QUESTION

SOLUTION

1. Case of Securimax

Securimax limited based in Wollongong is a manufacturer of the of the highly technological armour personal carries. Being a large corporation Securimax only deals with highly efficient governments and obtains contracts through the process of tenders. In 2010 the company has considered a replacement of its key machinery for this process a team of internal auditors has been employed considers the implementation and the risk evaluation process of the new machinery launch under consideration. The internal audit department of Securimax would be concerned with the following 5 elements of internal control.

The following are the 5 elements of internal control

1.1 Elements of internal control

1. Control Environment

The control environment raises the consciousness among the employees of the organization regarding the control measures under consideration for the organization. The committee of sponsoring organizations provides clear guidelines for the control mechanisms and the disciplines to be imposed on the organization. It encourages the ethical business practices and the role of ethics in the internal control of the organization. The aim of the audit team is to ensure compliance with the GAAP accounting standards.

2. Risk Assessment

The risk assessment process in an internal audit is concerned with the company’s ability to record and access the financial data collected. In other words it can be described as the mechanism to access any misstatement in the financial statement and the corrective measure that have to be undertaken. The management has to access the risk based upon the day-day operations of the business, also the management has to identify the fraudulent practices that may be occurring within the organization.

3. Control Activities

The function of the audit team is to ensure the implementation of the control activities within the organization i.e. ensuring a discipline among the employees of the firm through the effective implementation of control measures determined by the top management .Control mechanisms may also be related to the flow of information within an organization.

4. Information Control

Controlling the flow of information within an organization is an effective measure to ensure the efficient working of the organization. Information has to be communicated effectively and efficiently so that the employees of the organizations are clear on the goals and the tasks that need to be performed. Information communication may also be of financial character for instance the communication of a particular budget within the organization.

5. Monitoring

Monitoring involves the evaluation of the all the control mechanisms mentioned above.

The Internal Audit and the External Audit are very different from each other in both their method and the nature; therefore even for Securimax both the internal and external audits have different implications.

(www.caionline.org- accessed on 28/4/2012).

1.2 Difference between Internal and External Audit

The similarities of the internal and external audit process stop with planning. Beyond that both the internal and external have completely different implications on the organizations control mechanisms and legal compliance. The basic difference arises in the risk assessment of the organization. Firstly the standard utilized in the assessment of risk is different for both internal and external audit.The internal auditors use the  Statement on Internal Auditing Standards (SIAS) 9 and   Risk Assessment(The IIA, 1991), whereas the external auditors use the standard  Statement on Auditing Standards (SAS) 47, “Audit Risk and Materiality in Conducting an Audit” (AICPA, 1983) and SAS 53 in the assessment of risk. Not only the internal and external auditors use different standards in the assessment of risk but also utilize the risk differently as well.

This is because the objective of risk management is different for internal and external audit teams. The internal audit is concerned with communication of the roles and responsibilities within the organization. The internal auditing department has to adopt a broader role to ensure operational efficiency, compliance, and financial work. This has to ensure efficiency and effectiveness in all the departments.

On the other hand the external auditors are not present within the organization, and may also use the information of the internal audit. The external audit risk assessment is based upon ensuring correct financial statement reporting and evaluation of the presence of any fraudulent practices in the financial reporting. The external audit has to ensure the effective presentation of financial reports to all the stakeholders of the business. The external audit is more about legal compliance and is a compulsory activity on the other hand the internal audit is not a compulsory activity.

Taking into account even the monitoring function on the controlling operations the internal audit has to monitor the activities of all the operational departments within the business and maintain efficiency. On the other hand the external audit is only concerned with the financial statement monitoring and their presentation to stakeholders. Thus, the external audit is more about legal compliance and is a compulsory activity on the other hand the internal audit is not a compulsory activity.

(Findarticles.com- accessed on 28/4/2012, and Pickett, 2012)

2. Case of Health Care holding Group

2.1 Effect on the Accounts

The two accounts which are likely to be affected after understanding evaluating the case of Health Care Holding Group are, As the hospital is undertaking a full payment in four months advance of the booking of the service the two accounts that are mainly affected are the Bank accounts which will be credited with the advance payment and Secondly the money received in advance would be treated revenue income since it is received in advance.

2.2 Identification of the Key Assertions of Risk

The accounts that have been identified which are likely to be affected by the transactions are the bank accounts and the revenue. There are certain risks which have been identified with the 2 accounts under consideration are.

Firstly, the Bank account of the corporation has been already credited with the full payment for the use of the new scan machinery 4 months prior to the actual use of the machine. The main risk identified with the process exists for those people who have already paid for the service while the use of the machine is still being evaluated by the Australian Health Authorities. The scan may not take place at all, and the money of the people may go waste. On the other hand for the corporation the risk that exists for the corporation which has already incurred a massive expense in the purchase of the machinery. If the use of the machinery is banned by the health authorities then corporation would incur huge losses, owning to high expense purchase of the machine.

Secondly, the revenue account of the organization is also likely to be affected because if the use of the machine is not permitted it would lead to the loss of revenue for the corporation. The firms revenue creation ability would be reduced which the firm had essentially targeted an increase in the revenue because of the use of the new machinery.

2.3 Response to the Risk

2.3.1 Reduction in the Cash flow

The reduction in the cash flow caused owning to the reduction in the revenue that may be caused at a future,and the loss that might occur to the firm owning, to the banning of the new scan machine. Therefore the firm should establish an alternative use of the machine or ensure the sale of the machine at price that is completive enough and owes minimal losses to the firm.

2.3.2 Reduction in Revenues

The firm should evaluate the possibility of the other sources of revenue, to recover the reduction in the projected revenues that may be caused due to non-use of the machine.

However the HCHG should have evaluated the control environment better before making the purchase of the machine. The top management should have carefully evaluated the probable risk associated with the business owning to a better planning and control of the risk assessment. Therefore the internal audit team should have been more cautious.

3. References

• “INTERNAL ACCOUNTING CONTROLS TEMPLATE FOR COMMUNITY ASSOCIATION MANAGEMENT COMPANIES LICENSED IN VIRGINIA.” www.caionline.org. N.p., n.d. Web. 28 Apr. 2012<http://www.caionline.org/govt/news/P
• Colbert, Janet L.. “Risk: internal and external auditors operate from two different, official definitions of risk.” findarticles.com. N.p., n.d. Web. 27 Apr. 2012. </p/articles/mi_m4153/is_n5_v52/ai_>.
• Pickett, K. H. Spencer. The essential guide to internal auditing. 2nd ed. Chichester, West Sussex, England: Wiley, 2011. Print.

KF09