Untitled

© 2012 University of South Africa
All rights reserved
Printed and published by the

University of South Africa
Muckleneuk, Pretoria
AUE2602/1/2013–2016
98831836
Indesign
CGM_Style
ii

CONTENTS
Page
Preface v
Topic 1: Corporate governance and statutory matters 1
Topic 2:
Internal control 25
Topic 3:
Business cycles 47
Topic 4: Revenue and receipts cycle 55
Topic 5: Acquisitions and payments cycle 73
Topic 6: Inventory and production cycle 85
Topic 7: Payroll and personnel cycle 93
Topic 8: Finance and investment cycle 105
Bibliography 112
iii

PREFACE
1 Welcome
It is a great pleasure to welcome you to this module, AUE2602: Corporate Go
vernance in Accountancy. This module deals with the underlying principles of
corporate governance.
We urge you to read this preface thoroughly. It outlines the purpose of this mo
dule, gives the links with other auditing modules, explains our teaching strategy
and provides useful hints that will help you to enjoy your learning experience.
Refer back to it as often as you need to, since it will certainly make studying this
module a lot easier.
We hope that you will find this module valuable in your study of auditing.
2 Purpose of the module

The purpose of this module is to provide learners with knowledge and skills
regarding the principles of corporate governance, statutory matters and internal
controls in the business cycles.
Students credited with this module will be equipped with theoretical knowledge
of corporate governance and will be able to identify and evaluate the efficiency
of internal controls in different business cycles.
3 Links with other modules

This module does not stand alone. It is an integral part of various degrees o
ffered
by UNISA.
The Department of Auditing offers various modules in the field of auditing, inclu
ding the following Auditing 200 modules:
Auditing 200:
AUE2601: Auditing Theory and Practice
AUE2602: Corporate Governance in Accountancy
AUI2601: Internal Auditing: Theory and Principles
v

4 Framework of the module

Diagram 1 below is a schematic representation of the content of this module.
Diagram 1
AUE2602
CORPORATE GOVERNANCE IN ACCOUNTANCY
Topic 1 Corporate governance and statutory matters

1.1 The background to corporate governance in South Africa
1.2 Statutory matters
1.3 The King III Report and Code on Governance for South Africa
Topic 2 Internal control

2.1 Internal control
2.2 Components of internal control
2.3 Controls in a computerised environment
2.4 Internal control from the perspective of the external auditor
Topic 3 Business cycles

3.1 Business cycles
Topic 4 Revenue and receipts cycle

4.1 Credit sales
4.2 Cash sales
Topic 5 Acquisitions and payments cycle

5.1 Acquisitions and payments cycle
Topic 6 Inventory and production cycle

6.1 Inventory and production cycle
Topic 7 Payroll and personnel cycle

7.1 Payroll and personnel cycle
Topic 8 Finance and investment cycle

8.1 Capital expenditure
vi

5 The teaching strategy
5.1 The study package

The study package that you will need to master this module consists of
•• the prescribed textbook(s)

•• the study guide, in which study material is grouped into topics with study
units (the study guide serves as a key to the study material you have to study
in the prescribed textbook(s) and also contains activities that will enable you
to test your individual learning progress.)
•• questions and answers which relate to the various study units (the questions
and answers are made available in the form of tutorial letters.)
•• assignments, which are contained in Tutorial Letter 101
•• tutorial letters, which contain information to which we wish to draw your
attention
5.2 Learning outcomes, assessment criteria and levels of mastery

We formulate the learning objectives for the various auditing modules to indicate
exactly what will be expected of you in order to complete each module successfully.
For each topic in the study guide, we indicate learning outcomes that you should
be able to achieve after studying a particular topic.
Assessment criteria are supplied in the study guide for each study unit and they
indicate what you should be able to do after having studied the particular study
unit. The formulated assessment criteria are based on various levels of mastery
which you are required to achieve as you learn the study material. The required
levels of mastery for this module vary from knowledge and comprehension to
the application of knowledge under given circumstances. Integration as a fur
ther level of mastery only arises in the subsequent auditing modules and is not
applicable to this module.
The first two levels as defined in the Education Requirements of the South African
Institute of Chartered Accountants (SAICA) (2010:13–14) are requirements for
the purposes of this module:
Level 1: Basic
At this level, the candidate is required to obtain a knowledge and understanding
of the core/essence of the subject matter, which includes the fact that the subject
matter exists and its significance, relevance and defining attributes.
Level 2: Intermediate
At this level, the candidate is required to obtain a detailed knowledge and under
standing of the central ideas and issues that form the substance of the subject
matter.
vii

Level 3: Advanced
At this level, the candidate is required to obtain a thorough knowledge and rigorous
understanding of the subject matter. This level of knowledge and understanding
extends beyond a sound understanding of central issues, to include complexities
and unusual/exceptional aspects of the subject matter.
You will not be confronted with level 3 (advanced) material in this module. This
is covered in your further auditing studies.
The level of knowledge and understanding that you will require for the various
topics/study units covered in this study guide is indicated next to the learning
outcome(s) formulated for each study unit of the topic.
Note the following points regarding the level of mastery indicated for the various
learning outcomes for each study unit:
•• The highest level of mastery that applies to a study unit is indicated. In other
words, if a study unit is indicated as level 2 (intermediate) this implies that you
should also be able to deal with the topic at level 1 (basic).
•• Your mastery of the study material in terms of the specified learning outcomes
will be tested in the final examination paper, which you will have to pass in
order to complete the module successfully. Questions at both levels 1 and 2
will be included in the examination paper.
5.3 Study activities

Numerous study activities and self-evaluation questions are included in each
study unit to encourage your active participation in the learning process. These
are a combination of reading, studying, doing and reflecting activities that are
presented in a flexible manner throughout the study guide. They have been de
signed to enable you to absorb the knowledge content of the topic, to develop
your understanding and to direct your thoughts.
This is a vital aspect of our learning approach because as you encounter these
study activities and actually perform them, you will become directly involved in
controlling the extent and quality of your learning experience. In short, how much
and how well you learn will depend on the extent of your progress through the
study activities, and the quality of your efforts.
5.4 Meaning of words

In this module we require you to understand the meaning of certain words to
enable you to interpret assessment criteria, comprehend what various doing
activities in the study guide require you to do and interpret assignments and
examination questions.
To indicate the length, scope and format of answers to study activities and ques
tions, we have deliberately built limits or restrictions into the questions by using
action verbs. These action verbs give you an indication of how to tackle the given
problem and what style of writing is called for.
An analysis of the action verbs contained in a question will
viii

•• enable you to plan the answer systematically and organise your thoughts
logically
•• ensure that you comply with the lecturer’s requirements
You will also save yourself time and trouble by eliminating irrelevant material that
falls outside the scope of the answer.
For the purposes of this module, the following meanings will be attached to the
following action words:
Word Meaning
Advise Give advice to; express an expert opinion
Apply Use in a practical manner; use as relevant or suitable
Calculate Figure out; determine by a mathematical procedure
Clarify/demonstrate This means expound; make the meaning clear; provide
proof of; argue the truth of
Compare Place side by side in order to observe similarities, re
lationships and differences
Complete Finish; accomplish; supply whatever is missing
Define Describe accurately; establish the exact meaning; ex
plain the inherent meaning; make clear; give an account
of the overall character
Describe Give an account of the respective particulars or es
sential characteristics; outline clearly; give an accurate
account
Determine Establish; reach a conclusion or decision
Discuss Examine; explain; examine by means of argument
Draft Prepare a provisional outline
Examine Inspect; investigate
Explain Make clear or comprehensible; elucidate; give the mean
ing in detail
Identify Establish through consideration; recognise; pick out
Illustrate Explain; shed light on; use an example to elucidate
something
Interpret Explain the meaning of; explicate; construe; show the
nature or essence
List Note/specify matters or objects that are related to one
another
Name/mention/state Specify by name; give names, characteristics, items,
elements or facts
Organise Divide into classes or groups according to certain char
acteristics; place in a particular order
ix

Word Meaning
Prepare Make ready in advance; finish; get something ready on
the basis of previous study
Record Put in writing; set down for reference and preservation
Substantiate Supply reasons or facts; support a view or argument
Summarise Give a brief account; briefly state the essence of a
matter
Tabulate Arrange in tabular form
5.5 Meaning of icons

The icons used in this study guide are listed below, together with an explanation
of what they mean:
Icon Description
Study. This icon indicates which sections of the prescribed book

or the study guide you need to study and internalise.
Read. This icon will direct you to read certain sections of the
prescribed book for background information.
Assessment. This icon indicates that you are required to test

your knowledge, understanding and application of the material
you have just studied.
6 Approach to your studies

The following are vital considerations that you should bear in mind when ap
proaching your studies in auditing, and also some useful hints and aids that will
help you to improve your learning experience.
6.1 Allocation of time for this module

The study material for this module has been developed on the basis of the as
sumption that you will have a total period of 15 weeks available to study the
module. You will need to use the final three weeks before the examination to
revise and prepare for it. You should devote a minimum of eight hours a week to
your studies for this module.
We have provided the following breakdown of the estimated time required to work
through the different topics contained in the study material, including the comple
tion of assignment work. You can use it to compile your own study schedule for
x

this auditing module. Bear in mind that it is only a guideline. You may, however,
find certain topics more difficult and therefore require more hours to master them.
Topic Minimum hours of

study
Preface
1 Corporate governance and statutory matters 40
2 Internal control 15
3 Business cycles 1
4 Revenue and receipts cycle 10
5 Acquisitions and payments cycle 9
6 Inventory and production cycle 5
7 The payroll and personnel cycle 8
8 The finance and investment cycle 2
Completion of assignments 10
Revision for the examination 20
Total time 120 hours
6.2 Mastering the study material

Use the study guide to guide you through the study material. The prescribed
textbook(s) contain the information you are required to master and remain the
primary source(s) that you will need to study. Information, explanations and ques
tions in the study guide, tutorial letters and assignments are included in order to
make the information in the textbook(s) comprehensible to you and to give you
an indication of how well you have mastered the study material.
Make use of the opportunities offered by the study guide. For example, use the
margin in the study guide to make notes, and write down keywords and any
problems that you have encountered. At the end of each study unit a page has
been left for notes where you can jot down information which fits in with your
particular study approach.
Particulars of the assignments that have to be completed for this module are
contained in Tutorial Letter 101. Unisa publications contain information on ad
ministrative arrangements and the student support services offered. Make sure
that you are familiar with all the information contained in these publications.
6.3 Self-study and self-evaluation

Since self-study and self-evaluation are key components of distance education,
the study material contains various study activities that you are asked to do. Make
the most of these opportunities to determine whether you have made sufficient
progress to meet the assessment criteria in the various study units. Try to answer
the questions contained in the activities, the question bank and the assignments
independently, before looking at the suggested answers.
When you come across a subject-related problem in auditing, make a persistent

effort to get to the bottom of the uncertainty or problem. If you persevere until
you have solved the problem, you will find that you derive great satisfaction from
xi

doing so. As indicated in Tutorial Letter 101 for each auditing module, the auditing
lecturers responsible for the module are available to help you solve subject-related
problems. Take note of other opportunities for active learning, as contained in
Tutorial Letter 101 for each module and the Unisa publications, which may pos
sibly meet your study needs.
7 What you can expect from Unisa

You can expect us to do the following:
•• We will provide you with up-to-date and relevant learning material.
•• We will keep the learning material in line with the needs of industry and commerce
by consulting regularly with the profession.
•• We will assist you as students by giving you the opportunity to
develop competencies and skills at a certain level. The outcomes correspond
to the National Qualifications Framework (NQF) level 6. You will be assessed
taking the level descriptors of the NQF into account.
•• We will support you whenever you require assistance. You may contact your
lecturers by making personal appointments; contact them by phone or via
e-mail or the internet. We understand that studying through distance education
is more challenging than attending a residential university.
•• We will provide you with clear indications of what we expect from you in terms
of your assessment.
8 Feedback from students

To enable us to continue improving and adapting study material in order to meet
students’ needs, we need feedback from you on any sections which are not clear
or any problems you may have experienced with the study material for this module.
If you wish to supply feedback on the study material or assignments for this mo
dule, you may contact us either directly or in writing. Please take this opportunity
to bring problems and shortcomings to our attention.
9 Conclusion
We hope you will enjoy your studies! We are certainly looking forward to being
your partners in this endeavour.
Best wishes
Your lecturers FOR AUE2602
xii

TOPIC 1
Corporate governance and statutory matters
Topic overview
The aim of this topic is to explain and apply corporate governance in practical
situations by referring to statutory matters regarding company directors as con
tained in the Companies Act 2008, as well as the provisions of the King III Report
and Code on Governance for South Africa.
This topic is divided into the following study units:
Study unit Title Page

1.1 The background to corporate governance in South
Africa 3
1.2 Statutory matters 5
1.2.1 Standards of directors’ conduct – section 76 5
1.2.2 Liability of directors and prescribed officers – section 77 5
1.2.3 Indemnification and directors’ insurance – section 78 6
1.2.4 Audit committees – section 94 6
1.3 The King III Report and Code on Governance for 8
South Africa
1
C orporate governance and statutory matters

1.3.1 Ethical leadership and corporate citizenship 9
1.3.2 Boards and directors 9
1.3.3 Audit committees 14
1.3.4 The governance of risk 16
1.3.5 The governance of information technology 17
1.3.6 Compliance with laws, rules, codes and standards 17
1.3.7 Internal audit 18
1.3.8 Governing stakeholder relationships 20
1.3.9 Integrated reporting and disclosure 21
Textual amendments and additions

Before you proceed with the study of this topic, please refer to Tutorial Letter 102
for this module to acquaint yourself with any textual amendments and additions
that have been indicated.
Learning outcomes
Study unit In this topic we focus on the following Level
learning outcomes:
1.1 The background •• Briefly describe the background to corporate 1
to corporate gov governance in South Africa.
ernance in South
Africa
1.2 Statutory matters •• Explain the requirements of sections 76 to 2

78 and 94 of the Companies Act, 71 of 2008,
regarding the standards of directors’ conduct,
liability of directors and prescribed officers,
indemnification and director’s insurance and
audit committees.
1.3 The King III Re •• Explain and apply the significant matters 2
port and Code covered by King III.
on Governance
for South Africa
2
The background to corporate governance in South Africa
STUDY UNIT 1.1
THE BACKGROUND TO CORPORATE

1
GOVERNANCE IN SOUTH AFRICA
Introduction
Statements like the following often appear in the media:
“Successful leaders in a turbulent world are bold, risk-taking

visionaries:
They studied what worked, figured out why it worked, and then put
ideas into effect” (The Globe and Mail, accessed at http://www .ctv.ca,
18 Oct 2011).
“In South Africa we still have a chance to prevail – if we all play our
part. He said there was an international consensus that out of every
ten people, one would never be corrupt, one would easily be corrupt,
and the rest would be swayed by pressure or temptation” (Corruption:
SA at tipping point – Fin24 26 Oct 2010, accessed at http://www.fin24.com,
18 Oct 2011).
You may be wondering how the above quotes relate to corporate governance?
In this study unit you will learn about corporate governance in South Africa, with
specific reference to the King III Report and Code on Governance.
As stated in the King III Report (2009:12), the success of companies in the 21st
century is bound up with three independent subsystems – the natural environ
ment, the social and political system and the global economy.
The success of companies therefore depends not only on their profitability, but
also on the integration of social, environmental and economic issues, which
revolve around leadership, sustainability and corporate citizenship (cf the King
III Report 2009:10–11).
Study
The King III Report (2009:5–18) (included in the SAICA Legislation
Handbook)
Jackson & Stent (2012:4/3–4/7), sections 1 to 6
3
Note that you should study the King III Report itself (included in the SAICA
Legislation Handbook).
Activity 1
Define good corporate governance and briefly explain why it is important to so
ciety that companies operate within a framework of good corporate governance.
Feedback on activity 1
References: The King III Report (2009:6–14)
Jackson & Stent (2012:4/3), introduction
Corporate governance is the system or process whereby companies are directed

or controlled. It is about companies being good corporate citizens and all that this
entails. Companies are an integral part of modern society and it therefore follows
that healthy, honest, open, competently and responsibly controlled companies
will improve the quality of modern society.
Activity 2
Explain in your own words what the term “apply or explain” means. Do you think
that this allows directors to avoid adhering to the principles of good corporate
governance?
References: The King III Report (2009:6–7)
Jackson & Stent (2012:4/5)
“Apply or explain” means that King III follows a non-legislated approach, which
allows companies to explain if they choose not to apply the principles of King III.
They may make this choice if they believe that it would be in the best interests
of their company.
Directors can’t avoid adhering to the principles of good corporate governance,

because there is a link between good governance and compliance with the law.
The directors themselves have legal duties stipulated in the Companies Act 2008.
Note:
The duties of directors as stipulated in the Companies Act 2008 will be
explained in more detail in study unit 1.2.
Summary
In this study unit you learned what good corporate governance in South Africa
means, with specific reference to the King III Report and Code on Governance.
The King III Report endeavoured to be at the forefront of governance internatio

nally (King III Report 2009:5).
4
Statutory matters
STUDY UNIT 1.2
2 STATUTORY MATTERS
Introduction
“There is always a link between good governance and compliance with law.
Good governance is not something that exists separately from the law and
it is entirely inappropriate to unhinge governance from the law.” Mervyn E
King, SC, King Committee Chairman, 1 September 2009
Some of you may already have studied sections of the Companies Act 71 of
2008. As directors play a very important role in corporate governance, we want
to ensure that you have sufficient background knowledge of sections 76, 77, 78
and 94 of the Companies Act. These sections deal with the standards of directors’
conduct; liability of directors and prescribed officers; indemnification and direc
tors’ insurance and audit committees. Once you have acquired this knowledge
you will study the King III Report in study unit 1.3.
Note the following about the study information below:
SAICA Legislation Handbook, 2010/2011, Volume 1 – Where instructed

below, ensure that you study the relevant sections in the Companies Act 71 of
2008.
1.2.1 standards of directors’ conduct – section 76

This section describes certain duties of directors.
Study
•• The Companies Act 71 of 2008: section 76
•• Jackson & Stent (2012:3/45–3/46)
1.2.2 Liability of directors and prescribed

officers – section 77
This section deals with instances where a director and prescribed officer may
be held liable for losses suffered by the company.
5
Study

•• Jackson & Stent (2012:3/46–3/47)
1.2.3 Indemnification and directors’
insurance – section 78
As stated in section 78(2), any provision of an agreement, the Memorandum of
Incorporation or rules of a company, or a resolution adopted by a company, is
void if it directly or indirectly seeks to relieve a director of any of that director’s
duties. Section 78 does, however, allow certain “protection” of directors through
indemnification and directors’ insurance.
Study

•• Jackson & Stent (2012:3/47)
Activity 3
The King III Report (2009:21) sets out the board of directors’ responsibility to
provide effective leadership based on an ethical foundation. It states that the
deliberations, decisions and actions of directors should be based on the four
ethical values of responsibility, accountability, fairness and transparency.
It also states that directors have five moral duties, namely conscience, inclusi
vity, competence, commitment and courage.
Briefly discuss how these values and duties tie up with sections 76 to 78 of the
Companies Act.
The principles highlighted above strongly relate to section 76, which states that
a director should exercise his or her powers in good faith, in the best interests
of the company and with reasonable care, skill and diligence.
The King III ethical values of responsibility, accountability and fairness are
clearly addressed in sections 77 to 78, where liability, indemnification and direc
tors’ insurance are described.
As mentioned in activity 2 above, there is a link between good governance

and compliance with law.
1.2.4 Audit committees – section 94

Section 94 states that a public company, state-owned company or other company
that is required by its Memorandum of Incorporation to have an audit committee
must elect an audit committee at each annual general meeting.
6
Statutory matters
Study

•• Jackson & Stent (2012:3/52–3/53)
Activity 4
1. Briefly list the membership requirements for the audit committee according
to section 94 by referring to what a member must and must not be.
2. Briefly describe the main duties of the audit committee according to section
94.
•• The membership requirements for the audit committee in terms of section 94

are listed in Jackson & Stent (2012:3/52) and are not repeated here.
•• The main duties of the audit committee in terms of section 94 are described
in Jackson & Stent (2012:3/52–3/53) and are not repeated here.
Note that the requirements for audit committees in terms of the King III Report
are explained further in section 1.3.3 below.
Summary
In this study unit you studied sections 76, 77, 78 and 94 of the Companies Act,
which deal with the standards of directors’ conduct, liability of directors and pre
scribed officers, indemnification and directors’ insurance, and audit committees.
Self-assessment
After having worked through the study unit and the references to the pre
scribed study material, see whether you can do the following:
1. Explain and apply section 76 of the Companies Act, which deals with the
standards of directors’ conduct.
2. Explain and apply section 77 of the Companies Act, which deals with the
liability of directors and prescribed officers.
3. Explain and apply section 78 of the Companies Act, which deals with in
demnification and directors’ insurance.
4. Link sections 76, 77 and 78 of the Companies Act, which deal with the
standards of directors’ conduct, liability of directors and prescribed officers,
indemnification and directors’ insurance, to the principles of good corporate
governance in King III.
5. Explain and apply section 94 of the Companies Act, which deals with au
dit committees.
Refer to additional questions about statutory matters in your study material if you
are not sure that you can answer these self-assessment questions.
7
STUDY UNIT 1.3
THE KING III REPORT AND CODE ON

3
GOVERNANCE FOR SOUTH AFRICA
Introduction
King III consists of a Code of Governance, which deals with the principles, and
a Report on Governance, which provides recommendations for best practice
for each of the principles.
Although the King III Report has adopted a voluntary basis for the application of
the principles of good governance, application of these principles is compulsory
for public companies listed on the Johannesburg Stock Exchange (JSE).
Paragraph 8.63 of the JSE Listing Requirements states that issuers of financial
reports should disclose, among others, the following information (JSE Listing
Requirements 2011:165):
(i) a narrative statement of how it has applied the principles set out in the
King Code, providing an explanation or explanations enabling its sharehold
ers to evaluate how the principles have been applied; and
(ii) a statement dressing the extent of the company’s compliance with the
King Code and the reasons for noncompliance with any of the princi
ples in the King Code, specifying whether the company has complied with
all the provisions of the King Code throughout the accounting period, and
indicating for what part of the period any noncompliance occurred.
The following are significant matters covered by the King III Report:
1.3.1 Ethical leadership and corporate citizenship
1.3.2 Boards and directors
1.3.3 Audit committees
1.3.4 The governance of risk
1.3.5 The governance of information technology
1.3.6 Compliance with laws, rules, codes and standards
1.3.7 Internal audit
1.3.8 Governing stakeholder relationships
1.3.9 Integrated reporting and disclosure
8
The King III Report and Code on Governance for South Africa
1.3.1 Ethical leadership and corporate citizenship

As stated in the King III Report (2009:20), responsible leadership is about effec
tive responsible leadership, building sustainable businesses, reflecting on the
role of business in society, doing business ethically, not compromising the natural
environment and embracing a shared future.
Study
•• The King III Report (2009:20–27)

•• Jackson & Stent (2012:4/7–4/9) topic 1
Activity 5
List five responsibilities of the board with regard to ethical leadership and the
corporate citizenship of a company.
Reference: The King III Report (2009:20–21)
The answer to the question is provided in the reference above, and is not re
peated here.
1.3.2 Boards and directors

As the board of directors is responsible for the corporate governance of busi
nesses, this is an important section of the King III Report. Familiarise yourself
with the different principles that apply to the boards and directors as stated in
the King III Report.
Study

Section 66(1) of the Companies Act 2008 requires that the business and affairs
of companies must be managed by or under the direction of a board of directors
and section 84(4)(c) provides that every public company and state- owned com
pany must in addition appoint an audit committee. The King III Report also
recommends that an audit committee should be appointed for companies other
than public and state-owned companies.
Section 72 of the Companies Act allows the board of directors to appoint any
number of committees (sub committees), with the King III Report and the
JSE Listing Requirements specifying at least a remuneration committee and,
if required, nomination and risk committees.
As mentioned above, section 72 allows for any number of board committees to

be appointed, depending on the requirements of the company. The King III Report
mentions the appointment of a social and ethics committee and governance, IT
9
steering and sustainability committees. These board committees constitute an

important element of the governance process.
Please take note of the tables below, which contain a summary of the recommend
ed composition and functions of the board of directors and its main board commit
tees (cf the King III Code of Governance Principles 2009:21–31). The composition
and functions of the audit committee will be explained in section 1.3.3 below.
Board of directors
Chairman •• Independent non-executive director (principle 2.16).

•• CEO of the company should not also fulfil the role of
chairman of the board (principle 2.16).
•• The role of the chairman should be formalised (principle
2.16.5).
•• The chairman’s ability to add value, and his performance
against what is expected of his role and function, should
be assessed every year (principle 2.16.6).
Membership •• The board should comprise a balance of power, with a
majority of non-executive directors. The majority of non-
executive directors should be independent (principle 2.18).
•• The board, through its nomination committee, should
recommend the eligibility of prospective directors (principle
2.18.7).
Members •• Minimum of two executive directors of which one should be
the CEO and the other the director responsible for finance
(principle 2.18.5).
•• At least one-third of directors should rotate every year
(principle 2.18.6).
Meetings •• Meet at least four times a year (principle 2.1.2).
Functions •• The board should have a charter setting out its
responsibilities. The functions of the board are listed under
principles 2.1 to 2.17 of the Code of Governance.
Board committees
Remunera Nomina Risk committee
tion committee tion committee
Chairman •• Independent non- •• Independent non- •• Independent non-
executive director executive director executive director
(principle 2.23). (principle 2.23). (principle 2.23).
Member- •• Majority should •• Majority should •• Executive and
ship be non-executive be non-executive non-executive
directors of which directors of which directors
majority should majority should (principle 4.3.2.2).
be independent be independent
(principle 2.23.7). (principle 2.23.7).
10
Remunera Nomina Risk committee

tion committee tion committee
Members •• Not specified in •• Not specified in •• Minimum of
King III. King III. three members
(principle 4.3.2.3).
Meetings •• Not specified in •• Not specified in •• Meet at least
King III. King III. twice a year
(principle 4.3.2.4).
Functions •• Should assist the •• Should assist with •• Should consider
board in setting the process of the risk man-
and administering identifying suitable agement policy
remuneration members of the and plan and
policies (principle board (principle monitor the risk
2.25.2). 2.19.1). management
process (principle
4.3.2.1).
Note: The principles refer to the King III Code of Governance.
Activity 6
The board should elect a chairman who is an independent non-executive director.
Explain what an independent non-executive director is.
Reference: The King III Report (2009:38–39) point 65–67
The concept “independent non-executive director” is explained in detail in the

King III Report and is not repeated here.
Activity 7
The collective responsibilities of management vest in the chief executive officer
(CEO). List the CEO’s main functions.
Reference: The King III Report (2009:37–38) point 60
The main functions of the CEO are set out in the King III Report and are not
repeated here.
Activity 8
Why should the CEO not fulfil the role of the chairman of the board?
11
Reference: The King III Report (2009:37) point 59
Given the strategic and operational role of the CEO, and to prevent too much
power vesting in one person, this appointment should be separate from that of
the chairman of the board.
Activity 9
The board should delegate certain functions to well-structured committees. Are
the chairman of the board and the CEO allowed to be members of the follo
wing committees?
1. Audit committee
2. Remuneration committee
3. Nomination committee
4. Risk committee
Reference: The King III Report (2009:46)
Committee Chairman CEO

Audit committee No No
Remuneration committee Yes Yes
Nomination committee Yes Yes
Risk committee Yes Yes
Activity 10
Recently, while skimming the annual report of Stadium Ltd, a company listed on
the JSE, you came across the company’s schedule of directors and committees.
These appeared as follows:
1. Board of Directors
Chief Executive Officer – Donald Winthrop
Managing Director – Administration – Charles Tree
Financial Director – Monty Mann
Operations Director – Christo Wells
Human Resources Director – Jerry German
Marketing Director – Koos Katswinkel
Non-executive Director – Caz Kallim
Independent Non-executive Director – Mary Maswai
he company has not appointed a chairman. The most senior director who
T
arrives at the directors’ meeting acts as chairman.
12
2. Committees
2.1 Directors’ Appointment Committee – Donald Winthrop
– Charles Tree
This committee makes recommendations to the shareholders regarding

who should be appointed as directors. If the two directors on the committee
disagree, Donald Winthrop has the casting vote.
2.2 Remuneration Committee – Donald Winthrop

– Monty Mann
– Koos Katswinkel
2.3 Audit Committee – Monty Mann
– Christo Wells
– Mitchell Street (Internal Audit)
– External Audit
– Fred Carver
All committees meet as and when required. The Board meets every six
months.
3. Risk Committee
The risk committee was disbanded at the beginning of the year. The direc
tors know the business and the risks involved.
Required
Comment on the information presented above in relation to the requirements of
the King III Report.
Stadium Ltd’s adherence to the King III Report appears to be less than adequate.
1. Board of Directors
1.1 The company has no chairman. King III recommends that the board
should elect a chairman who is an independent, non-executive director.
1.2 The board of directors is the most important component of corporate
governance and important decisions must be taken at board meetings.
This requires that the meetings be knowledgeably and efficiently run.
This requires careful preparation for the meeting. At present this does
not take place and that the meeting is simply run by the most senior
director who arrives at the meeting. This also suggests that not all di
rectors arrive for meetings.
1.3 The board should meet at least 4 times a year. At present the board
only meets every six months.
13
2. Board committees
2.1 King III recommends that a company such as Stadium Ltd should have
a nominations committee (which may be called the directors’ appoint
ment committee). This committee should be chaired by an independent
non-executive director (for example the chairman of the board) and the
majority of members should be non-executive directors, the majority
of whom should be independent. At present Stadium Ltd doesn’t have
a chairman.
2.2 The recommendations for the appointment of directors should be made
by the Board as a whole and not by a select committee. A nomina
tions committee should merely assist in the process.
2.3 The remuneration committee should be chaired by an independent
non-executive director and the majority of the members should be in
dependent non-executive directors. At present this committee has no
independent non-executive directors.
2.4 In terms of King III, the audit committee should be chaired by an inde
pendent non-executive director, which Monty Mann is not, and it should
be made up of independent non-executive members, which it is not.
2.5 Neither Fred Carver, the financial manager, nor Mitchell Street, the
internal audit manager, nor the external auditors should be committee
members. These three should work closely with the committee at vari
ous times but they should not form part of the committee.
2.6 All committees should schedule meetings properly and should meet
a stipulated minimum number of times, not just on a random “as and
when” basis.
3. Risk committee
3.1 Risk is an ever-present factor in any large company, and the nature of
risks changes. It is unrealistic for Stadium Ltd to think otherwise and
it is irresponsible to disband the risk committee because the directors
“know the business and the risks involved”.
4. General
4.1 On balance, this company appears to be dominated by the CEO, Donald
Winthrop.
Source: Graded Questions on Auditing 2012 (Gowar & Jackson 2012: 21) – adapted
1.3.3 Audit committees

As mentioned in section 1.2.2 above, the Companies Act 71 of 2008: section
94 requires a public or state-owned company to appoint an audit committee
as well as a board of directors. The King III Report also recommends that an
audit committee should be appointed for companies other than public and state-
owned companies.
14
Study

The table below provides a summary of the composition and functions of an
audit committee:
Audit committee
Chairman •• Independent non-executive director (principle 3.3).
•• The chairman of the board should not be the chairman or a
member of the audit committee (principle 3.2.3).
Member •• All members should be independent non-executive directors
ship (principle 3.2.1).
Members •• Minimum of three members (principle 3.2.2).
Meetings •• Meet at least twice a year (principle 3.1.4).
•• Should meet with internal and external auditors at least once
a year without management being present (principle 3.1.5).
Functions •• Should oversee integrated reporting (principle 3.4).
•• Should ensure that a combined assurance model is applied
(principle 3.5).
•• Should satisfy itself of the expertise, resources and experience
of the company’s finance function (principle 3.6).
•• Should oversee internal audit (principle 3.7).
•• Should be an integral component of the risk management
process (principle 3.8).
•• Should recommend the appointment of the external auditor
and oversee the external audit process (principle 3.9).
•• Should report to the board and shareholders on how it has
discharged its duties (principle 3.10).
Activity 11
The following is a summary of the composition and certain functions of the au
dit committee of Mineco Ltd, a JSE listed company in the South African mining
sector.
Audit committee
Violet Mguni – Operations Director
William Smith – Government official (only attends board meetings)
Bob Cilliers – Financial Director
The audit committee meets annually. The audit committee evaluates the board’s
performance. During the recent meeting of the audit committee, it was decided
that Mineco Ltd would acquire shares in Africa Coal, a coal-mining company listed
on the JSE. A detailed analysis of the coal-mining sector supported this decision.
15
Required
Comment on the information presented in terms of the requirements of King III.
1. In terms of King III, the audit committee should comprise at least three mem
bers. Mineco Ltd has three members and complies with King III.
2. All members should be independent non-executive directors. Two members
of the committee are not independent non-executive directors, as they are
involved in the day-to-day running of the business.
3. The audit committee should meet as often as necessary, but at least twice
a year.
4. The board should be evaluated by the chairman or by an independent party,
not by the audit committee.
5. In line with the requirements for risk management, the audit committee is
not permitted to make decisions on the acquisition of shares in Africa Coal.
This should be the responsibility of the board (with the approval of the
shareholders).
Source: Unisa – TOE412S/105/2011 — adapted
1.3.4 The governance of risk

According to the King III Report (2009:73), the essential focus of the governance
of risk is that “the board should exercise leadership to prevent risk manage
ment from becoming a series of activities that are detached from the realities
of the company’s business”. Risk is positioned as a cornerstone of corporate
governance and it is emphasised that it is the board’s responsibility to ensure
that it is satisfied with the management of risk.
Study
•• Reference: The King III Report (2009:73–80)

Who is responsible for what? The table below sets out responsibilities for the
governance of risk.
WHAT WHO
Governance of risk. The board (principle 4.1).
Design, implementing and monitoring The board should delegate to manage
of the risk management plan. ment (principle 4.4).
Monitoring the risk management The board, risk committee, audit com
process. mittee (principle 4.3.2.1).
Performing an objective assessment of Internal audit (principle 7.1.2.2).
the effectiveness of risk management.
Note: The term “principles” refers to the King III Report.
16
Activity 12
Explain the responsibility of management and the CEO in the risk management
process.
The responsibility of management and the CEO in the risk management process
is explained under points 24 to 30 in the King III Report and is not repeated here.
1.3.5 The governance of information technology

The governance of information technology is dealt with in detail in the King III
Report.
Study

Activity 13
Chapter 4 of the King III Report on Governance deals with the governance of
risk. Explain the role that information technology plays in the company’s risk
management.
Reference: The King III Report (2009:85, 87)
The role that information technology plays in the company’s risk management is
explained under points 5.5 and 5.7 in the King III Report and is not repeated here.
1.3.6 Compliance with laws, rules, codes and

standards
The board should ensure that the company complies with applicable laws, rules,
codes and standards. The board should monitor this and disclose details in the
integrated report (King III Report 2009:89).
Study

17
Activity 14
Explain the main functions of the board, management and the compliance
officer with regard to compliance with laws, rules, codes and standards.
The functions of the board, management and the compliance officer with regards
to compliance with laws, rules, codes and standards, is explained in the King III
Report, 2009: 89–91 and is not repeated here.
Note: The ultimate responsibility for complying with laws, rules, codes and stand
ards lies with the board. The board’s right to delegate the implementation
of a compliance framework and process to management and to appoint
a compliance officer falls within the framework of appointing board com
mittees, as explained in section 1.3.2 above.
1.3.7 Internal audit

Study
•• The King III Report, 2009:93–98

•• Jackson & Stent (2012: 4/30–4/32) topic 7
Activity 15
1. Explain in your own words what the term “risk-based audit approach” means
in the context of the King III requirements for internal audit.
1. Risk-based internal auditing (RBIA) is the methodology which provides as

surance that risks are being managed within the organisation’s risk appetite
(Risk based internal auditing: three views on implementation Griffiths 2006:1).
Activity 16
Stapleking Ltd is a manufacturer and wholesaler of a wide range of fasteners,
such as staples, tacks and drawing pins. Controls are sound and include an in
ternal audit department which is staffed by competent internal auditors. Internal
audit activities are scheduled at the start of each financial year, but during the
year numerous requests are received from within the company for “internal audit”
to carry out various assignments. The following requests have been received:
1. Lindsay Haffejee, the chief audit executive, has been asked by the human
resources director to serve on a selection committee for the appointment of
a new company secretary.
18
2. The financial director has asked the internal audit department to design
and implement a costing system for a new type of product which is to be
manufactured.
3. The information technology manager has asked internal audit to conduct
a post-implementation review on a recently introduced telesales ordering
system.
4. The warehouse manager has requested internal audit to perform an audit to
determine whether the company is complying with all the necessary safety
regulations, for example the fire protection and ventilation regulations.
5. The financial director has requested internal audit to schedule an investi
gation into the payroll and personnel cycle to determine whether there are
fictitious employees on the payroll.
6. The production director has requested internal audit to conduct inventory
cycle counts in the finished goods warehouse on an ongoing basis.
7. The external auditors have requested internal audit to assist them with the
verification of the existence of plant and equipment at an interim audit.
8. The board of directors has requested internal audit to assist in identifying,
evaluating and assessing significant organisational risks.
equired
1. Indicate, giving reasons, how Lindsay Haffejee, as the chief audit executive,
should respond to the above requests.
1. Feedback on Lindsay Haffejee’s requests:
1.1 This request could be accepted. The company secretary is an important
appointment in respect of corporate governance. In a sense the company
secretary is similar to internal audit in that both are “control mechanisms”.
1.2 This request should be refused. The design and installation of systems
is an operational responsibility from which the internal audit depart
ment should be independent. Internal audit may review the proposed
system and be part of the post-implementation review, but should not
take responsibility for the system.
1.3 This request should be accepted. Part of internal audit’s basic function
is to perform objective assessments of the adequacy and effectiveness
of risk management and internal controls and post-implementation
reviews are part of this.
1.4 This assignment could be accepted. Although internal audit should follow
a risk-based approach to the internal audit function, compliance audits
(evaluating whether the company is complying with relevant laws and
regulations) are part of what internal auditors do. Ensuring compliance
with laws and regulations is part of risk management.
1.5 This assignment could be accepted. The board has direct responsibility
for risk management, and for implementing and monitoring the controls
which serve, inter alia, to safeguard the assets of the company (in this
case, cash). Internal audit is one means which the directors use to obtain
information relating to fraud and corruption.
19
1.6 This request should be refused. Inventory control is an operational

activity and is the responsibility of the inventory controller/production
department. Internal audit could be used to review and evaluate cycle
counts from time to time.
1.7 This request could be accepted. External and internal audit should
co-operate in this kind of exercise, which is, in effect, an independent
verification procedure.
1.8 This request could be accepted, but internal audit must not assume the
functions, systems and processes of risk management. In other words,
internal audit must not become part of the operational internal controls.
The intention is that internal audit should assist and support the board
in fulfilling their responsibilities, one of which is to identify risk. This
request is in line with the risk-based approach to internal audit.
Source: Graded questions on auditing (Gowar & Jackson 2012:25) – adapted
1.3.8 Governing stakeholder relationships

The King III Report emphasises a “stakeholder inclusive” approach to corporate
governance.
Study

Activity 17
1. Define the term “stakeholder” according to King III.
2. Do you regard yourself as a stakeholder of your local municipality? Do you
think that they should adhere to the principles of the King III Report with
regard to stakeholder management? If so, how do your local municipality’s
operations affect you?
1. The term “stakeholder” is defined in the King III Report under point 6 and
is not repeated here.
2. You are indeed a stakeholder of your local municipality, to which you pay
rates and taxes every month. The Public Finance Management Act (PFMA)
does not make the application of the King III Report compulsory for govern
ment institutions, but the same principles of good corporate governance are
embodied in the Act.
Sect 2 of the PFMA – The object of this Act is to secure transparency, ac
countability and sound management of the revenue, expenditure, assets
and liabilities of the institutions to which this Act applies.
Your local municipality’s operations affect you in many ways, one of which is
service delivery.
20
1.3.9 Integrated reporting and disclosure

Study

•• Jackson & Stent (2012: 4/38–39) topic 9
Note the following from the study information:

•• King III’s integrated reporting is often referred to as “triple bottom line” reporting.
Triple bottom line – A company should report on its performance with regard

to economic, social and environmental issues.
Activity 18
Treelines Ltd is a large forestry company which grows and harvests trees and
transports them to its mills, where the timber is pulped (an operation which
uses a great deal of water and produces unusable waste) for the manufacture
of pulp- based products. Demand for pulp-based products is declining world
wide, but demand for other timber products is stable.
The company’s forests are spread over numerous regions of the country and
the majority are in remote areas. A key element in the location of forests for
both replanting and new forests is the level of local rainfall as forests are not
irrigated.
Treelines Ltd employs a reasonably large workforce at its forest locations,

ranging from unskilled workers to skilled logging machine operators, all of
whom are vital to the operation. It also has a large administrative, financial,
marketing and support staff of mixed gender and race at its head office.
The board of Treelines Ltd follows sound corporate governance practices

regarding the way it conducts its business and reports to its stakeholders.
Integrated sustainability reporting and disclosure are regarded as important.
YOU ARE REQUIRED TO:

1. Discuss how frequently a company like Treelines Ltd should report to its
stakeholders on sustainability and other issues.
2. Identify the main stakeholders, other than shareholders, with whom Treelines
Ltd should be “building relationships and promoting respect” and indicate
briefly why you consider each of them to be stakeholders.
1. Effective reporting should take place at least once a year, but there is no
fixed number of times that it should take place. The objective is to keep all
stakeholders informed in a manner that satisfies the needs of each stake
holder groupings.
2. Treeline Ltd’s main stakeholders are:
21
2.1 Suppliers of goods and services without whom the company cannot
operate effectively.
2.2 Creditors arising from the supply of goods, services and finance, for
example loan providers. These parties are owed money and therefore
have a direct stake in the company.
2.3 Employees at all levels and in all activities – skilled, unskilled and
administrative.
2.4 Government and important parties in respect of other legislative mat
ters, for example the granting of forestry licenses.
2.5 External auditors who require co-operation to fulfil their function.
2.6 Customers, who may range from individuals to large corporations to
government and who are the lifeblood of the company.
2.7 Industry at large – Treelines Ltd does not operate in a vacuum. It is
part of the broader economic community and the forestry/milling/pulp/
paper industry specifically. Co-operation and participation are key to
sustainability of the industry as a whole.
2.8 Local communities – Companies are part of the wider society and, as
in the case of Treelines Ltd, of numerous local communities. The com
pany depends on these communities and vice versa.
2.9 Media – Financial, industrial and human interest journalists write about
the company and can enhance or damage a company’s reputation and
its image as a good corporate citizen.
2.10 Regulators – Treelines Ltd will probably be regulated by a number of
bodies that require compliance with rules, regulations or a code, for
example the Forest Stewardship Council regulations and code. A sound
working relationship between the company and the regulator must be
cultivated.
Source: Graded questions on auditing (Gowar & Jackson 2012:27) – adapted
Summary
In this study unit we explained and applied the provisions of the King III Report
and Code on Governance in South Africa.
Self-assessment
After having worked through the study unit and the references to the prescribed
study material, see whether you are able to do the following:
1. Explain and apply the nine significant matters covered by King III.
22
CONCLUSION
In this topic, Corporate governance and statutory matters, we explained and
applied corporate governance principles by referring to the background of cor
porate governance and statutory matters regarding company directors, as well
as the provisions of the King III Code on Governance.
In the next topic we will explain and apply the theory of internal control as an
important aspect of corporate governance.
23
TOPIC 2
INTERNAL CONTROL
Topic overview
The aim of this topic is to explain and apply the theory of internal control as an
important aspect of corporate governance. Internal control will be explained on
the basis of internal control objectives and the components of internal control.
General and application controls in a computerised environment will also be
explained and applied as part of control activities.
The need for the external auditor to obtain an understanding of a client’s internal
control in order to identify significant risks will also be explained.

2.1 Internal control 27
2.1.1 Definition of internal control and internal control objectives 27
2.1.2 Limitations of internal control 29
2.2 Components of internal control 31
2.2.1 Control environment 31
2.2.2 Risk assessment 31
2.2.3 Information system 33
25
Internal control

2.2.4 Control activities 33
2.2.5 Monitoring of controls 36
2.3 Controls in a computerised environment 37
2.3.1 General controls 38
2.3.2 Application controls 39
2.4 Internal control from the perspective of the external
auditor 45
2.4.1 Obtaining an understanding of internal control 45
2.4.2 Significant risks 45

Learning outcomes
In this topic we focus on the following learning
Study unit Level
outcomes:
2.1 Internal •• Define and explain internal control and internal 2
control control objectives with reference to management
assertions.
•• Relate internal control objectives for financial 2
reporting to risks and internal controls.
•• Explain the limitations of internal control. 2
2.2 Components •• Describe, explain and apply the five components 2

of internal of internal control.
control
2.3 Controls in •• Describe and apply general controls in 2

a com a computerised environment.
puterised •• Describe and apply application controls in 2
environment a computerised environment.
2.4 Internal •• Discuss the need for the external auditor to obtain 2
control from an understanding of a client’s internal control in
the perspec order to identify significant risks.
tive of the
external
auditor
26
Internal control
STUDY UNIT 2.1
4 INTERNAL CONTROL
Introduction
The importance of good corporate governance to a business and its stakehol
ders was explained in topic 1. As part of Principle 3.8, point 65.1, of the King III
Report (2009:64), it is stated that the audit committee should be responsible
for overseeing financial risk management and controls and ensuing that
the controls provide guidance that embeds internal financial control in the
business processes and evolves to remain relevant over time.
2.1.1 Definition of internal control and internal

control objectives
As stated in Jackson & Stent (2012:5/3), internal control is designed to address
and limit potential risks.
Study
Jackson & Stent (2012:5/3–5/4) section 1
Activity 1
Name and explain six key characteristics of internal control that you have learnt.
Reference: Jackson & Stent (2012:5/4) section 1.3
The characteristics are mentioned in your textbook and are not repeated here.
Please refer to the textbook for the answer.
From the above aspects of internal control it is clear that although the board of
directors is responsible overall for the governance of risk, everyone in the busi
ness carries responsibility with regard to the implementation and execution of
internal controls.
27
Internal control
Study
Jackson & Stent (2012:5/5) section 3

Internal control can be defined as the process designed, implemented and main
tained by those charged with governance, management and other personnel to
provide reasonable assurance about the achievement of an entity’s objectives
with regard to:
•• the reliability of the entity’s financial reporting
•• the effectiveness and efficiency of its operations
•• its compliance with applicable laws and regulations
The aim of reliable financial reporting (the first objective above) is to enable
management to ensure that transactions that are initiated, recorded, processed
and reported are valid (occurred and have been authorised), accurate and com
plete. These are called internal control objectives for financial reporting and
internal controls are implemented to help achieve these objectives.
Management assertions relate directly to the internal control objectives for

financial reporting.
Study

The following table illustrates the relation between internal control objectives
and the assertions:
Internal control objectives Assertions

Valid (occurred and authorised) Occurrence
Existence
Rights and obligations
Accurate Accuracy
Classification
Valuation and allocation
Complete Completeness
Cut-off
Activity 2
1. Define what is meant by “assertions of management” in the financial
statements.
2. Give another word for assertions.
3. What do the assertions of occurrence, accuracy and completeness mean?
4. Explain the link between the terms occurred and authorised and a valid
transaction.
Reference Jackson & Stent (2012:1/21)
1. Assertions are in effect management’s representations about the company’s
assets, equity, liabilities, transactions and events in the financial reports.
28
Internal control
2. Another word for assertions is representations.

3. Occurrence: A transaction or event which has been recorded, took place
and pertains to the entity.
Accuracy: Amounts and other data relating to recorded transactions and
events have been recorded appropriately.
Completeness: All assets, liabilities, transactions or events which should
have been recorded have been recorded.
4. A valid transaction implies that it has occurred, has been authorised and
pertains to the entity.
2.1.2 Limitations of internal control

Your prescribed textbook, Jackson & Stent (2012:5/4), correctly indicates that
internal control does not provide absolute assurance that the risks that threaten
the achievement of the objectives of the business will be adequately responded to.
Study
Activity 3
Management has designed an internal control system which theoretically ad
dresses risk. Give an example of a control risk that may have increased as a
result of the following limitation of internal control:
The possibility that procedures may have become inadequate owing to changes
in business processes while controls have remained static.
Reference: Jackson & Stent (2012:5/5)
Example:
A company may experience such a steady increase in sales that the only way
that its salesmen can keep up with the demand from customers is by ignoring
certain controls.
Note that this is an example of controls that have remained static, while risks
have changed. The King III Report (2009:73) states that the board should exercise
leadership to prevent risk management from becoming a series of activities
that are detached from the realities of the company’s business, as illustrated
here. This also reminds us that internal control is ultimately the responsibility of
the board.
Summary
In this study unit we explained the definition and limitations of internal control. We
also explained that internal control is a response to risk and that internal control
objectives are achieved by implementing internal controls.
29
Internal control
Self-assessment
1. Explain and define internal control.
2. Explain the limitations of internal control.
3. Name and explain the internal control objectives in a financial context with
reference to management assertions.
4. Illustrate the link between risks, internal controls and internal control objectives.
30
C omponents of internal control
STUDY UNIT 2.2
5 COMPONENTS OF INTERNAL CONTROL
Introduction
Internal control consists of the following five components (Jackson & Stent
2012:5/5):
Control environment
Risk assessment
Information system
Control activities
Monitoring of controls
Internal controls in a computerised environment are part of the system of

internal control of an entity. It is important to keep this in mind when studying
the components of internal control below. General and application controls in
a computerised environment will be explained in detail in study unit 2.3.
Study
•• Jackson & Stent (2012:5/5–5/6) section 4

•• Jackson & Stent (2012:8/4–8/6) section 2
The five components of internal control will now be explained in more detail.
2.2.1 Control environment

As stated in Jackson & Stent (2012:5/7), the control environment sets the tone of
the entity and creates the atmosphere in which employees go about their duties.
The desirable mindset is one of “doing things the right way”.
Study
Jackson & Stent (2012:5/7–5/8) section 4.1
2.2.2 Risk assessment

The King III Report (2009:76) states that the board should ensure that risk as
sessments are performed on a continual basis. It also states under principle
31
Internal control
5.5 that information technology risks form an integral part of the company’s risk
management activities.
Risk assessment is important because internal controls are designed and im
plemented as a response to assessed risks. It is therefore critical that the risk
assessment process should be comprehensive, accurate, thorough and complete
(cf Jackson & Stent 2012:5/8–5/9).
Study
Activity 4
1. Define the term “risk assessment” in the context of internal control.
2. What role do the internal control objectives of the entity play in the risk as
sessment process?
3. Explain financial reporting risk with reference to the internal control objec
tives for financial reporting, namely valid (occurred and authorised), accurate
and complete.
Reference: Jackson & Stent (2012:5/8–5/9)
1. Risk assessment
The risk assessment process involves assessing the likelihood and frequency of
risks identified and estimating the potential impact if the risk were to occur. This
relates to the risk of failing to achieve the internal control objectives of the entity.
2. Role of internal control objectives in the risk assessment

process
The internal control objectives of the entity should be defined so that the risks
of failing to achieve the objectives can be properly identified, assessed and
responded to. Objectives must be set for all departments and functions of the
entity and the risks which threaten achievement of the objectives can then be
identified, assessed and responded to.
Note how financial reporting risk relates to the objective of “reliable financial
reporting”. If this is not clear to you, go back to 2.1.1, where the internal control
objectives for financial reporting are explained.
3. Financial reporting risks

The risk that the entity has not achieved its objective of having an account
ing system (part of the information system) which records and processes only
transactions and events which have occurred and have been authorised (valid
transactions) and which are recorded and processed accurately and completely.
32
2.2.3 Information system

Your prescribed textbook, Jackson & Stent, (2012:5/10) explains an information
system in terms of the procedures and records that form part of it and states that
the objective of the information system is to produce information which is valid
(occurred and authorised), accurate and complete. The internal control objec
tives for financial reporting were explained in 2.1.1 above. Note from the under
mentioned study reference how these objectives fit into the information system.
Study
Activity 5
Describe the procedures that normally form part of an entity’s information system
for financial reporting.
The procedures established by the entity to:

•• initiate, record, process and report transactions
•• capture events and conditions other than transactions (such as depreciation)
•• accumulate, record, process and summarise information for the preparation
of the financial statements
Note that these procedures will usually take place in a combined manual and com
puterised environment.
2.2.4 Control activities

The control objectives for financial reporting namely valid (occurred and autho
rised), accurate and complete can only be achieved in the information system
with the implementation of control activities, which will now be explained.
2.2.4.1 General principles

Control activities are the actions which are carried out to manage or reduce risks
(Jackson & Stent 2012:5/12) and to achieve the entity’s internal control objectives.
Study
Note the following types of control activities:

•• Approval, authorisation
•• Segregation (division) of duties
•• Isolation of responsibility
33
Internal control
•• Access/custody (security)
•• Comparison and reconciliation
•• Performance reviews
Also note that the control activities can be preventive, detective or corrective in
nature.
Activity 6
1. For each of the six types of control activities mentioned above, give an ex
ample of what could go wrong (risks) in the absence of the control activity.
2. Use the solution for 1 above and state the related internal control objective
for each of the risks identified. Give reasons for your answers.
1. The following table provides a list of possible things that could go wrong
(risks) in an accounting system for each of the control activities. This is based
on the examples given in Jackson & Stent (2012:5/12–5/16).
Control activity Things that could go wrong (risks)

Approval, Credit sales could be made to customers who are not
authorisation creditworthy and who cannot pay their account, if a
credit sale is not approved by the credit controller first.
Segregation of Goods purchased could be stolen if no segregation of
duties duties exists between the authorisation, the placing of
an order and the issuing of the goods received note, as
the purchase clerk could order the goods for himself
at the company’s expense.
Isolation of An incorrect number of goods could be received if a
responsibility supplier delivers goods to a company and the receiving
clerk did not count the goods and sign the supplier’s
delivery note. The clerk could not be held responsible
and the mistake could be repeated.
Access/ custody Physical inventory could be stolen if not stored properly,
for example if not protected by a security guard at the
inventory warehouse entrance.
Comparison and The balance of the cash receipts and payments journal
reconciliation could be incorrect if it is not regularly compared with
and reconciled to the balance on the bank statement.
Performance An abnormal increase in transport costs as a result of
reviews thefts of fuel could go undetected if management fails
to compare the actual costs figure with the budgeted
transport costs.
Note that these risks are examples based on your study material and that
there are many other possible solutions.
34
2. The following table provides the internal control objectives for financial
reporting at risk for each of the things that could go wrong.
Internal control objec

Things that could go wrong
tive at risk
1. Credit sales could be made to customers Occurred and authorised
who are not creditworthy and who can are at risk as a sale could
not pay their account, if a credit sale is take place that was not
not approved by the credit controller first. valid.
2. Goods purchased could be stolen if no Occurrence is at risk as a
segregation of duties exists between the purchase transaction that
authorisation, the placing of an order does not pertain to the en
and the issuing of the goods received tity has taken place.
note, as the purchase clerk could order
Accuracy is also at risk
the goods for himself at the company’s
as incorrect amounts and
expense.
other data may be recor
ded. The inventory could
be overstated by the stolen
goods.
3. An incorrect number of goods could be Validity, accuracy and com
received if a supplier delivered goods pleteness are at risk as
to a company and the receiving clerk goods could be over- or
did not count the goods and sign the understated, depending
supplier’s delivery note. The clerk could on whether too many or
not be held responsible and the mistake too few items are received.
could be repeated.
4. Physical inventory could be stolen if not Accuracy is at risk as the
stored properly, for example if not pro inventory figure in the finan
tected by a security guard at the inven cial statements is incorrect
tory warehouse entrance. and is overstated by the
stolen inventory.
5. The balance of the cash receipts and Validity, accuracy and com
payments journal could be incorrect if pleteness are at risk if the
it is not regularly compared with and cash receipts and payments
reconciled to the balance on the bank journal balance is incorrect,
statement. depending on whether it is
over- or understated.
6. An abnormal increase in transport costs Validity (occurred and

as a result of the theft of fuel could go un authorised) is at risk as
detected if management fails to compare purchase transactions take
the actual cost figure with the budgeted place for transport costs
transport costs. that do not pertain to the
entity.
The purpose of this activity is to illustrate the application of the theory of control
activities. Control activities will be applied in more depth to manual and computer
ised activities in the various business cycles in the topics that follow. The activities
within the business cycles will also be explained in detail in the topics that follow.
35
Internal control
2.2.4.2 General and application controls

As mentioned in 2.2.3 above, transactions usually take place in a combination
of a manual and a computerised environment. So, it is fair to say that internal
controls in a computerised environment are an integral part of the total system
of internal control of an entity.
Although general and application controls are included in Jackson & stent 2012:5/6
as part of control activities, strictly speaking, general and application controls go
beyond the “control activities” component of the internal control process. To a
certain extent they affect all the other components (cf Jackson & Stent 2012:5/17).
General and application controls will be dealt with in 2.3 below. When studying
this section, you should note throughout how the general and application controls
relate to the components of internal control.
2.2.5 Monitoring of controls

As stated in Jackson & Stent (2012:5/17), the monitoring of controls involves the
assessment of internal control performance over time.
Study
Activity 7
Give five examples of different ways in which the monitoring of controls can take
place.
Refer to your textbook for examples of monitoring.
Note that monitoring is part of the internal control system, which is achieved
by the ongoing assessment of internal control performance over time.
Summary
In this study unit we explained the five components of internal control.
Self-assessment
1. Explain and apply the five components of internal control.
If you are not completely familiar with the application at this stage, you should
not be concerned because further guidance will be given in later topics.
36
C ontrols in a computerised environment
STUDY UNIT 2.3
CONTROLS IN A COMPUTERISED
6
ENVIRONMENT
Introduction
General and application controls in a computerised environment are an integral
part of the total system of internal control of an entity and touch on all compo
nents of internal control.
The following diagrammatic representation of general and application controls

shows that the general and application controls relate to all the components of
internal control.
General controls
Control environment (Control environment)
Systems development and implementation controls
(Control activities)
Access control (Control activities)
Continuity of operations (Risk assessment, control
activities, control environment)
System software and operating controls (control
Internal control components activities)
Control environment Documentation (Control activities)
Risk assessment
Information system
Control activities Application controls
Monitoring Segregation of duties (Control activities)

Isolation of responsibilities (Control activities)
Approval and authorisation (Control activities)
Custody (Control activities)
Access controls (Control activities)
Comparison and reconciliation (Monitoring)
Performance reviews (Monitoring)
Although the information system component is not evident under general and
application controls, the information system underlies internal controls in a com
puterised environment as this is where the controls are implemented.
General and application controls are discussed in more detail below.
37
Internal control
2.3.1 General controls

General controls are defined as those controls which establish an overall frame
work of control for computer activities (Jackson & Stent 2012:8/7).
Note the following:

The term “computerised environment” refers to any particular and unique com
bination of hardware, software and personnel (Jackson & Stent 2012:8/3).
Study
Jackson & Stent (2012:8/7–8/25)
Jackson & Stent (2012:8/7) categorise general controls as follows:
1. Control environment
2. Systems development and implementation controls
3. Access control
4. Continuity of operations
5. System software and operating controls
6. Documentation
Activity 8
Participation by those charged with governance is one of the characteristics of a
good control environment. Explain who is responsible for governance and what
participation entails in an Information Technology (IT) environment.
The participation of the board in the IT control environment is explained in your

textbook under section 3.3 and is not repeated here.
Activity 9
Access controls in a computerised environment are important as the conse
quences of unauthorised access to a system can be disastrous for a company.
Required
1. Describe the general physical access controls that should be present to
ensure proper internal control in a computerised environment.
2. Give examples of preventative logical access controls in a computerised
environment.
3. Explain what control over passwords as part of logical access controls, entails.
Jackson & Stent (2012:8/17–8/21)
38
1. Interpret the question as follows:

•• It requires general controls (not application controls).
•• It requires access controls (component 3).
•• It requires only physical access controls (not logical access controls).
General physical access controls include aspects such as:
•• control over visitors from outside the company to the IT building, for ex
ample they should be escorted to the IT department
•• controlled access to company personnel other than IT personnel
•• physical entry to the data centre to be controlled, for example closed
circuit TVs at entrances
•• access control over remote workstations/terminals, for example terminals
should be secured to desks
2. Apply the steps in 1. to interpret the question.

All logical access controls are preventative in nature and consist of the
following:
•• identification of users and computer resources
•• authentication of users and computer resources
•• authorisation of the levels of access to be granted
•• logging of access and access violations
•• access tables
3. Controls over passwords is fundamental to successful, logical access controls.
This is explained in your textbook under section 5.4 and is not repeated here.
2.3.2 Application controls

Jackson & Stent (2012:8/27) define application controls as any control within an
application which contributes to the accurate and complete recording and pro
cessing of transactions which have actually occurred, and have been authorised
(valid, accurate and complete information).
Note the following:

•• In other words, application controls are the activities within an application
carried out to ensure that the internal control objectives are achieved.
•• An application is a set of procedures and programmes designed to satisfy
all users associated with a specific task, such as the payroll cycle (Jackson
& Stent 2012:8/27).
Study
Jackson & Stent (2012:8/26–8/41) sections 1–4
Activity 10
The following control techniques and application controls, described according
to the stages a transaction passes through as it flows through the system, are
mentioned in your textbook:
39
Internal control
Input:
* Access control
* Authorisation
Batching
Screen aids and related features
Programme controls – Input
Existence/validity checks
Reasonableness and limit checks
Dependency checks
Format checks
Check digits
Sequence checks
Logs and reports
* Training
* Extraction from masterfiles
Processing:
* Version control
Programme controls – Processing
Programme edit checks
Programme reconciliation checks
Logs and reports
* Identifying and resubmitting errors
Output:
Controls over distribution
User controls
Logs and reports
Masterfile:
Record amendments on masterfile amendment form (MAF)
Authorise MAF
Enter authorised amendments onto system
Review amendments
* Note that additional controls have been included in this list that are not explained
in your textbook. They are relevant application controls and you are expected
to study them.
Required
Link the control techniques and application controls mentioned above to the inter
nal control objectives of valid (occurred and authorised), complete and accurate.
40
Input controls
Valid
(Occurred and Complete Accurate
Authorised)
1. Access control 1. Batching 1. Batching
2. Authorisation 2. Sequence tests 2. Screen aids and related
3. Batching 3. Logs and reports features
4. Existence/validity checks
•• audit trails •• Minimum keying in of
•• Validation checks information
•• Matching checks •• Screen should be
•• Data approval/authori formatted
sation checks •• Screen dialogue and
prompts
5. Logs and reports
•• Mandatory fields
•• Override reports •• Shading of fields
•• Activity reports
•• Access/access 3. Reasonableness and limit
tests
violation reports
4. Dependency checks
5. Format checks
•• Alpha-numeric
•• Size checks
•• Mandator y field/
missing data checks
•• Valid character and
sign check
6. Check digits

7. Training
8. Extraction from masterfiles
Processing controls
Valid
Authorised)
1. Version control 1. Programme edit 1. Programme edit checks
2. Programme reconciliation checks
checks •• Arithmetic
•• Sequence test •• Reasonableness/
•• Valid operation code •• Matching consistency/ range
(assess control during tests
processing) 2. Programme
•• Limit test
3. Logs and reports

reconciliation
checks
•• Accuracy test
•• Override reports •• Control totals 2. Programme reconciliation

•• Activity reports •• Run-to-run checks
•• Access/access totals
•• Parity checks
violation reports
3. Logs and reports •• Echo check
•• Equipment check
•• Audit trails
3. Identifying and resubmit
ting errors
41
Internal control
Output controls
Valid
Authorised)
1. Controls over distribution 1. User controls 1. User controls
2. User controls
•• Numerical •• Reconciliation of
•• Review of output for sequence check input to output
reasonableness •• Reconciliation of •• Review of output for
input to output reasonableness
3. Logs and reports
•• Review of •• Review and follow-up
•• Exception reports output for
reasonableness
of exception reports
Masterfile controls
Valid
Authorised)
1. Authorise MAF 1. Record amendments 1. Enter authorised amend
2. Enter authorised amend on MAF ments onto system
ments onto system 2. Enter authorised
amendments onto •• Screen aids
•• Write access
system
(Minimum keying
controls (ID and in of information,
passwords) •• Amendments screen formatting,
logged on automatically
3. Review amendments sequenced logs generated
•• Amendments accounts)
supported by MAF
3. Review amendments
•• Programme checks
•• MAFs sequence (Verification/
matching, alpha-
checked against
the logs numeric, range and
limit/data approval,
field size and
mandatory/ missing
data, dependency
check)
2. Review amendments

•• Numbers and
amounts etc.
Please remember that the above is only a checklist for study purposes. In tests
and exams you must expand on the above. For example you could answer as fol
lows: “The computer must perform a sequence test on invoice numbers and print
an exception report if there are any outstanding invoices.” This will be illustrated
when applied to the various business cycles in the topics to follow.
The above summary could also be arranged in the format below. You may find
this helpful when answering questions on application controls.
42
Internal control
Input Processing Output Masterfile
objective
Valid (Occurred and
Authorised)
Complete
Accuracy
Follow these steps:

1. Determine which of the stages a transaction passes through as it flows
through the system is being addressed in the scenario. Does the scenario
deal with the:
•• input phase,
•• processing phase,
•• output phase, and/or
•• masterfile maintenance?
2. Determine which control objectives are being addressed. Does the question
require you to address:
•• valid (occurred and authorised),
•• complete, and/or
•• accurate?
Activity 11
Describe the application controls that the management of company X should
implement to ensure the completeness of amendments to a masterfile in the com
puterised accounting system.
Apply the steps discussed above to the question.
1. Determine the business cycle:

•• In this instance the question does not specify which cycle. Generic con
trols over any masterfile amendments are requested.
2. Determine the phase of the transaction process:

•• Masterfile amendments.
3. Determine the control objectives:
•• Completeness.
How would your table look?
43
Internal control
Control objective Masterfile amendments

Completeness 1. All amendments to be recorded on hardcopy
masterfile amendment forms (MAF) (no ver
bal instructions).
2. MAFs should be pre-printed, sequenced
and designed in terms of sound document
design principles.
3. All masterfile amendments should be au
tomatically logged by the computer on se
quenced logs.
4. The MAFs themselves should be sequence
checked against the log to confirm that all
MAFs have been entered.
Note: The purpose of this activity is to illustrate the steps you should follow when
answering a question. The control components in a computerised environment
for the various business cycles will be explained in the topics that follow.
Summary
In this study unit we explained general and application controls in a computerised
environment as part of a system of internal control.
Self-assessment
1. Explain and apply general controls in a computerised environment.

2. Explain and apply application controls in a computerised environment.
44
Internal control from the perspective of the external auditor
STUDY UNIT 2.4
INTERNAL CONTROL FROM THE

7
PERSPECTIVE OF THE EXTERNAL

AUDITOR
Introduction
The external auditor obtains an understanding of a client’s system of internal
control as part of his/her external audit.
2.4.1 Obtaining an understanding of internal

control
Jackson & Stent (2012:7/14) state that an understanding of a client’s internal control
assists the auditor in identifying types of potential misstatement and factors that
affect the risks of material misstatement, and in designing the nature, timing
and extent of further audit procedures.
Study
Jackson & Stent (2012:7/14–7/18)
2.4.2 Significant risks

Jackson & Stent (2012:7/19) define significant risks as risks that require special
audit consideration. Such risks relate to the auditor’s risk of material misstatement.
The auditor assesses risk so that he or she can determine the nature, timing and
extent of further audit procedures.
Study
Activity 12
Name the six factors that the auditor should consider when assessing whether
a risk is a significant risk.
45
Internal control
The six factors that the auditor should consider when assessing whether a risk
is a significant risk are explained in your textbook and are not repeated here.
Summary
In this study unit we explained the need for the external auditor to understand
internal control in order to identify significant risks.
Self-assessment
After having worked through the study unit and the references to the pre
scribed study material, see whether you are able to do the following:
1. Describe the need for the external auditor to obtain an understanding of a

client’s internal control.
CONCLUSION
In this topic, Internal control, we explained and applied the theory of internal
control according to the five components of internal control. We explained that
internal control is a response to risk and that certain internal control objectives
are achieved by means of internal control. Internal control from the perspective
of the external auditor was also explained.
In the next topic we will explain and apply the various business cycles as part of
the accounting system over which internal controls are implemented.
46
TOPIC 3
BUSINESS CYCLES
Topic overview
The aim of this topic is to explain the various business cycles as part of the ac
counting system over which internal controls are implemented. A condensed
example of the financial statements of a trading company is provided to illustrate
the main components of financial statements to which the transactions and bal
ances relate in the business cycles.

3.1 Business cycles 49
3.1.1 The accounting system and business cycles 49
3.1.2 Financial statements 49

as indicated in the tutorial letter.
47
Business cycles
Learning outcomes
In this topic we focus on the following learn
Study unit Level
ing outcomes:
3.1 B u s i n e s s •• Identify the different business cycles. 1
cycles
•• Relate the transactions and balances in the 1
statement of financial position and the statement
of comprehensive income to the various business
cycles.
48
Business cycles
STUDY UNIT 3.1
8 BUSINESS CYCLES
Introduction
In topic 2 we explained that management wants to achieve reliable financial
reporting by ensuring that transactions which are initiated, recorded, processed
and reported are valid (occurred and have been authorised), accurate and com
plete. It is the accounting system which provides the foundation for achieving
these objectives of internal financial control. In other words, internal control is
designed and implemented over the accounting system.
3.1.1 The accounting system and business cycles

Your textbook, Jackson & Stent, (2012:5/12) describes an accounting system as
a series or collection of tasks and records by which transactions are processed
to create financial records. An accounting system identifies, assembles, analy
ses, calculates, classifies, records, summarises and reports transactions and
other events. The major elements of the accounting system are people who
carry out procedures, for example write out a credit sales invoice, calculate a
price, enter the invoice in a sales journal; etc, and paper such as order forms,
ledgers, lists, invoices etc, which facilitate the initiation, execution and recording
of the transaction.
The accounting system consists of various business cycles, namely:

1. The revenue and receipts cycle
2. The acquisitions and payments cycle
3. The inventory and production cycle
4. The payroll and personnel cycle
5. The finance and investment cycle
The functions and actions in the business cycles, as well as the control activities
in each cycle, will be explained in detail in the topics to follow.
3.1.2 Financial statements

As mentioned above, financial records relate to the business cycles. The financial
records are summarised in a company’s financial statements. In other words,
49
Business cycles
the balances and totals of the transactions in the business cycles are reflected
in the financial statements.
In your financial accounting courses you may already have studied the drafting
of company financial statements. To give you a complete picture, we have re
peated a condensed example of the financial statements of a company which is
trading as a commercial enterprise.
The purpose of the example is to indicate the transactions and balances in finan
cial statements for the purpose of illustrating the business cycles. For the detailed
financial statement and disclosure requirements, please refer to your financial
accounting study material.
XY LTD
CONSOLIDATED STATEMENT OF FINANCIAL POSITION AS AT 31 DECEMBER 20X1
20X1 20X0
Notes
R’000 R’000
ASSETS
Non-current assets
Property, plant and equipment 16 069 14 696
16 069 14 696
Current assets
Inventories 192 085 149 002
Trade receivables 418 465 222 833
Cash and cash equivalents – 1 465
610 550 373 300
Total assets 626 619 387 996
EQUITY AND LIABILITIES
Equity attributable to owners of the parent
Share capital 147 834 147 834
Revaluation surplus 8 500 –
General reserve 5 000 2 000
Retained earnings 22 192 18 375
183 526 168 209
Non-controlling interest 40 125 32 000
Total equity 223 651 200 209
Non-current liabilities 108 297

Long-term borrowings 236 000 23 100
Deferred taxation 28 875 131 397
264 875
Current liabilities
Trade payables 35 990 20 145
Current portion of long-term borrowings 83 042 24 639
Shareholders for dividends 17 409 11 606
Bank overdraft 1 652 –
138 093 56 390
Total liabilities 402 968 187 787
Total equity and liabilities 626 619 387 996
50
Business cycles
XY LTD
CONSOLIDATED STATEMENT OF COMPREHENSIVE INCOME FOR THE YEAR
ENDED 31 DECEMBER 20X1
20X1 20X0
Notes
R’000 R’000
Revenue 1 287 052 902 052
Cost of sales (1 098 187) (819 939)
Gross profit 188 865 82 113
Distribution costs (25 741) (14 010)
Administrative expenses (28 813) (10 345)
Other expenses (48 881) (22 237)
Finance costs (39 264) (20 862)
Profit before tax
46 166 14 659
Income tax expense
(10 927) (6 148)
Profit for the year
35 239 8 511
Other comprehensive income for the
year after tax
Revaluation surplus 10 625 –
Other comprehensive income for the 10 625 –
year, net of tax
Total comprehensive income for the
year 45 864 8 511
Profit attributable to:
– Owners of the parent 28 039 1 711
– Non-controlling interest (given) 7 200 6 800
35 239 8 511
Total comprehensive income attributable to:
– Owners of the parent 36 539 1 711
– Non-controlling interest 9 325 6 800
45 864 8 511
The following are components in the financial statements:
Statement of financial position: Statement of comprehensive income:

•• property, plant and equipment • revenue (credit and cash sales)
•• investments • cost of sales (inventory)
•• loans granted • purchases
•• inventories • distribution costs
•• trade receivables • administrative expenses
•• cash and cash equivalents • other expenses
•• share capital • finance costs
•• reserves • other income
•• retained earnings
•• long-term borrowings
•• trade payables
51
Business cycles
Activity 1
1. Identify the five business cycles which are generally applicable to commer
cial enterprises.
2. Based on the business cycles in an accounting system, identify the state
ment of financial position balances and statement of comprehensive income
classes of transactions that relate to one another.
1. The business cycles which are generally applicable to commercial enter

prises are:
1. The revenue and receipts cycle
2. The acquisitions and payments cycle
3. The inventory and production cycle
4. The payroll and personnel cycle
5. The finance and investment cycle
2. The balances in the statement of the financial position and the classes of
transactions in the statement of comprehensive income that relate to the
business cycles are:
Statement of Statement of
Business cycle financial position comprehensive income
(account balances) (classes of transactions)
Revenue and •• Accounts receivable •• Credit sales
receipts cycle •• Sales returns
•• Discount allowed
•• Credit losses
•• Interest received
•• Cash and cash •• Cash sales
equivalents •• All receipts (revenue and
other)
Acquisitions and •• Accounts payable •• Credit purchases
payments cycle •• Cash purchases
•• Purchase returns
•• Discount received
•• Interest on late payments
•• Expenses
Inventory and •• Inventory •• Cost of sales
production cycle
Payroll and •• Bank and cash Wages and salaries (net of
personnel cycle •• Accounts payable employee deductions such
(Accumulated leave, as PAYE, UIF, SDL, pension
unclaimed wages, fund, medical aid and other)
SARS, pension funds,
medical aids and other)
52
Business cycles
Statement of Statement of
Business cycle financial position comprehensive income
(account balances) (classes of transactions)
Finance and in •• Share capital •• Dividends paid
vestment cycle •• Reserves •• Profit or loss (reserves)
•• Long-term loans •• Interest paid
•• Property, plant and •• Profit or loss on sale of
equipment asset
•• Investments •• Profit or loss on invest-
ment
Summary
In this study unit we identified the different business cycles and explained the ac
counting system over which internal controls are implemented. The transactions
and balances in the statement of financial position and statement of comprehen
sive income were also related to the various business cycles.
Self-assessment
1. Identify the different business cycles.

2. Explain what an accounting system entails.
3. Relate the transactions and balances in the statement of financial position
and the statement of comprehensive income to the various business cycles.
CONCLUSION
In this topic, Business cycles, we identified the various business cycles and
explained what an accounting system entails. The balances in the statement of
financial position and the transactions in the statement of comprehensive income
were related to the various business cycles.
In the next topic we will explain and apply the revenue and receipts business
cycle as well as the applicable internal controls in the cycle.
53
TOPIC 4
REVENUE AND RECEIPTS CYCLE
Topic overview
In business, revenue is income that arises in the course of ordinary activities of
an entity, usually from the sale of goods and services to customers. Depending
on the type of business activities, some companies receive revenue from fees,
interest, dividends or royalties (see International Accounting Standard (IAS) 18).
The revenue and receipts cycle includes the following classes of transactions
and account balances:
Statement of financial position Statement of comprehensive

income
Accounts receivable Credit sales (turnover)
Sales returns
Discount allowed
Credit losses (bad debts)
Interest received
Cash and cash Cash sales (turnover)

equivalents All receipts (revenue and
other)
The focus in this topic is on a trading concern where revenue is earned through
the buying and selling of goods and services, which may consist of credit sales
and / or cash sales.
55
Revenue and receipts cycle
The aim of this topic is to explain and apply the activities, functions and documents
in the revenue and receipts business cycle. The risks in this cycle will also be
explained and internal controls applied to mitigate those risks, as well as internal
control over revenue transactions in a computerised environment.

4.1 Credit sales 57
4.1.1 Activities and functions in the cycle 57
4.1.2 Documents used in the cycle 58

4.1.3 Risks and internal control in the cycle 62
4.1.4 Computerisation of the cycle 65
4.2 Cash sales 70
4.2.1 Stages of a cash sale 70
4.2.2 Risks and internal control over a cash sale 70

Learning outcomes
Study unit In this topic we focus on the following learning Level
outcomes:
4.1 Credit sales •• Describe credit sales transactions by explaining 2
the activities, functions and documents associated
with these transactions.
•• Identify and explain the risks associated with credit 2
sales transactions and describe and apply the
internal controls that could be implemented to
mitigate the risks.
•• Describe and apply internal control over credit 2
sales transactions in a computerised environment.
4.2 Cash sales •• Describe cash sales transactions by explaining 2

the activities, functions and documents associated
with these transactions.
•• Identify and explain the risks associated with cash 2
sales transactions.
•• Describe and apply the internal controls that could 2
be implemented to mitigate the risks.
56
Credit sales
STUDY UNIT 4.1
9 CREDIT SALES
Introduction
Your prescribed textbook, Jackson & Stent (2012:10/2), explains revenue trans
actions and indicates that this cycle deals with the business system and related
internal controls which are put in place to control the sale of the company’s goods
or services, and the collection of amounts owed in respect of those sales.
4.1.1 Activities and functions in the cycle

Although revenue and receipts systems can vary considerably, your textbook
Jackson & Stent (2012:10/2–10/5), describes a system for a business which has
conventional revenue and receipt functions. Note that the functions in the credit
sales cycle include the collection of payments from accounts receivable (trade
debtors).
Study
Jackson & Stent (2012:10/2–10/7)
Activity 1
Rearrange the following functions in a credit sales transaction in the correct order
and provide a brief explanation of each:
1. Invoicing
2. Credit management
3. Warehouse/despatch
4. Receiving and recording payment from debtors
5. Order department
6. Recording sales and raising the debtor
57
Note the logical flow of documents through the different functions for credit sale
transactions in the flow charts on pages 10/8 to 10/9 of your prescribed textbook.
The normal order of the functions in a credit sales transaction is:
1. Order department
2. Warehouse/despatch
3. Invoicing
4. Recording sales and raising the debtor
5. Receiving and recording payment from debtors
6. Credit management
4.1.2 Documents used in the cycle

Study
Jackson & Stent (2012:10/6–10/7)
Activity 2
Match the documents explained in your textbook to the different functions in the
revenue / receipts cycle mentioned in 2.1 above.
Function Document
Order department Price lists
Customer order
Internal sales order
Back-order note
Warehouse/despatch Picking slip
Delivery note
Invoicing Invoice
Recording of sales and raising debtors Statement
Goods returned voucher
Credit note
Receiving and recording payments from debtors Remittance advice
Remittance register
Receipt
Deposit slip
Credit management Credit application form
58
Credit sales
Activity 3
The Consumer Protection Act, No. 68 of 2008 which came into effect on
1 April 2011, specifies in section 26 (3) the following minimum requirements
that should be stated on sales documentation:
1. the supplier’s full name, or registered business name, and VAT registration
number, if any;
2. the address of the premises at which, or from which, the goods or services
were supplied;
3. the date on which the transaction occurred;
4. a name or description of any goods or services supplied or to be supplied;
5. the unit price of any particular goods or services supplied or to be supplied;
6. the quantity of any particular goods or services supplied or to be supplied;
7. the total price of the transaction, before any applicable taxes;
8. the amount of any applicable taxes; and
9. the total price of the transaction, including any applicable taxes.
Required
Indicate in which respects the undermentioned tax sales invoice does not meet
the minimum requirements as stated in the Consumer Protection Act.
TAX INVOICE INV 772

COPRO LIMITED Date: 31 August 20xx
To: Customer A
PO Box A
Durban
4001
Description Total
No XL001 Stapler 2 430.00
No 1185 Paper 49 200.00
No 2.1 Pencils 2 100.00
Subtotal 53 730.00
VAT 522.22
Total 61 252.20
The following information required by the Consumer Protection Act 68 of 2008
is not indicated on the invoice:
1. the VAT registration number of Copro Ltd
2. the address of the premises of Copro Ltd
3. the unit price of the particular goods supplied
4. the quantity of the particular goods supplied
59
5. the amount of any applicable taxes

6. the total price of the transaction, including any applicable taxes
Activity 4
The following are examples of an order form, delivery note and tax invoice issued
by company XY Ltd for commodities sold by the company.
SALES ORDER OD 1028
XY LIMITED
Po Box X
Pretoria
0001 Date: 30 May 20xx
To: Customer Y
Po Box Y
Durban
4001
Account number: Y4458
Description Quantity Unit price Total

No XL001 Stapler 85 28.60 2 430.00
No 1185 Paper 400 123.00 49 200.00
No 2.1 Pencil 1 000 2.10 2 100.00
Subtotal 730.00
VAT 7 522.20
Total 61 252.20
Authorised: OrderClerk
60
Credit sales
DELIVERY NOTE DN 532
XY LIMITED
Po Box X
Pretoria
0001 Date: 3 June 20xx
To: Customer Y Deliver to:

Customer Y: Warehouse C

Po Box Y 1st Street 55
Durban Durban North

4001 4001
Description Quantity
No XL001 Stapler 85
No 1185 Paper 400
No 2.1 Pencil 1 000
Goods received in good order by customer: CustomerY

Date: 3/06/20XX
TAX INVOICE NV 772

(Vat no 123456789)
XY LIMITED
Po Box X
Pretoria
0001 Date: 3 June 20xx
To: Customer Y
Po Box Y
Durban
4001
Description Quantity Unit price Total

No XL001 Stapler 85 28.60 2 430.00
No 1185 Paper 400 123.00 49 200.00
No 2.1 Pencil 1 000 2.10 2 100.00
Subtotal 730.00
VAT 7 522.20
61 252.20
Total
61
Required
Indicate which of the information shown on the above documents demonstrates
that the internal control objectives for financial reporting have been addressed.
The following information on the order form, delivery note and tax invoice illus
trates that the accounting system produces information which is valid (occurred
and authorised), accurate and complete.
Valid (occurred and authorised):

1. The name and address of XY Ltd appear on the order form, delivery note
and tax invoice.
2. A valid customer account number on the order form, delivery note and tax
invoice.
3. The signature on the order form, which indicates that it was approved.
4. The customer signature on the delivery note, which indicates that the goods
were received and accepted.
5. The existence of a corresponding order form and delivery note for the invoice.
Accurate:
1. The total amount (including VAT) of the credit sale on the invoice, which
accurately agrees to the sales order (to be recorded against the customer’s
account).
2. The credit sales amount and the VAT amount on the invoice, which accu
rately agrees to the sales order (to be recorded against the sales revenue
and VAT accounts).
3. The order form and delivery note item descriptions, quantities and amounts
that agree to the invoice.
4. The correct customer name and account number on the order form, delivery
note and tax invoice.
Complete:
1. The date of the invoice to be recorded in the correct period in the accoun
ting records of XY Ltd.
2. The invoice number to be sequentially recorded in the accounting records
of XY Ltd.
4.1.3 Risks and internal control in the cycle

The functions that can be distinguished for credit sale transactions were explained
in study unit 4.1.1.
Risks associated with each of these functions are mentioned in your prescribed
textbook; internal controls (control activities) that could be implemented to mitigate
the risks are described as well.
62
Credit sales
Study
Jackson & Stent (2012:10/10–10/19)
Activity 5
Answer the following questions regarding the order department of a trading con
cern that sells goods on credit (credit sales):
1. Give a system description of the activities in the order department.

2. Name the documents usually encountered in an order department.
3. Explain the control risks that could exist in an order department.
4. Describe the internal controls (control activities) that could be implemented
to mitigate the risks in an order department.
1. System description of the activities in the order department.
Refer to Jackson & Stent (2012:10/3–10/4), where the activities in the order
department are described.
2. Documents usually encountered in an order department.

Refer to Jackson & stent (2012:10/10) where the documents used in the
order department are described.
3. Control risks that could exist in an order department

Refer to Jackson & Stent (2012:10/10–10/11), where the control risks in an
order department are described.
4. Internal controls (control activities) that could be implemented to mitigate

the risks in an order department
Refer to Jackson & Stent (2012:10/10–10/11), where the control activities for
an order department are listed.
Note that you should limit your answer to the order department, which includes
receiving customer orders and sales authorisation.
Activity 6
1. Describe the internal controls that can be implemented to minimise the fol
lowing risks associated with credit sales transactions:
•• Goods may be removed from the inventory warehouse for fictitious/un
authorised sales.
•• Incorrect goods or quantities could be despatched.
•• Goods despatched may not be invoiced.
•• Invoices could be duplicated in the sales journal.
•• Payments received from customers may not be banked, owing to theft
or carelessness.
63
2. Name the internal control objective(s) for financial reporting affected by each
of the risks mentioned in 1 above.
Present your answer in a tabular format.
Risk 1. Internal control 2. Control objective

Goods may be 1. Supervisory checks should be Validity (occurred and
removed from carried out by the warehouse authorised)
the inventory foreman to ensure that all goods
warehouse for picked are supported by signed
fictitious/unau picking slips.
thorised sales.
Incorrect goods 1. On receipt of the goods, picking Validity (occurred and
or quanti slip and delivery notes from the authorised) for the in
ties could be warehouse, the despatch clerk correct goods.
despatched. should check quantities and
Accuracy for the in
descriptions of goods against
correct quantities.
the authorised picking slip and
delivery note.
Goods des 1. The invoice clerk should prepare Completeness
patched may not a numerically sequenced invoice
be invoiced. and cross-reference it to the de
livery note/customer order.
2.
The file of delivery notes
matched against sales invoices
should be sequence-tested and
gaps in sequence investigated.
Invoices could 1. Prior to entry in the sales journal, Accuracy and vali
be duplicated invoices should be added to ob dity (occurred and
in the sales tain a control total. This control authorised)
journal. total should then be compared
to the total in the sales journal
after entry of individual invoices.
Payments 1. Post must be opened by two Completeness
received from people.
customers may
2. All payments received in the
not be banked,
post should be recorded in a re
owing to theft or
mittance register and a prenum
carelessness.
bered receipt should be made
out for each payment received.
3. All amounts received should be
banked daily.
64
Credit sales
Risk 1. Internal control 2. Control objective

4.
The remittance register and
receipts issued should be re
conciled to bank deposits by
an independent supervisory
employee.
5. Bank deposits should be re
viewed regularly and gaps in
daily banking, investigated by
management.
4.1.4 Computerisation of the cycle

Your textbook, Jackson & stent, describes an integrated manual and computerised
credit sales system of telesales transactions that are entered and processed in
real time.
Study
Jackson & Stent (2012:10/20–10/39)
Activity 7
1. Describe the application controls that should be present in a computerised
environment to ensure that only authorised amendments are made to the
debtors’ masterfile in a credit sales system.
2. Mention the things that could go wrong (risks) if no application controls exist
over amendments to the debtors’ masterfile, for each of the internal control
objectives.
1. The application controls that should be present in a computerised environ
ment to ensure that only authorised amendments are made are described
in Jackson & Stent (2012:10:23–10/25) and will not be repeated here.
2. Things that could go wrong (riks) if no application controls exit over amend
ments to the debtors’ masterfile:
Validity (occurred and authorised): Unauthorised and fraudulent amend

ments could be made, to the detriment of the company. For example, a
debtor’s credit limit could be increased, thereby allowing the debtor credit
facilities which he or she cannot pay within the allowed payment terms.
Accuracy: Incorrect amendments could be made to the debtors’ masterfile,

for example a change in a debtor’s postal address could be recorded incor
rectly, resulting in the debtor’s not receiving monthly statements and not
paying his or her account (accuracy); or an incorrect change to a debtor’s
account number could result in incorrect postings (classification).
65
Completeness: Amendments to the debtors’ masterfile could be incomplete.

For example, a new debtor might not have been loaded onto the debtors’
masterfile so that his or her purchase order would not be accepted and
processed (completeness) or amendments could be made in the incorrect
period (cut-off).
Activity 8
1. Explain what the term “real time” means and what the effect on the applica
tion control of “batching” will be.
2. Describe the application controls that should be present to ensure that or
ders received from customers are accurately entered into the computerised
credit sales system.
Use the framework described in study units 2.3.1 and 2.3.2 in topic 2 to
answer the question.
1. “Real time”
Reference: Jackson & Stent (2012:8/34) section 3.1.3
This term means that transaction data are entered immediately online as each
transaction occurs and relevant programme checks take place as information
is keyed in. This means that transactions are not batched before entering.
2. Application controls to ensure that orders received from customers are ac
curately entered in the computerised credit sales system.
Internal
Proces- Out- Master-
control Input
sing put file
objective
Validity
(Occurred/
Authorised)
Accuracy 1. Screen formatting: the screen
will be formatted to look like a
sales order document.
2. Minimum entry: for example
entering the inventory item code
will bring up the description of
the item being ordered and the
price.
3. Mandatory fields: for exam
ple, to progress with the order a
number must be entered in the
quantity field and a customer or
der reference must be entered.
66
Credit sales
Internal
Proces- Out- Master-
control Input
sing put file
objective
4. Alphanumeric check: for ex
ample on the quantity field to
check that no alphanumeric
characters have been entered.
5. Limit/or reasonableness
check, to ensure that reason
able quantities are entered. For
example, not 1 billion items, be
cause this would exceed realis
tic production targets.
6. Screen prompts will require
the order clerk to confirm de
tails of the order and important
particulars.
Fields on the “on screen
7.
sales order” which cannot be
changed by the order clerk.
8. The system will allocate a cus
tomer reference number to
every sales order. This number
is given to the customer when
the order is placed, to allow the
customer to follow up on inac
curate information on the sales
order.
Complete-
ness
Note that only application controls relevant to input and accuracy are included
in the solution, as required. Remember to use this table to limit your answer to
the information you were required to give.
Activity 9
Answer the following questions regarding application controls over a bank account:
1. Why is it important to restrict access to a bank account in a computerised

system?
2. Describe the access controls that should be implemented to ensure good
control over a bank account.
3. Provide a list of good password controls as part of access controls over a
bank account.
1. Restriction of access to a bank account
67
Reference: Jackson & Stent (2012:8/30–8/31) section 2.6
Access violations to the bank account in a computerised system can have

extremely serious consequences for the business. These include:
•• Destruction of data: The internet bank account itself or account details

could be deleted.
•• “Theft” of data: Bank account details could be stolen and abused.
•• Improper changes to data: Payment beneficiaries’ details could be changed
in order to channel payments to unauthorised accounts.
•• Recording of unauthorised or non-existent transactions: Unauthoised
transfers of money could be done.
2. Access controls over a bank account

Reference: Jackson & Stent (2012:10/33) point 1
The access controls that should be implemented to ensure good control

over the bank account are:
•• The terminal onto which the bank’s software is loaded should be in the
debtors’ section, usually the terminal of the senior debtors’ clerk.
•• Access to the bank’s site should be gained in the normal manner, but to
access the company’s bank account, the senior debtors’ clerk should be
required to enter a PIN and a password.
•• If this identification and authentication procedure is successful, a menu of
the functions available should be displayed, one of which will be “down
load bank statement”.
•• This function should be linked to the senior debtors’ clerk’s user profile
to enable him or her to initiate the download.
3. Good password controls
The strict control of passwords as part of access controls over the bank ac
count is fundamental to successful, logical access controls. Good password
controls are the following:
•• Passwords to access the bank account should be unique to the senior

debtors’ clerk and group passwords should not be used.
•• Passwords to access the bank account should consist of at least six char
acters, be random not obvious, and be a mix of letters, numbers, upper/
lower case characters and symbols.
•• Passwords and user IDs for terminated or transferred senior debtors’ clerks
should be removed or disabled at the time of termination or transfer.
•• Passwords to access the bank account should be changed regularly and
the senior debtors’ clerk should be forced by the system to change the
password.
•• The first time a new senior debtors’ clerk accesses the bank account, he
or she should be prompted to change the initial password.
•• Passwords to access the bank account should not be displayed on screens
at any time, be printed on any bank statements or logged in bank trans
action logs.
68
Credit sales
•• Password files should be subject to strict access controls to protect them

from unauthorised read and write access. Encryption of password files
is essential.
•• The senior debtors’ clerk should be prohibited from disclosing his or her
passwords to others and subjected to disciplinary measures should he or
she do so.
•• Passwords to access the bank account should be changed if confidentiality
has been violated, or violation is suspected.
•• Passwords to access the bank account should not be obvious for example
birthdays, names, names spelt backwards or common words and should
not be the same as the senior debtors’ clerk’s user ID.
Note: Refer to chapter 8 of your prescribed textbook again if you need to remind

yourself of the theory of password control.
Summary
In this study unit we explained and applied the activities, functions and documents
relating to credit sales transactions. The risks and internal control in credit sales
were also explained and applied, as well as internal control over credit sales
transactions in a computerised environment.
Self-assessment
study material, determine if you are able to answer the following required:
1. Explain the activities and functions relevant to credit sales transactions.

2. Describe the documents used in credit sales transactions.
3. Explain and apply risks and internal controls over credit sales transactions
in both a computerised and a noncomputerised environment.
69
STUDY UNIT 4.2
10 CASH SALES
Introduction
Cash sales transactions occur daily in many business entities. Cash transactions
carry a high risk of fraud and theft, over which management should implement a
strict system of internal control (see Jackson & Stent 2012:10/2 & 10/40).
4.2.1 Stages of a cash sale

In a cash sales transaction, payment is received from the customer when the
goods are supplied to the customer. In broad terms, a cash sale transaction fol
lows the same process as a credit sales transaction.
Study
Jackson & Stent (2012:10/40) section 9.2
4.2.2 Risks and internal control over a cash sale

As stated in Jackson & Stent (2012:10/40), the main risk associated with cash
sales transactions is theft. This risk is increased in smaller businesses, which
do not always have the resources to implement the necessary internal controls.
Study
Jackson & Stent (2012:10/40–10/42) section 9.1 and 9.3
Activity 10
The following are a few of the things that can go wrong (riks) with cash sales
transactions:
1. Cash sales could be recorded without the cash being put in the cash register
drawer.
2. Cash could be received from customers without the cash sales transactions
being recorded.
3. Cash could be stolen after the cash register has been “cashed up” for the day.
70
Cash sales
4. Customers could leave without paying for goods that they have taken.
5. An armed robbery could take place, resulting in cash being stolen from
cash registers.
Required
Describe the internal controls that could be implemented to mitigate these risks.
Reference: Jackson & Stent (2012:10/40–10/42) section 9.3
The internal controls that could be implemented to mitigate the mentioned risks are:
Things that can go wrong Internal control

1. Cash sales could be recorded The cash in the cash register should be
without the cash being put in the reconciled with the total daily cash sales
cash register drawer. entered on the cash register roll.
The cash register roll should not be
alterable.
2. Cash could be received from cus Physical safeguards should be in place,
tomers without the cash sales for example signage encouraging cus
transaction being recorded. tomers to request a receipt.
Cash receipts should be sequentially
numbered.
3. Cash could be stolen after the Whenever cash is transferred from the
cash register has been “cashed custody of one person to another, it
up” for the day. should be counted, reconciled, docu
mented and signed for by both parties
in a safe location.
Cash should not be allowed to accumu
late and should be banked daily.
4. Customers could leave without Physical safeguards should be in place.
paying for goods that they have For example, there should be limited
taken. entry and exit points with security guards
at the exit points to sign off the cash
sale receipts.
5. An armed robbery could take Physical safeguards should be in place,
place, resulting in cash being for example security guards and surveil
stolen from cash registers. lance cameras.
Cash should not be allowed to accumu
late and should be banked daily so that
the minimum amount of cash is exposed
to the risk of theft.
71
4.2.3 Summary
In this study unit you learned about the stages of a cash sales transaction as well
as the risks associated with cash sales. The internal controls over cash sales
transactions were also explained and applied.
Self-assessment
study material, see if you can do the following:
1. Describe the stages of a cash sales transaction.
2. Explain the main risks associated with cash sales transactions.
3. Explain and apply internal controls over cash sales transactions.
CONCLUSION
In this topic, Revenue and Receipts Cycle, we explained and applied the activ
ites, functions and documents in the revenue and receipts cycle. The risks and
internal control in this cycle were also explained and applied, as well as internal
control over credit sales transactions in a computerised environment.
In the next topic we will explain and apply the acquisitions and payments busi
ness cycle as well as the applicable internal controls in the cycle.
72
TOPIC 5
ACQUISITIONS AND PAYMENTS CYCLE
Topic overview
Goods, services and assets are acquired and paid for in order to continue with
business activities that will generate revenue.
The acquisitions and payments cycle includes the following classes of transac
tions and account balances:
Statement of financial position Statement of comprehensive income

Accounts payable Credit purchases
Cash purchases
Purchase returns
Discount received
Interest on late payments
Expenses
The aim of this topic is to explain and apply the activities, functions and docu
ments in the acquisitions and payments business cycle. The risks and internal
controls in this cycle will also be explained and applied, including internal control
over acquisitions and payments transactions in a computerised environment.
73
Acquisitions and payments cycle

5.1 Acquisitions and payments cycle 75

Learning outcomes
outcomes:
5.1 Acquisitions •• Describe acquisitions and payments transactions 2

and pay by explaining the activities, functions and
ments cycle documents associated with these transactions.
•• Identify and explain the risks associated with 2
acquisitions and payments transactions and
describe and apply the internal controls that could
be implemented to mitigate the risks.
•• Describe and apply internal control over 2
acquisitions and payments transactions in
a computerised environment.
74
STUDY UNIT 5.1
11 ACQUISITIONS AND PAYMENTS CYCLE
Introduction
Jackson & Stent (2012:11/2), indicate expenditure transactions for different core
business processes. As this module is concerned with a normal trading concern,
the two main activities for expenditure transactions are:
•• the ordering and receiving of goods (or services) from suppliers, and
•• the payment of amounts due for the goods ordered and received.

The ordering and receiving of goods from customers and the payment of amounts
due to customers are also referred to as the purchases and payments cycle.
The major balance produced by this cycle is accounts payable (including trade
creditors).
Study
Jackson & Stent (2012:11/2–11/5)
Activity 1
The following list identifies a number of the functions in a typical trading company.
1. Receiving of goods
2. Despatch
3. Payment preparation
4. Marketing
5. Production
6. Payment and recording of payment
7. Recording of purchases
8. Personnel
9. Ordering of goods
10. Wages
75
Required
1. Identify, in logical order, the functions that you would normally encounter in
the acquisition of and payment for credit purchases in a company.
2. Briefly explain the main activities within the payment preparation function
in this cycle.
Reference Jackson & Stent (2012:11/2–11/5)
1. The functions of the acquisition of and payment for credit purchases are:
•• Ordering of goods
•• Receiving of goods
•• Recording of purchases
•• Payment preparation
•• Payment and recording of the payment
2. The main activities relevant to the payment preparation function are de
scribed in Jackson & Stent (2012:11/14) and are not repeated here.

Study
Jackson & Stent (2012:11/5–11/6)
Activity 2
Match the documents explained in your textbook to the functions in the solution
to activity 1 above.
Function Document
Ordering of goods Requisitions
Purchase order forms
Receiving of goods Suppliers’ delivery note
Goods received note
Recording of purchases Purchase invoice
Credit note
Payment preparation Creditors’ statements
Cheque (payment) requisitions
Payment and recording of payment Remittance advice
Cheque or electronic payment
Receipt
76
Note that various logs and variance reports exist that could be produced for
any of the functions and at any stage in the acquisitions and payments cycle.
In addition to the above documents, accounting records such as a purchase

journal, creditors ledger, the general ledger (creditors control account), and
a purchases returns and allowances journal are also used in the acquisitions
and payments cycle. These records are normally maintained in the accounting
department.

As stated in the introduction to this topic, the two main activities for expenditure
transactions are:
•• the ordering and receiving of goods (or services) from suppliers, and
•• the payment of amounts due for the goods ordered and received.
The main internal control objectives associated with these activities are to ensure
that only goods that have been validly ordered and received are paid for and that
payment is authorised, accurate and timeous (Jackson & Stent 2012:11/2). Sound
internal controls should be implemented to achieve these objectives.
To derive the internal controls over payments and acquisitions per function and
activity in the cycle, you need to apply the control activities. The other com
ponents of internal control in this cycle are explained separately in Jackson &
Stent (2012:11/31).
Study
Jackson & Stent (2012:11/5–11/13)
Activity 3
1. Give a system description of the functions, documents and internal controls
that can be implemented in the ordering department of a trading concern.
Formulate your answer in the following tabular format:
Functions Documents Internal controls
2. Which internal control objective is most at risk in the ordering department?
1. The functions, documents and internal controls that can be implemented in
the ordering department of a trading concern are:
77
Functions Documents Internal controls

1. Initiating 1. Requisition 1.1 Before the order is placed, a super
orders visor/senior buyer should check the
order to the requisition for accuracy
and authority, and review the order
for suitability of supplier, reasona
bleness of price and quantity, and
nature of goods being ordered.
1.2 The ordering department should
file requisitions sequentially and
should frequently review the files
for requisitions which have not been
cross-referenced to an order.
2. Placing 2. Purchase 2.1 Order clerks should not place an
orders with order form order without receiving an author
suppliers ised requisition and should cross-
reference the order to the requisition
prior to the requisition. Stores/pro
duction personnel should confirm
that the goods are really needed.
2.2 The company should have an ap
proved supplier list to which the
buyer should refer when ordering.
2.3 A copy of the order should be filed
sequentially and the file should be
sequence-checked and frequently
cross-referenced to goods received
notes.
2.4 Blank order forms should be subject
to sound stationery controls.
2. Validity (occurred and authorised) is most at risk as purchase orders that are
not authorised could be completed and incorrect quantities or unnecessary
goods could be ordered (Jackson & Stent (2012:11/9). More risks associated
with purchase orders will be explained in activity 6 below.
Activity 4
The following is a description of the payments system of Delmundo (Pty) Ltd, a
small manufacturing company. The company’s accounting functions are carried
out by the accounting staff, which consists of the accountant, Mary Rooseveld,
and two clerical assistants, Stella Stirling and Dean Ramjan.
1. When an invoice is received from a supplier it is promptly written into the
purchase journal by Stella Stirling and filed alphabetically by supplier name.
When the suppliers’ monthly statement arrives, Stella Stirling agrees the
invoices received to the statement. She also checks that any payments
that were made to the supplier by Delmundo (Pty) Ltd are reflected on the
statement.
78
2. If an invoice reflected on the statement has not been received, Stella Stirling
highlights the invoice(s) and marks it (them) “outstanding” on the statement.
The full amount reflected on the statement is paid. When the outstanding
invoice is received, it is filed with the statement to which it relates and the
“outstanding” mark on the statement is crossed out and dated.
3. Using the statements, Stella Stirling then makes a list of all creditors and the
amounts which they are to be paid. The list is passed to Mary Rooseveld,
who writes out a cheque for each creditor who is owed less than R5 000.
All cheques are carefully written out and marked “not transferable”. Mary
Rooseveld signs each cheque and returns the cheques with the list to Stella
Stirling. Stella Stirling confirms the amounts of each cheque and verifies
that there is a cheque for each creditor on the list who is owed less than
R5 000. Stella Stirling writes the cheque number next to each payment on
the list and then mails the cheques, which she attaches to a Delmundo (Pty)
Ltd compliment slip, to the creditors. If the amount to be paid is more than
R5 000, it is paid by electronic funds transfer (EFT) and not by cheque.
4. To pay creditors over R5 000, Mary Rooseveld accesses the EFT facility
on her computer and compiles a schedule of payments to be made by EFT
to creditors. She obtains this information from the creditors’ list prepared by
Stella Stirling. She carefully checks the details, namely the bank, branch
code and account number of the creditor to be paid, against a hard copy
listing which she keeps for all creditors.
5. Stella Stirling passes the creditors’ list to Dean Ramjan as he is solely re
sponsible for the cash payments journal. He writes it up, posts transactions
to the general ledger and reconciles the cash receipts and payments journal
to the bank statement monthly.
Required
Identify the weaknesses in the payments system described above. For each
weakness you identify, explain briefly why you consider it to be a weakness.
1.1 The invoices received from suppliers are not matched to any other documents,
namely the purchase order, supplier delivery note or goods received note.
Delmundo (Pty) Ltd could be paying for goods which were never ordered or
never received (delivered); and the goods could also be incorrect in terms
of description, quantity or price.
2.1 Before the invoice is paid there is no check to confirm that the purchase
has been authorised. If nobody checks the above, the risk that employees
are purchasing goods for themselves at the expense of the company is
significantly increased.
2.2 The full amount as reflected on the statement is paid, even where no invoice
has been received. Delmundo (Pty) Ltd may be paying for goods incorrectly
charged to them.
2.3 No checks are carried out on the casts, extensions, calculations and VAT
on the purchase invoice. This may result in inaccurate payments and under
recovery of VAT.
79
3.1 No creditors’ ledger appears to be kept. Creditors are paid on the strength of
an external document (creditor statements) only. The keeping of a creditors’
ledger makes it possible to maintain a more accurate record of purchases
and payments.
3.2 There is only one cheque signatory. As Mary Rooseveld has access to the
cheque book and she is the sole signatory, she can write out a cheque to a
fictitious creditor at any time.
3.3 Mary Rooseveld does not agree the amounts to be paid to creditors to any
supporting documentation (for example approved creditors’ reconciliations).
This increases the risk of invalid payments to creditors as Stella Stirling
could add a fictitious creditor to the list from which Mary Rooseveld writes
out cheques.
4.1 There is insufficient control over payments made by EFT. In effect only one
“signature” is required to transfer funds.
4.2 EFTs are made without supporting documentation and can be made by Mary
Rooseveld at any time and for any amount.
4.3 Nobody checks at any stage, during the payment, whether payments to
creditors or others are valid.
5.1 No review of the cashbook is carried out by “management”, for example the
cash book is not reviewed for missing cheque numbers or unusual payments.
With no independent review of Dean Ramjan’s work, he has the opportunity
to cover up misappropriation.
5.2 Almost total lack of involvement on the part of senior personnel/management.
With such a small staff, and a lack of basic controls, the senior manage
ment should be playing an active role – for example, acting as the second
signatory on cheques and EFT or reviewing supporting documentation. The
lack of this involvement weakens the control environment considerably and
facilitates fraud and collusion.
Source: Graded questions on auditing (2012:232) – adapted

Your textbook, Jackson & stent, describes an integrated manual and computerised
acquisitions and payments system of a trading concern.
Study
Jackson & Stent (2012:11/14–11/30)
Activity 5
Your textbook describes the application controls over masterfile amendments as
mainly preventative, supported by detective controls.
1. Explain in your own words why the creditors’ masterfile is central to the
acquisition and payments system.
2. Explain in your own words what the term “preventative” means in this context.
3. Provide an example of a preventative application control.
4. Provide an example of a detective control.
80
5. Name a few logs and reports that are used as part of detective controls over
masterfile amendments.
6. Describe the application controls that should be implemented to prevent
and detect errors during amendments made to the creditors’ masterfile in
1. The accurate and complete processing of authorised purchases and pay

ments depends to a great extent on the integrity of the masterfile. The credi
tors’ masterfile will contain information relating to the suppliers of the company,
the terms that affect payments, balances and the banking details required
to make EFT payments to creditors.
2. This means that application controls are implemented to prevent mistakes
from happening in the first place
3. Restrict write access to the creditors’ masterfile to a specific member of
the section by means of a user ID and passwords. This will prevent/deter
unauthorised users from gaining access and making amendments to the
masterfile.
4. Each logged amendment should be checked to confirm that it is supported
by a properly authorised masterfile amendment form (MAF). This will enable
management to detect any unauthorised amendments to the masterfile.
5. The masterfile amendment log is the main log used when making amend
ments to the masterfile. Various other logs and reports issued in the course
of the acquisitions and payments cycle could be used to detect errors during
masterfile amendments, such as the masterfile access violation reports and
creditors’ ledger exception reports, for example invalid account numbers.
6. The application controls that should be present to prevent and detect errors
in amending the creditors’ masterfile in a computerised environment are
described in Jackson & Stent (2012:11/16–11/18) and are not repeated here.
Note: Application controls for the following activities should be included in
your answer:
•• Application controls over the recording of masterfile amendments on
masterfile amendment forms (preventative)
•• Application controls over the authorisation of amendments to the mas
terfile (preventative)
•• Application controls over the entry of amendments onto the system (pre
ventative – for example access controls and screen aids and detective
– for example programme checks)
•• Application controls over the review of masterfile amendments (detective)
Activity 6
1. Provide five examples of things that could go wrong when creating a purchase
order in a computerised environment, based on the activity in Jackson &
Stent (2012:11/20).
2. Describe the application controls that should be present to ensure that
purchase orders that are created and sent to suppliers in a computerised
environment are valid (occurred and authorised), accurate and complete.
81
1. Examples of things that could go wrong when creating a purchase order in

a computerised environment:
•• Purchase orders could be made out for goods that are not sold by the com
pany if an incorrect inventory item code is entered into the order system
and the system accepts the inventory code without matching it to inventory
codes in the masterfile.
•• Purchases could be made from unapproved suppliers if the system allows
the order clerk to enter suppliers who are not approved (no verification
checks).
•• Details pertaining to the order could possibly not be entered accurately
and completely if the system does not perform programme checks such
as mandatory field checks.
•• An inappropriate quantity of goods could be ordered if the system does
not perform programme checks such as limit or reasonableness checks.
•• Goods ordered could possibly not agree with the purchase requisition
report if the order clerk is not alerted by a screen message whenever the
quantity of the purchase order does not agree with the purchase requisi
tion report (reasonableness check).
Note:
As explained in activity 3 above, the internal control objective of validity
(occurred/authorised) is most at risk when creating a purchase order.
2. The application controls that should be present to ensure that the purchase
orders that are created and sent to suppliers in a computerised environ
ment are valid (occurred/authorised), accurate and complete are described
under points 3 and 4 in Jackson & stent (2012:11/20–11/21) and are not
repeated here.
Note: The activities under creating a purchase order and authorising
and sending the purchase orders relate to the placing of orders,
as illustrated above.
Activity 7
1. Your textbook, Jackson & Stent (2012:11/24), explains that electronic funds
transfer (EFT) is a fast and efficient method of making payments. Explain
why the risk of fraudulent payments is very high if strict controls over EFT
are not in place.
2. Describe the application controls that should be present to ensure good
control over the preparation and approval of the schedule of payments in
1. Theft of funds from the company’s bank account can easily occur because
EFTs are quick and efficient. Funds can be transferred to another bank ac
count very quickly, if access can be gained to a company’s internet bank
account.
Note: Access controls for a company’s bank account have been explained
in detail in activity 9 of topic 4 and are not repeated here. Refer to
82
topic 4 again if you need to refresh your memory on access controls

over a bank account.
2. The application controls that should be present to ensure good control over
the preparation and approval of the schedule of payments in a computerised
environment are described under point 3 in Jackson & Stent (2012:11/24–
11/26) and are not repeated here. Remember to limit your answer to the
preparation and approval of the schedule of payments.
Summary
In this study unit we explained and applied the activities, functions and documents
that relate to acquisitions and payments transactions. The risks and internal con
trols in acquisitions and payments were also explained and applied, together with
internal control over acquisitions and payments transactions in a computerised
environment.
Note that the ordering and receiving of goods (or services) from suppliers include
all goods and services associated with a normal business operation. Costs as
sociated with the manufacture of inventory as well as salaries and wages will be
explained in more depth in the topics that follow.
Self-assessment
study material, see whether you can do the following:
1. Explain the activities and functions relating to acquisitions and payments
transactions.
2. Describe the documents used in acquisitions and payments transactions.
3. Explain and apply risks and internal controls related to acquisitions and
payments transactions.
4. Explain and apply the risks and internal controls over acquisitions and pay
ments transactions in a computerised environment.
CONCLUSION
In this topic, Acquisitions and Payments Cycle, we explained and applied the
activities, functions and documents in the acquisitions and payments business
cycle. The risks and internal controls in this cycle were also explained and ap
plied, together with internal control over acquisitions and payments transactions
in a computerised environment.
In the next topic we will explain and apply the inventory and production business
cycle, together with the applicable internal controls in the cycle.
83
TOPIC 6
INVENTORY AND PRODUCTION CYCLE
Topic overview
Inventories encompass goods purchased and held for resale, such as mer
chandise purchased by a retailer and held for resale. Inventories also encompass
finished goods produced, or work in progress and include materials and
supplies awaiting use in the production process (see International Accoun
ting Standard [IAS] 2).
The inventory and production cycle includes the following classes of transactions

Inventory Cost of sales
The aim of this topic is to explain the activities, functions and documents in the
inventory and production business cycle and to apply these to practical situations.
The risks relating to this cycle and the internal controls to mitigate those risks,
including internal controls over inventory and production transactions in a com
puterised environment, will be applied and explained. Basic inventory valuation
concepts will also be described and explained.
85
Inventory and production cycle

6.1 Inventory and production cycle 87
6.1.3 Risks and internal control in warehousing 88
6.1.4 Risks and internal control in production 89
6.1.5 Inventory counts 90
6.1.7 Inventory valuation concepts 91

Learning outcomes
Study unit Level
outcomes:
6.1 Inventory •• Describe the activities and functions and allocate 2
and pro the documents associated with inventory and
duction production.
cycle
warehousing and describe and apply the internal
controls that could be implemented to mitigate
these risks.
production and describe and apply the internal
controls that could be implemented to mitigate
these risks.
•• Explain and apply inventory counts as part of 2
control activities over inventory and production.
•• Describe and apply internal control in 2
a computerised environment to inventory and
production transactions.
•• List basic inventory valuation concepts. 1
86
STUDY UNIT 6.1
12 INVENTORY AND PRODUCTION CYCLE
Introduction
Your prescribed textbook, Jackson & Stent (2012:12/2), describes the inventory
and production cycle as the heart of the business and explains that this cycle
mainly deals with
•• the custody and safekeeping of inventory in whatever form, for example,

goods held for resale or manufacture, and finished goods, and
•• the recording of costs where a production/manufacturing process occurs.

Inventory is the major component in the calculation of cost of sales, gross profit
and net profit of a trading concern (see Jackson & Stent 2012:12/2). The inven
tory balance is usually also a material current asset in the statement of financial
position in the company’s financial statements.
Study
Jackson & Stent (2012:12/2–12/4)
Activity 1
Jackson & Stent (2012:12/2) describe inventory and production as an internal
cycle. Represent this on a diagram that shows the interface of the inventory and
production cycle with the acquisitions cycle and the revenue cycle.
The diagram on page 12/4 of Jackson & Stent demonstrates that goods received
from suppliers follow one of two paths, namely, to the raw materials and compo
nents store, on to production and into the finished goods warehouse, or direct to
the “goods for resale” warehouse. The diagram is not repeated here.
87

Study
Jackson & Stent (2012:12/4–12/5)
Activity 2
Allocate the documents explained in your textbook to the warehousing or pro
duction phase of the inventory and production cycle.
Warehousing Production
•• Goods received note •• Materials (components) requisition,
•• Picking slip and delivery notes materials (components) issue note
•• Manufacturing or production schedules
•• Job cards
•• Production report
•• Costing schedule
•• Transfer to finished goods note
The inventory sheet, inventory tag and inventory adjustment form are used dur
ing an inventory count and do not fit into the warehousing or production phases.
The inventory count will be explained later in this study unit.
6.1.3 Risks and internal control in warehousing

Jackson & Stent (2012:12/3) describes two major risks associated with inventory
warehousing, namely risks associated with the physical transfer of inventory
and the protection of inventory from damage, loss and theft. These and other
risks, as well as internal controls (control activities) to mitigate the risks, will now
be explained.
Study
Jackson & Stent (2012:12/6–12/7)
Activity 3
1. Describe the internal controls that can be implemented to mitigate the risks
associated with the physical transfer of inventory in a warehouse.
2. Describe the internal controls that can be implemented to mitigate the risks
associated with the protection of inventory against damage, theft and loss
in a warehouse. Distinguish between preventative and detective controls
in your answer.
88
1. The internal controls that can be implemented to mitigate the risks associ
ated with the physical transfer of inventory in a warehouse are explained in
Jackson & Stent (2012:12/6) and are not repeated here.
2. Physical controls over inventory in warehouses are preventative controls,
in other words controls that prevent damage, theft and loss from occurring
in the first place. Comparison and reconciliation are detective controls that
will pick up on damage, theft and loss that have already occurred by compar
ing physical inventory with theoretical inventory in the accounting records.
Refer to Jackson & stent (2012:12/7), where internal controls to control dam
age, theft and loss of inventory in warehouses are explained.
6.1.4 Risks and internal control in production

As with inventory warehousing, internal controls must also be implemented over
production inventory to protect it from damage, loss and theft. Internal controls
to mitigate additional risks associated with the planning, control and costs of
manufacturing should also be implemented (cf Jackson & Stent (2012:12/3–12/4)).
Study
Jackson & Stent (2012:12/8–12/10)
Jackson & Stent (2012:12/20–12/22) – fraud in the cycle
Activity 4
Production of inventory can only commence after the production manager has
authorised the job cards.
1. What details must the job cards contain and what procedures are performed
by the production manager before a job card is authorised?
2. Describe the internal controls which should be present to ensure good
control over job orders.
1. The costing schedule should be transferred to job cards and the job cards
should
•• be sequenced and dated
•• contain a list of materials to be used, for example the description and
quantity of materials
•• be cross-referenced to customer orders/quotes
•• be cross-referenced to a materials requisition and materials issue note
•• be cross-referenced to the daily production schedule, after which the
production manager will review and authorise the job cards
2. Internal controls to ensure good control over job orders are explained in
Jackson & Stent (2012:12/8–12/9) and are not repeated here.
89
6.1.5 Inventory counts

According to Jackson & Stent (2012:12/11), inventory counts are one of the
most common control activities whereby actual inventory on hand is compared
with theoretical inventory in accounting records.
The responsibility for carrying out inventory counts rests with management, since
it is management’s responsibility to ensure that the inventory figure in the financial
statements is valid (exists), accurate and complete.
Study
Jackson & Stent (2012:12/11–12/13)
Similar methods of counting and sound controls are used for both cycle counts
(which take place on an ongoing basis) and year-end counts (annual counts).
Activity 5
1. Which basic principles must be adhered to before conducting the actual
inventory count in order to ensure a successful count?
2. List the procedures that should be followed by the counting team when
conducting an inventory count.
1. In order to ensure a successful inventory count, the following must be ad

hered to:
•• proper and timeous planning and preparation
•• standard stationery design principles and controls
•• written count information and instructions to all members involved in the
count
Note: The above principles are explained in further detail in Jackson &

Stent (2012:12/12) .
2. The procedures that should be followed by the counting team when conduc
ting an inventory count are listed in Jackson & Stent (2012:12/12–12/13) and
are also not repeated here.
6.1.6 ComputeriSation of the cycle

The inventory masterfile is central in a computerised inventory and production
cycle, since it contains the theoretical inventory figure which ideally should agree
with the physical inventory on hand (cf Jackson & Stent 2012:12/13).
Study
Jackson & Stent (2012:12/13), section 9.
90
Access controls in a computerised environment are key to ensuring that unau

thorised masterfile amendments are not done to disguise damage, loss or theft
of physical inventory. Refer to the relevant activities in topics 3, 5 and 6, where
access controls were dealt with extensively.
6.1.7 Inventory valuation concepts

The generally accepted basis for the valuation of inventory is the lower of cost
and net realisable value. It is important that inventory should be valued accurately
as the internal control objectives of validity, accuracy and completeness may
be at risk if the inventory in the financial records is either over- or undervalued.
Study
Jackson & Stent (2012:12/18–12/20), section 3.
Activity 6
1. At what value should inventory be presented in the financial records of
a company?
2. What does the term “net realisable value” mean?
3. What should the cost price of inventory consist of?
4. Which of the following costs should be excluded when valuing inventory:
•• delivery costs
•• administrative costs
•• commission paid on goods sold
•• wages paid to production staff
•• production material lost during a fire in the production plant
5. Name the three cost formulas permitted by International Accounting Stan
dard (IAS) 2.
1. Inventory should be valued at the lower of cost and net realisable value.
2. Net realisable value is the estimated selling price in the ordinary course of
business less the estimated costs of completion and the estimated costs
necessary to make the sale.
3. The cost of inventory should be made up of:
•• all purchase costs, including import duties and transport costs incurred
in the acquisition of materials and goods for resale
•• conversion costs, for example direct labour and production overheads
•• costs incurred in bringing the inventory to its present location and condition,
for example costs incurred in designing a product for a specific customer
4. The costs mentioned should be treated as follows:

•• delivery costs: included (transport costs incurred in the acquisition and
costs incurred in bringing the inventory to its present location)
91
•• administrative costs: excluded

•• commission paid on goods sold: excluded (selling costs)
•• wages paid to production staff: included (fixed and variable production
overheads)
•• production material lost during a fire in the production plant: excluded
(abnormal amounts of wasted material)
5. The three cost formulas permitted by IAS 2 are specific identification,

weighted average and FIFO. These cost formulas are explained in more
detail in Jackson & Stent (2012:12/19–12/20).
Summary
In this study unit we explained and applied the activities, functions and docu
ments pertaining to inventory and production transactions. The risks and internal
controls in inventory warehousing and production were explained and applied, as
were inventory counts as part of control activities in a system of internal control.
Internal control over inventory and production transactions in a computerised
environment was explained, with specific reference to the inventory masterfile.
Inventory valuation concepts were also described and explained.
Self-assessment
1. Explain the activities and functions relevant to inventory and production

transactions.
2. Describe the documents used in inventory and production transactions.
3. Explain and apply risks and internal controls relating to inventory warehousing
and production transactions in both a computerised and a noncomputerised
environment.
4. Describe and explain inventory valuation concepts.
CONCLUSION
In this topic, Inventory and production cycle, we explained and applied the
activities, functions and documents in the inventory and production cycle. The
risks and internal controls relevant to this cycle were explained and applied, as well
as internal control over inventory and production transactions in a computerised
environment. Inventory valuation concepts were also described and explained.
In the next topic we will explain and apply the payroll and personnel business
cycle as well as the applicable internal controls in the cycle.
92
TOPIC 7
PAYROLL AND PERSONNEL CYCLE
Topic overview
Compensation and related employee benefit costs represent major expenses for
most businesses. Because of the routine nature of these transactions, a com
pany’s payroll is normally maintained on an IT system (Eilifsen, Messier, Glover,
Douglas & Prawitt 2010:410).
Two main types of transactions are processed through the payroll and personnel
cycle, namely:
•• payment to employees for services rendered (salaries and wages)
•• accrual and payment of payroll-related liabilities (employee deductions such
as taxes, pension fund and medical aid)
The payroll and personnel cycle includes the following classes of transactions

Bank and cash Wages and salaries (net of employee
deductions such as PAYE, UIF, SDL, pen
Accounts payable (accumulated
sion fund, medical aid and other)
leave, unclaimed wages, SARS,
pension funds, medical aids and
other)
93
Payroll and personnel cycle
The aim of this topic is to explain the activities, functions and documents in the
payroll and personnel business cycle and to apply these in practical scenarios.
The risks in this cycle will be explained and internal controls are applied to mitigate
those risks, as well as internal control over payroll and personnel transactions in

7.1 Payroll and personnel cycle 95

Learning outcomes
Study unit Level
outcomes:
7.1 Payroll and •• Describe payroll and personnel transactions by 2
personnel explaining the activities and functions and allocating
cycle the documents associated with these transactions.
•• Identify and explain the risks associated with payroll 2
and personnel transactions and describe and apply
the internal controls that could be implemented
to mitigate the risks in a noncomputerised
environment.
•• Describe and apply internal control in a computerised 2
environment to payroll and personnel transactions.
94
STUDY UNIT 7.1
13 PAYROLL AND PERSONNEL CYCLE
Introduction
Jackson & Stent (2012:13/2) explains that the payment of salaries and wages
is an integral part of any business and one which results in an outflow of funds.

The most obvious difference between a salary system and a wage system is
that salary systems do not have a timekeeping function; a salary is a set monthly
amount regardless of the hours worked by the employee (Jackson & Stent
2012:13/29).
Study
Jackson & Stent (2012:13/2–13/5)
Note the following about the study material above:

Sections 4 and 5 in Jackson & Stent (2012:13/3–13/5) describe a wage system.
Apart from timekeeping and the difference in payment methods (salaries are
generally paid by EFT and wages in cash), these functions are generally also
relevant to a salary system.
Study
Jackson & Stent (2012:13/29), section 9
Activity 1
1. Explain why the payroll and personnel cycle could be especially susceptible
to fraud.
2. What practical arrangement can companies make with employees to avoid
the risk of fraud?
3. Describe the timekeeping, payroll preparation and payout functions relevant
to a wage system in the payroll and personnel cycle.
95
1. Companies that pay wages in cash are susceptible to fraud owing to the
high risk of theft of large amounts of cash.
2. To protect the company from this risk, as well as to safeguard the personal
safety of employees, a company could pay wages via EFT directly into em
ployees’ bank accounts.
3. The timekeeping, payroll preparation and payout functions relevant to a wage
system are described in section 5 of Jackson & Stent (2012:13/4–13/5) and
are not repeated here.
Note: Study section 1 of Jackson & Stent (2012:13/2) again if the differences

between a wage system and a salary system are unclear to you.

Study
Jackson & Stent (2012:13/5–13/6)
Activity 2
The following documents or records are found in most businesses. Some are
applicable to the payroll system and some are not.
1. Cash receipt
2. Income tax deduction tables
3. Clock card
4. Cash book
5. Employment contract
6. Unclaimed wages register
7. Cheque requisition
8. Internal purchase order
9. General ledger
10. Purchase journal
Required
1. State whether each of the above documents or records has a place in the
payroll cycle.
2. State the order in which the documents will normally be found in the payroll
cycle, indicating in which function within the payroll cycle they will be used.
1. The following documents will be found in the payroll cycle:

1.1 Income tax tables
96
1.2 Clock card

1.3 Cash book
1.4 Employment contract
1.5 Unclaimed wages register
1.6 Cheque requisition
1.7 General ledger
The cash receipt is applicable to the revenue and receipts cycle, and the
internal purchase order and purchase journal are used in the purchases
and acquisitions cycle.
2. The correct order in which the documents will be found and the functions
within which they will be used are:
2.1 Employment contract – Personnel (Human Resources)
2.2 Clock card – timekeeping
2.3 Income tax deduction tables – Payroll preparations
2.4 Cheque requisition – Payroll preparations
2.5 Unclaimed wages register – Payout
2.6 Cash payments journal – Recording
2.7 General ledger – Recording
Note that these functions are described in more detail in Jackson & stent
(2012:13/4–13/5).
Source: Graded questions on auditing 2012: (Gowar & Jackson 2011:169–170) – adapted

Because salaries and wages represent major expenses, companies tend to have
strong internal controls over payroll and personnel activities (Eilifsen, Messier,
Glover, Douglas & Prawitt 2010:410).
Study
Jackson & Stent (2012:13/9–13/13)
Note the following about the study material above:

The payment of salaries and the appropriate internal controls for this
function are not specifically discussed in the textbook. In this regard you
should remember that salaries are paid either by cheque or by EFT. The
normal internal controls for cheque payments therefore apply to the pay
ment of salaries. Internal controls over EFT payments in a computerised
environment will be explained and applied in section 7.1.4.
To see whether you can identify the relevant internal controls over a wage payout,
do the following activity:
97
Activity 3
Steelworks Ltd employs 1 000 workers, who receive a weekly cash wage. You
are requested to assist management in implementing internal controls over
the preparation and payout of wages. Management is satisfied that there is
sufficient internal control over the clocking of hours worked by employees and
the calculation and recording of the wages payable.
Internal controls over the preparation and payout of wages are explained in detail
in Jackson & Stent (2012:13/12) and are not repeated here.
Note: Keep in mind that these internal controls are aimed at mitigating the risks
associated with the preparation and payout of wages. The main risks identified
in your prescribed textbook are:
1. Errors or the theft of cash during

•• the drawing of cash,
•• the making up of wage packets, and
•• at the payout (risks addressed in points 1 to 6 of the control procedures
in Jackson & Stent 2012:13/12).
2. Misappropriation of unclaimed wages (risk addressed in points 7 to 11 of the

control procedures in Jackson & Stent 2012:13/12).
Activity 4
C-Ment Ltd manufactures cement blocks and pavers. The company was started
some years ago and has grown steadily so that it currently employs 120 semi-
skilled workers.
Internal controls have not kept up with the growth of the business and you have
been asked to evaluate the current wage system. You have obtained the follow
ing information:
1. The manufacturing yard is enclosed by a large security wall. The only access
to the yard is through the gate used by vehicles that deliver raw materials
and collect finished products. Workers enter and exit through this gate. There
is a small gate hut manned by a security guard.
2. On arriving at or leaving work, employees tick off their names on a “daily
time list”, entering their time of arrival or departure in the space provided. A
large clock is located in the gate hut.
3. The company’s administrative functions, such as sales and accounting, are
located in a small office block next to the manufacturing yard. The accounting
section is staffed by a senior accountant, Zeb Matabane, and three clerical
assistants. One of the clerical assistants, Milly Moss, is responsible for the
wage function, which operates as follows:
3.1 Each working day after close of business she collects the daily time
lists from the gate hut and replaces them with new lists for the follow
ing day. The completed daily time lists are filed in date order in a lever
arch file. She also maintains a simple hard copy employee’s file for
each employee.
98
3.2 The wage week runs from Thursday morning to Wednesday afternoon.
On Thursday mornings Milly Moss calculates the total hours worked
by each employee for the week (both normal and overtime) and enters
the totals against each employee’s name, on a weekly “hours summary
list”. She then accesses the wage application on her computer and
selects the “enter hours module”. She then captures the hours for each
employee, entering the employee’s staff number and hours worked from
the weekly “hours summary lists”.
3.3 Once each employee’s hours worked have been entered, Milly Moss
selects the “prepare payroll” module to start processing the wages and
producing the payroll. The payroll reflects employee number, name,
section, gross wages, deductions and net pay. It also has a space in
which the employee signs after receiving his or her pay.
3.4 Once the payroll has been produced, Milly Moss gives it to Mo Hiten,
the cash payment journal clerk, who prepares a cheque for the net
amount of the pay (as well as cheques for the amounts to be paid over
to SARS for PAYE, UIF etc). Mo Hiten takes the cheques to Zeb Mata
bane, who signs them.
3.5 The cheque for the net wages and the wage packets is then delivered
to WageMaster (Pty) Ltd, a security company which cashes the cheque
and makes up the wage packets from the details on the packets. Milly
Moss prepares a register which reflects the cheque number, amount
and number of paypackets to be collected by WageMaster (Pty) Ltd.
This register is signed by a WageMaster (Pty) Ltd employee.
3.6 On Friday morning WageMaster (Pty) Ltd returns the made-up wage
packets to Milly Moss, who agrees the number of wage packets to the
register and signs the security company’s delivery note.
3.7 The wage payout takes place at 3 pm on Fridays. At 1pm Milly Moss
leaves the wage packets and a copy of the payroll at the gate hut for
collection by the supervisor. The supervisor conducts his or her own
payout. He or she hands the paypacket to the employee, who must show
his or her staff identity card and sign the payroll next to his or her name.
3.8 Any unclaimed wages are marked as such by the supervisor on the
payroll. The unclaimed wages are taken home by the supervisor (all
administrative office employees finish work at 1 pm on Fridays) and
handed to Milly Moss on Monday morning. She agrees the packets she
has been given to the payroll and puts the packets in the safe. When the
employee returns to work he or she must collect the wage packet from
Milly Moss (staff identity card must be produced) and sign the payroll.
REQUIRED:
1. Identify and explain the weaknesses in C-ment Ltd’s wage system based
on the information given above.
Identification and explanation of weaknesses in the system of internal control

over the current wage system of C-Ment Ltd:
99
Points 1–2
Weakness: Controls over timekeeping are inadequate.
Explanation:
•• There is no reliable timekeeping mechanism/clocking system, making it virtually

impossible to prevent invalid hours being “clocked”.
•• Workers record their own times of arrival and departure and could thus create
fictitious hours.
•• As entry and exit take place through a gate in general use and are unsupervised,
workers have another opportunity to create fictitious hours.
•• Workers could tick off the names of fellow workers who are not actually at work.
•• Workers could sign in but not actually go to work and return to sign out.
•• “Clocking” documentation controls are poor as there is no documentation (clock
card or similar) which records the time of exit and entry of each employee
independently and in a permanent form.
•• The clipboard bearing the daily time sheets is left unattended in the gate hut
and could be lost or tampered with; for example, hours could be altered.
Point 3
Weakness: There is no separate personnel (human resources) function to ensure
optimum efficiency in controlling the workforce.
Explanation:
•• A company with a workforce of 120 requires the employment of the necessary
skills in the business to deal with recruitments, dismissals, wage negotiations
and labour problems in accordance with sound labour practices, and to maintain
valid, accurate and complete employee records.
Points 3.2 – 3.3

Weakness: Controls over the calculation of hours worked and entry into the com
puter are inadequate, which may result in errors in the amounts
paid to employees.
Explanation:
•• Nobody checks and authorises Milly Moss’s calculation of the hours worked
according to the time lists, and mistakes could therefore go unnoticed.
•• The supervisors do not confirm that overtime hours are valid at any stage.
•• No batching system of any kind seems to be used to enhance the accuracy
and completeness of entry into the computer; for example no pre-entry and
post-entry control totals are calculated.
•• There is no review of the payroll by an independent employee (for example,
one of the other administration clerks) to verify that the correct hours (normal
and overtime) and wage rates have been used.
Points 3.1 – 3.8

Weakness: Milly Moss is responsible for incompatible functions:
•• She initiates and controls the daily timesheets.
•• She calculates and enters the hours worked.
100
•• She creates the payroll.

•• She has access to the made up wage packets.
Explanation:
•• This makes it possible for her to steal money from the company by:
•• invalidly increasing the hours worked (for example adding overtime) for certain
employees, or
•• invalidly increasing the wage rates for certain employees.
Points 3.4–3.5
Weakness: There are inadequate authorisation controls over the cheque
for net wages.
Explanation:
•• Zeb Matabane does not check and initial the supporting documentation, such
as the payroll.
•• No week-to-week reconciliation is provided to explain any fluctuations in the
wages.
•• There is only one signatory to the cheque, which increases the risk of errors
or fraud going undetected.
Point 3.7
Weakness: The supervisor and Milly Moss do not meet to effect the safe
transfer of the wage packets. The wage packets are nobody’s
direct responsibility for a period of time and are left in an
unsecure place.
Explanation:
•• The supervisors do not check the wage packets they are taking responsibility
for and acknowledge that they have done so by signing the payroll. Wage
packets could be lost or stolen and nobody would be accountable.
Point 3.7
Weakness: Payouts are conducted by the supervisor without a second
official being present.
Explanation:
•• This facilitates fraud by a supervisor, particularly where the supervisor has

created a fictitious employee by having a “dummy workman added” and
recording hours for the dummy workman (easily done as time sheets are
freely available in the gate hut). The supervisor would simply take the fictitious
employee’s packet and sign the payroll.
Point 3.8
Weakness: Unclaimed wage packets are taken home by the supervisor
and only handed to Milly Moss on Monday morning.
101
Explanation:
•• Unclaimed wage packets should be stored in a safe and should not be taken
off the premises as this increase the risk of theft and or loss.

A company’s payroll system is a combination of manual and computerised func
tions and most companies make use of the packaged payroll software that has
been developed to meet the needs of the company (Jackson & Stent 2012:13/16).
Study
Jackson & Stent (2012:13/14–13/28)
Activity 5
In section 7.1.3 above we explained why internal controls over timekeeping in
a wage system are very important. This was also illustrated by the weaknesses
in the wages system of C-Ment Ltd in activity 4 above.
REQUIRED:
1. Explain what the term “biometric data” means in a computerised clocking
system.
2. What are the advantages of biometric data over an identification card or a
clock card?
3. Describe the application controls that could be implemented to ensure good
control over timekeeping in a computerised wages system.
4. Describe the application controls that could be implemented to approve
the hours that were captured during electronic timekeeping before payroll
preparation can commence.
5. Describe the application controls that could be implemented over entering
additional earnings and deductions during the payroll preparation phase
in a computerised wages system.
1. The most common example of biometric data is an employee’s fingerprint.

In a system where the identification of employees is controlled by biometric
data, a finger print is stored on the system so that when the employee places
a finger on the scanner, it has a set of prints against which to “match” the
finger print.
2. Biometric data overcomes the weaknesses of an identification card or clock
card system, where an employee can swipe the card on behalf of another
employee and thereby create fictitious hours worked.
3. The application controls that could be implemented to ensure good control
over timekeeping in a computerised wages system are described in Jack
son & Stent (2012:13/19–13/20) under the activities of 1) storing biometric
102
data on the system; 2) employee identification and recording of hours

worked; and 3) reviewing employee attendance.
Note that the application controls over activities 1) and 2) are mainly access
controls which are preventative in nature, whereas controls over activity 3)
are detective controls such as reports produced on absent employees, late
arrivals and unexplained exits from the workplace.
4. Once timekeeping has been performed, the hours that were electronically
captured must first be approved by the foreman before payroll preparation
can commence.
The application controls over the approval of hours worked are explained
in Jackson & Stent (2012:13/21) and are not repeated here.
5. Point 1.3 in Jackson & Stent (2012:13/21) explains that alterations may be
necessary to the hours initially recorded during electronic timekeeping. The
payroll clerk responsible for preparing the payroll will be responsible for en
tering these alterations made by the foreman. The application controls over
entering additional earnings and deductions are described in Jackson
& Stent (2012:13/21–13/22) and are not repeated here.
Summary
In this study unit we explained and applied the activities, functions and docu
ments of payroll and personnel transactions. The risks and internal controls in
the payroll and personnel cycle were explained and applied, as well as internal
control over payroll and personnel transactions in a computerised environment.
Self-assessment
1. Explain the activities and functions relevant to payroll and personnel
transactions.
2. Describe the documents used in payroll and personnel transactions.
3. Explain and apply risks and internal controls related to payroll and personnel
transactions in a noncomputerised environment.
4. Explain and apply risks and internal controls related to payroll and personnel
transactions in a computerised environment.
CONCLUSION
In this topic, Payroll and Personnel Cycle, we explained and applied the ac
tivities, functions and documents in the payroll and personnel cycle. The risks
and internal control in this cycle were explained and applied, as well as internal
control over payroll and personnel transactions in a computerised environment.
In the next topic we will explain and apply capital expenditure in the finance and
investment business cycle, as well as the applicable internal controls in the cycle.
103
TOPIC 8
FINANCE AND INVESTMENT CYCLE
Topic overview
Investing and financing activities consist of transactions that relate to the acquisi
tion of the non-current assets (fixed assets) which are required to manage the
activities of the enterprise. The financing activities include funds obtained from
borrowing, finance leases and operating leases.
The finance and investment cycle includes the following classes of transactions

Share capital Dividends paid
Reserves Profit or loss (reserves)
Long-term loans Interest paid
Property, plant and equipment Profit/loss on sale of asset
Investments Profit or loss on investment
The aim of this topic is to explain capital expenditure in the finance and invest
ment business cycle by referring to the characteristics of fixed asset acquisi
tion transactions. The risks associated with the acquisition of fixed assets will
be explained and internal controls applied to mitigate those risks.
105
Finance and investment cycle

8.1 Capital expenditure 107
8.1.1 Characteristics of capital expenditure 107
8.1.2 Risks and internal control over capital expenditure 107

Learning outcomes
outcomes:
8.1 Capital ex •• Describe and explain capital expenditure as part 2
penditure of the finance and investment cycle by referring
to the characteristics of fixed asset acquisition
transactions.
•• Identify and explain the risks associated with fixed 2
asset acquisitions and describe and apply the
internal controls that could be implemented to
mitigate the risks.
106
Capital expenditure
STUDY UNIT 8.1
14 CAPITAL EXPENDITURE
Introduction
Jackson & Stent (2012:14/2) explains that this cycle essentially deals with the
transactions which a company enters into to raise finance, for example by borrow
ing money from a bank or investment company, as well as with the investments
the company makes, whether in property, plant and equipment, or by making
long-term loans or investing surplus funds.
8.1.1 Characteristics of capital expenditure

We will explain capital expenditure in the finance and investment cycle with
reference to the acquisition of fixed assets and the obtaining of finance by
means of long-term loans.
Study
Risks and internal controls in the cycle will now be explained.
8.1.2 Risks and internal control for capital

expenditure
Compensating controls over capital expenditure transactions entail planning,
authorisation, implementation and review and approval (Jackson & Stent
(2012:14/3).
Study
Jackson & Stent (2012:14/3–14/4)
Jackson & Stent (2012:14/4–14/5) – The Finance and Investment Cycle at Proride
(Pty) Ltd
107
Activity 1
1. Explain what the term “non-routine transactions” means.
2. How do internal controls over “non-routine transactions” differ from the
internal controls over routine transactions explained in the previous topics
in this study guide?
3. Describe the major risks for capital expenditure with reference to the internal
control objectives.
1. Non-routine transactions such as fixed asset acquisitions do not usually

occur every day and the number and frequency of transactions are consid
erably less than, for example, sales, purchases, salaries and wages. The
size of transactions is usually significant (the amounts are large) and these
transactions are frequently subject to legal and regulatory requirements.
2. Because of the characteristic mentioned in 1 above, transactions in this cycle
are not subject to the routine everyday controls relating to transactions. In
ternal controls over nonroutine transactions such as finance and investment
transactions are still based on the five components of internal control (as
explained in topic 2), but “compensating controls” would be implemented.
3. The major risks for capital expenditure with reference to internal control
objectives are explained in section 2.6 in Jackson & Stent (2012:14/2) and
are not repeated here.
Note: The main risks explained under section 2.6 in Jackson & Stent (2012:14/2)
are associated with the finance and investment cycle as a whole, but take
note that these risks are also specifically applicable to capital expendi
ture in the cycle.
Activity 2
You have recently been appointed as the internal auditor of North Shore Ltd, a
large shipping company in Port Elizabeth. Your first assignment was to evaluate
the company’s accounting systems and related internal controls. The company is
divided into five sections, each of which has its own section accountant, who is
responsible for producing monthly accounts and ensuring that sectional financial
matters run smoothly. While reviewing the financial records of the warehousing
section you were surprised to see that considerable capital expenditure had been
incurred just before the financial year-end (30 June). You found that the same
expenditure had been incurred in the other four sections of the company and on
visiting the various sections (in July), you noticed a fair amount of equipment still
in boxes and not in use. Deciding to follow this up, you approached Andy Bell,
the most senior sectional accountant, and asked for an explanation of how the
system for capital expenditure operated. He responded as follows:
1. Each sectional accountant is responsible for capital expenditure for his/her

section.
2. A budget is prepared in the office of the financial director. Budgeting figures
are calculated by increasing the previous year’s budget by the average con
108
Capital expenditure
sumer price index for the year. Sectional accountants are notified as to what
their section can spend on the purchase of capital items.
3. However, if sections do not spend their capital budget in any financial year,
that section’s budget is reduced for the following year. As you can see, we all
try to avoid a cut in our budget by making sure we spend our budget before
the end of the financial year.
4. If a staff member in the section requires equipment, for example in my
warehouse section the foreman may decide he needs a new forklift, he
emails my assistant with the precise details of what is required as well as
the name of a supplier. None of the equipment used by North Shore Ltd is
particularly complicated, so this method works fine.
5. My assistant then completes a pre-printed, numerically sequenced, multi-
copied order form which the sectional accountant signs before sending the
top copy to the supplier. The second copy of the order is sent to the central
creditors department for payment, along with the supplier delivery note. The
third copy is left in the order book and used by the assistant to write up the
new equipment in the assets register.
6. The supplier delivers the equipment to the section and my assistant signs
the supplier delivery note after agreeing the items to the supplier delivery
note. The assistant retains a signed copy of the supplier delivery note, which
is sent to the creditors department as described in point 5 above.
REQUIRED
Identify and describe the weaknesses in the system of investing in capital equip
ment at North Shore Ltd, based on the information given above and recommend
improvements to address the weaknesses you have identified.
Do not concern yourself with payments to creditors.
Write your answer in the tabular format given below:
Weakness Explanation and improvement

1. The acquisition (investment in) fixed •• The company should appoint a fixed
assets is not planned. asset committee consisting of senior
experienced management to take
•• There is no evaluation of whether
responsibility for evaluating the need
the items purchased by the
for the purchase and evaluating how
five sectional accountants are
capital expenditure will be financed.
required.
•• Any member of the section •• All requests for fixed assets from
sections must be fully motivated.
can request equipment without
providing proper motivation. •• The fixed asset committee should be
responsible for preparing an annual
capital expenditure budget (see below).
109

2.
The budgeting process is totally •• A proper budgeting system for capital
ineffective. expenditure should be put in place:
•• Simply increasing the prior year’s •• Each section should carefully evaluate
their actual capital expenditure needs
budget by an index has resulted
(and planned disposals) for the
in sections being allocated money
upcoming year. The budget should not
which they do not require and
be based on adjusted figures for the
which will be wasted.
previous year.
•• This weakness is compounded
•• The sectional budgets should be
by the fact that sections are
submitted to the fixed asset committee
“punished” for not spending their
for their approval, which should only be
allocation by having their budgets
given after careful consideration of the
reduced.
motivation.
•• There should be ongoing comparison of
actual capital expenditure with budgeted
expenditure.
3. There is inadequate authorisation of •• The fixed asset committee should
capital expenditure. approve the budget, which will then
become the fundamental authorising
•• Sectional accountants
document.
have complete authority to
purchase equipment provided •• See points below (4).
they have not exceeded the
budget.
•• In effect, the sectional accountants
can make a purchase and
authorise it. This amounts to a
lack of division of duties.
•• As there appears to be no
reconciliation or follow-up of items
actually purchased, this lack of
division of duties becomes more
serious.
4. The controls over the requisitioning •• A properly designed (two part) pre-
and ordering and receipt of capital printed, sequenced, capital expenditure
expenditure items are inadequate. requisition must be prepared and signed
by a senior person in the section
•• No properly designed, pre-printed,
requiring the item, for example the
sequenced (and authorised)
warehouse manager requiring a new
requisition form is presented to
fork lift.
support the purchase request
(email is sent). •• This requisition should be submitted to
the sectional accountant, who should
•• The order is placed by the assistant
authorise the requisition (sign) after
to the sectional accountant (not
confirming that the request complies
the buying department), without
with the capital expenditure budget.
any follow-up with the supplier
as to availability and price and •• A copy of the requisition should be sent
to the company’s buying department,
alternative suppliers.
and the second copy filed in numerical
•• Items purchased should not be
sequence.
delivered to the individual sections
as this weakens division of duties •• The order department should:
–– confirm that the goods requisi-

tioned appear on the capital budget,
and if so
110
Capital expenditure

. –– check with the preferred supplier
as to availability, current price and
delivery particulars, and
–– make out and sign a three-part
pre-printed, sequenced (capital
expenditure) order.
•• Items purchased should be delivered to

North Shore Ltd’s receiving department,
where a pre-printed, sequenced, three-
part “capital item goods received note”
should be made out after the items
delivered have been checked to the
supplier delivery note.
5. There is a serious lack of division of •• On receipt of the item, a responsible
duties in respect of the assistant to official in the section should check
the sectional accountant. This person: the item delivered against the original
requisition and the “capital item goods
•• places the order (on the strength
received notes”, before signing them.
of an email)
•• receives the goods •• Once the above procedures
are complete, the assistant to the
•• “authorises” payment (by sending
sectional accountant can write up the
the unchecked documentation to
creditors) sectional fixed asset register.
•• writes up the records (fixed asset
register)
Source: Graded questions on auditing (2012:281) – adapted
Summary
In this study unit we explained capital expenditure with reference to the characte
ristics of fixed asset acquisition transactions. The risks associated with fixed asset
acquisitions were explained and internal controls applied to mitigate those risks.
Self-assessment
1. Explain capital expenditure by referring to the characteristics of fixed
asset acquisition transactions.
2. Explain and apply risks and internal controls related to fixed asset acquisi
tion transactions.
CONCLUSION
In this topic, Finance and investment cycle, we explained the business cycle
with reference to capital expenditure and the characteristics of asset acquisition
transactions. The risks and internal controls related to fixed asset acquisition
transactions were also explained and applied.
111
Bibliography
BIBLIOGRAPHY
Globe and Mail. 18 October, 2011. Available at: http://www.ctv.ca. (accessed on 27 Oc-
tober 2011).
Gowar, HR & Jackson, RDC. 2010. Graded questions on auditing. Durban: Lexis Nexis.
Griffiths, D. Risk Based Internal Auditing: Three views on implementation.
Jackson, RDC & Stent, WJ. 2010. Auditing notes for South African students. Durban: Lexis
Nexis.
Jackson, RDC & Stent, WJ. 2012. Auditing notes for South African students. Durban:
LexisNexis.
JSE Limited Listings Requirements. Service issue 14. 2011.
Public Finance Management Act 1 of 1999.
Puttick, G & Van Esch, S. 2007. The principles and practice of auditing. Cape Town: Juta.
South African Institute of Chartered Accountants. SAICA handbook, vol 2. Latest edi-
tion. Durban: Lexis Nexis.
South African Institute of Chartered Accountants. SAICA legislation handbook, vol 1&3.
Latest edition. Durban: Lexis Nexis
112

Untitled

Uploaded by

Copyright:

Available Formats

Untitled

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Untitled

Uploaded by

Copyright:

Available Formats

﻿﻿

© 2012 University of South Africa

All rights reserved

Printed and published by the

Topic 1: Corporate governance and statutory matters 1

Topic 4: Revenue and receipts cycle 55

Topic 5: Acquisitions and payments cycle 73

Topic 6: Inventory and production cycle 85

Topic 7: Payroll and personnel cycle 93

Topic 8: Finance and investment cycle 105

2 Purpose of the module

3 Links with other modules

4 Framework of the module

Topic 1 Corporate governance and statutory matters

Topic 2 Internal control

Topic 3 Business cycles

Topic 4 Revenue and receipts cycle

Topic 5 Acquisitions and payments cycle

Topic 6 Inventory and production cycle

Topic 7 Payroll and personnel cycle

Topic 8 Finance and investment cycle

5 The teaching strategy

5.1 The study package

•• the prescribed textbook(s)

5.2 Learning outcomes, assessment criteria and levels of mastery

5.3 Study activities

5.4 Meaning of words

An analysis of the action verbs contained in a question will

5.5 Meaning of icons

Study. This icon indicates which sections of the prescribed book

Assessment. This icon indicates that you are required to test

6 Approach to your studies

6.1 Allocation of time for this module

Topic Minimum hours of

6.2 Mastering the study material

6.3 Self-study and self-evaluation

When you come across a subject-related problem in auditing, make a persistent

7 What you can expect from Unisa

8 Feedback from students

Your lecturers FOR AUE2602

This topic is divided into the following study units:

Study unit Title Page

Study unit Title Page

Textual amendments and additions

1.2 Statutory matters •• Explain the requirements of sections 76 to 2

STUDY UNIT 1.1

THE BACKGROUND TO CORPORATE

GOVERNANCE IN SOUTH AFRICA

“Successful leaders in a turbulent world are bold, risk-taking

Jackson & Stent (2012:4/3–4/7), sections 1 to 6

Corporate governance is the system or process whereby companies are directed

Directors can’t avoid adhering to the principles of good corporate governance,

The King III Report endeavoured to be at the forefront of governance internatio­

STUDY UNIT 1.2

Note the following about the study information below:

SAICA Legislation Handbook, 2010/2011, Volume 1 – Where instructed

1.2.1 standards of directors’ conduct – section 76

1.2.2 Liability of directors and prescribed

•• The Companies Act 71 of 2008: section 77

•• The Companies Act 71 of 2008: section 78

The King III Report endeavoured to be at the forefront of governance internatio

Remunera Nomina Risk committee

1. Risk-based internal auditing (RBIA) is the methodology which provides as

2.2 Components •• Describe, explain and apply the five components 2

2.3 Controls in •• Describe and apply general controls in 2

2. Role of internal control objectives in the risk assessment