You are on page 1of 5

Internal Audit Risk Assessment

30%

20%

1.0
1
1

1.0
1
1

1
1

1
1

20%

20%

25%

10%

N/A

N/A

N/A

tio
na
l
L
Ye ast
ar A
or ud
SO ite
X) d (O
pe
ra

(F
)

N/A

A
In lig
iti nm
at e
iv n
es t w
(A ith
)
M

R
is
k

(P
)

N/A

Fr
au
d

Pr
ob
ab
ili
ty

s
Is
su
e
Kn
ow
n

25%

C
Pr ha
oc ng
es es
s e in
s Pe
rs
M
on
on
ne
it o
lo
rin
r
g

ce
ss

N/A

Vo
lu
m

pa
ct
(
Im

IT

15%

C
om
pl

I)

al
io
n
at
O
pe
r

35%

ex
ity

of
Pr
o

nc
e
pl
ia

al
/C
om
Le
g

Audit
Weighting Factor
DEVELOP/ACQUIRE PRODUCT (DA)
DESIGN (DA1)
Color, Trend & Concept
Design
Accessories Design
Project Management/Calendar
PRODUCTION MANUFACTURING (DA2)
Raw Materials Supply Chain
Product Development (Fabric & Color)
Technical (Woven & Knit)
Factory Compliance
- Vendor Code of Conduct
- Vendor Audits
- Overruns and selloffs
MERCHANDISING (DA3)
Line Plans
Buying
Accessories Buy
PRODUCE & DELIVER PRODUCT (PD)
SOURCING (PD1)
Design Development
Manufacturing Capacity & Triggers
Title Transfer
US Customs
- Compliance
IMU/MMU Tracking
Monitor WIP
DISTRIBUTION NETWORK (PD2)
Quality Control
Receiving
- Receipt matched against PO
Inventory Management
- Inventory Pick System
Distribution
Pullback/Selloff
eCommerce
- Items sold to customer are shipped
Subsidiary
PLANNING & ALLOCATION (PD3)
Merchandise Planning
- JDA/Arthur
Store Planning & Allocation
Testing
MARKET
& SELL PRODUCT
ESTABLISH
& DELIVER(M)
MARKETING
STRATEGY (M1)
Marketing Plan
Customer Relationship Marketing
- Privacy
- Assessing effectiveness of promotions
- Capitalization of direct costs
- ADS Customer Data Warehouse
Proprietary Credit Card
Website
- Capacity, changes, etc
Brand Development

Fi
na

nc

ia
l

St
at

em
en
t/M
at
er

ia

lit
y

an
T
ag
em
[(I ota
en
x lS
t' s
P) co
+F re
+
Au
A]
di
ta
bl
e?

Sample Company

Comments

N/A

1.5
2
1

1.3
1
1

1.0
1
1

1.3
1.2
1.3

1.2

1
1.8
1
1
4
1
3

1
1.0
1
1
1
1
1

2
1.0
1
1
1
1
1

1
4.5
22
1
1
1
1

1.4
1.8
4.2
1.0
1.9
1.0
1.6

1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1.0
1

1.0
1

4.3
1

1.0
1

2.2
1.0

1
1
1.0
1
1
1
1

1
1
1.0
1
1
1
1

11
1
1.0
1
1
1
1

1
1
1.0
1
1
1
1

4.5
1.0
1.0
1.0
1.0
1.0
1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1
1.0
1
1
1
1

1
1.0
1
1
1
1

1
1.0
1
1
1
1

1
1.0
1
1
1
1

1.0
1.0
1.0
1.0
1.0
1.0

1.0
1

1.0
1

1.0
1

1.5
2

1.1
1.2

1.0

tio
na
l
L
Ye ast
ar A
or ud
SO ite
X) d (O
pe
ra

an
T
ag
em
[(I ota
en
x lS
t' s
P) co
+F re
+
Au
A]
di
ta
bl
e?

(F
)

A
In lig
iti nm
at e
iv n
es t w
(A ith
)
M

R
is
k

(P
)
Fr
au
d

Pr
ob
ab
ili
ty

s
Is
su
e
Kn
ow
n

C
Pr ha
oc ng
es es
s e in
s Pe
rs
M
on
on
ne
it o
lo
rin
r
g

ce
ss

1.3
1
2

Vo
lu
m

pa
ct
(
Im

IT

1.0
1
1
1
1
1
1

C
om
pl

I)

al
io
n
at
O
pe
r

1.3
1
1
3
1
1
1

ex
ity

of
Pr
o

nc
e
pl
ia

al
/C
om
Le
g

Audit
VISUAL COMMUNICATION (M2)
Visual Merch Windows
Store Layouts
Floorsets
PR/Editorial
Print Production
Design & Copy
STORES & CUSTOMER SERVICE (S)
REAL ESTATE & CONSTRUCTION (S1)
Site Selection
Negotiate Leases
- Projections and approvals
Bids & Project Management
- Contracts and Change Orders
- Pre Opening and Closing Costs
- Collection of Construction Allowance
Lease Administration
MANAGE RETAIL FIELD OPERATIONS (S2)
New Store Openings
Store Communications
Policies and Procedures
Store Operations
Manage Sales Force & Payroll Alloc
- Cybershift
Customer Service
- Appeasements
ECOMMERCE (S3)
Operations
- Vendor management and oversight
- Promotions and markdowns
MANAGE
INFORMATION
RESOURCES
AND
TECH (IT)
MANAGE
& LEVERAGE
RECORDS
& DOCS
(IT1)
Document Retention
- Back ups and Recovery
IT Generated Reports
Systems Integration
IT STRATEGY & DEVELOPMENT (IT2)
Corporate Systems
Finance Systems
Store Systems
Project Management and Admin (SDLC)
- New systems
USER SUPPORT (IT3)
Issue Tracking
- Documentation of Approvals
Technical Assistance
MANAGE TECHNICAL ENVIRONMENT (IT4)
Network Servers
Major Systems Support - Hardware
Major Systems Support - Software
Telecom
- Ownership and usage
MANAGE SECURITY (IT5)
Physical Security
- Physical security
Logical Security
- Logical access
MANAGE FINANCIAL
& PHYSICAL RESOURCES
(F)

Fi
na

nc

ia
l

St
at

em
en
t/M
at
er

ia

lit
y

Internal Audit Risk Assessment

Comments

Sox

1.0
1

1.4
1.0

1.8

1.0
1

2.5
4

1.0
1

1.0
1

1.3
1.6

1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1
1

1
1

1
1

1
1

1.0
1.0

1.0
1

1.3
1

1.5
1

1.1
1

1.2
1.0

1.4

1.0

1.0

2.1

1.2

1.0

1.4

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

tio
na
l
L
Ye ast
ar A
or ud
SO ite
X) d (O
pe
ra

an
T
ag
em
[(I ota
en
x lS
t' s
P) co
+F re
+
Au
A]
di
ta
bl
e?

(F
)

A
In lig
iti nm
at e
iv n
es t w
(A ith
)
M

R
is
k

(P
)
Fr
au
d

Pr
ob
ab
ili
ty

s
Is
su
e
Kn
ow
n

C
Pr ha
oc ng
es es
s e in
s Pe
rs
M
on
on
ne
it o
lo
rin
r
g

ce
ss

1.0
1

Vo
lu
m

pa
ct
(
Im

IT

3.0
1

C
om
pl

I)

al
io
n
at
O
pe
r

1.0
1

ex
ity

of
Pr
o

nc
e
pl
ia

al
/C
om
Le
g

Audit
BUDGETS & FORECASTING (F1)
Financial Planning & Analysis
- Budget process
- Forecasts and Budget to Actual
Store Finance
- Asset impairment
- Wage rate controls
- Bonus process
- Comp sales reporting
management
CASH- Supplies
MANAGEMENT/
CREDIT & COLLECT
(F2)
Cash Management & Treasury
- Forecasts
- Investment decisions
- Movements and reconciliations
Sales Audit
- Reconciliation and discrepancies
- Chargebacks
CAPITAL PLANNING (F3)
New Store Approval
- Evidence of approval
Real Estate Finance
Other Capital Expenditures
- Requests and Approvals
PROCUREMENT & AP (F4)
Merchandise
- Vendor Selection
- PO's
- IP
Real Estate
- Payment as per contract
- CAM charges
- RetaiLease
- Sales reporting
IT
- Goods received
- Valid, justified, authorized, budgeted
Construction and Store Maintenance
- Valid, justified, authorized, budgeted
- Per contract, change orders
- Competitive bid
Marketing
- Valid, justified, authorized, budgeted
- Accruals as no proper PO system
T&E
- According to policy
Other Procurement
- Valid, justified, authorized, budgeted
- Competitive bid
- Inventory Management
Disbursements
- Vendor file maintenance
- Payments valid and approved
- Freight and customs
INVENTORY CONTROL (F5)
Maintain Inventory Records
- Debits
- Stock ledger to sales journal
- Vendor allowances

Fi
na

nc

ia
l

St
at

em
en
t/M
at
er

ia

lit
y

Internal Audit Risk Assessment

Comments

1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1
1
1

1
1
1

1
1
1

1
1
1

1.0
1.0
1.0

1
1.0
1

1
1.0
1

1
1.0
1

1
1.0
1

1.0
1.0
1.0

1.0

1.0

1.0
1

1.0
1

1.0
1

1.0
1

1.0
1.0

1.0

1.0

1.0

1.0
1
1
1.0
1
1

1.0
1
1
1.0
1
1

1.0
1
1
1.0
1
1

1.0
1
1
1.0
1
1

1.0
1.0
1.0
1.0
1.0
1.0

tio
na
l
L
Ye ast
ar A
or ud
SO ite
X) d (O
pe
ra

an
T
ag
em
[(I ota
en
x lS
t' s
P) co
+F re
+
Au
A]
di
ta
bl
e?

(F
)

A
In lig
iti nm
at e
iv n
es t w
(A ith
)
M

R
is
k

(P
)
Fr
au
d

Pr
ob
ab
ili
ty

s
Is
su
e
Kn
ow
n

C
Pr ha
oc ng
es es
s e in
s Pe
rs
M
on
on
ne
it o
lo
rin
r
g

ce
ss

Vo
lu
m

pa
ct
(
Im

IT

C
om
pl

I)

al
io
n
at
O
pe
r

ex
ity

of
Pr
o

nc
e
pl
ia

al
/C
om
Le
g

Audit
- Valuation (retail method)
Shrink
- BOL's and transfers
- physical count
PAYROLL (F6)
Payroll
- Adds, Deletes and Changes
- Time reporting and adjustments
- Payroll systems
- Withholdings
- Bank recs
HUMAN RESOURCES (F7)
Compensation and Benefits
- Commissions
- Bonus process
- Stock compensation
- HR System
- Executive perquisites
- Withholdings and remittances
Union Relationships
Reviews and Evaluations
Recruiting
- Issuing offers
- Maintaining files - I-9, CoC, etc
- Additions to payroll system
- Filling of positions (effectiveness)
Training and Development
FINANCIAL CLOSE & REPORTING (F8)
Financial Reporting
- Account Reconciliations
- Journal entries
- Fixed Assets
- Financial System
- Insurance
- AR
Management Reporting
- Reporting system
External Reporting
- Debt Compliance Reporting
- SEC Filings
- Intangibles
- MD&A Support
- CD&A Support
TAX (F9)
Compliance
- FIN 48 Support/Reserves
Returns
- Filings
Audits
- Responses and settlements
eCommerce
- SalesASSET
tax in multiple
jurisdictions
PHYSICAL
& FACILITIES
MGMT
(F10)
Mailroom/Copy Center
Maintenance
LOSS PREVENTION (F11)
Security
Incident Investigation

Fi
na

nc

ia
l

St
at

em
en
t/M
at
er

ia

lit
y

Internal Audit Risk Assessment

Comments

1.0

1
1.0
1

1
1.0
1

1
1.0
1

1
1.0
1

1.0
1.0
1.0

1.0
1
1
1

1.5
2
1
1

1.2
1
1
1

1.0
1
1
1

1.2
1.2
1.0
1.0

1
1
1
1.0
1
1
1

3
1
1
1.0
1
1
1

1
1
2
1.0
1
1
1

1
1
1
1.0
1
1
1

1.4
1.0
1.4
1.0
1.0
1.0
1.0

FS/Materiality - Dollars flowing through a


particular area
Legal/Compliance - Existance of either
legal or compliance issues
Operational - Impact on day-to-day selling
of merchandise
IT - Reliance on IT systems

For I&P

<2
2-2.5
>2.5

L
M
H

For F&A

<1.5
1.5-2
>2

L
M
H

For Total

<6
6-9.5
>9.5

L
M
H

Complexity of process - Third party or cross


functional dependancy
Volume - The number of transactions or data
processed
Known Issues - Issues of nonimmediate nature
identified
Changes in Personnel or Processes - New or
significantly different processes/personnel
Monitoring - Formality and frequency of monintoring
procedures

tio
na
l
L
Ye ast
ar A
or ud
SO ite
X) d (O
pe
ra

an
T
ag
em
[(I ota
en
x lS
t' s
P) co
+F re
+
Au
A]
di
ta
bl
e?

(F
)

A
In lig
iti nm
at e
iv n
es t w
(A ith
)
M

R
is
k

(P
)
Fr
au
d

Pr
ob
ab
ili
ty

s
Is
su
e
Kn
ow
n

C
Pr ha
oc ng
es es
s e in
s Pe
rs
M
on
on
ne
it o
lo
rin
r
g

ce
ss

Vo
lu
m

pa
ct
(
Im

IT

C
om
pl

I)

al
io
n
at
O
pe
r

ex
ity

of
Pr
o

nc
e
pl
ia

al
/C
om
Le
g

Audit
Store Compliance
- Monitoring Tool
Background Checks
INTERNAL AUDIT (F12)
Audits and Reviews
- Quality Assessment
CORPORATE MANAGEMENT ( C )
CORPPORATE GOVERNANCE (C1)
SOX/PCI Compliance
Strategy/Long Range Plan
Tone at the Top
- Executive T&E review
- Code of Conduct
Monitoring of Corporate Legal Issues
Communication to Market
Debt
HOT TOPICS
ERM (C2)
New Concept (C3)
Document Retention (C4)
- Adherance to policy

Fi
na

nc

ia
l

St
at

em
en
t/M
at
er

ia

lit
y

Internal Audit Risk Assessment

Comments

You might also like