Chapter 12
1
Learning Objectives
• Explain the basic business activities and related information processing operations performed in the expenditure cycle.
• Discuss the key decisions to be made in the expenditure cycle, and identify the information needed to make those decisions.
• Identify major threats in the expenditure cycle, and evaluate the adequacy of various control procedures for dealing with those threats.
2
Basic Expenditure Cycle
Activities
• Order materials, supplies, and services
• Receive materials, supplies, and services
• Payment process (2 separate activities)
▫ Approve supplier (vendor) invoice
▫ Cash disbursement
3
4
General Threats & Controls
Threat
Control
1. Inaccurate or invalid master data
1.
Suppliers, inventory, purchasing activities
2. Unauthorized disclosure of sensitive information
3. Loss or destruction of data 4. Poor performance
1.1 Data processing integrity controls (prevent)
1.2 Restriction of access to master data (prevent)
1.3 Review all changes to master data (detect)
2.1 Access controls
2.2 Encryption
3.1 Backup and DRP
4.1 Managerial reports
5
Inventory control systems
• 3 approaches to managing inventory
• Key in managing a supply chain is that
RM are accurately ordered & received in time ▫ Cause issues & expenses in supply chain
Inventory control systems:
EOQ
MRP
JIT
6
Order Goods (Materials/Supplies) or
Services Processing Steps
• Identify what, when, and how much to purchase
▫ Source document: purchase requisition (PR)
Paper or electronic document
• Choose a supplier
▫ Source document: purchase order (PO)
Paper or electronic document
▫ Factors to consider in a supplier:
Price, Quality, Dependability
• Improving efficiency & effectiveness
1.
2.
3.
4.
EDI
Vendor-managed inventory
Reverse auctions
Pre-award audit
7
Ordering Goods/Services
Threats
1. Stockouts and excess inventory 2. Purchasing items not needed 3. Purchasing items at inflated prices
4. Purchasing goods of poor quality
5. Unreliable suppliers
6. Purchasing from unauthorized suppliers
7. Kickbacks
Controls
1 a. Perpetual inventory system
b. Bar-coding, RFID
c. periodic physical count
2 a. Review and approval of purchase requisitions
b. centralized purchase function
3 a. Price lists
b. Competitive bids
c. Review PO & budgets
4 a. Use approved suppliers
5 a. Monitor supplier performance b. Require quality certification
6 a. Purchase from approved suppliers 7 a. Job rotation / Mandatory vacation
b. Audits
b. Prohibit gifts
8
Additional controls - EDI
When using EDI for purchase orders:
• Controls:
▫ Restriction of EDI access;
▫ verification and authentication of EDI transactions; ▫ acknowledgment of EDI transactions;
▫ log and review EDI of transactions;
▫ encryption; digital signatures;
▫ EDI agreements with suppliers
9
Receiving Process
• Goods arrive
▫ Verify goods ordered against the purchase order (what, how much, quality)
▫ Source document: receiving report
• Improving efficiency & effectiveness
▫ Counting
Bar-coding
Radio frequency identification (RFID)
▫ Costs & Notification
EDI (advance shipping notice)
Satellite technology (trucks)
Audits
10
Receiving Goods or Services
Threats
1. Accepting unordered items 2. Mistakes in counting
3. Verifying receipt of services 4. Inventory theft
Controls
1 a. Authorized purchase orders needed before receiving goods 2 a. Bar codes or RFID
b. Quantity blank & signature on receiving report
c. System flags