Kudler Fine Foods - Information System Audit
Information technology (IT) has become increasingly sophisticated and complex, escalating the ongoing change within Kudler Fine Foods. As IT information is adopted within the organization, automation controls many processes within the Kudler’s environment. As Kudler has become more virtualized, a need for increased trust and assurance in the relationships with consumers, partners and suppliers. The swell of e-commerce business has created new ways of conducting an audit. Statement on Auditing Standard 94 (SAS 94) requires that the auditor understands the technological aspect of the organization in order to grasp the internal controls and the assessment of control risks for a proper audit
…show more content…
The outsourcing of payroll to the third party would be audited using the SAS 70 approach. SAS 70 audit “has become a virtual business requirement for service and outsourcing providers” (Gallun, 2008, p. 13). To have obtained a SAS 70 report the outsourced payroll provider would have gone through a rigorous review of their internal controls structures and once completed the compliance report can be shared to other users. The two main SAS 70 reports, which describe a company’s internal controls, are Type I which and Type II. Type I report does not perform a detailed testing of controls but only performs a “walkthrough” of controls (Hunton, 2004). Type II report is more involved than a Type I report because the controls are extensively reviewed (tested beyond a “walkthrough”) and tested over a minimum of six months.
Purchasing and Inventory
Kudler Fine Foods has significantly increased the amount of data processed electronically in purchasing and inventory. The two processes are virtually “hands off” due to electronic data transfer (EDI) and barcode based receiving. The EDI process should be audited using an attestation audit, also known as a SysTrust engagement, to verify the EDI system is available, security, has integrity and is maintainable. Due to the nature of
The purpose of this report is to discuss the effectiveness of the internal procedures used to administrate the payroll function and provide information to other stakeholders
The chances of failures can be decreased by executing the checks on the systems. These keep an eye on the systems preventing risks from occurring, and these checks are avoided as the interior controls. The motivation behind the inner controls is to keep the organization safe from risks associated with the modernized accounting-system risks. Organizations change their manual accounting systems to computerized accounting systems for different reasons, this incorporates the points of interest, and the explanation behind utilizing electronic accounting information is instinct. The organizations embrace the policies of their
Kudler Fine Foods would need to first analyze their current situation. This would need to incorporate the owner and managers to get an accurate analysis. Some of the items that might want to be evaluated are financial statements, strengths and weaknesses of products, major competitors, outside threats (demographics, economic trends, and customers), and any other items that may present themselves (MacVicar, 1996).
Kudler Fine Food should have written procedures and policies for everything, starting from work procedures to locking up the store. Kudler Fine Food does not have a written policy security of Finance and Accounting Systems, but it is recommended to written document. There should be a document of security features embedded by the software provider, including names of people with limited access and dollar limits. In addition, passwords
Kudler policies and procedures will be reviewed using a risk-base audit approach. Attribute sampling technique will test internal controls of the POS System Observed sales transaction made at each store. Using the variable sampling technique, financial report from REMS system and bank statements obtained from the bank will be compared to Kudler 's bank reconciliation reports. After the evidence is gathered and reviewed an overall audit opinion will be given to determine if objectives were met and whether procedures were sufficient.
Kudler Fine Foods is in a position to use its information technology, marketing strategies, and sales plans to create a prominent place in their niche market. Focusing on internal and external environments will help Kudler formulate a successful plan for the future and prepare for the changes that occur in such a diverse platform of partnerships, contracts, suppliers, and customers. Having a sales plan in place shows forward thinking of the management team. Planning is the most important part of being a successful enterprise and now that Kudler has three stores they are in a position to evaluate where they are and develop their future.
The Kudler Fine Foods is located in the metropolitan area of the San Diego. It is a local upscale specialty food store. The very best imported and domestic foodstuffs are stocked in all the stores of this company. The Kudler Fine Foods has five departments, namely: Fresh Produce, Fresh Bakery and Pastries, Condiments and Packaged Foods, Fresh Meat & Seafood and Cheese's and Specialty Dairy Products. The founder of this company is Kathy Kudler. She got the idea of an upscale epicurean food shop while she was buying grocery for gourmet cooking. The first Kudler Fine Foods was opened in the year 1998. It has now become a virtual organization. This essay is purposed to change the management within the accounting department of this company. The dimensions of the suggested change process, its advantages and benefits for both the company and its employees are discussed.
Another aspect relevant to the information technology is the system-generated data and reports. If auditors choose a control that uses some information generated from the company’s internal IT system, the effectiveness of the control requires obtaining audit evidence of the accuracy and completeness of the internal information. In the ZOU’s case, when testing of the controls over risk #2, auditors use reports, which are automatically generated by the Warehouse K system. Auditors decide to further test the controls over accuracy and completeness. When testing the controls over risk #3, both monthly reporting package and budget information are somewhat generated internally by ZOU’s internal system. Depending on different systems, auditors decide to further test controls for accuracy and completeness with respect to the monthly reporting package, which is generated from PeopleSoft.
The system/application domain consists of mission-critical systems, applications, and data. Common targeted systems and applications are operating systems (desktop, server, and network), e-mail applications and servers, Enterprise Resource Planning (ERP) applications and systems, and web browsers.
Over the last several weeks, there have been several recommendations made to update and replace the current software of Kudler Fine Foods IT audit systems. These recommendations have been made in hopes of making the company more efficient and profitable. According to most recent research, there are several audit systems that seem to best suit all audit functions of Kudler Fine Foods. Having said that, it is important that Kudler’s management consider the legitimacy of data and integrity within their auditing system. This analysis describes how Kudler Fine Foods is able to benefit from the use of new audit software. It also explains how the Computer Assisted Auditing Techniques confirms the company’s system data integrity.
The liquidity, profitability, and solvency ratios reveal some interesting points about Kudler Fine Food’s financial position. The liquidity ratios revealed that during 2002 and 2003, Kudler was having no trouble paying short-term debt. However, the current and acid-test (quick) ratios showed that during 2003 Kudler had an excess amount of cash that they were not investing properly. These ratios also showed that Kudler was collecting receivables and selling average inventory very quickly. The profitability ratios revealed that during 2002 and 2003, Kudler was using assets efficiently and making a decent profit. The profit margin ratio
During the performance of this integrated audit, require numerous judgments about the internal control and overall financial reporting and how well it addresses risks of material misstatements within the financial statements (AICPA, 2014). After re-evaluating the previous errors found from the previous audit, the audit team found the corrective actions to be appropriate and justified in elimination of human error by implementing additional checks and balances within the manual process. No additional misstatements have been found and all internal controls off the financial reporting seem appropriate and just.
The personnel and payroll cycle includes the hiring of employees, recording hours worked, withholding and, recording of taxes, distributing payment for work performed, and properly documenting the termination of employees. Payroll can be a significant expense for a company and without proper internal controls can be vulnerable to fraud. Some common types of the fraud within the payroll cycle consist of ghost employees, claiming unworked hours, and pay rate alteration. The objective of a payroll audit is to determine if the current balances in the audit period are fairly stated and in accordance with accounting principles. According Arens, Elder, and Beasley, “Tests of controls and substantive tests of transactions procedures are the most important means of verifying account balances in the payroll and personnel cycle” (2012, p. 664). An
The creation of a team to perform the effective auditing of an Information Technology (IT) organization is a daunting task. Some of the key elements that should be considered while creating an IT audit team are highlighted in this critical thinking report, such as what should be the primary focus of the team, what are the key positions, the skill-sets needed for each member of the team, outside assistance or co-sourcing should be considered or not, and determining the value of the audit pertaining to the entire organization. Moreover, the expected outcome of this report is to provide all crucial aspects of successfully creating an IT audit team, so that the team is fully efficient to figure out each and every pros and cons of the internal controls of an IT department.
In this report I will critically analyse the audit statement provided by the information systems auditor and provide a solution specific to the company for issues I identify. The report will offer a number of solutions to identified issues where possible to ensure Smith Industrie Ltd. have a choice if they do decide to implement proposed solutions. The solutions will take into consideration the IA principles, ISO 270001 and ITIL, as well as being designed to accommodate the current and future demands of Smith Industrie Ltd.