21st Century Accounting

Manjit Biant

10 Basic Accounting Principles

Manjit Biant

10 Accounting Principles
The field of accounting is governed by certain general concepts. These general concepts, referred to as basic accounting principles and guidelines, are the basis for a detailed and comprehensive set of accounting rules and standards.

1 Economic Entity Assumption

For accounting purposes, a sole proprietorship and its owner are considered to be two separate entities.

2. Monetary Unit Assumption

For accounting purposes, economic activity is measured in s.

3 Time Period Assumption

There is an assumption that it is possible to report the activities of a business in distinct time intervals.

4 Cost Principle
Cost refers to the price of a purchase when it was originally bought and, therefore, amounts on financial statements refer to historical cost.

5. Full Disclosure Principle

If information is vital to a lender or investor, that information should be disclosed within the financial statement or its notes.

6. Going Concern Principle

It is assumed that a company will continue to exist long enough to meet its objectives and obligations and that it will not shut down in the foreseeable future.

7. Matching Principle
This obliges companies to use the accrual basis of accounting, which requires that expenses be matched with revenues.

8. Revenue Recognition Principle

Under the accrual basis of accounting, revenues are recognized when a product has been sold or a service performed, regardless of when the money is actually received.

9. Materiality
This basic accounting principle or guideline permits an accountant to violate another accounting principle if an amount is insignificant or immaterial

10. Conservatism
Where there are two acceptable alternatives for reporting an item, conservatism directs the accountant to choose the alternative that will result in less net income and/or a lower asset amount.

Advantages
These general concepts direct the field of accounting and form the foundation on which more detailed, complicated and legalistic accounting rules are based. The Financial Accounting Standards Board (FASB) uses the basic accounting principles and guidelines as the starting place for its own set of accounting rules and standards, which are more detailed and comprehensive. If we understand the ten principles and guidelines, it is easier to comprehend GAAP.

Disadvantages
Although the basic accounting principles and guidelines form the basis for GAAP, the latter have become more complex over the years because financial transactions have become more complex and variations in reporting exist from industry to industry and from country to country.

Converging World
Manjit Biant

Converge
1. a. To tend toward or approach an intersecting point: lines that converge. b. To come together from different directions; meet: The avenues converge at a central square. 2. To tend toward or achieve union or a common conclusion or result: In time, our views and our efforts converged. 3. Mathematics To approach a limit.

 To compete and be effective - Finance and IT need to work together.

Managing 21st Century Finances

Manjit Biant

Main Points
CFOs have to balance long-term planning with short-termist behavior in the markets. In order to do this, its essential to have a good business model, a clear understanding of business risk, sustainable revenues, and proper communication. Failing to manage the financial information systems well can seriously damage your brand. Getting it right will please both short- and long-term investors.

Main Points
Matters have been complicated by the globalization of standards and reinterpretation of company accounts. Tangible value creation remains top of the agenda. When investors are frightened or lose faith, they can destroy value much faster than you can create it. Relationship management is one of the most important new skills to acquire on the road to success.

Introduction
Corporate purpose, for most companies, is to create and sustain long-term stockholder value. However, markets can be driven by fear or euphoria. Stuck in the middle are top managers, especially the CFOs. They have to balance long-term planning with shorttermist behavior in the markets. How can this be achieved? What are the new metrics for survival and sustainable prosperity?

 As some companies have destroyed value, some have begun to question whether stockholder value should be a goal, or rather a consequence of excellence. In both quoted and private companies you need a clear, understandable business model that works; to be able to explain it easily and consistently; to understand strategic business risk and make it work for you; to generate sustainable revenues, income, and cash with rapid and reliable reporting; and no surprises!

Managing Investors Expectations

Managing stockholder value is also about managing expectations. The major long-term players (institutions, pension, investment, and insurance funds) are advised by analysts. Short-term investors, traders, and the public are more influenced by news flow and market movements. How can we reconcile these forces? By timely financial information, no surprises, always having cash, and finally, having a credible, understandable business model.

 Great companies produce rapid, reliable, succinct, simple, usable financial information. Internally, more than three days to report is too long. The Internet or intranets can provide always-on, real-time connection for the whole company. Management and financial reporting tools and technology allow fast collection, collation, interpretation, and distribution of results. Now, three factors are converging internal with external reporting: urgency, transparency, and consistency.

Financial Reporting in the Communications Age

 Global markets and the pace of change mean that management needs reliable financial feedback, fast. Meanwhile, external reporting periods are shortening. This is spilling into Europe. Information is a global property, especially when it leaks. Global brand management demands control of your own destiny. The market wants information as fast as you get it. Too much conversion for external consumption takes time, unsettling management and investor alike. Meanwhile, market regulation requires transparency and equality of distribution.

 Investors want financial information that is consistent with expectations. The more frequently it is released, the smaller the mismatch. Regular, progressive business and financial news flow, along with rational enhancements to the business model, can lead to outperformance. When there are surprises, markets wonder whether management is competent.

 Uneven information flow; profit warnings or their lack; information released to analysts before the market; lack of comment on speculation; all these unsettle investors and regulators, sometimes causing sharp movements in stock prices. News and specialist market services supply corporate information 24 hours a day. Analysts interpret it as fast as it is produced. The changes in Accounting Standards, SarbanesOxley, Basel II, and other complications mean more reliance on expert interpretation. While some have argued about the validity of new standards, industry leaders and others have got on with it to create a sustainable advantage.

 Some CFOs may need to wake up to the new paradigm. Others will see it as an opportunity for skilled relationship management, making the financial information systems work for the company as another weapon in the public relations armory. The swift can capitalize on the lethargy of the slow. Brand is everything. Failing this new challenge can seriously damage yours. The right approach will please both short- and long-term investors.

Cash Is King
Investors will demand that companies report quicker. This is a challenge for accounting standards and governance. Historic price/earnings multiples have been replaced by forecast revenues and EBITDA (earnings before interest, tax, depreciation, and amortization) as the currency of decisions. As accounts become almost impenetrable, the metric we all understand is cash. How much cash was generated in the last period; how much remains in the balance sheet; what is the NPV of sustainable future cash flows?

Business Model
Apart from cash, the other factor that brings together short- and long-term interests is a credible, explainable business model. If you dont have one, analysts will create their own. For example, good TMT (technology, media, telecommunications) stocks have floated up and down with the bad on the waves of market volatility. Some values were absurd, for good or ill.

Case Study
Nortel (US) and Bookham (UK) were both top 100 stocks in their own markets. They were both linked to building communications networks. Nortels market capitalization peaked at around $282 billion in 2000. It collapsed in value after the dot-com bubble burst and in January 2009 Nortel filed for protection from its creditors. Bookham Technology was a darling of the FTSE, floated in July 2000 at roughly $18. Its shares rocketed to $94 in a few months, based on the NPV of forecast revenues for a business model that few people understood. The price was driven by over-optimistic analyst estimates, blind faith, and greed.

Case Study
Its price fell 99% and its market capitalization from $11.4 to around 88 million. Like Nortel, it was buffeted by fear and optimism. Unlike Nortel, it had never made any money and it moved to the NASDAQ to try and escape its past. In 2004 it became a US domiciled company and recently produced its best ever quarterly profit.

Case Study
There are other examples: Insurance companies have ebbed and flowed with each other, washed by pension fund and capital adequacy fears. In personal finance, Cattles and Provident Financials recent fortunes have been very different. Both are described as doorstep lenders even though this is now less than 10% of Cattles business. Unless you regularly communicate a clear differentiation and a plausible business model, you may remain at the whim of the market.

 So its the financial model that really counts, especially generating and sustaining cash. Its lack of cash that busts companies, not lack of capital. When you dont have enough cash to survive a recession and the market isnt receptive to new issues, you have to start slashing costseating yourselfto stay alive. This can damage the business model, undermine the stock price, and become a vicious spiral toward death, or at best consumption by a sounder business model.

Valuing the Business

There has been much theoretical talk in the past about value added. The theory is that every company should be focused on protecting, creating, and sustaining value. Failure could mean stock price falls, cash calls, unwelcome bids, or business failure.

 So the CEO, CFO, and colleagues need vision and courage. Value creation is top of the agenda. It involves generating the value and protecting it. Brand, fear, technical, and fundamental analysis of markets have assumed more significance than the internal business plan, budgets, and the annual report. When investors are frightened or lose faith, they can destroy value much faster than you can create it.

 This is why cash generation is critical. Stock prices that are already eroding due to poor results or loss of confidence in a business model fall dramatically faster when you have to raise cash in an unreceptive market. Investors share your wish to sleep easy at night.

 Some CFOs therefore cite short-termism as the real driver of value. They castigate teenage scribblers and analysts for not understanding their business. Some make errors of judgment, not only in their handling of such relationships, but also in silence or, worse still, nasty surprises.

Marconi was the classic case in the United Kingdom. For months investors expected a profit warning. The company continued to make reassuring noises. Investors continued to sell against an expectation of bad news. Eventually trading in the stock was suspended. Dreadful news was released. Returning from suspension the price was savaged. It had fallen from over $20 to under 35 cents in a year. In early 2004, it was recapitalized by its bankers, a shadow of its once great self. In October 2005 the Marconi name and most of the assets were bought by Ericsson.

Messages for Managers

Creating and protecting stockholder value are even more important in the 21st century. Volatility, expectations, speed of reporting, and a hungry investor demand for real-time information have changed the dynamics. The CFO needs new skills. These include strategic thinking, proactive risk management, and communication and interpersonal skills of a high order.

 Value creation is about having a clear strategic and business focus, flexible and adaptable as appropriate. The CFO and executive colleagues must recognize the importance of having a sound, understandable business model. The financial model must be based on value creation, ideally measured in sustainable revenues, income, and especially cash. Reporting should be rapid and transparent, using the speed of technology, with no surprises.

 You can create long-term value, but investors can take it away in the short term when fear overrides faith if you dont heed these messages. Relationship management with analysts, investors, and the media is the critical skill that wasnt mentioned when the CFO trained as an accountant. When you understand and manage strategic business risk and the macro-economic factors, you may at least anticipate the challenge of analysts, whether or not they understand your own unique business model. If the unforeseen occurs, report it rapidly and accurately, with a clear understanding of the factors and a plan to manage the consequences.

 For private companies this is all applicable. Investment of private capital is accelerating. A clear business model is fundamental to accessing the cash for investment and growth, especially if they plan eventually to come to market.

All companies can follow this best practice to prosper in the 21st century:

fast, reliable reporting against a sound business model; proactively anticipating and managing investor interest; investing in relationships to differentiate your company; being clear, informed, and consistent; creating and sustaining long-term corporate and brand value.

Origins and Rationale for IFRS Convergence

Manjit Biant

 Worldwide convergence on international standards for financial reporting will make investment and financial reporting more efficient. Investors gain access to more investment opportunities and the cost of capital comes down. As more countries use International Financial Reporting Standards (IFRS), so international groups can use them for subsidiary reporting and group reporting. The International Accounting Standards Committee, the international standard-setter, came into existence in 1973 as an initiative by the accounting profession to address the emerging needs of cross-border business.

 The standard-setter negotiated a role with the international coordinator of stock exchange regulators as a supplier of rules for secondary listings. The International Accounting Standards Board, the successor body, was created in 2000 at the time when the European Union announced it would adopt IFRS for listed companies. IFRS are now mandatory or permitted in more than 100 countries. China, Japan, India, Canada, Brazil, and South Korea are set to adopt IFRS in 2011. Companies using IFRS can list in the United States without preparing a costly reconciliation of their numbers to US GAAP.

Advantages of IFRS
Companies can more and more easily access different stock markets, and investors can step across national and cultural boundaries. Investment should be getting more efficient. Since 2001, International Financial Reporting Standards (IFRS) have been set in London by the International Accounting Standards Board (IASB), a privately financed independent body. Their standards are used for listed companies within the European Union and in many other places. In 2011 China, Japan, India, Brazil, and South Korea will start using them. Even the United States is considering abandoning its rules in favor of the international ones.

Why Convergence Is Necessary

Evidently, having different national accounting systems is costly for companies and investors. Companies have to keep duplicate accounting systems, and investors are wary about buying shares of companies whose accounts they do not understand. The problem arises because accounting regulation has developed over a couple of centuries in national economies whose needs have differed from each other, and whose ways of regulating peoples activities have also differed. What people are looking for from accounting is often different.

 Much accounting regulation is contingent: you get an accounting failure, then you get rules to shut the stable door; so, for example, the Enron debacle was followed by the Sarbanes Oxley Act. This has been going on ever since there were accounting rules. The first government requirements were developed because of a spate of bankruptcies in Paris in the seventeenth century. Consequently, while much of the basic methodology (double entry bookkeeping, balance sheet, etc.) is the same everywhere, the details can differespecially when it comes to the more complex situations where there is no obvious best solution.

 This has a number of consequences, which in turn bring costs. Internally within a multinational group there is usually a network of national subsidiaries (e.g. Nestl has more than a thousand) spread across the world. They have to report nationally using their national GAAP (Generally Accepted Accounting Principles) and also have to report to the parent, which has to prepare consolidated statements using parent company GAAP.

 This means that either the subsidiary has dual accounting systems, or the parent has to maintain a special team to adjust the accounts of subsidiaries to parent GAAP. This is costly, and it also means that it is not that easy to transfer accounting staff around the world because of the different local requirements, and it is more expensive to train them.

 The group consolidated financial statements are then used to communicate to present and potential shareholders. If the company is listed on several stock exchanges, this means the possibility of having to provide information adjusted to the requirements of the individual foreign stock exchangesas in the case of the SEC reconciliation to US GAAP. Investors are not comfortable with financial statements that are not prepared under the GAAP they are used to. Consequently they either do not invest, or they will require a higher risk premium to do so.

 This situation has the effect of limiting the extent to which international capital markets are truly international. A company may choose not to list in a major market because of the reporting costs, and therefore cuts itself off from investors based there who for legal, cultural, and other reasons will not invest outside that market. Equally there is a cost for investors because their choice is restricted. The US investor cannot directly compare Whirlpool with Electrolux or Siemens. If they could directly compare all washing machine manufacturers around the globe, they could choose the most efficient, and global wealth would increase.

The Development of Global Standards

International trade started to grow significantly from the 1960s, and by the early 1970s was starting to register as an issue that needed to be addressed. People were staring to transact more frequently across borders and would need a common accounting language

 By the 1980s the IASCs standards were being voluntarily adopted by multinationals in countries such as Switzerland, France, and Italy (e.g. Nestl, Roche, Arospatiale, Cap Gemini) to make up for a lack of detailed rules for consolidated financial statements. They were also being used as a model in developing countries that were members of the British Commonwealth to build on to the model they had inherited from the British Empire

 The IASB is a small committee of professional standard-setters. It has a large technical team, based in London still, and is funded through voluntary contributions from companies, audit firms, and various institutions, both national and international. It adopted the predecessor bodys standards, but used a different name (IFRS instead of IAS) for its own standards. IFRS is also the generic term for all the standards together with the interpretations issued by the International Financial Reporting Interpretations Committee (IFRIC).

Convergence on a Worldwide Standard

Where the IASC was part of a world of harmonization or movement toward each otherthe IASB is firmly committed to develop, in the public interest, a single set of high quality, understandable and enforceable global accounting standards and to bring about convergence of national accounting standards and IFRSs to high quality solutions (Preface to IFRS, London: IASC Foundation). Though it has not focused exclusively on the United States, the IASBs main driver is convergence with US GAAP. It entered into an agreement with the FASB in 2002 to pursue convergence through a joint program of removing differences and developing new standards together.

 This program yielded a big prize in 2007. The Securities and Exchange Commission decided that it would recognize financial statements prepared under IFRS as issued by the IASB as equivalent to US GAAP. Until then, foreign registrants with the SEC were obliged to file annually either a set of accounts using US GAAP, or a reconciliation of annual earnings and equity at balance sheet date with how they would have been measured under US GAAP. This was a big burden to companies listed on the New York Stock Exchange or NASDAQ and a major disincentive to foreign companies to list there. In 2007 the chief financial officer of AXA told the SEC at a round table that the company budgeted $20 million a year to produce the reconciliation. Another part of the cost is that the companies end up publishing two, or even three, sets of figures and then having to discuss with analysts and journalists which is the correct profit.

 The removal of the reconciliation requirement means that, for example, European companies that are using IFRS can simply file with the SEC the same accounts that they file with their primary stock exchange. Of course the SEC has other requirements that still have to be complied with, including managements discussion and analysis of results. However, companies no longer have to be able to restate their figures to US GAAP, nor retain teams to monitor US GAAP.

 Convergence on IFRS is taking us to a bright new world where investors can indeed take their pick from around the globe, and where companies maintain a single accounting basis throughout their network.

 IFRS are already either compulsory or permitted for listed companies in more than 100 countries around the world. When the next wave of adopters joins in 2011, a large slice of the world economy will be IFRS conversant.

 It will take time for investors to become confident about reading IFRS accounts although that happened quickly within the European Union. But multinational companies should quickly reap the benefits of having uniform systems across the globe and will be able to exploit the opportunities of being listed on several stock exchanges at much lower cost.

Making It Happen
Using IFRS at group level is mandatory in many countries, but is voluntary in some. It is often voluntary at subsidiary level: both parent and subsidiaries need to choose this option to access the benefits. Using IFRS makes access to capital markets outside the country where the group has its primary listing much easier and cheaper. In what markets would there be special benefits for your company? Remember that a secondary listing is not just about access to foreign investors, it is about credibility and flexibility in that market.

 Are your group accounting and internal audit professionals able to move easily from one foreign subsidiary to another? Using IFRS would facilitate their work and potentially improve internal control. Do professional fund managers and analysts that you deal with understand IFRS? Talk to them about whether they are IFRS literate and ask if they see benefits in switching. What do your group auditors think? The large international firms are fully geared up for IFRS. They will help you switch.

Case Study Cadbury Changes to IFRS from UK GAAP

Manjit Biant

 In common with all companies listed on EU stock exchanges, Cadbury PLC (at the time Cadbury Schweppes PLC) officially switched to IFRS in 2005, as required by the EU IAS Regulation. In practice, the real transition moment was the beginning of the 2004 financial year: IFRS require that a company provides previous-year comparative figures with the annual financial statements. Consequently, when reporting the 2005 results, the company had also to provide 2004 figures according to IFRS. However, the company had also had to report 2004 under local GAAP (in Cadburys case, UK GAAP), and IFRS 1, the standard dealing with transition, requires that a company also provide a reconciliation between the local GAAP figures for 2004 and the IFRS figures for 2004. From an investors perspective, therefore, every company provides a statement comparing its pretransition figures with the same transactions reported under IFRS.

 Cadbury is also listed in the US and therefore is registered with the Securities and Exchange Commission. Consequently, at that time it was also obliged to provide a reconciliation of its annual earnings and its equity to US GAAP. This means that, for 2004, an investor could observe the earnings and net assets of Cadbury under three different sets of GAAP: UK GAAP, IFRS, and US GAAP. The figures show thatdespite the fact that all three sets of accounting rules belong to the same underlying tradition of AngloSaxon accounting, with financial reporting oriented toward informing investorsthere still remain significant differences of measurement at a detailed level. This illustrates how difficult it is to compare the results of companies that are using different comprehensive bases of accounting, and why investors and international companies are keen to move to a different global standard.

 If we take equitythe net worth of the group after deducting all liabilities from assetsthe Cadbury figures at the end of 2004 were: million 3,088 2,300 3,998
There is a presentational difference in that the US definition of equity at the time excluded minority interests. For comparative purposes we have added these to the US GAAP number in the above table.

UK GAAP IFRS US GAAP

 It is not particularly productive to make a detailed analysis of why the differences occur. Basically, they reflect different ways of accounting for business combinations that had occurred in the past, different treatment of pension liabilities, and the significantly different treatment of deferred tax in the United Kingdom from that under IFRS and US GAAP. There is a detailed analysis in the notes to the 2005 Cadbury (Cadbury Schweppes) annual report.

 If we take net earnings, the numbers are: million 453 547 484

UK GAAP IFRS US GAAP

 We can see that in 2003 investors had two sets of figures to choose from, while in 2004 the convergence initiative meant that in the transitional phase they had three different measures of the same performance. However, in 2007, when the SEC removed the US GAAP reconciliation requirement, they would have come down to a single view of performance which was comparable to that used in 100 countries.

 It should be emphasized that, of course, the companys cash flows do not change with the different accounting bases: What drives the differences is different timing assumptions, different measurement rules for some transactions, and different allocations across time periods

 You can only know absolutely how much profit a company has made when it has stopped trading and all its assets and liabilities have been liquidated. The only profit that is irrefutable is the lifetimes net increase or net decrease in cash.

 This is not much help for investors, and financial reporting is a means of estimating what part of the lifetime profit has been earned in a particular year, in order to help investors decide whether to buy, sell, or hold the companys securities. However, the annual profit is only an estimate, it is not a fact. All estimates are based on assumptionschange the assumptions and you have a different profit.

 So none of the three sets of figures Cadbury published for 2004 is correct or incorrectthey are all justifiable estimates. Hence the need for a unified set of accounting standards!

AUDIT

Manjit Biant

Audit
The contemporary development of international audit regulation is connected to the growing significance of international investors who demand financial reports that are prepared and audited in accordance with globally accepted international standards. International Standards on Auditing (ISAs) are set by the International Auditing and Assurance Standards Board (IAASB), an independent standard-setting board working within the International Federation of Accountants (IFAC) and subject to public oversight by international regulators. ISAs have been adopted in more than 100 countries, but their practical impact depends centrally on how they are implemented and enforced.

INTERNAL AUDIT
Manjit Biant

INTERNAL AUDIT
REVIEW

INTERNAL AUDIT
Setting up an Internal Audit Department

The following comprise a set of guidelines for initiating an internal audit:

Clarify guidelines and expectations with management (for example, purpose, timing, scope). Set up an audit committee and, with its help, develop an audit charter. Consider an appropriate budget and staffing model. Formulate reporting responsibilities for the internal audit function. Initiate a risk assessment, with management and audit committee involvement.

 Develop an internal audit plan in response to the risk assessment. Determine staffing requirements. Carry out the audit plan, including a monitoring and follow-up system. Update the risk assessment plan as circumstances change. Enhance and modify the audit function to meet the organizations changing needs.

 If an evaluation of internal controls is to be effective, the audit function should be properly financed. When making staffing decisions, companies should look at their risk profiles. A business facing a significant number of risks or particularly complex risks will require various types of specialist expertize. A chief audit executive commands most internal audit departments, with specialist support staff.

Advantages
Internal audits improve understanding of underlying business trends by giving independent objective financial information. Internal audits let managers know if a business can expand or needs to pull back, if it can deal with the normal revenue ebbs and flows, or if it should take immediate steps to boost cash reserves. Internal audits can identify and help to analyze trends, particularly in the areas of receivables and payables. For example, is the receivables cycle lengthening? Can receivables be collected more aggressively? Is some debt un-collectable?

Disadvantages
Results sometimes depend on the accounting methods used. Measuring and reporting give management considerable discretion and opportunity to influence results. Internal audits are not always rigorously carried out, and figures may not be a true reflection of the financial position of the company. Salaries for internal audit staff are paid for by the organization; this can lead to bias. Can be costly overhead.

 When reviewing, internal audits should be prepared to be involved in a long and detailed process of analysis where some areas will need clarification by experts. Generally Accepted Accounting Principles (GAAP) should be used in the internal audit of the business area or country in which you have an interest. Internal audits are not infallible.

Dos and Donts

Do Make sure that you take the time and effort to analyze the internal audit and, if in doubt, consult an external expert. Use your judgment when reviewing internal audits; numbers do not always tell the whole story. Dont Dont leave out the boring bits; number crunching is not always effortless or interesting, and often it is tempting to skip parts. Sometimes, however, the truth lies in the detail.

INTERNAL AUDIT
Function of IA

 Internal Audit may be defined as a review of operations and records, sometimes continuous, undertaken within a business by specifically assigned staff (ICAEW statement U4 Para 10)

 The Institute for Internal Auditors (IIA) defines internal auditing as an independent, objective assurance and consulting activity designed to add value and improve an organizations operations. An internal audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

 In practice the internal audit department is often an independent department, reporting directly to top management and usually to the board of directors. The functions of the IA department will differ from one company to another but could include the following:

 1. Verifying the accuracy of the financial records and related reports. 2. Ensuring that the various internal controls are operating effectively. 3. Reviewing financial statements. 4. Reviewing management information including management accounts. 5. Reviewing accounting policies

 6. Controlling the checking of continuous stock systems. 7. Carrying out special investigations for management including study of labour relations, wastage of assets and operating efficiency of units of the business. 8. Ensuring that management policies are being followed.

 IA as you can see helps internal management to run the business more efficiently and those that would be of particular interest to the external auditor.

INTERNAL AUDIT
Differences Between IA & EA

 The IA and external Auditor under the companies act operate largely in the same field and have a common interest in ascertaining that: 1. An adequate system of internal control operates satisfactorily 2. An adequate accounting system operates satisfactorily so as to provide financial statements showing a true and fair view.

Area Of Difference 1. SCOPE

Internal Auditor Determined by Management

External Auditor Determined by Statue, Law and Accounting standards.

2. APPROACH

To ensure accounting system efficient and providing management with accurate and material information. To management

To satisfy himself that the financial statements to be presented to the shareholders, present a true and fair view. To Shareholders

3. RESPONSIBILITY

INTERNAL AUDIT
Assessment of the IA Function

 The extent to which the external auditor can take account of the internal auditors work will depend on the assessment of the IA Function.

 1. The IAs degree of independence from those people whose work and responsibilities are reviewed by the external auditor. In any business the IA reports directly to senior management or the Board. 2. The professional qualifications and experience of the IA staff

 3. The scope, extent, direction and timing of the IAs tests. This will also include an examination of the way in which the IA department operates, for example the use of procedures manuals and systems notes and the basis of deciding on surprise visits. 4. The available evidence of work done by the IA department including a review of that work.

 5. The reports produced by the internal department and the extent to which action is taken by management.

INTERNAL AUDIT
Relationship of IA & EA

 The work carried out by the IA & EA is carried out by largely similar means such as observations, inquiry, verification, examining and checking of accounting records.

 The External Auditor can formulate how much more detailed work is necessary from the internal auditors opinion of the internal control in operation. Joint programs can be planned so that the EA relies on the IA to undertake some (but not all) or assist in cash accounts, branch visits etc The internal auditor may assist in the year end programme of debtors, asset verification and preparation of working schedules.

 Statutory responsibilities do come into effect. The EA must always bear these in mind and the fact that the IA is not his servant. Consultation between the 2 auditors and management must take place in order to agree the maximum co-operation. There is an increasing tendency for IA & EA to work together more closely. There is a good deal of evidence to suggest that in many companies the EA plays an important role in developing the programmes of the IA.

INTERNAL AUDIT
Fraud & Error

Definition
Fraud has been defined as a false representation of fact made with knowledge of its falsity or without belief in its truth, or recklessly careless, whether it be true or false. In other words, anything which is deliberately dishonest is fraudulent. Error may be defined as an honest or careless mistake.

Responsibility
Management is responsible for the prevention and detection of irregularities and fraud. Their responsibility is discharged by instituting and maintaining an adequate system of internal control.

Auditors Position
The auditor is not required by legislation specifically to search for irregularities or fraud. The audit cannot be relied upon to disclose all irregularities or fraud.

 However what does concern the auditor is the possibility of material irregularities or fraud impairing the true and fair view. This means that the auditor should plan and carry out the audit in such a way that he has a reasonable expectation of detecting major mis-statements in the financial statements resulting from irregularities or fraud.

 In this connection, the evaluation of internal controls is of prime importance. Effective internal controls can reduce (although not entirely remove) the possibility of errors and irregularities. The work of the internal audit department will help in this area.

 In both the letter of engagement and the letter of weakness by an EA it is useful to point out that the main purpose of the audit is the expression of an opinion and that the audit cannot be relied up to disclose all irregularities or fraud.

Types of Fraud & Errors

1. Unwitting clerical errors in the processing of accounting data, resulting in lack of accuracy and dependability. 2. Deliberate clerical irregularities, committed in order to produce inaccurate and undependable accounting data, and thus, misleading information. 3. Deliberate clerical irregularities, committed in order to cover up misappropriators of the businesss physical resources such as cash and stocks.

 4. Misappropriation of physical resources such as cash and stocks.

INTERNAL AUDIT
Audit Evidence

 If preliminary evaluation indicates strong internal controls, and it is the most efficicient route to take, the auditor will go on to compliance testing the controls. If the auditor wishes to place reliance on any internal control, he should ascertain and evaluate those controls and perform compliance tests on their operation Operational Standard

 The auditor carries out compliance tests (tests of control to gather evidence that the controls on which he wishes to rely were functioning both properly and throughout the period. The idea of an exception is an important one. The auditor cannot excuse failure of a control on the grounds that the amounts involved were small. If it can fail with respect to a small monetary amount, it is likely to fail with a significant amount.

 Compliance tests should cover the whole period being audited. Where the control system has changed during the period, the auditor would break the period down into two and deal with them independently. The auditor would also need to consider the internal controls over the changeover period itself.

INTERNAL AUDIT
Reliance on Internal Audit

 Internal Audit is one element of the internal control system established by management. As a result EA may decide they want to rely on the IA department. EA will want to perform procedures to establish whether the department is opertaing effectively.

 As with any system of controls, the EA will perform a preliminary evaluation of the internal audit department, to enable a decision to be made as to whether he wishes to rely on the work of the IA department.

 The size of many organisations makes it impossible for top management to exercise direct control and supervision of operations. As remoteness increases, so the factors of misrepresentation, misunderstanding and misjudgement operate in such a way as to hamper the achievement of the set goals. The IA may therefore be used to bridge the gap between management and the shop floor and can assure management that the policies and systems laid down are being adhered to.

 Equally he will be able to provide an independent check on the accounting records and other operations of the organisation.

 The EA as a result of reliance on the internal audit function can reduce his work in 2 broad areas. These cover the bulk of the external auditors work, and effective reliance on IA can lead to a very cost effective audit approach.

 The IA should not be restricted by functional boundaries within the organisation as his work should cover all aspects of financial and nonfinancial matters. In order to do this, he must be completely divorced from executive responsibility and allowed to investigate any area of the organisations activities. He must be fully conversant with all clerical systems and methods of production and distribution. He should be responsible directly to the board of directors or very senior management.

INTERNAL AUDIT
Assessment

Degree of Independence
The IA should report to the highest level of management. He is therefore reporting over the heads of those on whom he is reporting. His work will not suffer through threat of dismissal. Normally the department would be controlled by a chief internal auditor, directly responsible to top management. It is important that he is not responsible to the chief accountant, as he would then be responsible to the head of the department whose work, in the main, he will be reviewing and criticising. Such a position may become untenable. It is preferable for the chief internal auditor to be responsible to the chairman or deputy chairperson or controller.

Scope & Objectives

The scope of the department should unrestricted.

Due Professional Care

The same care expected of EA should be carried by IA

Technical Competence
The chief Internal Auditor will normally have received his early training in a practicing accounts office and therefore have considerable experience and knowledge of auditing techniques and principles. However it will of a great advantage to the organisation as a whole if he has experience, in an executive capacity, in industry. He will then realise the problems encountered by management when new systems are introduced and resources are limited.

Internal Audit Reports

If senior management take little or no notice of these reports they may as well not be produced. If their reports are not taken seriously, the internal audit department will be ineffective.

Level Of Resources
Work cannot be carried out effectively if resources are insufficient. The work of the IA should be reviewed by the EA if their work is to be relied upon. Has the work been properly controlled and recorded and sufficient evidence been obtained.

INTERNAL AUDIT
Assessment Questionaire

 Sample questionnaire that an EA could use but good idea to do self examination.

Degree Of Independence
Are you entirely responsible for the appointment, remuneration and promotion of internal audit staff. If not, who is? Do you, as head of the department, report directly to the board as a whole? Are any specific limitations placed on the scope and nature of the work which your department performs?

 Are members of your department able to plan and carry out their work as they wish? Are you allowed free access to records, assets, and personnel of the company? Do you have access to senior management and freedom to report and discuss matters with them? Are you free to communicate with external auditors? Do you have any responsibility for day to day operations which may conflict with your objectives as internal auditor?

Scope & Objectives Of Work

What are the principle areas of work of the Internal Audit Function? In respect of internal controls
Do you identify, evaluate and compliance test controls? What methods of ascertaining and evaluating are used eg Flowcarts, ICQs etc Are weaknesses in the system reported to management?

 In particular in relation to the computer system

Do you ensure that there is security against unauthorised access? Do you ensure that there are adequate backup procedures? Do management accept advice about controls, improvements to the system? Do management involve you in the implementation of changes in systems?

Professional Standards
How is each assignment planned? What control procedures are adopted to ensure that an assignment proceeds smoothly? Are standard working papers and audit work programmes used? What review procedures are carried out? Does an internal audit manual exist? If so are EA able to view it?

 Are staff allocated to assignments according to trainning, experience and proficiency? Are staff briefed prior to commencement of an assignment? Who supervises assignments? Who is responsible for drawing up the reports following an assignment? Do management review these?

 Is a discussion meeting held? What follow up procedures are adopted to ensure that these are actioned by management? Are regular staff reviews held to ensure that morale is good and to deal with any problems?

Technical Competence
What resources, particularly financial, is your department provided with? What recruitment procedures are adopted for employing internal auditors? Can you provide details, for all IA, of:
Their qualifications Any specialised skills which they possess? Training courses taken? Years of experience?

 What arrangements are made to ensure that staff are kept technically up to date? Are personal training records maintained and staff training needs monitored?

Reports
Can EA review reports issued to management? What procedures are in place to ensure that management implement internal audit suggestions?

Nature if Audit Evidence

The audit is an expression of opinion. However, it is the opinion of an expert. As such it should have been formed after gathering and examining appropriate evidence. Unfortunately there is no set way that evidence can be measured, and the auditor needs to use his professional judgement to decide on how much evidence he needs to form an opinion.

 The auditor will be influenced by: 1. The materiality of the matter being examined. The more material the matter is, the more evidence the auditor will wish to have. 2. The relevance and reliability of evidence. The more relevant and reliable the evidence is, the less the auditor will need.

 3. The cost and time involved in obtaining the evidence. If the auditor has 2 pieces of evidence to choose from, he will gather the one which takes less time to obtain. Remember the audit should be as efficient and cost effective as possible.

Sufficiency & Risk

The auditor should know his business, example being that the home computer industry has declined since its peak not so long ago, and would use this knowledge when reviewing the stock valuation of a client producing software for home computers. In other words this industry is deemed high risk. More work will be needed than on a low risk industry.

 Risk of misstatements maybe a risk in a specific area like stock or bad debt provisions are always subjective and hence high risk areas. Alternatively it may be a risk running through the financial statements as a whole.

INTERNAL AUDIT
Risk Assessment

 Risk Assessment process is crucial to the work of the IA. Risk Assessment includes the following phases: Identifying groups of related accounts Understanding the nature of the accounts Searching for specific risks of error Pinpointing the risk of error

 When indications of the existence of a specific risk of material error is found: 1. Evaluate, compliance test, and rely on any controls that reduce such risk or 2. Develop a focused audit response for such risks to ensure that you obtain adequate assurance that no material errors are present

Identify Groups Of Related Accounts Understand Nature Of The Account -Substance of Transactions -Accounts having particular significance -Flow of Transactions -Types Of Transactions

Search For Risks -Risks identified during Business Review -Risks associated with the accounting process -History of errors -Susceptibility of assets to theft or loss -Risks associated with transaction types Risks of Error Identified? No Yes Pinpoint The Risk of Error -Types of transactions - Assertions Yes

Standard Audit Response -confirmation of the reliability of the system -Testing controls that mitigate risk, if applicable -Basic level of substantive testing

Controls Reducing Risk -Specific accounting controls - Administrative controls

Effective Controls? No or not considered Focused Audit Response

Identifying Groups or Related Accounts

Many accounts or groups are affected simultaneously by the same transactions or are interrelated in some way.

 Also certain accounts can be grouped because they represent opposite sides or related parts of the same transaction. So in assessing risk or obtaining evidence for one account provides us with information about the others. So primary tests can provide corollary assurance. EG Testing Debtors for existence we also gai assurance about the occurrence of the related sale. However when risk has been identified we would need to consider whether corollary tests are adequate.

 In some cases accounts can be usefully considered jointly because they are related by virtue of the nature of the clients business. Example income and equipment of an oil drilling company are related because of the capacity for income generation is limited by the amount of operational drilling equipment. One account may therefore provide evidence regarding the other.

FORENSIC AUDITING

 Forensic auditing is a blend of traditional accounting, auditing, and financial detective work. Technology has an increasingly important role to play, with complex data analysis techniques employed to help flag areas that warrant further investigation.

 Forensic auditing offers a toolset that company managers can use to help detect and investigate various forms of white-collar financial impropriety and inappropriate or inefficient use of resources. As company structures and controls become ever more complex, so too does the scope for employees with specialized knowledge of the way control systems work to bypass them. In the past, various forms of auditing have been employed after a major control breach has come to light, but executives are now increasingly looking at forensic auditing to help identify vulnerabilities in financial control.

Advantages
Forensic auditing strengthens control mechanisms, with the objective of protecting the business against financial crimes, be they potentially catastrophic one-off events that could threaten the viability of the business, or smaller-scale but repetitive misappropriations of company assets over a number of years. Forensic auditing can play an important role for companies under review by regulatory authorities and can also be invaluable to ensure regulatory compliance. For example, forensic auditing can be useful in helping companies to ensure that their anti-money laundering procedures are both effective and robust.

 Forensic auditing can help protect organizations from the long-term damage to reputation caused by the publicity associated with insider crimes. A forensic audit also provides a sound base of factual information that can be used to help resolve disputes, and can be used in court should the victim seek legal redress. Forensic auditing can improve efficiency by identifying areas of waste. Forensic auditing can help with the detection and recording of potential conflicts of interest for executives by improving transparency and probity in the way resources are used, in both private and public entities.

Disadvantages
A poorly managed forensic audit could consume excessive amounts of management time and could become an unwelcome distraction for the business. Forensic audits can have wide-ranging scope across the business. Under certain circumstances, the scope of the audit may need to be extended, with a corresponding increase in the budget. Some employees can interpret a proactive forensic audit as a slight on their integrity, rather than as a means to improve control procedures for the benefit of the business.

To Consider
Understand your risks, routes to their potential exploitation, and the tools available to detect abuses, fraud, or wastage. Analyze numerical data, comparing actual costs against expected costs. Investigate possible reasons for inconsistencies.

 Consider whether covert detection techniques might be more appropriate when investigating cases of possible fraud. Higher-profile full forensic audits can deter future fraud but could also reduce the likelihood of witnessing the culprit carrying out a fraudulent act. External auditing specialists with extensive experience of complex forensic audits can offer industry-specific experience, auditing management expertise, and advanced interviewing techniques. A combination of these external specialists and companies internal accountants/auditors can achieve shorter audit timescales and lower levels of disruption to the business.

Dos and Donts

Do Remember that well-resourced forensic auditing processes can help to identify misreporting at many levels of an organization. Bear in mind that regular proactive forensic audits can help businesses to ensure that their processes stay robust. Be prepared to widen the scope of a forensic audit to ensure maximum effectiveness. See forensic auditing as a continuous process, rather than a one-off event. On completing one audit, restarting the process could uncover something relevant that was previously overlooked. Be prepared to share the findings of the forensic audit with other areas of your company, and take into account industry best practice to improve efficiency and combat fraud.

 Dont Dont lose sight of the objective of a forensic audit. The cost of a forensic audit can be high, but the potential cost of not undertaking an audit and implementing its findings can be even higher. Dont fall into the trap of overlooking the importance of the forensic element of the audit. With the results of such a process deemed suitable for inclusion in legal proceedings, the high potential costs of the forensic audit process could easily be recovered from dispute resolution or higher levels of loss recovery.

Best Practices in Risk-Based Internal Auditing

 Agree on a common framework for the risk-based auditing and monitoring program. Assess risks across the enterprise and then prioritize them by looking at the likelihood of occurrence and impact for the organization. Develop a risk-based auditing and monitoring plan from the identified risk priorities. Execute a corrective action plan developed by management to mitigate risks and/or resolve risks. Assess the auditing and monitoring process for effectiveness.

Getting Started
In designing risk-based auditing and monitoring activities, it is important that the internal auditor works closely with the organizations senior leadership and the board, or committee of the board, to gain a clear understanding of auditing and monitoring expectations and how these activities can be leveraged together to help minimize and mitigate risks for the organization. These discussions should also include leadership from the legal, compliance, and risk management functions, if they are not already a part of the senior leadership team.

 This process should include performing periodic audits to determine compliance with respect to applicable regulatory and legal requirements, and to provide assurance that management controls are in place for the detection and/or prevention of noncompliant behaviour. Additionally, risk-based auditing and monitoring should include mechanisms to determine that management has implemented corrective action through an ongoing performance management process to address any noncompliance.

 Once the common framework for the risk-based auditing and monitoring program has been established, four key tasks must be performed: Assessment and prioritization of risks, conducted enterprise-wide; Development of a risk-based auditing and monitoring plan; Execution of a corrective action plan developed by management to mitigate risks and/or resolve risks; Periodic assessment of the overall process for effectiveness.

Risk Assessment
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) helped to define risk as any event that can keep an organization from achieving its objectives.1 According to the COSO model, risk is viewed in four major areas:

 operational (processes and procedures); financial (data rolling up to internal/external statements); regulatory (federal, state, local, organizational policy); reputation (institutional).

 There are several ways in which risk assessments in these areas can be conducted. These include the use of: focus groups to assist in the identification of risks; interviews of key leadership and the board; surveys; reviews of previous audit findings, external audits conducted in the organization, and identifying what is occurring within the industry and the local market, etc.

 Once risks have been identified, a prioritization process is needed to identify the likelihood of the risk occurring, the ability of management to mitigate risk (i.e. are there controls in place for risk, regardless of the likelihood of those risks of occurring?), and the impact of risk on the organization. Risk prioritization is an ongoing process and should include periodic reviews during the year to ensure that previous prioritization methods, when applied in real time, are still applicable for the risk.

 It is important that senior leadership participate in, and agree with, the determination of the high-risk priorities for the audit and monitoring plan. This will ensure management buy-in and focus on risk priorities. Also, with managers involved at the development stage of the plan, they will be educated as to the type of activities being planned and the resources needed to conduct these activities. Hence, during the plan year, if there are changes, management will understand the need for additional resources or a change in focus in the plan as the business environment and priorities may change.

Developing the Plan

The International Standards for the Professional Practice of Internal Audit (IIA), Standard 2120 says The internal audit activity must evaluate the effectiveness and contribute to the improvement of the risk management processes.

 This is done through the development and execution of the risk-based auditing and monitoring plan. Risk assessments and prioritization are important elements in the development of your risk-based auditing and monitoring plan. Considerations related to the plan should also include:

 Review of other business areas in the organization which may be conducting an audit or monitoring activity in this area:
If so, could you leverage this resource for assistance in completing the stated activity, or utilize their activity and integrate the results into the overall plan?

Resources available to implement plan:

Do you have the appropriate resources for the subject matter as needed within your department? (If not, is there subject matter expertise somewhere else in the organization?) If subject matter requires outsourcing, budget considerations and overall risk priorities may need to be reevaluated.

 Hours needed to complete the plan Projected timeframes Defined auditing or monitoring activities and determination as to whether they are outcomes or process oriented Flexibility incorporated into the plan to address changes in risk priorities and possibly unplanned compliance risks/crises which may need an immediate audit or monitoring to occur.

 IIA Standard 2120.A1 identifies the focus of the risk assessment process: The internal audit activity must evaluate risk exposures related to the organizations governance, operations, and information systems regarding the: Reliability and integrity of financial and operational information.

 Effectiveness and efficiency of operations. Safeguarding of assets; Compliance with laws, regulations, and contracts. The process of risk assessment continues through the execution of the plan where the engagement objectives would reflect the results of the risk assessment. Risk-based auditing and monitoring is ongoing and dynamic with the needs of the organization.

Execution of the Plan

Each activity should have a defined framework which will provide management with an understanding of the overall expectations and approach as you execute the plan. The framework for your activities should include the following actions:

 Set the purpose and goal for the activity (audit or monitoring):
Identify the scope from the purpose or goal, but make sure that it is objective, measurable, and concise. Before conducting activities in high-risk priority areas, it is important to consider whether legal advice may be needed in establishing the approach to the activity.

 Conduct initial discussion with the business area for input related to audit attributes, timing, and process:
Concurrent vs retrospective status may be determined at this point. (Concurrent is real time and before the end point of what you are looking at has occurred. Retrospective is after the end point has occurred, i.e. the claim has been submitted or the research has concluded, etc. Milestones should be determined for rationale as to how far back to go, for example, new law, new system, etc.)

 Finalize the approach and attributes:

Sampling methodology will be determined largely by the scope (purpose and goal) of your activity. For example, the sample used in self reporting a risk area to an outside enforcement agency may be predetermined by the precedent that the enforcement agency has set in industry; to determine if education is needed in a risk area, a small sample only may be needed, etc. Consider the audience frame of reference that will receive the results of activity, and then develop an appropriate format for reporting.

 Conduct the activity. Identify preliminary findings and observations. Provide an opportunity for findings and observations to be validated by the business area. Finalize the report.

 Identify processes for the follow-up after management has taken corrective action related to activity findings and observations.
Data collection and tracking are critical because they provide trend analysis and measurement of progress.

Determine the key points of activity that may be provided to leadership and/or in reporting to the board.

 The overall process of developing the audit and monitoring plan should be documented. This would include a description of how the risk assessment was conducted and the methodology for prioritization of risks. Working papers to support the audit findings, reports, and corrective action plans should be documented and filed appropriately. Prior to the audit activity, be sure to define and document what should be considered as part of the working papers.

 At the end of each plan year, it is important to conduct an evaluation of the overall effectiveness of the plan. Questions to consider may include: Was the plan fully executed? Were appropriate resources utilized for the plans execution? Were the activities conducted in a timely manner? Did the plan make a difference in regard to the organizations strategy and business? Did the plan reach the goal of detecting, deterring, and/or preventing compliance research risks from occurring?

 Annual evaluations may be conducted through self reviews or independently of the internal audit function by a third party, i.e. peer review conducted with auditors from other organizations, Quality Assessment Review conducted according to IIA standards (every 5 years), etc. However, while self reviews are less resource intensive, it is recommended that a independent review be conducted at least every other year to assess the effectiveness of your auditing and monitoring efforts.

 Effectiveness in the development and execution of the risk-based audit and monitoring plan will be determined by the integrity and characteristics of the overall audit and monitoring process. Effective audit and monitoring activities will assist in the identification of weaknesses in controls, managements action to correct those weaknesses, and follow-up to ensure that timely mechanisms have been put in place to strengthen controls for mitigating the business risks. Additionally, risks will be detected, deterred and/or prevented with effective auditing and monitoring activities.

Best Practices in Risk-Based Internal Auditing

CASE STUDY

 Scenario: An organization with multiple businesses in several geographic locations is conducting an enterprise-wide risk assessment. It is noted during the risk assessment that, due to recent financial losses, the organization is going through a consolidation of business units and reduction in force. This has been identified as a high-risk priority area for the auditing and monitoring plan for the next fiscal year.

 In planning the audit on the risk area of business consolidation, the following considerations should be included:

 The business consolidation could be impacting the organization in various wayscustomer base loss, reduced finances, loss of reputation, loss of workforce resulting in loss of controls, etc. The risk-based audit will focus on areas of greatest impact: loss of controls in financial areas due to the reduction in workforce.

 The timing of the audit will be negotiated to bring the most value to the organization. This might involve having a two-part audit. Part I could take place after the business consolidation and reduction in workforce have occurred. This would include assessing the consolidated business unit to determine if there are any gaps in the financial controls. For instance, segregation of duties is commonly found in situations with loss of people and consolidation of functions. Any gaps identified would become actions for management to correct before the Part II audit took place.

 Management may also want to set up its own monitoring system to ensure that its corrective actions have resolved any of the gaps identified. Part II of the audit would occur after a negotiated period of time with management and would allow the corrective actions to have been in place long enough for their effectiveness to be determined.

 The overall purpose of this type of risk-based auditing is to work with management in real time, to add value to the organization in regard to its strategic and best business interest, and to provide input on processes before they become fixed.

 After management believes it has the fixes in place, then the second part of the audit will help to provide assurances that the risks identified are no longer risks and that no new gaps or lack of controls have developed around the process of business consolidation and reduction in workforce.

End Of Case Study

Making It Happen
The development of an effective risk-based auditing and monitoring program includes several key elements: 1. Performing an enterprise-wide risk assessment that includes operational, financial, regulatory, and reputational risk (1-IIA). 2. Prioritizing risks identified through measures such as likelihood and impact for the organization. 3. Developing a risk-based auditing and monitoring plan from the identified risk priorities.

4. Determining that corrective action plans which have been developed by management to mitigate priority risks or ensure controls are in place to lower the risk level for the organization. 5. Conducting follow-up activities that validate, monitor, or audit corrective actions to mitigate and/or resolve the identified risks.

6. Re-evaluating risks on an annual basis through a risk assessment process to ensure that the priority risks of the organization have been addressed. 7. Conducting a periodic third-party review of risk-based auditing and monitoring plan to assess whether:
processes are in place to identify risks; appropriate resources are utilized to audit and/or monitor risks; a commitment to reinforcing the need for management to execute plans to mitigate risks is demonstrated by the board and senior management.

Aligning the Internal Audit Function with Strategic Objectives

 Due to high-profile scandals at the beginning of the century, regulators and the accounting profession worldwide have put forward a series of initiatives to repair the damage and restore faith in corporate governance. Globally, more companies are adopting corporate governance best practice. An independent internal audit function is widely recognized as an integral part of a companys strategic objectives, corporate governance, and risk management. The internal audit standards issued by the Institute of Internal Auditors serve as authoritative guidance for members of the internal audit profession. Internal audits role is to evaluate the appropriateness and effectiveness of companies systems and processes, and to identify and manage risks present in the normal course of conducting business activities.

 Given todays complex and rapidly changing management climate, companies must implement continuous improvements to achieve efficiency, and assure investors and other concerned parties of solid corporate governance.

 The recent scandals at Enron, Worldcom, Parmalat, and others have raised the profile of corporate governance across the globe. Trust in the process of financial accounting, corporate governance, and auditing has been undermined by these high-profile corporate scandals. In response, regulators and the accounting profession worldwide have put forward a series of initiatives to repair the damage and restore faith in corporate governance.

 Furthermore, companies must continuously implement improvements to achieve effective and efficient management in order to assure the investors, other stakeholders, and concerned parties in general of its good and sound corporate governance. Globally, more companies, governments, states, and regulators are adopting corporate governance best practice, and placing more emphasis on improving corporate governance in companies, which in turn improves the confidence of investors and stakeholders in companies.

 Worldwide legislative initiatives, of which the SarbanesOxley Act (US) and Directive No. 8 (EU) are the most famous, make senior management responsible for establishing, evaluating, and assessing over time the effectiveness of risk management processes, systems of internal control, and corporate governance processes. In tandem, companies play a critical role in the national economy, or economies, in which they have activities. A countrys competitiveness, wealth, efficiency, and high level of economic growth may depend on the competitive nature of its companies. There is no doubt that a transparent and reasonable corporate governance structure has a positive impact on a company.

 The audit committee is a subcommittee of the board of directors, and is widely recognized as an integral part of a companys corporate governance, and, together with the internal audit function, they contribute towards the company implementing continuous improvements. In fact the audit committee, especially in large organizations, could not possibly be effective without an efficient, effective, and independentminded internal audit function.

 The internal audit function has the potential to be one of the most influential and value-adding services available to a companys senior management and board of directors. With the growing focus on corporate governance issues, organizations are increasingly exploring the potential benefits to be gained from establishing an effective and efficient internal audit function. Company boards must identify the opportunities, risks, and exposures that can determine success or failure. The establishment of an internal audit function can become an integral part of overall strategy, and assist in achieving corporate objectives.

The Purpose and Role of Internal Auditing

Internal auditing assists public and private organizations to meet overall corporate objectives by establishing a systematic and disciplined approach to assessing, evaluating, and improving the quality and effectiveness of risk management processes, systems of internal control, and corporate governance processes.

 This systematic approach and analysis is implemented across all parts of an organization, and the internal auditor reports directly and independently to the most senior level of management. The role of the internal auditor, therefore, is to provide an overall assurance to management that all key risks within an organization are managed effectively, so that the organization can achieve its strategic objectives.

 An internal audit function should be independent and unbiased, and hold a neutral position within an organization. The audit function looks beyond the narrow focus of financial statements and financial risks (although these risks are included in the remit of the internal auditors job), and it may, for example, involve auditing reputational, operational, environmental, or strategic risks. Reputational risks could involve labour practices in host countries; operational risks include poor health and safety procedures; environmental risks might involve pollution generated by a factory; while a strategic risk might involve the board stretching company resources by producing too many products.

 An internal audit function should have the ability itself to define the scope of internal audits (after consultation with the internal audits primary stakeholders), the authority to obtain information and resources, and have an appropriate reporting structure to senior management. The internal audit team members do not test their own work, or the work of persons that they report to. Any actual or potential conflicts of interest that hinder an honest, independent, and unbiased assessment must be disclosed.

Standards
In order to operate an internal audit function that is objective, independent, effective, and useful to an organization, it is essential that the internal audit function complies with the International Standards for the Professional Practice of Internal Auditing, developed by the Institute of Internal Auditors. The International Standards are authoritative guidance for the internal audit profession, and are principles-focused. Implementation standards refer to either assurance or consulting activities, and are embedded in the attribute and performance standards. Attribute standards refer to the composition of the audit department in terms of staff expertise and ongoing training, as well as independence and objectivity. Attribute standards also refer to the internal audit departments purpose, authority, and responsibility.

 Performance standards refer to how the internal audit function should operate, and how the planning, scope, and reporting activities should be conducted and by whom. The performance standards reflect the purpose of the internal audit function in that they define the activities to be completed, which help make sure that the internal audit function is operating as designed for the benefit of the organization.

 Another authoritative guidance issued by the IIA is the Code of Ethics. This is a statement of principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing, and provides a description of minimum requirements for conduct, and describes behavioral expectations rather than specific activities. The Code of Ethics refers to the integrity, objectivity, confidentiality, and competence of internal auditors.

 How well an organization is able to recognize, understand, and manage its risks plays a critical part in the success, or failure, of the organization, and, consequently, the value it is able to deliver to customers, shareholders, and other stakeholders.

Designing a Strategically Focused Internal Audit Function

 The internal audit function contributes to better overall governance when it operates within a strategic framework established by the audit committee and senior management. Once this strategic framework is in place, the corporation will be well positioned to define the mission, organizational structure, resource model, working practices, and communications protocols for the internal audit function.

 When designing and implementing an effective internal audit function, the corporations strategic objectives must be followed closely, and not vice versa. In other words, the internal audits primary stakeholders must determine how the function will deliver the desired value, and what the specified outcomes expected of the new function are to be.

Common internal audit outcomes include:

1. Assessment of internal control effectiveness and efficiency; 2. Risk management and control assurance; 3. Regulatory and corporate compliance assurance; 4. Legislature readiness assessment and ongoing testing, such as Sarbanes-Oxley Act (US) and Directive No. 8 (EU); 5. Fostering awareness of risk and control across the organization; 6. Ability to respond to urgent events.

 Once the function is established and the specific outcomes have been identified and defined, the internal audits stakeholder expectations should be reassessed on a regular basis, and the mission for the internal audit function must be clearly articulated, so that the performance of the function can be evaluated on a regular basis

 In addition, a formal mission statement for the internal audit function should be laid out by the head of the audit function, with the cooperation of senior management and the audit committee. The mission statement must also be aligned clearly and directly with stakeholder expectations and the internal audits specified outcomes, as otherwise it would be of little value and possibly detrimental to achieving corporate strategic performance. Furthermore, the mission statement must be shared and communicated, to achieve full understanding and buy-in among key stakeholders and staff.

 Once the mission statement is agreed, a formal strategic plan must be approved. This plan formally defines the value proposition of the new function, the customers it serves, and the value it will create now and into the future. The strategic plan serves as an operational manual of the new function, and as guidance on the key objectives and outcomes of the function, and how they will be achieved. The strategic plan sets a standard against which future decisions and results can be measured. Ideally, the plan should be reviewed at least annually, with changes considered and approved by all primary stakeholders as appropriate. For large companies, a full audit cycle of three years generally may seem appropriate; that is, the whole organization should be audited in an appropriate manner within three years. However, high risk areas should be audited at least annually.

 It is critical for the internal audit to develop a systematic process to analyze risk, and ensure that the audit plan is sufficiently broad in scope and executed in a timely manner. Internal auditors should segment the corporation into well-defined, reasonably sized, auditable units (often collectively called the audit universe), and then identify, determine, and prioritize/rank the inherent risks in each unit.

 Even a small business unit is likely to have a range of risks, some of which are higher priority than others. Inherent risks are those present in the normal course of conducting business activities. These include external risks such as changes to global, national, and economic climates, as well as technological, legal, social, and political changes.

 Inherent risks also include internal factors that warrant special attention, including changes in operating systems, new product launches, entry to new markets, management and organizational changes, and the expansion of foreign operations. Therefore, the risk assessment should evaluate current and prospective risks, particularly where new risks are emerging due to a change in the corporations strategy or product mix.

 The senior management and the audit committee must ensure the risk assessment executed by the audit function is not limited by reference to its own skill sets. A misalignment must be avoided between the technical competencies necessary to execute the audit plan and the skill sets resident in the internal audit function. An effective way to prioritize processes for audit purposes is to look at a matrix of probability of occurrence versus severity of loss for each of the processes, and develop a risk-based audit plan according to this classification.

 Other departments and functions within an organization gather intelligence and other important information, and senior management and the audit committee must ensure that the internal auditors are aware of these, and use them accordingly in determining and prioritizing risks. However, it is not necessary that the internal audits independent view on risks coincide with other functions perspectives in the organization, and this needs to be recognized and accepted. Senior management and the audit committee should also evaluate whether any strong executives or directors outside of the internal audit function, or strong business areas within the organization, have played a major role in shaping the internal audits plan, and, if so, in what way.

 After the risk assessment is performed and the risk-based audit plan is drawn up, it is then important that timely and comprehensive coverage by the internal audit function is secured in order that the reliability and effectiveness of the internal controls in mitigating the significance and/or likelihood of a risk occurrence are considered. Another step to be taken after the assessment of risks and the audit plan are completed is the creation of current and longerterm budgets for the internal audit function. Budgets must provide sufficient resources for internal auditors to deliver the developed risk-based audit plan, as well as the flexibility to respond to changing business needs.

 Budgets should be aligned with corporate strategies, and look to internal audit benchmarks developed by the IIA or other third parties to establish a budgetary baseline as compared to similar internal audit functions within the same industry. The budget should be projected on a threeto-five-year horizon.

 The fieldwork should begin as soon as possible, even prior to having all staffing and infrastructure in place. Key stakeholders in an organization want to see demonstrable progress promptly, so it is important to begin conducting the audits without delay, in order for the internal audit function to create immediate value. In a start-up internal audit department, the first three months are important in completing the audits of three to five known high-risk areas, such as general computer systems and controls, inventory management, and other business areas with known internal control problems and challenges.

 At times, corporations are impatient for results and, thus, they may choose to outsource all, or nearly all, of the internal audit to a third-party specialist firm. This is in contrast to the IIAs recommendation, which states that internal audit activity should never be fully outsourced, but should be managed from within the organization. Outsourcing can have several advantages, including employing professionals who are more independent as they are not beholden to management for their compensation; access to resources necessary to complete specific high-risk audits; access to an array of technical, up-to-date expertise; and, possibly, knowledge transfer to the organizations employees as the function converts into a full in-house or co-sourced resource model.

 Full or near-full outsourcing brings with it specific governance challenges for senior management and the audit committee. These problems may include the following:
limited communication and level of interaction between the organization and the third-party audit professionals; increased difficulty for the third-party auditors to gain sufficient standing in the corporation; outsourcing is significantly more expensive on a per-hour basis than undertaking the function in-house; and, the corporation has limited ability to influence audit team appointments when the internal audit function is fully outsourced.

If some level of dependence on third-party firms for specialist audit skills is necessary for a corporation, then selective use of co-sourcing arrangements should be in place.

 By revisiting stakeholder-specified outcomes and the internal audit functions mission statement developed earlier in the start-up process, a balanced staffing model must be adapted to each corporations needs. Best practice requires corporations to staff their internal audit functions with long-tenured audit career professionals, as well as rotating talented executives from across the organization for two-or three-year rotations in internal audit. Furthermore, the necessary internal audit infrastructure and methodologies should be developed at the same time. These will greatly improve the efficiency, quality, and consistency of the internal audit process, and will provide assurance towards compliance with both the organizations methodologies, policies, and desired outcomes, and the standards developed by the IIA.

 Corporations should establish routine, robust, and frank lines of communication with their key internal audit professionals. It is imperative that an internal audit function communicates effectively and freely with all its internal stakeholders (and, primarily, with senior management and the audit committee). On a regular, if not daily, basis, the internal audit should seek opportunities for dialogue and communication with the corporations senior management and the audit committee, creating a strong, clear connection between the internal audit mission and the corporations strategic issues and risks.

 The external auditors also have a role to play in an organizations corporate governance, and, as such, the audit committee should seek to establish and maintain good links and cooperation between internal and external audits. It is important that the internal audit demonstrates results, and its reports are actionable and implemented. The reports should be generated and circulated in a timely fashion after the audit is complete, and senior management and the audit committee should ensure that an effective and timely follow-up to the reports has been implemented.

 Organizations serve their stakeholders. Senior managements role is to ensure that the organizations resources are managed and applied effectively to meet objectives and responsibilities. A crucial part of this process of governance is the design of appropriate systems and processes in order for them to be able to identify and manage risks effectively and efficiently. Internal audits role is to evaluate the appropriateness and effectiveness of those systems and processes, whether they are related to finance, IT, brand reputation, health and safety, legal and regulatory compliance, human resources, and/or major projects.

 Internal auditors perform their role by working with boards of directors, audit committees, and senior managers to help them understand the consequences of risks and ineffective processes to manage them. They encourage and support managers to have appropriate systems in place. Internal auditors then report to senior management and the audit committee on how effectively these systems of control are operating. In such a way, the corporation succeeds in aligning the internal audit function with its strategic objectives.

Aligning the Internal Audit Function with Strategic Objectives

1. 2. 3. 4.
5. 6. 7. 8.

Define stakeholder expectations. Articulate the mission, structure, resource model, working practices, and communication protocols for the internal audit function. Develop a formal strategic plan and assess company risks. Establish short- and long-term budgets for the internal audit function. Launch fieldwork quickly and, concurrently, assess any further needed skill sets. Develop internally or acquire (by outsourcing) enabling internal audit infrastructure, methodologies, and technologies. Determine clear lines of communication between the internal audit function and all company stakeholders (primarily, however, with senior management and the audit committee). Measure the results of the internal audit function.

ERP Enterprise Resource Planning

Key Components of an Optimal Enterprise Resource Planning System

 ERP computerized systems integrate a companys entire business operation. An ERP system binds together different computer systems for any large organization, with each department having its own system that communicates and shares information with the rest of the companys systems. ERP integrates all key areas, including accounting, planning, purchasing, inventory, sales, marketing, PR, finance, human resources, and any other areas of importance to a company. Installing an ERP system enables a company to monitor and manage effectively the performance level of equipment, while simultaneously increasing uptime and increasing responsiveness, thus facilitating and fulfilling customer needs as well as streamlining company performance.

 Although originally developed for large companies, ERP also benefits small and medium-sized companies and those involved in service rather than manufacturing, with ERP programmers creating a new generation of software that is easier to install, more manageable, and importantly, cheaper. The new systems are more modular, allowing installation to proceed gradually as a company evolves. ERP can also be outsourced, with the ERP manufacturer supplying the technology and the support staff required. This option has proved easier and cheaper than buying and implementing a whole system in-house. Hosted ERP or web-deployed ERP enables a company to run its ERP system through a web-hosted server and access it via the internet. This allows companies to reduce their IT investment in hardware and personnel.

 ERP systems have also expanded through the evolution of technology to include new functions such as linking ERP to other software systems that affect the supply chain. This allows companies to view inventory and its status as it moves through the supply chain. ERP has also been adapted to support ecommerce by making order fulfillment and distribution easier and simplifying electronic procurement.

 Computer security is included within an ERP to protect against both outsider crime, such as industrial espionage, and insider crime, such as embezzlement.

Advantages
Deploying an ERP system can improve efficiency and reduce operational costs. New levels of transaction visibility can be gained for all involved in a process. Companies can make smarter business decisions, keep up to date with customer requirements, track inventory, implement and maintain industry best practices, and forecast product demand. Complex computer applications can be replaced with a single, integrated system.

Disadvantages
ERP systems require the installation of new technical support and training of staff, and they are expensive. They desensitize operations procedures and rely on the whole system working. Systems can be difficult to use or too restrictive. The system may be overengineered relative to the actual needs of the customer, resulting in lack of personal service.

Action Checklist
Evaluate all company needs carefully and create a list of business issues that the ERP system has to address. Research potential ERP vendors by talking to other companies that have similar working requirements. Avoid choosing an ERP system vendor too quickly. Check the user-friendliness of the system. Ensure that you can customize the system to meet your requirements comprehensively.

Dos and Donts

Do Assess plenty of systems and see how they can work for your company. Look at the needs of your company from every angle. Check that your personnel are up to the task and, if not, check that you can employ the right personnel.

Dos and Donts

Dont Dont sign up to an ERP without all the facts. Dont expect an ERP to run the business for you without your input. Dont be too ambitious and believe that the system will solve any ongoing problems with communication within your company.

Accounting Software

 Keeping accounts is a legal obligation, but keeping good records is vital to run your business effectively. Good accounting software can help your business record and process accounting transactions and manage accounts more efficiently. The software functions as an accounting information system and varies greatly in its complexity and cost. Accounting software is composed of various modules dealing with particular areas of accounting. The most common modules are:

General ledger Accounts receivable Accounts payable Billing Stock/Inventory Purchase Order Sales Order Cash Book Electronic payment Reports

Accounting software selection

Youll need to gather together some information on your business, in order to assess what your overall requirements are and the level of sophistication of the accounting package needed. It might be useful to consider the following: The complexity of your business processes and the financial information needed. Do you want an integrated payroll function, separate payroll software or is payrolling outsourced? The number of transactions and the desired level of automated processing (i.e. auto-reconciliation). How many people will be using the accounts package at the same time. What computer systems are being used and which interfaces are required.

Implementation
Due to the wide scope of processes within a business, implementing accounting software can be complex. The right knowledge and experience are needed for a structured project approach that delivers a flexible accounting environment ready to cope with current and future accounting needs. The timeframe to implement depends on the scope of the change, the size of the business. Often, implementation proves to be a bigger consideration than the actual software chosen when it comes down costs for your business. Many applications are sold exclusively through resellers and consultants. These implementation partners generally pass on a license fee to the software vendor and then charge the customer for customisation, installation and support services.

Accounting systems classification

There are numerous Accounting systems available in the UK market today, existing in a large variety of complexity. How can you be sure to pick the right one? Some accounting software experts have divided the market for accounting solutions into three segments based on available budgets, organisation type, growth scenarios and number of users. Based on this segmentation, here are 3 segments

Basic Segment
Average investment from 3.000,- Standard accounting software for finance processes Implementation period 1-3 months For small and medium-sized organisations with 1 - 5 users Recommended for single site organisations

Mid Segment
Average investment from 30.000,- Comprehensive standard accounting software for finance processes Implementation period 4-6 months For medium and large-sized organisations with 5 to 10 users Recommended for multi-site organisations

Top Segment
Average investment from 100.000,- Highly comprehensive standard accounting software for finance processes Implementation period 6+ months For large and multinational organisations with 10+ users Recommended for multi-site organisations

Accounting system features

The best way to compare the different accounting systems available in todays market, starts with determining which accounting features your business requires. Once youve decided on the specs, this will narrow down your search to a manageable shortlist. The following should be thought about:

Industry Focus
Manufacturing Construction Industries Transportation and Logistics Wholesale and retail trade Finance, Insurance and Real Estate Service Industries Public Administration

General features
Multilingual Integration with Office software Automatic recovery Multi-Site / Multi-Company Multi-currency Configuration of user rights Authorization control International Payments Workflow management module

Financial administration
Create and maintain basic details of business relations General ledger Accounts receivable Billing and Invoicing Accounts payable Value Added Tax (VAT) Budgeting Cost Centre Accounting Consolidation module Fixed Assets Processing Stock/inventory Processing Integrated Management Information module IFRS Compliance Internal (intercompany) deliveries Project costing Cash Flow Management

Other, non core, modules

Expense reporting module Billing and time tracking module Payroll processing Purchase requisition module Document management module Point of Sale management

Technical requirements
Web-based On premise Accounting software Hosted Accounting software Oracle database MS-SQL database. XML interface module Web services module XBRL Support - EXtensible Reporting Language

Dont try to implement all features at once!

After seeing the demonstration of the accounting system of vendors , youll be tempted to want everything these companies have to offer. When that feeling occurs, remember to approach every software implementation project on a step by step basis. Customising and configuring the software systems is always the easy part of the implementation. Making sure all required data is captured, the available information is interpreted correctly and the right decisions are made accordingly is the key to success. This requires a manageable, user-friendly system containing the need to have functionalities and not the nice to have. When the basic implementation is place and has proved to work efficiently, you can always decide to broaden your scope and start using additional features.

Cloud

Manjit Biant

 Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet).

 Cloud computing provides computation, software, data access, and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services. Parallels to this concept can be drawn with the electricity grid, wherein end-users consume power without needing to understand the component devices or infrastructure required to provide the service.

 The concept of cloud computing fills a perpetual need of IT: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. Cloud computing encompasses any subscription-based or pay-per-use service that, in real time over the Internet, extends IT's existing capabilities

 Cloud computing describes a new supplement, consumption, and delivery model for IT services based on Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources. It is a byproduct and consequence of the ease-of-access to remote computing sites provided by the Internet. This may take the form of web-based tools or applications that users can access and use through a web browser as if the programs were installed locally on their own computers.

 Cloud computing providers deliver applications via the internet, which are accessed from a web browser, while the business software and data are stored on servers at a remote location. In some cases, legacy applications (line of business applications that until now have been prevalent in thin client Windows computing) are delivered via a screensharing technology, while the computing resources are consolidated at a remote data center location; in other cases, entire business applications have been coded using web-based technologies such as AJAX.

 Most cloud computing infrastructures consist of services delivered through shared data-centers and appearing as a single point of access for consumers' computing needs. Commercial offerings may be required to meet service-level agreements (SLAs), but specific terms are less often negotiated by smaller companies.

Comparison
Cloud computing shares characteristics with: Autonomic computing Computer systems capable of self-management. Clientserver model Clientserver computing refers broadly to any distributed application that distinguishes between service providers (servers) and service requesters (clients). Grid computing "A form of distributed and parallel computing, whereby a 'super and virtual computer' is composed of a cluster of networked, loosely coupled computers acting in concert to perform very large tasks."

 Mainframe computer Powerful computers used mainly by large organizations for critical applications, typically bulk data processing such as census, industry and consumer statistics, enterprise resource planning, and financial transaction processing. Utility computing The "packaging of computing resources, such as computation and storage, as a metered service similar to a traditional public utility, such as electricity." Peer-to-peer Distributed architecture without the need for central coordination, with participants being at the same time both suppliers and consumers of resources (in contrast to the traditional clientserver model). Service-oriented computing software-as-a-service.

Characteristics
Cloud computing exhibits the following key characteristics: Agility improves with users' ability to re-provision technological infrastructure resources. Application programming interface (API) accessibility to software that enables machines to interact with cloud software in the same way the user interface facilitates interaction between humans and computers. Cloud computing systems typically use REST-based APIs. Cost is claimed to be reduced and in a public cloud delivery model capital expenditure is converted to operational expenditure.This is purported to lower barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for onetime or infrequent intensive computing tasks. Pricing on a utility computing basis is fine-grained with usage-based options and fewer IT skills are required for implementation (in-house).

 Device and location independence enable users to access systems using a web browser regardless of their location or what device they are using (e.g., PC, mobile phone). As infrastructure is off-site (typically provided by a third-party) and accessed via the Internet, users can connect from anywhere. Multi-tenancy enables sharing of resources and costs across a large pool of users thus allowing for:
Centralization of infrastructure in locations with lower costs (such as real estate, electricity, etc.) Peak-load capacity increases (users need not engineer for highest possible load-levels) Utilization and efficiency improvements for systems that are often only 1020% utilized.

 Reliability is improved if multiple redundant sites are used, which makes well-designed cloud computing suitable for business continuity and disaster recovery. Scalability and Elasticity via dynamic ("ondemand") provisioning of resources on a finegrained, self-service basis near real-time, without users having to engineer for peak loads. Performance is monitored, and consistent and loosely coupled architectures are constructed using web services as the system interface.

 Security could improve due to centralization of data, increased security-focused resources, etc., but concerns can persist about loss of control over certain sensitive data, and the lack of security for stored kernels. Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford. However, the complexity of security is greatly increased when data is distributed over a wider area or greater number of devices and in multi-tenant systems that are being shared by unrelated users.

 In addition, user access to security audit logs may be difficult or impossible. Private cloud installations are in part motivated by users' desire to retain control over the infrastructure and avoid losing control of information security. Maintenance of cloud computing applications is easier, because they do not need to be installed on each user's computer

 The term "cloud" is used as a metaphor for the Internet, based on the cloud drawing used in the past to represent the telephone network, and later to depict the Internet in computer network diagrams as an abstraction of the underlying infrastructure it represents.

 After the dot-com bubble, Amazon played a key role in the development of cloud computing by modernizing their data centers, which, like most computer networks were using as little as 10% of their capacity at any one time, just to leave room for occasional spikes. Having found that the new cloud architecture resulted in significant internal efficiency improvements whereby small, fast-moving "two-pizza teams" could add new features faster and more easily, Amazon initiated a new product development effort to provide cloud computing to external customers, and launched Amazon Web Service (AWS) on a utility computing basis in 2006.

Client
A cloud client consists of computer hardware and/or computer software that relies on cloud computing for application delivery and that is in essence useless without it. Examples include some computers, phones and other devices, operating systems, and browsers.

Application
Cloud application services or "Software as a Service (SaaS)" deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support.

Platform
Cloud platform services, also known as platform as a service (PaaS), deliver a computing platform and/or solution stack as a service, often consuming cloud infrastructure and sustaining cloud applications. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers.

Infrastructure
Cloud infrastructure services, also known as "infrastructure as a service" (IaaS), deliver computer infrastructure typically a platform virtualization environment as a service, along with raw (block) storage and networking. Rather than purchasing servers, software, data-center space or network equipment, clients instead buy those resources as a fully outsourced service. Suppliers typically bill such services on a utility computing basis; the amount of resources consumed (and therefore the cost) will typically reflect the level of activity

Server
The servers layer consists of computer hardware and/or computer software products that are specifically designed for the delivery of cloud services, including multi-core processors, cloud-specific operating systems and combined offerings.

Archetecture

Privacy
The cloud model has been criticized by privacy advocates for the greater ease in which the companies hosting the cloud services control, and, thus, can monitor at will, lawfully or unlawfully, the communication and data stored between the user and the host company. Instances such as the secret NSA program, working with AT&T, and Verizon, which recorded over 10 million phone calls between American citizens, causes uncertainty among privacy advocates, and the greater powers it gives to telecommunication companies to monitor user activity. While there have been efforts (such as US-EU Safe Harbor) to "harmonize" the legal environment, providers such as Amazon still cater to major markets (typically the United States and the European Union) by deploying local infrastructure and allowing customers to select "availability zones

 Most transitions to a cloud computing solution entail a change from a technically managed solution to a contractually managed solution. This change necessitates increased IT contract negotiation skills to establish the terms of the relationship and vendor management skills to maintain the relationship.

10 Things to think about when considering new business software

Manjit Biant

 Implementing or changing business systems/software is a huge step for any step businesses of all sizes.

10 Points To Consider
1. 2. 3. 4. 5. 6. 7. 8. Research (Make a list of your requirements) Compile a short list of suitable software Make contact with software supplier Run through a demonstration Assess suitability of each software Identify prime candidates Check references (functionality and support) Dont forget to budget for training, support and implementation 9. Make a decision 10. Implement

1. Research
Look what is on the market and available. Check what you need.

2. Compile a short list of suitable software

This will come out of your review from Step 1

3. Make contact with software supplier

Choose which suppliers to contact that meet your requirements.

4. Run through a demonstration Get hem to show you what they can deliver through a demonstration.

5. Assess suitability of each software

Which software best fits your requirements.

6. Identify prime candidates

Short list further your suppliers.

7. Check references
This is important make sure customers are happy. Are you able to speak to other businesses freely about their experiences with the business software you are considering?

a) Speaking to other businesses about their experience with the installation, training, ease of use, migration process and benefits of the business software is probably the closest thing you can get to surety of the claims made by the software salesperson you have been dealing with. b) What system did they upgrade from? Why did they upgrade?

c) While software companies may have quoted you for the software and installation alone, often is the case that there are many hidden extras involved in getting the software to do what it is intended to (not just the travelling costs of the implementers here). Aftersales costs such as custom report writing, additional modules and support not covered by your licences can add up to the same cost as the software itself. That quote doesnt look quite so affordable now does itAgain ASK FOR REFERENCES. These people have ponied up their hard earned business cash to buy the software youre looking at it will pay dividends to get their opinion and learn from their experiences. d) At least 2 customer references should be mandatory in your due diligence process in selecting you business system.

8. Budget for training, support and implementation

Plan this into your forecast or the following years budget program. Be sure to add Contingency costs.

9. Make a decision
This is crucial DO SOMETHING!!

10. Implement
You got this far? Now Follow through and implement!!

10 Things to Further Think About

1
Will your software grow with you? Is your business dynamic? Does your software need to evolve to suit the changing needs of your business?

1
a) Choosing business software is an extremely important decision for the future of your business. The decision you make today will have ramifications long after youve paid your money, installed the software and entered your first transactions. b) What are your plans for the future? You need to be thinking 1, 2 and 5 years ahead when purchasing business software. What serves you well today may not be suitable when you add extra staff to your business.

1
c) Adding staff and resources to your business should not place any burden on your business software it simply just should cope with these demands and grow with you. d) If you are having problems keeping all your different systems up to date right now, how will they keep pace when you experience even more growth? e) Moving to an integrated system that brings all your Accounting, Reporting, Purchasing, Resourcing and Scheduling tasks together is definitely worth serious consideration.

2
Where was the software developed? Can you pick up the phone and talk to your software trainer, business analyst, programmer, system architect?

2
a) Was the software youre considering developed in Australia for the Australian market and for Australian users? Are the people who developed the software still contactable? Is the software being constantly revised and improved? Or is it a set and forget piece of software that becomes outdated and does not keep pace with your business? b) Are the developers and people who support the software in touch with their customers?

3
Who supports the software? Do you know the people who support your software?

3
a) One of the major frustrations with any piece of software is when youre having difficulty executing tasks. When there is no-one else in the business to askand when youve exhausted the help fileyou have to turn to the software developer themselves. Are they Australian? Are they contactable by phone? Do you have an expected level of service? b) If Support is not local, are they contactable in your business hours? c) Is Support included in the price of the software? If not, it could really cost you.

4
How often is the software updated? Is your software updated regularly, using customer feedback as a guide?

4
Regularly updated business software means you are using the absolute latest in technology. You should consider asking the question Why does my software need updating anyway?. The answer should be Because the customers demand it! User feedback and software revision by the developer is the key to making the best software possible. Without customer feedback and the follow up of that feedback by the developer, how does the software developer know the customers are extremely happy?

5
What is the suitability of the software to my business? Will the people who implement my software take the time to understand my business?

5
a) One size does not fit all. Was the business software you are considering hastily patched to suit your Industry, or was it carefully crafted in consultation with businesses FROM your Industry? The only way to make a brilliant piece of software is to talk to the users of that software on a regular basis. b) Does the business software developer employ software installers, or business analysts? Are the people setting up your software to achieve the maximum benefit to your business? (Or they are just doing another software installation?) Is the software installed by 3rd party consultants, or by the developer of the software itself?

6
What is the Installation process?

6
a) b) c) How will your business software be installed? Is it a planned and carefully managed process? Will all the preparation work be done before the installation date? CAN I RUN THE NEW SYSTEM FROM DAY 1? Will the business experience minimal interruption? Will I have to run both systems side by side at the same time to make sure the new one does its job? All of these items should be documented and requested in writing from your software provider BEFORE THE EVENT. It is too late once the implementers are at your office, installing the software. Dont be trapped into paying for services you did not or could not foresee because of poor planning. Make sure your software provider spells all of their costs out, lets you know what you will be getting for your money, and how long the entire installation / implementation will take.

7
Does the software do anything other than my accounts? Does the software help manage all aspects of my business, or simply my accounting?

7
A business system needs to be more than just numbers. The success or failure of a business will depend largely on its PROCESSES and their adherence. As your business grows, the only way to control the resources in your business is to put in place certain procedures and processes. These are the rules that will ensure that actions within your business are performed correctly, accurately and in the right order. Purchasing, Point of Sale, Accounting, Reporting, Recording Jobs all these business processes need to be documented and built into your business system. Typically business systems in the price range of small to medium business DO NOT contain process-driven management systems, however they DO EXIST.

Integration
Financial teams interact with other business units more frequently than any other department. Therefore, seamless sharing of vital information is crucial to ensuring smooth, problem-free transactions. The accounting software you choose must tightly integrate with other business systems across your company. For example, your accounting software must link directly to your inventory management and supply chain systems, to ensure that sufficient stock levels are kept to meet all demands. And, it should tie into sales force automation systems to guarantee accurate and timely collaboration on forecasts.

Industry-Specific Transactions
Some sectors, such as consulting and other serviceintensive industries, face unique challenges when it comes to managing accounting and finance operations. While off the-shelf accounting software solutions will satisfy the needs of most businesses, those that have unique vertically-oriented requirements should consider choosing a vendor with a pre-packed application specifically for their industry, or one that has extensive experience working with similar companies.

8
What additional systems will I need to complement the Accounting software?

8
a) Customer relations management, resource planning, point of sale, job tracking, warehousing, manufacturing, open to buy spreadsheets, machine tracking and reporting b) Or you could look for a solution that contains all the systems you need in one.

9
Will my existing hardware run the new software? What hardware is required to run my software?

9
Changing software is also a good time to be taking a close look at your hardware that runs your business system. What is your back-up strategy? Do you use a server? Are you making the best use of your current resources? Who looks after your network?

10
What is subscription based software? When will my software be out of date?

10
a) Subscription based software means paying a yearly subscription fee to be able to continue using the software. Subscription based software allows a software developer to continue to improve the product, release updated and improved versions of the software, and also to continue to provide customer support for the software. b) Subscription based software has the advantage of never actually being out of date, as it is improved on a regular basis, often up to twice a year, and these improved version are available at no extra cost to the subscriber above what they normally pay.

Accounting Software

Manjit Biant

 As regulations become more stringent, businesses need to find better ways to ensure compliance by effectively logging, tracking, auditing, and reporting their financial data.

Accounting Software
Accounting software is designed to automate the processing, recording, handling, storage, and access of various types of business financial transactions and associated information improving efficiency, accuracy, and cost-effectiveness in finance and accounting operations. It also gives companies a powerful mechanism for streamlining their vital financial processes, as well as implementing formal procedures for the collection, maintenance, and presentation of financial data.

 An accounting software package can deliver significant value: 1. Elimination of man-made errors, for improved accuracy and consistency of financial data. 2. Compliance with regulatory laws and guidelines through increased speed and integrity of financial reporting. 3. Enhanced efficiency of financial staff through replacement of cumbersome, paper-heavy manual processes with fully automated activities. 4. Greater revenue and business growth through improved visibility into financial status, as well as more informed strategic financial planning. 5. Increased ability to identify and leverage new revenue opportunities through in depth reporting and analysis.

Why You Need It

Every company in every industry can benefit greatly from an accounting software package. Not only will accounting software help improve the way critical financial-related processes are managed across the business resulting in increased efficiency and smoother execution of core business operations it can help companies avoid the risks and severe penalties associated with non-compliance with financial reporting laws and guidelines.

Common Features
Accounts receivable and debt collection. With accounting software, companies can better track monies owed, payment due dates, and outstanding balances. As a result, they can facilitate faster recognition of revenues and other income. Additionally, past due balances and non-payments can dramatically impact cash flow and related activities. With accounting software, companies can better understand where outstanding debt exists and why, and accelerate time-to-collection. Accounts payable. Financial staff can more effectively manage bills, payments, and monies owed by the company. General ledger. Accounting software systems can dramatically improve the way a company manages its books, the primary, centralized log of all key financial activities and nformation.

 Billing and invoicing. With accounting software, businesses can more rapidly generate comprehensive invoices and account statements for clients. Purchase orders. An accounting software package can help procurement professionals improve the efficiency and accuracy of purchase order creation. This promotes better vendor relationships, while ensuring timely and effective ordering of parts, components, and other supplies. Sales orders. Companies can automate and improve the way they process, fulfill, and track customer orders.

 Reporting. Accounting software packages provide the ability to generate complete balance sheets, profit and loss statements, and other standard financial reports. Additionally, many of them offer ad hoc analysis capabilities, so financial professionals can easily satisfy their own unique information needs.