This is the AuditNet Standard Risk Control Audit Matix which incorporates formats

used by many audit organizations in their documentation working papers. There are
format templates for risk control, audit procedures, questionnaires and checklists.
There is a blank workpaper and a report summary that can in used by audit
organizations. AuditNet has prepared a monograph for guidance on preparing and
developing audit work programs, checklists, questionnaires and matrices. The
monograph is available to AuditNet subscribers. For more information go to
www.auditnet.org
Audit Program Area: Accounting

WP PROCESS
Internal control environment
Procedures
System access
Defining and changing of accounting schemes for automatic
bookings
Accounting schemes
Accounting schemes
Reconciliation of analytic and synthetic accounts
Connection of applications with G/L
Connection of applications with G/L
Manual bookings
Expenses
Accruals (deferred expenses)
Inventory
Fixed assets
Suppliers
Salaries
Daily statements
Transitional accounts
Archiving of documentation
Monthly and quarterly booking
LLP
Exchange rate differences
Long term loans and deposits
Control of bookings
Control of automatic bookings (Daily control of received orders in G/L)
Control of cash report
Control of analytics and synthtics
End of year booking
End of year booking
Reporting
Reporting
Group Reporting Policy
Group Reporting Policy
AUDITORREVIEWED
EXPECTATION FINDING INTERNAL CONTROLS INITIALS By
Procedures clearly define
duties and responsabilities
of employees in accounting
process.
1.1.1
Check if procedures and
accounting policy exist and are
sufficient to provide adequete
internal controls within the
process of accounting.
Only authorized employees
perform booking
transactions. Internal
controls are adequately set
so that possibilities of
fraud do not exist.
1.2.1
Check if system rights are
adequately assigned to
employees (segregation of
duties and dual controls exist).
Internal controls for
introducing new booking
accounts are correctly set
by procedures and system.
2.1.1
Check who is responsible to
introduce new account for
booking or change existing
booking schemes.
Booking accounts and
schemes (both automatic
and manual booking) are
in accordance with
external regulations.
Internal and external
regulation are taken into
account when defining
automatic booking
schemes.
2.1.2
Check if table of accounts and
accounting schemes are in
accordance with regulation and
International Accounting
Standards. Identify all automatic
and manual bookings (for
automatic booking check
accounting schemes and for
manual perform detail testing)
All data booked
automatically are correctly
transferred from
applications to General
Ledger. Analytic and
synthetic accounts are
regularly reconciled.
3.1.1
Check in which way applications
are connected to G/L and how
often data are transferred to
G/L. Check who is responsible to
check if all data are transferred
correctly.
All data booked
automatically are correctly
transferred from
applications to General
Ledger.
3.1.2
Identify all applications
connected to G/L and check how
automated bookings are done
for each application
Manual booking of
expensesis performed on
correct accounts, timely
and correctly.
4.1.1
Check if specification of
expenses accounts is correct and
complete. Check on sample if
booking of expenses for
branches and HO is done timely
and correctly. Check
completeness of documentation
as basis for booking.
Manual booking of deferred
expenses is done correctly,
timely and with complete
documentation.
4.2.1
Check on sample if booking of
deffered expenses is done
correctly, timely and with
adequate documentation. Check
if there is an expense which
should not be bookes as
deferred expense and vice versa.
Invenotories are booked
timely, correctly and with
adequate documentation.
4.3.1
Check if inventories are booked
timely, correctly and with
appropriate documentation.
Check if information about usage
of material is timely received
from departments.
Fixed assets are
purchased, amortized and
booked correctly and with
adequate documentation.
4.4.1
Check how calculation of
amortizacion is done. Test
correctness of calculation. On
sample check if fixed assets are
purchased and booked correctly
and with adequate
documentation. Check how
annual count is done and if it
correctly booked.
Reconciliation with
suppliers is done annually.
Booking is done timely,
correctly and based on
valid documentation.
4.5.1
Check if reconciliations with
suppliers are done annualy as
stipulated by internal procedures
and Law on accounting and
auditing. On sample check if
suppliers are booked timely and
correctly based on valid inoices.
Salaries are booked based
on valid payroll, timely and
correctly.
4.6.1
Perform observation of salaries
calculation. Check if internal
controls as well as adequate
system controls are adequately
designed and implemented. On
sample check if booking is
performed timely and correctly.
Daily statements are
timely and correctly
booked.
4.7.1
Perform observation how daily
statements are booked to see
whether internal controls are
adequately designed and
implemented.
Funds are not held on
transitional accounts more
than stipulated by internal
and external regulation.
4.8.1
Check if amount on transitional
account is timely and properly
allocated as stipulated by
internal and external regulation.
Accounting documentation
is adequately archived.
4.9.1
Through documentation check
and observation check if
documentation is archived
adequately.
LLP is booked correctly and
timely.
5.1.1
Check how LLP for loans, retails,
documentary, overdraft and
credit cards is calculated and
booked. Perform detail test on
sample.
Exchangde rate differences
are calculated correctly
and timely.
5.2.1
Check how exchange rate is
calculated (automatically or
not), check if dual control is
implemented. Perform detail test
on sample.
Long term loans are
booked timely and
corretly.
5.3.1
Check if booking of long term
loans is performed timely and
correctly.
Bookings performed
automatically are correct
and timely done.
6.1.1
Check if controls over recevied
orders in G/L is regularly done.
Check if errors are timely
noticed. Check if control is
regularly documented.
Compliance between cash
report and G/L exists.
6.2.1
Check if control over cash report
is done according to procedure
(three times a month)
Analytic and synthetic
accounts are regularly
reconciled.
6.3.1
Check if control over
reconciliation of analytics and
synthetics exists. Check most
frequent errors, reasons for
errors and how they were
solved.
Transactions related to
previous year are booked
timely before G/L is
closed. Only authorized
employees can lock and
unlock G/L based on
request of authorized
employee.
7.1.1
Check how end of year booking
is done. Check when G/L is
locked for booking and if there
are possibilities of booking after
that date. Check what happens if
some bookings related to last
year are not booked before G/L
is locked. Check who has the
right to lock G/L and if these
rights are restricted to
authorized employees.
Identify all reports prepared by
Accounting Department and sent
to the Group and other external
parties.
Reports sent to the Group
and other external parties
are correct and sent
timely.
8.1.1
Check if responsabilities over
making accounting reports are
defined. Check on sample if
reports are made and sent
timely. Check on sample
correctness of reports.
Identify all reports prepared by
Accounting Department and sent
to the Group and other external
parties.
Internal Procedures are
updated so that support all
requirements set by the
Group Policy.
9.1.1
Check if instructions from Group
Policy are included in internal
procedures of accounting
department.
REVIEWED
Client Name
Internal Control Framework

Completed By:
Reviewed By:
Question Yes No* Comments /Description
Name and Title of Person Completing Form (please print)
Date Completed:
To the best of my knowledge, the answers and comments noted above are accurate and reflect the current
Name and Title of Department Director (please print)
* For a No answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed. Questionnaire
Signature of Person Completing Form
10/11/2014
Date Form Completed
Signature of Department Director
Date of Department Director's Signature
* For a No answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed. Questionnaire
Employee Responsible for Task
To the best of my knowledge, the answers and comments noted above are accurate and reflect the current
Name and Title of Department Director (please print)
* For a No answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed. Questionnaire
Signature of Department Director
Date of Department Director's Signature
* For a No answer, cross-reference to either a compensating control or to audit work which has been performed
or is to be performed. Questionnaire
Finding Ref # Control Testing Finding
Management Response & Treatment