450+ experts on 30 subjects ready to help you just now
Starting from 3 hours delivery
Pssst… we can write an original essay just for you.
Any subject. Any type of essay. We’ll even meet a 3-hour deadline.Get your price
121 writers online
While Dubious Chips, Inc does some things correctly, the company is also doing many things wrong which is opening them up to risk. To begin, only three IT internal auditors are responsible for the internal audit of their global operations. It does not seem feasible to expect three individuals to be able to keep up with the testing of internal controls for an entire company. This can lead to some things slipping through the cracks. Locally, one person is in charge for all of the accounting and administrative functions of an office. Having one person in charge of these can lead to problems with theft or other issues that can harm the company. The computing environment of this company seems healthy overall. Within programming, I noticed that the person in charge of modifying the code also tests the code to see if it is functional. These two duties need to be separated.
Authorization seems to be in good shape. Accuracy of the purchasing process has one risk that I noticed. When a number does not exist, the clerk simply enters a new number into the system. There needs to be confirmation that this customer does in fact exist. In regards to the validity of the purchasing process, a member of the administrative office does not need to be involved in receiving a package. That should be the job of the warehouse clerk. If the admin is able to receive packages, he or she could be using them for their own benefit or making fake orders. Completeness does not seem to be an issue.
Physical and Logical Access I believe that the company is at a very high risk by allowing one person handle the accounting and administrative duties of the local offices. These two need to be separated because that individual would be approving their own work. If these are not separated, you could have the accountant messing with the books then approving of this because they also have administrative duties. This could lead to fraud, theft, and many other issues. There should be at least one person for each role to keep each other accountable for one another. There should also be a supervisor of the local office to review both the accounting and administrative work to ensure that there is no collusion that is occurring. Segregation of duties is important for this particular reason. If a local office was doing something wrong it could affect the books and integrity of the entire company.
While reading this narrative, I discovered that program changes are tested on the production system by the individual who implemented the change, then the test results are later reviewed by a supervisor. I believe that the implementation and testing need to be separate duties because one could simply bypass the test or give it a positive result for someone else to review. The supervisor should test the changes themselves to ensure that an effective change has been made to the program. If these changes are not made, it could affect the program negatively which could affect others throughout the company without even knowing it. This software goes out to everyone, so it is crucial that it is reliable. I also believe that when the software is implemented, it should be done so by a professional. Sending the software to the regional manager and having them go through the process themselves could lead to issues later on. Someone from the SBCC should handle that on their own to make sure that no issues arise during the process.
Currently when a vendor or inventory number does not exist, the clerk is to enter it into the system. This is a weakness because a local office could be creating a fake client to fabricate sales or steal products. They need to implement a system where when the customer cannot be found, the regional office follows up with the person who placed the order to obtain the customer information, and then the regional office can follow up with the customer themselves to confirm the order. Another issue within the purchasing transactions is that an administrative employee can receive shipments. This job should only be performed by the warehouse receiving clerk as he should not have access to any kind of ordering of products.. The administrative employee could place an order himself, then take it for his personal use or disposal. This could lead to theft of products for sale on a secondary market or it could be simply to fabricate sales of that specific office. This administrative employee should not handle any shipments unit they have been confirmed and matched with a PO. This can simply be resolved with a very strict segregation of duty policy that can stop anyone who is unauthorized from obtaining shipments.
Dubious Chips has many bright spots within their system, but there are also a lot of noticeable risks. I addressed the risk within this report and believe that the changes could make a positive impact on the company as a whole and reduce their risk. Some of the changes recommended will take time and money to implement, but the company should not let that affect their decision making. These are necessary to reduce risk and help the company going forward because these weaknesses could hurt them in the future.
We provide you with original essay samples, perfect formatting and styling
To export a reference to this article please select a referencing style below:
Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.
Attention! This essay is not unique. You can get a 100% Plagiarism-FREE one in 30 sec
Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.
Please check your inbox.
Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.Order now
Are you interested in getting a customized paper?Check it out!