Problem 1

You are an internal audit manager in a central government department that pays subsidies to agricultural businesses involved in the production of basic foodstuffs. You will soon be undertaking an internal audit of the claims processing unit in your department. In preparation for the assignment you are reviewing the audit file on the previous audit carried out three years earlier. You find the following extract from one of the previous internal audits planning schedules:

The unit receives periodic subsidy claims from agricultural businesses on form S100, together with the documentary evidence required to support the claim.

These forms are given a unique reference number on receipt and the details of the claim are recorded in a computerised register by the claims clerk.

The claim forms and the documentary evidence are examined by a case officer, who approves the claim for payment by completing the relevant section of the computer record, once they have verified the completeness and validity of the documentary evidence provided.

The claims unit supervisor receives a weekly schedule of claims approved for payment and carries out a pre-payment review of a specified percentage of claims according to a number of claims value bandings.

The internal audit review in this area will take the form of a stratified sample of claim forms according to value drawn from the computer register of approved claims. These sample claim forms will be verified by reference to the supporting documentary evidence provided by the claimant. After considering this extract, you are concerned that the approach taken previously was more appropriate for an external rather than an internal audit, and you decide to design a new suite of tests for the upcoming audit.

Required:

a. Explain one inherent risk, one control risk and one detection risk relating to the claims processing system!

b. Explain three additional tests that you would adopt this time, indicating for each test how you would assess the effectiveness of the process! IT error causes changes in Bank Mandiri customer accounts

Problem 2

The Jakarta Post Jakarta / Mon, July 22, 2019 / 10:02 am Many customers of state-owned lender Bank Mandiri are complaining about transaction failures after attempting to use ATMs on Saturday morning. Many said they found more funds in their accounts, but others said they found less. Bank Mandiri corporate secretary Rohan Hafas said the failures occurred because maintenance of the ATM system had not taken place smoothly. He explained that every midnight the bank processed the reports of transactions that occurred during the day. As an example, if you had Rp 100 in your account and you withdrew Rp 10 on that day, your account the system would record your account as having Rp 90, he said as quoted by kontan.co.id over the weekend, adding that after recording the transactions the bank backed up the data. While that was being done on Saturday, he explained, the data became corrupted, altering the accounts of about 1.5 million people, 10 percent of the bank's customers. The solution was actually simple, namely to adjust the accounts in the system, he said. However, he added that Bank Mandiri had not yet done that because the bank wanted to check the customers data and it needed two hours to upload the real account balances into the system. Currently the bank is blocking the accounts of 2,670 of its customers who overdrew funds during the computer system failure. Rohan said that on Monday the bank started to contact the owners of the accounts to discuss the issue. He said he believed Bank Mandiri had managed to get back the money that had already been overdrawn If you were an Internal Auditor of Mandiri Bank:

a. As a Professional Internal Auditors, What should you do ? Who do you think that the cause of this failure? Give your opinion!

b. Explain about the Risk in this case, what should you do? and what preventive / detective / corrective action that you should suggest to Board of Management? .

II

1. Internal Auditors are responsible to :

a. Board of Directors

b. Management

c. Both a and b

d. Neither a nor b

2. External auditors consider internal auditors effective if they are:

a. Performed relevant audit test of the internal controls

b. Independent

c. Competent and very well trained

d. All of above

3. Which of the following is NOT an internal audit objective when investigating a suspected fraud?

a. To collect sufficient evidence to prove or disprove the suspicion of fraud.

b. To provide evidence admissible for a disciplinary hearing and/or criminal proceedings.

c. To minimize possible losses to the organisation, where a fraud is suspected to be on-going.

d. To implement appropriate control measures to ensure that similar frauds do not occur in the future.

4. There are main elements found in the IIA Performance Standard 2110.A1, except:

a. Safeguarding of Asset

b. Maximize the risk of organization

c. Reliability and Integrity of Financial and Operational Information

d. Compliance with laws

5. Internal Control Framework that is a standard guide to Information Technology Management Practices :

a. COBIT

b. COSO

c. COITS

d. CICA

6. Management is responsible to decide which controls to implement, and the Internal Auditorsf unction is responsible to implement, review and assess whether they are being properly executed, and whether the controls can be improved.

a. True

b. False

7. An Internal Auditor is expected to carry out audit tests in all areas within an organisation.

a. True

b. False

8. In an organisations procurement process, before goods are procured from a supplier, it is good practice that approval is obtained from higher management. This is considered as a corrective control.

a. True

b. False

9. After internal auditors review and assess the controls within an organisation, the findings and recommendations are reported to the BOD and management through a report which is presented to the Audit Committee.

a. True

b. False

10. Ensuring that financial statements are understandable, transparent, and reliable is one of Audit Committee Responsibilities.

a. True

b. False

III

1. Explain the relationship between internal audit and the audit committee ?

2. Explain at least Three Similarities between External and Internal Auditors!

3. What is SOP? How Important Implementing the SOP in the Company?