Risks and Internal Controls for Kudler Fine Foods Essay Example for Free

Risks and Internal Controls for Kudler very well Foods EssayInternal controls be policies and procedures a company uses to ensure the accuracy and validity of their data. Risks argon threats to that data that could be internal or external of the company (Hunton, Bryant, Bagranoff, 2004). The following paragraphs will identify and analyze the risks and internal controls as they relate to the information formations for Kudler define Foods. This will give Kudler information on how to evaluate risks and the application of the internal controls and this document will discuss other external risks associate with buying a new accounting information system (AIS). Identifying and Analyzing Risks There argon many types of risks that a company has to confront each day in information engineering science (IT). The four main types of risk are business, audit, security, and continuity risks. A business risk is when a company will not be able to pass on its goals and objectives this could be union issues, a competing company, fraud, or production equipment failure. Audit risks include misstatement of financials by an auditor or a failure by an auditor to disclose fraud or material errors.A security risk can be a host of things that would ruin the integrity and access of the data, which can as well lead to fraud or misuse of other information from internal (like employees) to external (like hackers) sources. And, finally, continuity risks are information system risks that have to do with backup, retrieval and day to day availability of the system. When un figurened risks occur, management and auditor need to act quickly to intercept the risk, balance the risk with cost-effective countermeasures, since it is impossible to plan all risks (Hunton, Bryant, Bagranoff, 2004).It is important to thoroughly evaluate the AIS selected for risks as it includes confidential customer, vendor, payroll and corporate information within the master databases. The types of risks assoc iated with Kudlers new AIS system are system setup, data transfer and implementation issues, the AIS exceeding server capacity, other technology issues, and internal security breaches such as fraud, loss, or misuse of data.typically the risks to AIS systems are primarily internal threats, as processing occurs behind the Companys firewalls and system access is usually limited to only company employees. Kudler has triplex stores, so it might be web-enabled, allowing vendor users and employees to access the system over the Internet, which will expose their system to external threats. This increased connectivity might net unauthorised access easier for hackers and therefore data loss, industrial espionage, fraud and system outages could occur as well (Goldenberg, 2011).Internal controls are vital to put into place from this commove of assessing the risks. Identifying and Analyzing Internal Controls The purposes of internal controls for an AIS are to protect the data resources against fraud, damage, and loss. It is also to ensure accuracy, validity, and reliability of the financials and operating data, which will help Kudler to stay compliant with its policies and procedures of the company and make better decision making strategies.For best business practices, internal controls need to be put into place, as the risks are many for Kudler, but in dress for management to document their understanding of internal controls, they should use a flowchart to highlights risk issues and areas needing control. Attached are Appendix A, B, C, and D Data Flowcharts for Kudler. On these charts are highlighted areas of possible risks and potential internal controls to put into place (Apollo Group, 2013). The first step to developing an effective internal control system is to identify the areas where exploitation or errors are likely to occur.Separation of duties is the key to eliminate many fraudulent concerns surrounding accounting and finance. No employee should handle more th an one of the following responsibilities account book keeping, authorization, reconciliations, and custody of assets. The following areas in accounting should also be reviewed for internal risks * Cash receipts and disbursements This will include deposits recorded and made promptly to the bank, checks sign-language(a) and reviewed by management, petty cash secured and roperly recorded, bank reconciliations are done monthly and reviewed by guidance, AP and AR master data files are secured with end user controlled passwords.* paysheet This will include that all payroll changes should be approved by a supervisor, that disbursements are for actual employees, and tax filing are filed in contour. * primed(p) Assets This will include all purchases of Fixed Assets are properly labeled and recorded and are used solely for conk purposes, should be reviewed by Management monthly. Ordering (Inventory) This will include all orders are approved before placing, audits are done of inventory regularly, and inventory is properly recorded in compliance with depreciation schedules. * System changes Approval of all changes that will occur to the system must be assigned by the Security Administrator to the Programmers and the Programmers must work with the end users for the changes and then get approval from Management before implementing the changes (BDO Consulting, 2009).Controls Outside of the System Other controls outside of the system that Kudler should evaluate for risks and improvement could be environmental controls, such as physical access to the building or utilities, or operational controls, such as personnel policies, strategic planning, administration, and supply chain, or eventide reputation controls, such as internal or external communications and media issues.Achieving understandable business controls on any level requires Kudler to clearly state procedures for handling each area, including a system of checks and balances in which segregation of duties has been established from beginning to end of the process. Management has the responsibility for setting a tone and degree of answerableness and preciseness regarding the companys assets and responsibilities. Management fulfills that responsibility in part by approving many aspects of the internal controls (Disaster Recovery Journal, 2011). ConclusionIt is the responsibility of Kudler Fine Foods management to understand, monitor, and control risks. This document has shed some light on potential risks the company could face, but being prepared for all risks is impossible. Evaluating and implementing a system of internal controls allows the company to have peace of mind that the organization is able to deal effectively with managing its data, resources, and operations from certain risks. Internal controls also support bona fide reporting and compliance with laws and regulations, which are necessary for best practices in business.