COCO is a maritime incorporation based in Malaysia. 2.1.1 Principal activities
Its principal activities are vessels or ships manufacturing, repairing and shipping.
2.1.2 Major products The company offers core products of offshore support vessels (OSV) for offshore oil and gas (O&G) industry and marine transportation vessels for shipping industry.
2.1.3 Customers COCO serves both domestic and global customers range from shipping agents, commodities providers, marine traders, and offshore oil and gas (O&G) business.
Suppliers and markets The company's suppliers are mainly on supplying engine parts, raw materials of steel and iron, and paints for vessels body coating.
2.1.5 Industry overview The company is situated in maritime
…show more content…
Hence, auditor should be more cautious on
Despite the management claims that its internal control system is functioning properly as reflected in the Statement on Risk Management and Internal Control prepared in accordance with Guidelines 2012 , there are omission of several internal control factors that may lead to management's incentive for misrepresentation and affect the control risk. 2.2.1 Assessing the Risk Management Framework
COCO did not specify and disseminate its risk appetite information. This is critical as risk appetite information disclosure is crucial in developing an effective risk management system and integrating with business strategy to achieve company's objectives (
). The absence of risk appetite portfolio might cause a dent to the company during downturn of certain sectors involved due to failure in avoiding high risk capital projects especially in highly volatile O&G industry. When the company is making loss, the management will have incentive to alter the revenues to mislead the shareholders that its financial position is firm in order to secure the share prices. Hence, control risk (CR) is
The design and implementation and objectives of company controls are not adequate to meet the control objectives. The control environment control objective is ineffective. This control objective lacks a written policy on ethical conduct, is lacking oversight from the board of directors and audit committee, lacks a consistent style and philosophy from management, and lacks a strong commitment to competence. The risk assessment control objective is effective but lacks any antifraud program and controls. The information and communication control is ineffective. A virus has been detected and is affecting the files of the company. This control is lacking a strong IT department. The general controls financial reporting control objective is effective but is weak in detecting or preventing material misstatement. The monitoring control objective is ineffective; this control has need of an internal auditor.
Nissan Motor Company was one of the first Japanese Automobile companies to build facilities in North America. The company was reborn from crisis. They were rescued from bankruptcy in 1999 by Renault, and this sense of crisis still persists in the organization to this day. After the 9.0 magnitude earthquake hit the coast of Japan on March 11, 2011 Nissan Motor Company, just like they did in 1999 when they faced financial difficulties, focused on identifying and analyzing the risks by establishing a dedicated risk management function that was responsible for these activities.
Since the risk rating is not identified in the footnote, we assumed high risk due to the fact that the Mexico Finance Director recently resigned and his resignation is directly related to internal controls. The risk is high that there are material weaknesses of internal controls in other geographic regions.
An effective system of internal control must be built on the basis of the analysis of enterprise-wide risks. Therefore, to create value for its customers and other stakeholders, an organization must have in place the ability to systematically assess and analyze all material risks that affect the entity’s planned objectives. (Integrated Framework, Volume II Guidance, June 2008). Internal control of the accounting process is designed to detect unintentional data errors rather than intentional errors. Garbage in, garbage out! Even good accounting systems can not catch
Identify the potential risks which affect the company and manage these risks within its risk appetite;
There are several limitations which hinder the effectiveness of the internal controls; these limitations can result from lapses in the process and include system omissions, human factors, resource constraints or a lack of system flexibility. Effective internal control implies the organization generates reliable financial reporting and substantially complies with the laws and regulations that
Auditors have the responsibilities as well as management to report internal controls. The auditors must examine closely management’s claim of effectiveness and also physically test the controls. After the examination, the auditors should express their opinion and any recommendations to fix any internal control weaknesses.
Internal controls are vital to any company’s business and financial sustainability. Internal controls consist of measures taken by a company safeguarding against fraud, and theft. Internal controls ensure accuracy and reliability in accounting data, and secure policies within the organization. Further, internal controls evaluate all levels of performance. These are addressed with five principles
Potential for misstatement & fraud: Compliance with the established procedures and controls were found to be ineffective. The fraud reporting process, technically put in place does not serve its intended purpose. The ineffective control environment has created an attitude and tone across the company where errors and inappropriate behavior may be seen as acceptable, thus creating opportunity for concealing fraud and potential misstatements.
During the performance of this integrated audit, require numerous judgments about the internal control and overall financial reporting and how well it addresses risks of material misstatements within the financial statements (AICPA, 2014). After re-evaluating the previous errors found from the previous audit, the audit team found the corrective actions to be appropriate and justified in elimination of human error by implementing additional checks and balances within the manual process. No additional misstatements have been found and all internal controls off the financial reporting seem appropriate and just.
Nestle Risk Management Centre was created in 2001 to coordinate activities related to risk management in Quality, Security, Treasury, Compliance, Operations, and IT etc. Overall objective of risk management process at Nestle is appropriate management of risks, which could have a material impact on Nestle business. Nestle risk management process covers Enterprise Risk Management, which is designed to identify, communicate, and mitigate risks in order to minimise their potential impact on the Group. Nestlé has adopted a dual approach in identifying and assessing risks. A top-down assessment is performed at Group level once a year to create a good understanding of the company’s mega-risks, to allocate ownership to drive specific actions around
The final responsibility for the integrity of an SEC registrant’s internal controls lies on the management team. U.S. companies need to refer to a comprehensive framework of internal control when assessing the quality of financial reporting to determine that financial statements are being presented under General Accepted Accounting Principles, GAAP. The widely used framework is referred as COSO, Committee of Sponsoring Organizations of the Treadway Commission, sponsored by the following organizations American Accounting Association, the American Institute of CPA’s, Financial Executives International, the Institute of Internal Auditors, and the Institute of Management Accountants. COSO’s defines internal control as:
importer and exporter of raw materials and per assembled parts from their vast group of certified
Effective internal controls protect a company’s assets, maintain compliance, improve operations, prevent fraud, and promote accuracy in financial reporting. In 1992 the