| Department |
Audit Area |
Process |
Inherent Risk |
Control Measure |
Audit Procedure |
| Human Resources |
Salary |
Calculating gross and net salaries. |
Incorrect salary calculation due to data entry. |
Use of automated payroll software. |
Verify salary calculations for accuracy and completeness |
| Human Resources |
Employee Records |
Maintaining accurate employee information including personal data. |
Unauthorized changes to employee data or inadequate access controls. |
Access restrictions to employee records with audit trail of all modifications. |
Review access logs and verify data integrity |
| Finance |
Financial Reporting |
Preparation and review of monthly financial statements. |
Material misstatements in financial reports due to errors or fraud. |
Multi-level review process with segregation of duties. |
Test controls over financial close process |
| Finance |
Cash Management |
Daily monitoring and forecasting of cash positions. |
Inadequate cash reserves leading to liquidity issues. |
Daily cash position monitoring with automated alerts for threshold breaches. |
Review cash flow forecasts and test accuracy of cash position reports |
| IT |
System Access |
Managing user access rights, authentication protocols. |
Unauthorized access to sensitive systems and data due to weak access controls. |
Role-based access control with regular access reviews and multi-factor authentication. |
Test user access provisioning and review logs for unauthorized access attempts |
| Procurement |
Vendor Selection |
Evaluation and selection of suppliers based on quality requirements. |
Selection of non-compliant or fraudulent vendors due to inadequate due diligence. |
Standardized vendor evaluation process with multi-criteria assessment and approval committee. |
Review vendor evaluation documentation and verify compliance with procurement policy |