Skip to content

Control environment health check (Part 2)

Control environment health check (Part 2)

Welcome to the second part in this series. The aim of these articles is to provide some ideas that will help you to complete a brief health check on your organisation’s control environment. The main objective is to identify any significant gaps you may not have considered before. The first part of the series covered the Purchase Cycle and the Sales Cycle. It can be found here, in case you missed it.

This article will cover the Payroll Cycle, Fixed Asset Cycle and Stock Cycle.

Payroll Cycle

  1. New employees. Are interviews conducted and references obtained and checked for new employees?

    WHY? Performing checks on new employees reduces the risk that the organisation employs inappropriate people.

  2. Employment contracts. Do employees have signed contracts? If there are changes to terms are these documented (eg by issuing a pay increase letter)?

    WHY? Clear documentation of employment terms and conditions reduces the risk of problems if there are any disputes.

  3. Payroll review. Is payroll reviewed prior to payment by an employee who is independent of the preparer?

    WHY? Segregation of duties in the payment process is key to reduce the risk of fraud and error.

Fixed Assets Cycle

  1. Fixed asset register. Is a fixed asset register maintained, which identifies each asset individually?

    WHY? A clear fixed asset register reduces the risk that assets will be lost or stolen or become obsolete, without this being identified. A fixed asset register is required for accurate financial statements to be prepared.

  2. Asset identification. Are asset tags or reference numbers used so that assets can be traced and identified individually?

    WHY? Clear identification of assets reduces the risk that they will be lost or stolen.

  3. Fixed asset inventory. Where necessary, are periodic checks done to ensure assets still exist and are in use?

    WHY? Periodic fixed asset checks help to identify any loss of assets so that action can be taken.

  4. Physical security. Are assets kept physically secure, for example through use of security passes?

    WHY? Ensuring assets are physically secure reduces the risk they may be stolen or tampered with.

Stock Cycle

  1. Stock organisation. Are stock items clearly identified and organised? Is obsolete or damaged stock separated?

    WHY? Stock is less likely to be lost or miscounted if it is well organised.

  2. Stock counts. Is a stock count performed at least annually? Are procedures in place to ensure that all stock is covered by the count?

    WHY? It is a requirement for organisations to count their stock at least annually.

  3. Stock count method. Do stock counters receive clear instructions? Are counts performed "blind" and in pairs where possible? Are variances investigated?

    WHY? If the stock count is well organised it is more likely to be done accurately. "Blind" counts mean the counter does not know the expected result before they count, which increases accuracy. Counting in pairs where possible also increases the count accuracy.

  4. Stock valuation. Is management able to monitor whether the value of stock items has fallen below cost?

    WHY? Stock should be valued at the lower of cost and net realisable value, so management should have a method to identify any stock that needs to be revalued.

  5. Physical security. Is stock physically secure, for example through use of security passes?

    WHY? Ensuring assets are physically secure reduces the risk they may be stolen or tampered with.

In the final part of this series we will cover IT General Controls, the Financial Reporting Cycle and the General Control Environment.

If you would like us to help you review your controls and procedures then please get in touch.

Find out more about Gary Pready

Gary Pready

Gary Pready

Senior Audit Manager