The URL can be used to link to this page

Home My WebLink AboutCAO-2023-385 - 3rd Quarter 2023 Audit Status Report Chief AdministratorÔs Office www.kitchener.ca Community engagement included this report posted to the cityÓs website with the agenda in Î Page 46 of 66 to protect the CityÓs assets and interests. ganizationÓs operations. It helps an organization accomplish its objectives by bringing a Î Completed: August 30, 2023 Page 47 of 66 Î SAP Concur Controls The claim then gets routed to the employeeÓs direct supervisor for review and approval. Page 48 of 66 It is still managementÓs responsibility, however, to ensure items purchased are Purchases <$3000 Journal Entries Page 49 of 66 Duplicate Payments Payroll Controls Bank Reconciliations This is a daily and monthly process to explain the difference between the CityÓs bank account Page 50 of 66 Emerging Risks Page 51 of 66 Î Î ÎThis report has been posted to the CityÓs website with Page 52 of 66 CAO-2023-385 3RD QUARTER AUDIT STATUS REPORT Page 53 of 66 Summary Completed: !ĭĭƚǒƓƷźƓŭ ε tğǤƩƚƌƌ ΑĭƚƓƷƩƚƌƭ ğǒķźƷ In progress: 9ǣƷĻƩƓğƌ ĬźƌƌğĬƌĻ ǞƚƩƉ ƚƩķĻƩƭ ΑƦƩƚĭĻƭƭ ƩĻǝźĻǞ Training documentation review Page 54 of 66 ACCOUNTING & PAYROLL Page 55 of 66 Audit Objective Objectives: ¤To document and test Accounting and Payroll financial controls to ensure assets are protected from fraud, theft or error. Page 56 of 66 Scope ¤SAP Concur controls and reports ¤Field orders and parked invoices ¤Journal entries ¤Duplicate payments ¤Payroll ¤Bank reconciliations ¤Emerging risks Page 57 of 66 Methodology ¤Review of past audit recommendations ¤Staff interviews to document processes ¤Testing Page 58 of 66 SAP Concur Controls & Reports ¤SAP Concur replaced paper employee expenses ¤Built-in controls ¤Risk of reimbursing ineligible expenses is small ¤Utilize SAP Concur reports to ensure management oversight and compliance ¤Remind approvers to review receipt detail Page 59 of 66 Field Orders & Parked Invoices ¤Greater risk of fraud ¤No management approval path ¤Will be replaced with SAP Concur Invoice in 2025 ¤Utilizes approval path and SAP Concur controls Page 60 of 66 Journal Entries ¤Accounting entries to move amounts from one account to another within general ledger ¤28% of random sample did not have sufficient backup Î Management indicated entries were routine and / or small dollars ¤Reminder to approvers to review / require backup Page 61 of 66 Duplicate Payments ¤May occur if goods or services purchased on Corporate VISA and vendor sends an invoice, which gets paid in error ¤Testing found no duplicate payments to recover Page 62 of 66 Payroll Controls ¤Segregation of duties is important ¤Access levels more than required ¤/ƚƓƷƩƚƌ ǞĻğƉƓĻƭƭ ΑƩĻƌğƷĻķ Ʒƚ ƦğǤ ƩğƷĻ changes Î Recommendations to address provided to staff ¤Testing of retro, off-cycle, sick leave payments Î 19% did not have sufficient backup Î Reminder to require backup for all entries Page 63 of 66 Bank Reconciliations ¤Reconciliation between bank accounts and general ledger (SAP) ¤Reconciliations are up to date ¤Issue with debit / credit card account Î Staff are working to determine root cause Page 64 of 66 Emerging Risks ¤Lack of Accounting involvement in system solutions Î Include in Technology Solution Assessment ¤Lack of consistency in payment types & policies Î Create treasury policies Page 65 of 66 Conclusion ¤No fraud or theft found ¤Transaction backup missing in some cases ¤Payroll control weakness ¤5ĻŅźĭźĻƓĭǤ ΑğĬźƌźƷǤ Ʒƚ ƩĻĭƚƓĭźƌĻ ķĻĬźƷΉĭƩĻķźƷ card account ¤Recommendations aim to strengthen controls and minimize opportunity for theft Page 66 of 66