In general, the objective of an internal audit is to assess the risk of material misstatement in financial reporting. Material misstatements can arise from inadequacies in internal controls and from inaccurate management assertions. As such, testing the validity of various implicit managerial assertions is a key objective of an internal auditor.
While this applies to all financial cycles, this article is the sixth in a series focusing on the General Control Activities for the Sales, Invoicing and Credit Management (SICM) cycle. The most important general controls for SICM include:
- Sales Planning and Target Setting
- Customer Acquisition
- Client Acceptance and Sales Agreements
- Managing Client Relationships
- Order Processing
- Sales Returns and Credit Notes
- Credit Management
- Customer Master Data
The primary goals when processing orders for clients is to make sure that orders are registered accurately and timely and that the client needs are met.
If your company doesn’t have a formal process in place to process orders you are vulnerable to certain risks, such as:
- orders are not being registered or processed in timely manner,
- client’s needs are not met or there are delays in delivery,
- errors in sales order entry resulting in inaccurate delivery,
- orders are not tracked and missed, and
- sales price could be erroneously/fraudulently over written at order entry.
When conducting an audit of order processing, look out for the following controls/best practices:
- Review order confirmations (confirmation with client of the availability of services/products).
- Check to make sure that only authorized staff can process sales orders.
- Test to make sure that someone checks stock availability before accepting the sales order and the any stock outs are tracked.
- Verify that for manual order processing, sales orders are sequentially numbered and sequence checks are completed by responsible manager.
- Verify that the system ensures orders are completed fully, with data validation controls on items such as order date.
- Make sure that sales prices are automatically pulled from customer master data. Overrides of prices blocked, or if permitted responsible manager regularly reviews price overrides.
- Validate that exceptions to contract pricing and /or large orders require manager approval.
- Make sure that outstanding sales orders are regularly reviewed and cleared.
- Determine if OTIF (On Time In Full) KPI is monitored and reviewed periodically by appropriate management.
- Make sure any release of consignment stock considers whether the credit limit would be breached.
In conclusion, auditing standards require that auditors test basic underlying management assertions implicit in the financial statements. Key objectives to these assertions are; Existence and Completeness, Rights and Obligations, Valuation or Allocation, and Presentation and Disclosure.