timeous (Jackson & Stent 2012:11/2). Sound
internal controls should be implemented to achieve these objectives.

To derive the internal controls over payments and acquisitions per function and
activity in the cycle, you need to apply the control activities. The other com­
ponents of internal control in this cycle are explained separately in Jackson &
Stent (2012:11/31).

Study

Jackson & Stent (2012:11/5–11/13)

Jackson & Stent (2012:11/31)

Activity 3
1. Give a system description of the functions, documents and internal controls
that can be implemented in the ordering department of a trading concern.
Formulate your answer in the following tabular format:

Functions Documents Internal controls

2. Which internal control objective is most at risk in the ordering department?

Feedback on activity 3
1. The functions, documents and internal controls that can be implemented in
the ordering department of a trading concern are:

77
Acquisitions and payments cycle

Functions Documents Internal controls


1. Initiating 1. Requisition 1.1 Before the order is placed, a super­
orders visor/senior buyer should check the
order to the requisition for accuracy
and authority, and review the order
for suitability of supplier, reasona­
bleness of price and quantity, and
nature of goods being ordered.
1.2 The ordering department should
file requisitions sequentially and
should frequently review the files
for requisitions which have not been
cross-referenced to an order.
2. Placing 2. Purchase 2.1 Order clerks should not place an
orders with order form order without receiving an author­
suppliers ised requisition and should cross-
reference the order to the requisition
prior to the requisition. Stores/pro­
duction personnel should confirm
that the goods are really needed.
2.2 The company should have an ap­
proved supplier list to which the
buyer should refer when ordering.
2.3 A copy of the order should be filed
sequentially and the file should be
sequence-checked and frequently
cross-referenced to goods received
notes.
2.4 Blank order forms should be subject
to sound stationery controls.

2. Validity (occurred and authorised) is most at risk as purchase orders that are
not authorised could be completed and incorrect quantities or unnecessary
goods could be ordered (Jackson & Stent (2012:11/9). More risks associated
with purchase orders will be explained in activity 6 below.

Activity 4
The following is a description of the payments system of Delmundo (Pty) Ltd, a
small manufacturing company. The company’s accounting functions are carried
out by the accounting staff, which consists of the accountant, Mary Rooseveld,
and two clerical assistants, Stella Stirling and Dean Ramjan.
1. When an invoice is received from a supplier it is promptly written into the
purchase journal by Stella Stirling and filed alphabetically by supplier name.
When the suppliers’ monthly statement arrives, Stella Stirling agrees the
invoices received to the statement. She also checks that any payments
that were made to the supplier by Delmundo (Pty) Ltd are reflected on the
statement.

78
Acquisitions and payments cycle

2. If an invoice reflected on the statement has not been received, Stella Stirling
highlights the invoice(s) and marks it (them) “outstanding” on the statement.
The full amount reflected on the statement is paid. When the outstanding
invoice is received, it is filed with the statement to which it relates and the
“outstanding” mark on the statement is crossed out and dated.
3. Using the statements, Stella Stirling then makes a list of all creditors and the
amounts which they are to be paid. The list is passed to Mary Rooseveld,
who writes out a cheque for each creditor who is owed less than R5  000.
All cheques are carefully written out and marked “not transferable”. Mary
Rooseveld signs each cheque and returns the cheques with the list to Stella
Stirling. Stella Stirling confirms the amounts of each cheque and verifies
that there is a cheque for each creditor on the list who is owed less than
R5  000. Stella Stirling writes the cheque number next to each payment on
the list and then mails the cheques, which she attaches to a Delmundo (Pty)
Ltd compliment slip, to the creditors. If the amount to be paid is more than
R5  000, it is paid by electronic funds transfer (EFT) and not by cheque.
4. To pay creditors over R5  000, Mary Rooseveld accesses the EFT facility
on her computer and compiles a schedule of payments to be made by EFT
to creditors. She obtains this information from the creditors’ list prepared by
Stella Stirling. She carefully checks the details, namely the bank, branch
code and account number of the creditor to be paid, against a hard copy
listing which she keeps for all creditors.
5. Stella Stirling passes the creditors’ list to Dean Ramjan as he is solely re­
sponsible for the cash payments journal. He writes it up, posts transactions
to the general ledger and reconciles the cash receipts and payments journal
to the bank statement monthly.

Required
Identify the weaknesses in the payments system described above. For each
weakness you identify, explain briefly why you consider it to be a weakness.

Feedback on activity 4
Reference: Jackson & Stent (2012:11/12–11/13)
1.1 The invoices received from suppliers are not matched to any other documents,
namely the purchase order, supplier delivery note or goods received note.
Delmundo (Pty) Ltd could be paying for goods which were never ordered or
never received (delivered); and the goods could also be incorrect in terms
of description, quantity or price.

2.1 Before the invoice is paid there is no check to confirm that the purchase
has been authorised. If nobody checks the above, the risk that employees
are purchasing goods for themselves at the expense of the company is
significantly increased.
2.2 The full amount as reflected on the statement is paid, even where no invoice
has been received. Delmundo (Pty) Ltd may be paying for goods incorrectly
charged to them.
2.3 No checks are carried out on the casts, extensions, calculations and VAT
on the purchase invoice. This may result in inaccurate payments and under­
recovery of VAT.

79
Acquisitions and payments cycle

3.1 No creditors’ ledger appears to be kept. Creditors are paid on the strength of
an external document (creditor statements) only. The keeping of a creditors’
ledger makes it possible to maintain a more accurate record of purchases
and payments.
3.2 There is only one cheque signatory. As Mary Rooseveld has access to the
cheque book and she is the sole signatory, she can write out a cheque to a
fictitious creditor at any time.
3.3 Mary Rooseveld does not agree the amounts to be paid to creditors to any
supporting documentation (for example approved creditors’ reconciliations).
This increases the risk of invalid payments to creditors as Stella Stirling
could add a fictitious creditor to the list from which Mary Rooseveld writes
out cheques.

4.1 There is insufficient control over payments made by EFT. In effect only one
“signature” is required to transfer funds.
4.2 EFTs are made without supporting documentation and can be made by Mary
Rooseveld at any time and for any amount.
4.3 Nobody checks at any stage, during the payment, whether payments to
creditors or others are valid.

5.1 No review of the cashbook is carried out by “management”, for example the
cash book is not reviewed for missing cheque numbers or unusual payments.
With no independent review of Dean Ramjan’s work, he has the opportunity
to cover up misappropriation.
5.2 Almost total lack of involvement on the part of senior personnel/management.
With such a small staff, and a lack of basic controls, the senior manage­
ment should be playing an active role – for example, acting as the second
signatory on cheques and EFT or reviewing supporting documentation. The
lack of this involvement weakens the control environment considerably and
facilitates fraud and collusion.

Source: Graded questions on auditing (2012:232) – adapted

5.1.4 Computerisation of the cycle


Your textbook, Jackson & stent, describes an integrated manual and computerised
acquisitions and payments system of a trading concern.

Study

Jackson & Stent (2012:11/14–11/30)

Activity 5
Your textbook describes the application controls over masterfile amendments as
mainly preventative, supported by detective controls.

1. Explain in your own words why the creditors’ masterfile is central to the
acquisition and payments system.
2. Explain in your own words what the term “preventative” means in this context.
3. Provide an example of a preventative application control.
4. Provide an example of a detective control.

80
Acquisitions and payments cycle

5. Name a few logs and reports that are used as part of detective controls over
masterfile amendments.
6. Describe the application controls that should be implemented to prevent
and detect errors during amendments made to the creditors’ masterfile in
a computerised environment.

Feedback on activity 5
Reference: Jackson & Stent (2012:11/16–11/18)

1. The accurate and complete processing of authorised purchases and pay­


ments depends to a great extent on the integrity of the masterfile. The credi­
tors’ masterfile will contain information relating to the suppliers of the company,
the terms that affect payments, balances and the banking details required
to make EFT payments to creditors.
2. This means that application controls are implemented to prevent mistakes
from happening in the first place
3. Restrict write access to the creditors’ masterfile to a specific member of
the section by means of a user ID and passwords. This will prevent/deter
unauthorised users from gaining access and making amendments to the
masterfile.
4. Each logged amendment should be checked to confirm that it is supported
by a properly authorised masterfile amendment form (MAF). This will enable
management to detect any unauthorised amendments to the masterfile.
5. The masterfile amendment log is the main log used when making amend­
ments to the masterfile. Various other logs and reports issued in the course
of the acquisitions and payments cycle could be used to detect errors during
masterfile amendments, such as the masterfile access violation reports and
creditors’ ledger exception reports, for example invalid account numbers.
6. The application controls that should be present to prevent and detect errors
in amending the creditors’ masterfile in a computerised environment are
described in Jackson & Stent (2012:11/16–11/18) and are not repeated here.
Note: Application controls for the following activities should be included in
your answer:
•• Application controls over the recording of masterfile amendments on
masterfile amendment forms (preventative)
•• Application controls over the authorisation of amendments to the mas­
terfile (preventative)
•• Application controls over the entry of amendments onto the system (pre­
ventative – for example access controls and screen aids and detective
– for example programme checks)
•• Application controls over the review of masterfile amendments (detective)

Activity 6
1. Provide five examples of things that could go wrong when creating a purchase
order in a computerised environment, based on the activity in Jackson &
Stent (2012:11/20).
2. Describe the application controls that should be present to ensure that
purchase orders that are created and sent to suppliers in a computerised
environment are valid (occurred and authorised), accurate and complete.

81
Acquisitions and payments cycle

Feedback on activity 6
Reference: Jackson & Stent (2012:11/20–11/21)

1. Examples of things that could go wrong when creating a purchase order in


a computerised environment:
•• Purchase orders could be made out for goods that are not sold by the com­
pany if an incorrect inventory item code is entered into the order system
and the system accepts the inventory code without matching it to inventory
codes in the masterfile.
•• Purchases could be made from unapproved suppliers if the system allows
the order clerk to enter suppliers who are not approved (no verification
checks).
•• Details pertaining to the order could possibly not be entered accurately
and completely if the system does not perform programme checks such
as mandatory field checks.
•• An inappropriate quantity of goods could be ordered if the system does
not perform programme checks such as limit or reasonableness checks.
•• Goods ordered could possibly not agree with the purchase requisition
report if the order clerk is not alerted by a screen message whenever the
quantity of the purchase order does not agree with the purchase requisi­
tion report (reasonableness check).

Note: 
As explained in activity 3 above, the internal control objective of validity
(occurred/authorised) is most at risk when creating a purchase order.

2. The application controls that should be present to ensure that the purchase
orders that are created and sent to suppliers in a computerised environ­
ment are valid (occurred/authorised), accurate and complete are described
under points 3 and 4 in Jackson & stent (2012:11/20–11/21) and are not
repeated here.
Note: The activities under creating a purchase order and authorising
and sending the purchase orders relate to the placing of orders,
as illustrated above.

Activity 7
1. Your textbook, Jackson & Stent (2012:11/24), explains that electronic funds
transfer (EFT) is a fast and efficient method of making payments. Explain
why the risk of fraudulent payments is very high if strict controls over EFT
are not in place.
2. Describe the application controls that should be present to ensure good
control over the preparation and approval of the schedule of payments in
a computerised environment.

Feedback on activity 7
1. Theft of funds from the company’s bank account can easily occur because
EFTs are quick and efficient. Funds can be transferred to another bank ac­
count very quickly, if access can be gained to a company’s internet bank
account.
Note: Access controls for a company’s bank account have been explained
in detail in activity 9 of topic 4 and are not repeated here. Refer to

82
Acquisitions and payments cycle

topic 4 again if you need to refresh your memory on access controls


over a bank account.

2. The application controls that should be present to ensure good control over
the preparation and approval of the schedule of payments in a computerised
environment are described under point 3 in Jackson & Stent (2012:11/24–
11/26) and are not repeated here. Remember to limit your answer to the
preparation and approval of the schedule of payments.

Summary
In this study unit we explained and applied the activities, functions and documents
that relate to acquisitions and payments transactions. The risks and internal con­
trols in acquisitions and payments were also explained and applied, together with
internal control over acquisitions and payments transactions in a computerised
environment.

Note that the ordering and receiving of goods (or services) from suppliers include
all goods and services associated with a normal business operation. Costs as­
sociated with the manufacture of inventory as well as salaries and wages will be
explained in more depth in the topics that follow.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you can do the following:
1. Explain the activities and functions relating to acquisitions and payments
transactions.
2. Describe the documents used in acquisitions and payments transactions.
3. Explain and apply risks and internal controls related to acquisitions and
payments transactions.
4. Explain and apply the risks and internal controls over acquisitions and pay­
ments transactions in a computerised environment.

CONCLUSION
In this topic, Acquisitions and Payments Cycle, we explained and applied the
activities, functions and documents in the acquisitions and payments business
cycle. The risks and internal controls in this cycle were also explained and ap­
plied, together with internal control over acquisitions and payments transactions
in a computerised environment.

In the next topic we will explain and apply the inventory and production business
cycle, together with the applicable internal controls in the cycle.

83
TOPIC 6
INVENTORY AND PRODUCTION CYCLE

Topic overview
Inventories encompass goods purchased and held for resale, such as mer­
chandise purchased by a retailer and held for resale. Inventories also encompass
finished goods produced, or work in progress and include materials and
supplies awaiting use in the production process (see International Accoun­
ting Standard [IAS] 2).

The inventory and production cycle includes the following classes of transactions
and account balances:

Statement of financial position Statement of comprehensive income


Inventory Cost of sales

The aim of this topic is to explain the activities, functions and documents in the
inventory and production business cycle and to apply these to practical situations.
The risks relating to this cycle and the internal controls to mitigate those risks,
including internal controls over inventory and production transactions in a com­
puterised environment, will be applied and explained. Basic inventory valuation
concepts will also be described and explained.

85
Inventory and production cycle

This topic is divided into the following study units:

Study unit Title Page


6.1 Inventory and production cycle 87
6.1.1 Activities and functions in the cycle 87
6.1.2 Documents used in the cycle 88
6.1.3 Risks and internal control in warehousing 88
6.1.4 Risks and internal control in production 89
6.1.5 Inventory counts 90
6.1.6 Computerisation of the cycle 90
6.1.7 Inventory valuation concepts 91

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
In this topic we focus on the following learning
Study unit Level
outcomes:
6.1 Inventory •• Describe the activities and functions and allocate 2
and pro­ the documents associated with inventory and
duction production.
cycle
•• Identify and explain the risks associated with 2
warehousing and describe and apply the internal
controls that could be implemented to mitigate
these risks.
•• Identify and explain the risks associated with 2
production and describe and apply the internal
controls that could be implemented to mitigate
these risks.
•• Explain and apply inventory counts as part of 2
control activities over inventory and production.
•• Describe and apply internal control in 2
a computerised environment to inventory and
production transactions.
•• List basic inventory valuation concepts. 1

86
Inventory and production cycle

STUDY UNIT 6.1

12 INVENTORY AND PRODUCTION CYCLE

Introduction
Your prescribed textbook, Jackson & Stent (2012:12/2), describes the inventory
and production cycle as the heart of the business and explains that this cycle
mainly deals with

•• the custody and safekeeping of inventory in whatever form, for example,


goods held for resale or manufacture, and finished goods, and
•• the recording of costs where a production/manufacturing process occurs.

6.1.1 Activities and functions in the cycle


Inventory is the major component in the calculation of cost of sales, gross profit
and net profit of a trading concern (see Jackson & Stent 2012:12/2). The inven­
tory balance is usually also a material current asset in the statement of financial
position in the company’s financial statements.

Study

Jackson & Stent (2012:12/2–12/4)

Activity 1
Jackson & Stent (2012:12/2) describe inventory and production as an internal
cycle. Represent this on a diagram that shows the interface of the inventory and
production cycle with the acquisitions cycle and the revenue cycle.

Feedback on activity 1
Reference: Jackson & Stent (2012:12/3–12/4)

The diagram on page 12/4 of Jackson & Stent demonstrates that goods received
from suppliers follow one of two paths, namely, to the raw materials and compo­
nents store, on to production and into the finished goods warehouse, or direct to
the “goods for resale” warehouse. The diagram is not repeated here.

87
Inventory and production cycle

6.1.2 Documents used in the cycle


Study

Jackson & Stent (2012:12/4–12/5)

Activity 2
Allocate the documents explained in your textbook to the warehousing or pro­
duction phase of the inventory and production cycle.

Feedback on activity 2

Warehousing Production
•• Goods received note •• Materials (components) requisition,
•• Picking slip and delivery notes materials (components) issue note
•• Manufacturing or production schedules
•• Job cards
•• Production report
•• Costing schedule
•• Transfer to finished goods note

The inventory sheet, inventory tag and inventory adjustment form are used dur­
ing an inventory count and do not fit into the warehousing or production phases.
The inventory count will be explained later in this study unit.

6.1.3 Risks and internal control in warehousing


Jackson & Stent (2012:12/3) describes two major risks associated with inventory
warehousing, namely risks associated with the physical transfer of inventory
and the protection of inventory from damage, loss and theft. These and other
risks, as well as internal controls (control activities) to mitigate the risks, will now
be explained.

Study

Jackson & Stent (2012:12/6–12/7)

Activity 3
1. Describe the internal controls that can be implemented to mitigate the risks
associated with the physical transfer of inventory in a warehouse.
2. Describe the internal controls that can be implemented to mitigate the risks
associated with the protection of inventory against damage, theft and loss
in a warehouse. Distinguish between preventative and detective controls
in your answer.

88
Inventory and production cycle

Feedback on activity 3
1. The internal controls that can be implemented to mitigate the risks associ­
ated with the physical transfer of inventory in a warehouse are explained in
Jackson & Stent (2012:12/6) and are not repeated here.
2. Physical controls over inventory in warehouses are preventative controls,
in other words controls that prevent damage, theft and loss from occurring
in the first place. Comparison and reconciliation are detective controls that
will pick up on damage, theft and loss that have already occurred by compar­
ing physical inventory with theoretical inventory in the accounting records.
Refer to Jackson & stent (2012:12/7), where internal controls to control dam­
age, theft and loss of inventory in warehouses are explained.

6.1.4 Risks and internal control in production


As with inventory warehousing, internal controls must also be implemented over
production inventory to protect it from damage, loss and theft. Internal controls
to mitigate additional risks associated with the planning, control and costs of
manufacturing should also be implemented (cf Jackson & Stent (2012:12/3–12/4)).

Study

Jackson & Stent (2012:12/8–12/10)

Jackson & Stent (2012:12/20–12/22) – fraud in the cycle

Activity 4
Production of inventory can only commence after the production manager has
authorised the job cards.

1. What details must the job cards contain and what procedures are performed
by the production manager before a job card is authorised?
2. Describe the internal controls which should be present to ensure good
control over job orders.

Feedback on activity 4
Reference: Jackson & Stent (2012:12/8–12/9)

1. The costing schedule should be transferred to job cards and the job cards
should
•• be sequenced and dated
•• contain a list of materials to be used, for example the description and
quantity of materials
•• be cross-referenced to customer orders/quotes
•• be cross-referenced to a materials requisition and materials issue note
•• be cross-referenced to the daily production schedule, after which the
production manager will review and authorise the job cards

2. Internal controls to ensure good control over job orders are explained in
Jackson & Stent (2012:12/8–12/9) and are not repeated here.

89
Inventory and production cycle

6.1.5 Inventory counts


According to Jackson & Stent (2012:12/11), inventory counts are one of the
most common control activities whereby actual inventory on hand is compared
with theoretical inventory in accounting records.

The responsibility for carrying out inventory counts rests with management, since
it is management’s responsibility to ensure that the inventory figure in the financial
statements is valid (exists), accurate and complete.

Study

Jackson & Stent (2012:12/11–12/13)

Similar methods of counting and sound controls are used for both cycle counts
(which take place on an ongoing basis) and year-end counts (annual counts).

Activity 5
1. Which basic principles must be adhered to before conducting the actual
inventory count in order to ensure a successful count?
2. List the procedures that should be followed by the counting team when
conducting an inventory count.

Feedback on activity 5
Reference: Jackson & Stent (2012:12/12)

1. In order to ensure a successful inventory count, the following must be ad­


hered to:
•• proper and timeous planning and preparation
•• standard stationery design principles and controls
•• written count information and instructions to all members involved in the
count

Note: The above principles are explained in further detail in Jackson &


Stent (2012:12/12) .

2. The procedures that should be followed by the counting team when conduc­
ting an inventory count are listed in Jackson & Stent (2012:12/12–12/13) and
are also not repeated here.

6.1.6 ComputeriSation of the cycle


The inventory masterfile is central in a computerised inventory and production
cycle, since it contains the theoretical inventory figure which ideally should agree
with the physical inventory on hand (cf Jackson & Stent 2012:12/13).

Study

Jackson & Stent (2012:12/13), section 9.

90
Inventory and production cycle

Access controls in a computerised environment are key to ensuring that unau­


thorised masterfile amendments are not done to disguise damage, loss or theft
of physical inventory. Refer to the relevant activities in topics 3, 5 and 6, where
access controls were dealt with extensively.

6.1.7 Inventory valuation concepts


The generally accepted basis for the valuation of inventory is the lower of cost
and net realisable value. It is important that inventory should be valued accurately
as the internal control objectives of validity, accuracy and completeness may
be at risk if the inventory in the financial records is either over- or undervalued.

Study

Jackson & Stent (2012:12/18–12/20), section 3.

Activity 6
1. At what value should inventory be presented in the financial records of
a company?
2. What does the term “net realisable value” mean?
3. What should the cost price of inventory consist of?
4. Which of the following costs should be excluded when valuing inventory:
•• delivery costs
•• administrative costs
•• commission paid on goods sold
•• wages paid to production staff
•• production material lost during a fire in the production plant
5. Name the three cost formulas permitted by International Accounting Stan­
dard (IAS) 2.

Feedback on activity 6
Reference: Jackson & Stent (2012:12/18–12/19)

1. Inventory should be valued at the lower of cost and net realisable value.
2. Net realisable value is the estimated selling price in the ordinary course of
business less the estimated costs of completion and the estimated costs
necessary to make the sale.
3. The cost of inventory should be made up of:
•• all purchase costs, including import duties and transport costs incurred
in the acquisition of materials and goods for resale
•• conversion costs, for example direct labour and production overheads
•• costs incurred in bringing the inventory to its present location and condition,
for example costs incurred in designing a product for a specific customer

4. The costs mentioned should be treated as follows:


•• delivery costs: included (transport costs incurred in the acquisition and
costs incurred in bringing the inventory to its present location)

91
Inventory and production cycle

•• administrative costs: excluded


•• commission paid on goods sold: excluded (selling costs)
•• wages paid to production staff: included (fixed and variable production
overheads)
•• production material lost during a fire in the production plant: excluded
(abnormal amounts of wasted material)

5. The three cost formulas permitted by IAS 2 are specific identification,


weighted average and FIFO. These cost formulas are explained in more
detail in Jackson & Stent (2012:12/19–12/20).

Summary
In this study unit we explained and applied the activities, functions and docu­
ments pertaining to inventory and production transactions. The risks and internal
controls in inventory warehousing and production were explained and applied, as
were inventory counts as part of control activities in a system of internal control.
Internal control over inventory and production transactions in a computerised
environment was explained, with specific reference to the inventory masterfile.
Inventory valuation concepts were also described and explained.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:

1. Explain the activities and functions relevant to inventory and production


transactions.
2. Describe the documents used in inventory and production transactions.
3. Explain and apply risks and internal controls relating to inventory warehousing
and production transactions in both a computerised and a noncomputerised
environment.
4. Describe and explain inventory valuation concepts.

CONCLUSION
In this topic, Inventory and production cycle, we explained and applied the
activities, functions and documents in the inventory and production cycle. The
risks and internal controls relevant to this cycle were explained and applied, as well
as internal control over inventory and production transactions in a computerised
environment. Inventory valuation concepts were also described and explained.

In the next topic we will explain and apply the payroll and personnel business
cycle as well as the applicable internal controls in the cycle.

92
TOPIC 7
PAYROLL AND PERSONNEL CYCLE

Topic overview
Compensation and related employee benefit costs represent major expenses for
most businesses. Because of the routine nature of these transactions, a com­
pany’s payroll is normally maintained on an IT system (Eilifsen, Messier, Glover,
Douglas & Prawitt 2010:410).

Two main types of transactions are processed through the payroll and personnel
cycle, namely:
•• payment to employees for services rendered (salaries and wages)
•• accrual and payment of payroll-related liabilities (employee deductions such
as taxes, pension fund and medical aid)

The payroll and personnel cycle includes the following classes of transactions
and account balances:

Statement of financial position Statement of comprehensive income


Bank and cash Wages and salaries (net of employee
deductions such as PAYE, UIF, SDL, pen­
Accounts payable (accumulated
sion fund, medical aid and other)
leave, unclaimed wages, SARS,
pension funds, medical aids and
other)

93
Payroll and personnel cycle

The aim of this topic is to explain the activities, functions and documents in the
payroll and personnel business cycle and to apply these in practical scenarios.
The risks in this cycle will be explained and internal controls are applied to mitigate
those risks, as well as internal control over payroll and personnel transactions in
a computerised environment.

This topic is divided into the following study units:

Study unit Title Page


7.1 Payroll and personnel cycle 95
7.1.1 Activities and functions in the cycle 95
7.1.2 Documents used in the cycle 96
7.1.3 Risks and internal control in the cycle 97
7.1.4 Computerisation of the cycle 102

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
In this topic we focus on the following learning
Study unit Level
outcomes:
7.1 Payroll and •• Describe payroll and personnel transactions by 2
personnel explaining the activities and functions and allocating
cycle the documents associated with these transactions.
•• Identify and explain the risks associated with payroll 2
and personnel transactions and describe and apply
the internal controls that could be implemented
to mitigate the risks in a noncomputerised
environment.
•• Describe and apply internal control in a computerised 2
environment to payroll and personnel transactions.

94
Payroll and personnel cycle

STUDY UNIT 7.1

13 PAYROLL AND PERSONNEL CYCLE

Introduction
Jackson & Stent (2012:13/2) explains that the payment of salaries and wages
is an integral part of any business and one which results in an outflow of funds.

7.1.1 Activities and functions in the cycle


The most obvious difference between a salary system and a wage system is
that salary systems do not have a timekeeping function; a salary is a set monthly
amount regardless of the hours worked by the employee (Jackson & Stent
2012:13/29).

Study

Jackson & Stent (2012:13/2–13/5)

Note the following about the study material above:


Sections 4 and 5 in Jackson & Stent (2012:13/3–13/5) describe a wage system.
Apart from timekeeping and the difference in payment methods (salaries are
generally paid by EFT and wages in cash), these functions are generally also
relevant to a salary system.

Study

Jackson & Stent (2012:13/29), section 9

Activity 1
1. Explain why the payroll and personnel cycle could be especially susceptible
to fraud.
2. What practical arrangement can companies make with employees to avoid
the risk of fraud?
3. Describe the timekeeping, payroll preparation and payout functions relevant
to a wage system in the payroll and personnel cycle.

95
Payroll and personnel cycle

Feedback on activity 1
Reference: Jackson & Stent (2012:13/3–13/5)

1. Companies that pay wages in cash are susceptible to fraud owing to the
high risk of theft of large amounts of cash.
2. To protect the company from this risk, as well as to safeguard the personal
safety of employees, a company could pay wages via EFT directly into em­
ployees’ bank accounts.
3. The timekeeping, payroll preparation and payout functions relevant to a wage
system are described in section 5 of Jackson & Stent (2012:13/4–13/5) and
are not repeated here.

Note: Study section 1 of Jackson & Stent (2012:13/2) again if the differences


between a wage system and a salary system are unclear to you.

7.1.2 Documents used in the cycle


Study

Jackson & Stent (2012:13/5–13/6)

Activity 2
The following documents or records are found in most businesses. Some are
applicable to the payroll system and some are not.

1. Cash receipt
2. Income tax deduction tables
3. Clock card
4. Cash book
5. Employment contract
6. Unclaimed wages register
7. Cheque requisition
8. Internal purchase order
9. General ledger
10. Purchase journal

Required
1. State whether each of the above documents or records has a place in the
payroll cycle.
2. State the order in which the documents will normally be found in the payroll
cycle, indicating in which function within the payroll cycle they will be used.

Feedback on activity 2
Reference: Jackson & Stent (2012:13/5–13/6)

1. The following documents will be found in the payroll cycle:


1.1 Income tax tables

96
Payroll and personnel cycle

1.2 Clock card


1.3 Cash book
1.4 Employment contract
1.5 Unclaimed wages register
1.6 Cheque requisition
1.7 General ledger

The cash receipt is applicable to the revenue and receipts cycle, and the
internal purchase order and purchase journal are used in the purchases
and acquisitions cycle.

2. The correct order in which the documents will be found and the functions
within which they will be used are:
2.1 Employment contract – Personnel (Human Resources)
2.2 Clock card – timekeeping
2.3 Income tax deduction tables – Payroll preparations
2.4 Cheque requisition – Payroll preparations
2.5 Unclaimed wages register – Payout
2.6 Cash payments journal – Recording
2.7 General ledger – Recording

Note that these functions are described in more detail in Jackson & stent
(2012:13/4–13/5).
Source:  Graded questions on auditing 2012: (Gowar & Jackson 2011:169–170) – adapted

7.1.3 Risks and internal control in the cycle


Because salaries and wages represent major expenses, companies tend to have
strong internal controls over payroll and personnel activities (Eilifsen, Messier,
Glover, Douglas & Prawitt 2010:410).

Study

Jackson & Stent (2012:13/9–13/13)

Note the following about the study material above:


The payment of salaries and the appropriate internal controls for this
function are not specifically discussed in the textbook. In this regard you
should remember that salaries are paid either by cheque or by EFT. The
normal internal controls for cheque payments therefore apply to the pay­
ment of salaries. Internal controls over EFT payments in a computerised
environment will be explained and applied in section 7.1.4.

To see whether you can identify the relevant internal controls over a wage payout,
do the following activity:

97
Payroll and personnel cycle

Activity 3
Steelworks Ltd employs 1 000 workers, who receive a weekly cash wage. You
are requested to assist management in implementing internal controls over
the preparation and payout of wages. Management is satisfied that there is
sufficient internal control over the clocking of hours worked by employees and
the calculation and recording of the wages payable.

Feedback on activity 3
Internal controls over the preparation and payout of wages are explained in detail
in Jackson & Stent (2012:13/12) and are not repeated here.

Note: Keep in mind that these internal controls are aimed at mitigating the risks
associated with the preparation and payout of wages. The main risks identified
in your prescribed textbook are:

1. Errors or the theft of cash during


•• the drawing of cash,
•• the making up of wage packets, and
•• at the payout (risks addressed in points 1 to 6 of the control procedures
in Jackson & Stent 2012:13/12).

2. Misappropriation of unclaimed wages (risk addressed in points 7 to 11 of the


control procedures in Jackson & Stent 2012:13/12).

Activity 4
C-Ment Ltd manufactures cement blocks and pavers. The company was started
some years ago and has grown steadily so that it currently employs 120 semi-
skilled workers.

Internal controls have not kept up with the growth of the business and you have
been asked to evaluate the current wage system. You have obtained the follow­
ing information:
1. The manufacturing yard is enclosed by a large security wall. The only access
to the yard is through the gate used by vehicles that deliver raw materials
and collect finished products. Workers enter and exit through this gate. There
is a small gate hut manned by a security guard.
2. On arriving at or leaving work, employees tick off their names on a “daily
time list”, entering their time of arrival or departure in the space provided. A
large clock is located in the gate hut.
3. The company’s administrative functions, such as sales and accounting, are
located in a small office block next to the manufacturing yard. The accounting
section is staffed by a senior accountant, Zeb Matabane, and three clerical
assistants. One of the clerical assistants, Milly Moss, is responsible for the
wage function, which operates as follows:
3.1 Each working day after close of business she collects the daily time
lists from the gate hut and replaces them with new lists for the follow­
ing day. The completed daily time lists are filed in date order in a lever
arch file. She also maintains a simple hard copy employee’s file for
each employee.

98
Payroll and personnel cycle

3.2 The wage week runs from Thursday morning to Wednesday afternoon.
On Thursday mornings Milly Moss calculates the total hours worked
by each employee for the week (both normal and overtime) and enters
the totals against each employee’s name, on a weekly “hours summary
list”. She then accesses the wage application on her computer and
selects the “enter hours module”. She then captures the hours for each
employee, entering the employee’s staff number and hours worked from
the weekly “hours summary lists”.
3.3 Once each employee’s hours worked have been entered, Milly Moss
selects the “prepare payroll” module to start processing the wages and
producing the payroll. The payroll reflects employee number, name,
section, gross wages, deductions and net pay. It also has a space in
which the employee signs after receiving his or her pay.
3.4 Once the payroll has been produced, Milly Moss gives it to Mo Hiten,
the cash payment journal clerk, who prepares a cheque for the net
amount of the pay (as well as cheques for the amounts to be paid over
to SARS for PAYE, UIF etc). Mo Hiten takes the cheques to Zeb Mata­
bane, who signs them.
3.5 The cheque for the net wages and the wage packets is then delivered
to WageMaster (Pty) Ltd, a security company which cashes the cheque
and makes up the wage packets from the details on the packets. Milly
Moss prepares a register which reflects the cheque number, amount
and number of paypackets to be collected by WageMaster (Pty) Ltd.
This register is signed by a WageMaster (Pty) Ltd employee.
3.6 On Friday morning WageMaster (Pty) Ltd returns the made-up wage
packets to Milly Moss, who agrees the number of wage packets to the
register and signs the security company’s delivery note.
3.7 The wage payout takes place at 3 pm on Fridays. At 1pm Milly Moss
leaves the wage packets and a copy of the payroll at the gate hut for
collection by the supervisor. The supervisor conducts his or her own
payout. He or she hands the paypacket to the employee, who must show
his or her staff identity card and sign the payroll next to his or her name.
3.8 Any unclaimed wages are marked as such by the supervisor on the
payroll. The unclaimed wages are taken home by the supervisor (all
administrative office employees finish work at 1 pm on Fridays) and
handed to Milly Moss on Monday morning. She agrees the packets she
has been given to the payroll and puts the packets in the safe. When the
employee returns to work he or she must collect the wage packet from
Milly Moss (staff identity card must be produced) and sign the payroll.

REQUIRED:
1. Identify and explain the weaknesses in C-ment Ltd’s wage system based
on the information given above.

Feedback on activity 4
Reference: Jackson & Stent (2012:13/6–13/13)

Identification and explanation of weaknesses in the system of internal control


over the current wage system of C-Ment Ltd:

99
Payroll and personnel cycle

Points 1–2
Weakness:  Controls over timekeeping are inadequate.

Explanation:

•• There is no reliable timekeeping mechanism/clocking system, making it virtually


impossible to prevent invalid hours being “clocked”.
•• Workers record their own times of arrival and departure and could thus create
fictitious hours.
•• As entry and exit take place through a gate in general use and are unsupervised,
workers have another opportunity to create fictitious hours.
•• Workers could tick off the names of fellow workers who are not actually at work.
•• Workers could sign in but not actually go to work and return to sign out.
•• “Clocking” documentation controls are poor as there is no documentation (clock
card or similar) which records the time of exit and entry of each employee
independently and in a permanent form.
•• The clipboard bearing the daily time sheets is left unattended in the gate hut
and could be lost or tampered with; for example, hours could be altered.

Point 3
Weakness: There is no separate personnel (human resources) function to ensure
optimum efficiency in controlling the workforce.

Explanation:
•• A company with a workforce of 120 requires the employment of the necessary
skills in the business to deal with recruitments, dismissals, wage negotiations
and labour problems in accordance with sound labour practices, and to maintain
valid, accurate and complete employee records.

Points 3.2 – 3.3


Weakness: Controls over the calculation of hours worked and entry into the com­
puter are inadequate, which may result in errors in the amounts
paid to employees.

Explanation:
•• Nobody checks and authorises Milly Moss’s calculation of the hours worked
according to the time lists, and mistakes could therefore go unnoticed.
•• The supervisors do not confirm that overtime hours are valid at any stage.
•• No batching system of any kind seems to be used to enhance the accuracy
and completeness of entry into the computer; for example no pre-entry and
post-entry control totals are calculated.
•• There is no review of the payroll by an independent employee (for example,
one of the other administration clerks) to verify that the correct hours (normal
and overtime) and wage rates have been used.

Points 3.1 – 3.8


Weakness:  Milly Moss is responsible for incompatible functions:
•• She initiates and controls the daily timesheets.
•• She calculates and enters the hours worked.
100
Payroll and personnel cycle

•• She creates the payroll.


•• She has access to the made up wage packets.
Explanation:

•• This makes it possible for her to steal money from the company by:
•• invalidly increasing the hours worked (for example adding overtime) for certain
employees, or
•• invalidly increasing the wage rates for certain employees.

Points 3.4–3.5
Weakness: There are inadequate authorisation controls over the cheque
for net wages.

Explanation:

•• Zeb Matabane does not check and initial the supporting documentation, such
as the payroll.
•• No week-to-week reconciliation is provided to explain any fluctuations in the
wages.
•• There is only one signatory to the cheque, which increases the risk of errors
or fraud going undetected.

Point 3.7
Weakness: The supervisor and Milly Moss do not meet to effect the safe
transfer of the wage packets. The wage packets are nobody’s
direct responsibility for a period of time and are left in an
unsecure place.

Explanation:

•• The supervisors do not check the wage packets they are taking responsibility
for and acknowledge that they have done so by signing the payroll. Wage
packets could be lost or stolen and nobody would be accountable.

Point 3.7
Weakness: Payouts are conducted by the supervisor without a second
official being present.

Explanation:

•• This facilitates fraud by a supervisor, particularly where the supervisor has


created a fictitious employee by having a “dummy workman added” and
recording hours for the dummy workman (easily done as time sheets are
freely available in the gate hut). The supervisor would simply take the fictitious
employee’s packet and sign the payroll.

Point 3.8
Weakness: Unclaimed wage packets are taken home by the supervisor
and only handed to Milly Moss on Monday morning.
101
Payroll and personnel cycle

Explanation:
•• Unclaimed wage packets should be stored in a safe and should not be taken
off the premises as this increase the risk of theft and or loss.

7.1.4 Computerisation of the cycle


A company’s payroll system is a combination of manual and computerised func­
tions and most companies make use of the packaged payroll software that has
been developed to meet the needs of the company (Jackson & Stent 2012:13/16).

Study

Jackson & Stent (2012:13/14–13/28)

Activity 5
In section 7.1.3 above we explained why internal controls over timekeeping in
a wage system are very important. This was also illustrated by the weaknesses
in the wages system of C-Ment Ltd in activity 4 above.

REQUIRED:
1. Explain what the term “biometric data” means in a computerised clocking
system.
2. What are the advantages of biometric data over an identification card or a
clock card?
3. Describe the application controls that could be implemented to ensure good
control over timekeeping in a computerised wages system.
4. Describe the application controls that could be implemented to approve
the hours that were captured during electronic timekeeping before payroll
preparation can commence.
5. Describe the application controls that could be implemented over entering
additional earnings and deductions during the payroll preparation phase
in a computerised wages system.

Feedback on activity 5
Reference: Jackson & Stent (2012:13/19–13/21)

1. The most common example of biometric data is an employee’s fingerprint.


In a system where the identification of employees is controlled by biometric
data, a finger print is stored on the system so that when the employee places
a finger on the scanner, it has a set of prints against which to “match” the
finger print.
2. Biometric data overcomes the weaknesses of an identification card or clock
card system, where an employee can swipe the card on behalf of another
employee and thereby create fictitious hours worked.
3. The application controls that could be implemented to ensure good control
over timekeeping in a computerised wages system are described in Jack­
son & Stent (2012:13/19–13/20) under the activities of 1) storing biometric

102
Payroll and personnel cycle

data on the system; 2) employee identification and recording of hours


worked; and 3) reviewing employee attendance.

Note that the application controls over activities 1) and 2) are mainly access
controls which are preventative in nature, whereas controls over activity 3)
are detective controls such as reports produced on absent employees, late
arrivals and unexplained exits from the workplace.
4. Once timekeeping has been performed, the hours that were electronically
captured must first be approved by the foreman before payroll preparation
can commence.
The application controls over the approval of hours worked are explained
in Jackson & Stent (2012:13/21) and are not repeated here.

5. Point 1.3 in Jackson & Stent (2012:13/21) explains that alterations may be
necessary to the hours initially recorded during electronic timekeeping. The
payroll clerk responsible for preparing the payroll will be responsible for en­
tering these alterations made by the foreman. The application controls over
entering additional earnings and deductions are described in Jackson
& Stent (2012:13/21–13/22) and are not repeated here.

Summary
In this study unit we explained and applied the activities, functions and docu­
ments of payroll and personnel transactions. The risks and internal controls in
the payroll and personnel cycle were explained and applied, as well as internal
control over payroll and personnel transactions in a computerised environment.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:
1. Explain the activities and functions relevant to payroll and personnel
transactions.
2. Describe the documents used in payroll and personnel transactions.
3. Explain and apply risks and internal controls related to payroll and personnel
transactions in a noncomputerised environment.
4. Explain and apply risks and internal controls related to payroll and personnel
transactions in a computerised environment.

CONCLUSION
In this topic, Payroll and Personnel Cycle, we explained and applied the ac­
tivities, functions and documents in the payroll and personnel cycle. The risks
and internal control in this cycle were explained and applied, as well as internal
control over payroll and personnel transactions in a computerised environment.

In the next topic we will explain and apply capital expenditure in the finance and
investment business cycle, as well as the applicable internal controls in the cycle.

103
TOPIC 8
FINANCE AND INVESTMENT CYCLE

Topic overview
Investing and financing activities consist of transactions that relate to the acquisi­
tion of the non-current assets (fixed assets) which are required to manage the
activities of the enterprise. The financing activities include funds obtained from
borrowing, finance leases and operating leases.

The finance and investment cycle includes the following classes of transactions
and account balances:

Statement of financial position Statement of comprehensive income


Share capital Dividends paid
Reserves Profit or loss (reserves)
Long-term loans Interest paid
Property, plant and equipment Profit/loss on sale of asset
Investments Profit or loss on investment

The aim of this topic is to explain capital expenditure in the finance and invest­
ment business cycle by referring to the characteristics of fixed asset acquisi­
tion transactions. The risks associated with the acquisition of fixed assets will
be explained and internal controls applied to mitigate those risks.

105
Finance and investment cycle

This topic is divided into the following study units:

Study unit Title Page


8.1 Capital expenditure 107
8.1.1 Characteristics of capital expenditure 107
8.1.2 Risks and internal control over capital expenditure 107

Textual amendments and additions


Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.

Learning outcomes
Study unit In this topic we focus on the following learning Level
outcomes:
8.1 Capital ex­ •• Describe and explain capital expenditure as part 2
penditure of the finance and investment cycle by referring
to the characteristics of fixed asset acquisition
transactions.
•• Identify and explain the risks associated with fixed 2
asset acquisitions and describe and apply the
internal controls that could be implemented to
mitigate the risks.

106
Capital expenditure

STUDY UNIT 8.1

14 CAPITAL EXPENDITURE

Introduction
Jackson & Stent (2012:14/2) explains that this cycle essentially deals with the
transactions which a company enters into to raise finance, for example by borrow­
ing money from a bank or investment company, as well as with the investments
the company makes, whether in property, plant and equipment, or by making
long-term loans or investing surplus funds.

8.1.1 Characteristics of capital expenditure


We will explain capital expenditure in the finance and investment cycle with
reference to the acquisition of fixed assets and the obtaining of finance by
means of long-term loans.

Study

Jackson & Stent (2012:14/2)

Risks and internal controls in the cycle will now be explained.

8.1.2 Risks and internal control for capital


expenditure
Compensating controls over capital expenditure transactions entail planning,
authorisation, implementation and review and approval (Jackson & Stent
(2012:14/3).

Study

Jackson & Stent (2012:14/3–14/4)

Jackson & Stent (2012:14/4–14/5) – The Finance and Investment Cycle at Proride
(Pty) Ltd

107
Finance and investment cycle

Activity 1
1. Explain what the term “non-routine transactions” means.
2. How do internal controls over “non-routine transactions” differ from the
internal controls over routine transactions explained in the previous topics
in this study guide?
3. Describe the major risks for capital expenditure with reference to the internal
control objectives.

Feedback on activity 1
Reference: Jackson & Stent (2012:14/2)

1. Non-routine transactions such as fixed asset acquisitions do not usually


occur every day and the number and frequency of transactions are consid­
erably less than, for example, sales, purchases, salaries and wages. The
size of transactions is usually significant (the amounts are large) and these
transactions are frequently subject to legal and regulatory requirements.
2. Because of the characteristic mentioned in 1 above, transactions in this cycle
are not subject to the routine everyday controls relating to transactions. In­
ternal controls over nonroutine transactions such as finance and investment
transactions are still based on the five components of internal control (as
explained in topic 2), but “compensating controls” would be implemented.
3. The major risks for capital expenditure with reference to internal control
objectives are explained in section 2.6 in Jackson & Stent (2012:14/2) and
are not repeated here.

Note: The main risks explained under section 2.6 in Jackson & Stent (2012:14/2)
are associated with the finance and investment cycle as a whole, but take
note that these risks are also specifically applicable to capital expendi­
ture in the cycle.

Activity 2
You have recently been appointed as the internal auditor of North Shore Ltd, a
large shipping company in Port Elizabeth. Your first assignment was to evaluate
the company’s accounting systems and related internal controls. The company is
divided into five sections, each of which has its own section accountant, who is
responsible for producing monthly accounts and ensuring that sectional financial
matters run smoothly. While reviewing the financial records of the warehousing
section you were surprised to see that considerable capital expenditure had been
incurred just before the financial year-end (30 June). You found that the same
expenditure had been incurred in the other four sections of the company and on
visiting the various sections (in July), you noticed a fair amount of equipment still
in boxes and not in use. Deciding to follow this up, you approached Andy Bell,
the most senior sectional accountant, and asked for an explanation of how the
system for capital expenditure operated. He responded as follows:

1. Each sectional accountant is responsible for capital expenditure for his/her


section.
2. A budget is prepared in the office of the financial director. Budgeting figures
are calculated by increasing the previous year’s budget by the average con­

108
Capital expenditure

sumer price index for the year. Sectional accountants are notified as to what
their section can spend on the purchase of capital items.
3. However, if sections do not spend their capital budget in any financial year,
that section’s budget is reduced for the following year. As you can see, we all
try to avoid a cut in our budget by making sure we spend our budget before
the end of the financial year.
4. If a staff member in the section requires equipment, for example in my
warehouse section the foreman may decide he needs a new forklift, he
emails my assistant with the precise details of what is required as well as
the name of a supplier. None of the equipment used by North Shore Ltd is
particularly complicated, so this method works fine.
5. My assistant then completes a pre-printed, numerically sequenced, multi-
copied order form which the sectional accountant signs before sending the
top copy to the supplier. The second copy of the order is sent to the central
creditors department for payment, along with the supplier delivery note. The
third copy is left in the order book and used by the assistant to write up the
new equipment in the assets register.
6. The supplier delivers the equipment to the section and my assistant signs
the supplier delivery note after agreeing the items to the supplier delivery
note. The assistant retains a signed copy of the supplier delivery note, which
is sent to the creditors department as described in point 5 above.

REQUIRED
Identify and describe the weaknesses in the system of investing in capital equip­
ment at North Shore Ltd, based on the information given above and recommend
improvements to address the weaknesses you have identified.

Do not concern yourself with payments to creditors.

Write your answer in the tabular format given below:

Weakness Explanation and improvement

Feedback on activity 2

Weakness Explanation and improvement


1. The acquisition (investment in) fixed •• The company should appoint a fixed
assets is not planned. asset committee consisting of senior
experienced management to take
•• There is no evaluation of whether
responsibility for evaluating the need
the items purchased by the
for the purchase and evaluating how
five sectional accountants are
capital expenditure will be financed.
required.
•• Any member of the section •• All requests for fixed assets from
sections must be fully motivated.
can request equipment without
providing proper motivation. •• The fixed asset committee should be
responsible for preparing an annual
capital expenditure budget (see below).

109
Finance and investment cycle

Weakness Explanation and improvement


2. 
The budgeting process is totally •• A proper budgeting system for capital
ineffective. expenditure should be put in place:

•• Simply increasing the prior year’s •• Each section should carefully evaluate
their actual capital expenditure needs
budget by an index has resulted
(and planned disposals) for the
in sections being allocated money
upcoming year. The budget should not
which they do not require and
be based on adjusted figures for the
which will be wasted.
previous year.
•• This weakness is compounded
•• The sectional budgets should be
by the fact that sections are
submitted to the fixed asset committee
“punished” for not spending their
for their approval, which should only be
allocation by having their budgets
given after careful consideration of the
reduced.
motivation.
•• There should be ongoing comparison of
actual capital expenditure with budgeted
expenditure.
3. There is inadequate authorisation of •• The fixed asset committee should
capital expenditure. approve the budget, which will then
become the fundamental authorising
•• Sectional accountants
document.
have complete authority to
purchase equipment provided •• See points below (4).
they have not exceeded the
budget.
•• In effect, the sectional accountants
can make a purchase and
authorise it. This amounts to a
lack of division of duties.
•• As there appears to be no
reconciliation or follow-up of items
actually purchased, this lack of
division of duties becomes more
serious.
4. The controls over the requisitioning •• A properly designed (two part) pre-
and ordering and receipt of capital printed, sequenced, capital expenditure
expenditure items are inadequate. requisition must be prepared and signed
by a senior person in the section
•• No properly designed, pre-printed,
requiring the item, for example the
sequenced (and authorised)
warehouse manager requiring a new
requisition form is presented to
fork lift.
support the purchase request
(email is sent). •• This requisition should be submitted to
the sectional accountant, who should
•• The order is placed by the assistant
authorise the requisition (sign) after
to the sectional accountant (not
confirming that the request complies
the buying department), without
with the capital expenditure budget.
any follow-up with the supplier
as to availability and price and •• A copy of the requisition should be sent
to the company’s buying department,
alternative suppliers.
and the second copy filed in numerical
•• Items purchased should not be
sequence.
delivered to the individual sections
as this weakens division of duties •• The order department should:

–– confirm that the goods requisi-


tioned appear on the capital budget,
and if so

110
Capital expenditure

Weakness Explanation and improvement


. –– check with the preferred supplier
as to availability, current price and
delivery particulars, and
–– make out and sign a three-part
pre-printed, sequenced (capital
expenditure) order.

•• Items purchased should be delivered to


North Shore Ltd’s receiving department,
where a pre-printed, sequenced, three-
part “capital item goods received note”
should be made out after the items
delivered have been checked to the
supplier delivery note.
5. There is a serious lack of division of •• On receipt of the item, a responsible
duties in respect of the assistant to official in the section should check
the sectional accountant. This person: the item delivered against the original
requisition and the “capital item goods
•• places the order (on the strength
received notes”, before signing them.
of an email)
•• receives the goods •• Once the above procedures
are complete, the assistant to the
•• “authorises” payment (by sending
sectional accountant can write up the
the unchecked documentation to
creditors) sectional fixed asset register.
•• writes up the records (fixed asset
register)

Source:  Graded questions on auditing (2012:281) – adapted

Summary
In this study unit we explained capital expenditure with reference to the characte­
ristics of fixed asset acquisition transactions. The risks associated with fixed asset
acquisitions were explained and internal controls applied to mitigate those risks.

Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:
1. Explain capital expenditure by referring to the characteristics of fixed
asset acquisition transactions.
2. Explain and apply risks and internal controls related to fixed asset acquisi­
tion transactions.

CONCLUSION
In this topic, Finance and investment cycle, we explained the business cycle
with reference to capital expenditure and the characteristics of asset acquisition
transactions. The risks and internal controls related to fixed asset acquisition
transactions were also explained and applied.

111
Bibliography

BIBLIOGRAPHY

Globe and Mail. 18 October, 2011. Available at: http://www.ctv.ca. (accessed on 27 Oc-
tober 2011).
Gowar, HR & Jackson, RDC. 2010. Graded questions on auditing. Durban: Lexis Nexis.
Gowar, HR & Jackson, RDC. 2011. Graded questions on auditing. Durban: Lexis Nexis.
Gowar, HR & Jackson, RDC. 2012. Graded questions on auditing. Durban: Lexis Nexis.
Griffiths, D. Risk Based Internal Auditing: Three views on implementation.
Jackson, RDC & Stent, WJ. 2010. Auditing notes for South African students. Durban: Lexis
Nexis.
Jackson, RDC & Stent, WJ. 2012. Auditing notes for South African students. Durban:
LexisNexis.
JSE Limited Listings Requirements. Service issue 14. 2011.
Public Finance Management Act 1 of 1999.
Puttick, G & Van Esch, S. 2007. The principles and practice of auditing. Cape Town: Juta.
South African Institute of Chartered Accountants. SAICA handbook, vol 2. Latest edi-
tion. Durban: Lexis Nexis.
South African Institute of Chartered Accountants. SAICA legislation handbook, vol 1&3.
Latest edition. Durban: Lexis Nexis

112

You might also like