RISKS AND CONTROLS IN THE PURCHASING PROCESS (STUDY OBJECTIVE 2, continued)
As described in previous chapters, management is responsible for implementing internal controls over each business process. Accordingly, the purchasing process needs special attention to reduce the risk of fraud or errors specific to these types of transactions. The next section identifies common procedures, organized according to the five internal control activities discussed in Chapter 3.
AUTHORIZATION OF TRANSACTIONS
Specific individuals within the company should be given authoritative responsibility for the preparation of purchase requisitions and purchase orders, including approval of the specific items to purchase, order quantities, and vendor selection. Only those designated individuals should have the opportunity to carry out these tasks. The company should establish specific procedures to ensure that POs have been properly authorized before the order is officially placed with a vendor. The authorized individual typically includes his or her signature or initials on a purchase requisition to indicate proper authorization. In an automated system, specific authorization for purchase transactions can be controlled by limiting access to the authorization function. This is a critical control in that no purchasing events should begin until the initial authorization occurs. In most organizations, the approval of a purchase requisition is the initial approval that triggers the remaining purchasing processes. ...
Get Accounting Information Systems: The Processes and Controls, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
