Process Risk # Risk Control objective Control Control Activities

#
1. Revenue Cycle
1.1 Service order R.1-01 Services to customers Suitable authorization of C.001 Access controls (only
transactions authorized personnel can
with bad credit score.
access)

R.1-02 Inapplicable service Reasonable assurance that C.002 Transaction

customer orders service orders recorded are authorization ( to make sure
reviewed and approved that employees are not
accepting invalid services
or secret services using the
corporation’s assets that
would benefit them
personally)
2.2 Customer Credit R.1-03 Contracts with Reasonable assurance that C.003 Segregation of duties
Transactions customer are not clear, customer credit accounts are (duties to employees should
invalid, or outdated handled properly by be given to them in a way
authorized personnel in that would avoid confusion
complete and correct manner and disarray in execution of
tasks)
R.1-04 Accounts receivable C.004 Accounting for assets is
are posted incorrectly in accordance with GAAP
1.3 Collection of R.1-05 Theft of cash Reasonable assurance that C.003 Segregation of duties
Cash cash receipts are complete
and verified
R.1-06 Employee fraud C.005 Supervision on the
 record keeping of the assets
( to make sure that
employees are not
manipulating the records to
steal money from the
corporation)
C.006 Physical counts of
receipts or records ( if
applicable )
1.4. Accounts R.1-07 Incorrect posting of Reasonable assurance that C.007 Reconcile subsidiary
Receivable accounts receivable customer credit accounts accounts receivable ledger
and customer invoice are with the general ledger
handled properly by
authorized personnel in
complete and correct
R.1-08 Error in billing manner C.008 Billing and shipping
process should be separated so as to
avoid confusion and error

R.1-09 Customers not billed

2. Expenditure Cycle – Purchases and Cash Disbursements

2.1 Purchase R.2-01 Made order on illicit To have efficient purchase C.009 Create a reference file
Process vendor/s process efficient regarding to supplier or
vendor (name, address and
etc.)

R.2-02 Received wrong quantity, To avoid confusion and C.010 Confirm purchases through
 damaged or not ordered misleading in information evidence such pending file or
purchases received invoice and orders
slip made

C.011 Shall inspect and count

every purchases received
and to be confirmed by
inventory control function

R.2-03 Unauthorized purchases To avoid transaction fraud and C.002 Every purchase must be
theft against the company authorized by certain
personnel only with dual
signature. Involving
department shall have their
copy of authorization
R.2-04 Payment not properly To avoid misleading C.012 Payments to purchases can be
made to vendors information made through cash, credit or
etc. Correct amount to correct
suppliers/vendors shall be
made.

C.013 Verification of vendor when

payment is complete

2.2 Cash R.2-05 Purchases and Cash To avoid inappropriate C.003 Purchases and Cash
Disbursements Disbursements handled practices Disbursements shall be
by non-independent handled by different,
personnel independent personnel
 R.2-06 Unauthorized payment To avoid transaction fraud and C.002 Only A/P shall authorized
theft against the company every payment with dual
sign authorization.
Involving department shall
their copy of authorization
R.2-07 Missing Cash To secure company’s cash C.005 Limit the access on cash
and on accounting records

3. Expenditure Cycle – Payroll Processing and Fixed Assets

4.1. Payroll R.3-01 Time cards of employees To prevent a fraud in C.005 An authorization control
Processing who are no longer current processing the records for form is maintained and
or working in the firm are payroll updated to ensure that the
submitted time cards being processed
are current and valid
R.3-02 Multiple roles assigned to To ensure and maintain C.003 Separate delegation of the
the personnel processing efficiency in operations in responsibilities in keeping
the payroll resulting to terms of maintaining the records and approving
improper access to correctness of records and payment and in cash
accounting records disbursements disbursement
C.005 Time-keeping process must
be monitored with
authorized supervision and
ensure that the time cards
are in reconciliation with
actual attendance
C.005 Access to accounting
 records must only be
handed to those with proper
authority and maintained
properly for analysis of the
audit trail
C.013 Supervisor must verify the
records for any inaccuracies
before sending them to the
paymaster for distribution
for the checks
4.2. Fixed R.3-03 Fixed assets are poorly Ensure the security of the C.002 Acquisition of fixed assets
Assets managed and distributed capital assets in their storage must be made with formal
Maintenance resulting to and prevent theft and and explicitly authority,
misappropriation and misappropriation of fixed transactions are written and
theft of assets assets there must be a strict
approval procedure
followed
C.002 Supervisor must see to the
maintenance of security of
assets and ensuring its
appropriate use and
allocation
R.3-04 Error in the systems Records for fixed assets and C.013 Condition and value of the
cause miscalculation in corresponding depreciation assets must be constantly
the values and values are adequately reviewed and verified by
depreciation, resulting to maintained authorized persons for
material misstatement in accuracy of information
the expenses, earnings
and in the asset values Assurance that procedures in C.004 Accounting for fixed assets
recording and reporting the must be kept in accordance
fixed asset values are made in with accounting and
compliance with standards reporting standards set by
accounting institutions.