GENERAL PAYROLL CONTROLS Dates in scope:



Similar documents
Module #9 Payroll Schemes

INTERNAL ACCOUNTING CONTROLS CHECKLIST FOR NTMA CHAPTERS

AUSTIN INDEPENDENT SCHOOL DISTRICT INTERNAL AUDIT DEPARTMENT PAYROLL AUDIT PROGRAM

CHAPTER 4 EFFECTIVE INTERNAL CONTROLS OVER PAYROLL

Internal Audit Committee of Brevard County, Florida Internal Audit of Timekeeping and Payroll Process

Internal Control Guidelines

Accounts Payable. Best Practices: Existing Control: Control Gap: Controls Evaluation and Gap Analysis. Purchasing

Fiscal Procedure Sequence page number

Cash Receipts Internal Controls

Assertion Control objectives Controls Tests of controls Occurrence and existence

BEDFORD PUBLIC SCHOOLS BUSINESS OFFICE PROCEDURES MANUAL

ACCOUNTING POLICIES AND PROCEDURES SAMPLE MANUAL

LOYOLA MARYMOUNT UNIVERSITY POLICIES & PROCEDURES. SUBJECT: PAYROLL SERVICES Page 1 of 14

Chapter 7 Trustee. Internal Control Questionnaire

INTERNAL CONTROL QUESTIONNAIRE OFFICE OF INTERNAL AUDIT UNIVERSITY OF THE VIRGIN ISLANDS

BDO Consulting. Segregation of Duties Checklist

The policy and procedural guidelines contained in this handbook are designed to:

Guidelines for Congregations Internal Control Best Practices

Internal Control Systems

Cash, Petty Cash, Change Funds, and Credit Cards

DIXON MONTESSORI CHARTER SCHOOL FISCAL CONTROL POLICY

B Resource Guide: Implementing Financial Controls

TheFinancialEdge. Converting to Payroll 7

NONPROFIT FINANCIAL MANAGEMENT SELF ASSESSMENT TOOL

CARRIAGE MUSEUM OF AMERICA ACCOUNTING POLICIES AND PROCEDURES MANUAL. February 2014

Payroll 101 Training. Summer Finance Conference July 2015

CHAPTER 9 PRESCRIBED FORMS, TAXES, AND GENERAL INFORMATION

CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS

Client Start-up Checklist

for Sage 100 ERP Payroll Overview Document

Important Disclaimer. Copyright Information

Premium Audit Guide. What is a premium audit? Types of audits. Payroll as a premium basis. Information requested at time of audit

MEMORANDUM. Municipal Officials. From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center

Audits of Automobile Body and Repair Shops

FASOM - Section 10: HRIS Payroll Processing Calendar and Related Issues

MEMORANDUM INTERNAL CONTROL REQUIREMENTS FOR NON-PROFITS

New Client Start-up Checklist

5:31-7 Appendix B LOCAL AUTHORITIES - ACCOUNTING AND AUDITING IF ANY ARE NOT APPLICABLE, INSERT N/A AS YOUR ANSWER. FIRE DISTRICT YEAR UNDER AUDIT

Archdiocese of Chicago Parish Self-Assessment Checklist

FINANCE COMMITTEE PROCEDURES. Audit Process. Cash Handling

FIVE MANAGEMENT SYSTEM Policies and Procedures Checklist

How To Manage A Corporation

ACCOUNTING AND FINANCIAL REPORTING REGULATION MANUAL

Internal Control Guide & Resources

FINANCIAL CONTROLS POLICIES AND PROCEDURES FOR SMALL NONPROFIT ORGANIZATIONS

Internal Controls: Best Practices for Political Campaigns in New York City

How To Prevent Fraud On A Credit Card

A Municipal Checklist for Internal Control-Part I, Cash Controls

MANAGEMENT AUDIT REPORT ACCOUNTS PAYABLE

Paw Paw Public Schools. Business Office. Procedures Manual

SUBSIDIARY LEDGER MANAGEMENT AND INTERNAL CONTROLS

Guidelines for Congregations Internal Control Best Practices

Internal Controls over Cash for Small Nonprofits

Accounting software & data

FINANCIAL ADMINISTRATION MANUAL

SUMMARY OF CORRECTIVE ACTION FOR SEGREGATION OF DUTIES AUDIT ISSUES

THE PERKS OF USING PAYROLL AND HUMAN RESOURCES

Financial Transactions and Fraud Schemes

1. Employee Records. 1a. Identity Management Tool

IT Application Controls Questionnaire

The Practice of Internal Controls

Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner

REPORT OF THE AUDIT OF THE JACKSON COUNTY SHERIFF

KAREN E. RUSHING. Ghost Employee Audit

THE ABC S OF DATA ANALYTICS

SAMPLE FINANCIAL PROCEDURES MANUAL

Report on. Office of the Superintendent of Financial Institutions. Corporate Services Sector Human Resources Payroll. April 2010

OCCUPATIONAL GROUP: Human Resources. CLASS FAMILY: Employee Benefits and Payroll CLASS FAMILY DESCRIPTION:

2. For the remaining accounts not tested, select all general ledger suspense and in-process accounts:

Average Weekly Wage. Presented by: Dan Schmelling & Denise Williams Workers Compensation Division

1. SEGREGATION OF DUTIES IS ESSENTIAL

Chapter 15: Accounts Payable and Purchases

Fiscal Policies and Procedures Handbook. Crown Preparatory Academy

Standard Procedures and Controls for the Title Industry. Prepared by the ALTA Internal Auditing Committee ALTA

AUSTIN INDEPENDENT SCHOOL DISTRICT INTERNAL AUDIT DEPARTMENT TRANSPORTATION AUDIT PROGRAM

INTERNAL CONTROL OVER PURCHASE INTERNAL CONTROL OVER INVENTORY INTERNAL CONTROL OVER CASH PAYMENTS INTERNAL CONTROL OVER CASH RECEIPTS

FINANCIAL MANAGEMENT POLICIES AND PROCEDURES

Sage Payroll Services

Ithaca College Accepting Cash and Checks Procedures

POLICY & PROCEDURE DOCUMENT NUMBER: DIVISION: Finance & Administration. TITLE: Cash Operations Policy and Procedures. DATE: July 15, 2011

FGMK Payroll Services, LLC. One Source Infinite Solutions Year End Guide

10-1. Auditing Business Process. Objectives Understand the Auditing of the Enteties Business. Process

ADMINISTRATIVE PRACTICE LETTER

SAGE ACCPAC. Sage Accpac ERP. U.S. Payroll 5.5A. Update Notice

The Complete Buying Guide For Payroll Software

UCLA Policy 360: Internal Control Guidelines for Campus Departments

INTERNAL CONTROL MATRIX FOR AUDIT OF LABOR AND ACCOUNTING CONTROLS Version No. 4.2 June 2006

Transcription:

GENERAL PAYROLL CONTROLS Risk # Risk Expected Control Step # Testing Documents/Info Needed 1 Unauthorized initial pay rate 2 Unauthorized/unsupported deductions (statutory deductions and benefits). Initial pay rate is approved by HR and the department manager and documentation is included on the employee's files. Signed W4 forms and enrollment forms are included in the employee files to support statutory deductions and employee benefits, respectively. GC1 GC2 Select a sample of new employees for period under audit and obtain supporting documents ensuring that initial pay rate is approved by the appropriate individual Select a sample of employees and trace statutory deductions (i.e. taxes) and benefits to supporting documents. List of new employees for period under audit 3 Unauthorized set-up of direct deposit 4 Manual checks do not have appropriate support and are not signed by authorized signer Employees with direct deposit have a signed copy of their Direct Deposit Authorization Form on their personnel file. Manual checks must be signed by two authorized individuals who do not have access to HR/Payroll system. In addition, supporting documents for manual checks are reviewed before being signed by authorized signers. GC3 GC4 Select a sample of employees with direct deposit set-up and obtain copies of signed Direct Deposit Authorization Form Select a sample of manual/on-demand checks processed for period under audit and obtain copies of supporting documents and determine if signed by two authorized individuals. Obtain list of terminated employees for period under audit and verify if subsequent payroll checks/payments were processed after date of termination. If processed, obtain documentation as to valid reason. 5 Terminated employees are paid Terminated employees are inactivated in the payroll system in a timely manner. GC5 1. Check printer and blank checks are kept Check printer and blank checks are not in a locked area, accessible only to physically safeguarded and is accessible to authorized individuals. 2. Pre-signed 6 unauthorized individuals checks are not allowed. GC6 Observe where check printer and blank checks are kept. Check for pre-signed checks. N/A 7 8 Check stock are not numbered sequentially or are not reviewed for gaps Checks are sequentially pre-numbered. GC7 Signature plate or file is not appropriately safeguarded Observe whether check stocks are numbered sequentially and identify if any are missing. N/A Signature plate or file is accessible only to authorized individuals. GC8 Observe if signature plate is used; If file is used, determine who has access to the file. N/A ; Direct Deposit Authorization Form List of manual/on-demand checks processed for period under audit () List of termed employees for period under audit; 9 Payroll adjustments are not authorized and supported by adequate documentation. Adequate documentation must be kept to support all payroll adjustments. GC9 Select a sample of payroll adjustments (all if under 30) and trace to supporting documentation. List of payroll adjustments for period under audit 10 11 Interface between HR and payroll system is File sent to ADP is reconciled to data not reconciled or is incomplete. received by ADP GC10 Compare file sent to ADP to file received by ADP. Garnishments and other non-statutory Adequate documents are included in the deductions (e.g., gift shop) are not employee files to support non-statutory supported by adequate documentation. deductions. GC11 Select a sample of garnishments and other non-statutory deductions (all if under 30) and trace to supporting documentation. Reconciliation of file sent to ADP to file received by ADP List of garnishments or other nonstatutory deductions for period under audit () 12 Additions to employee master are not authorized. New employees should have supporting documents such as job application, payroll document (W4), identification document (driver's license and Social Security Card), and other required documentation (i.e. Drug Screen and Reference Check Statement, and Criminal Background Check statement) filed in their employee file GC12 Select a sample of additions to the employee master and trace to supporting documentation. List of new employees for period under audit Audit Program Payroll Pay Practices Ghost Employees Gen Payroll Controls 7/5/2012

2 Risk # Risk Expected Control Step # Testing Documents/Info Needed 13 Payroll advances not deducted from subsequent pay check Payroll advances are set-up in the payroll system so that it automatically deducts the advance to the subsequent paycheck. GC13 Select a sample of payroll advances (all if under 30) and check subsequent paycheck to determine if the advance was deducted List of payroll advances for period under audit (Timekeeping Data) New employee can be entered into the system without it being listed on the ADP new hire report The ADP New Hire Report is populated based on a unique and a required field. It is also important that the field cannot be backdated such as the new hire date or start date, because someone can easily backdates so that a "fictitious" new employee entered into the system will not be listed on the ADP New Hire Report. Observe if a new employee can be entered into the system without it being listed on the 14 GC14 ADP new hire report N/A Compare separation checklist to Renown s checklist and make recommendations. 15 Termination checklist incomplete N/A; testing is only for recommendations GC15 (Observation only.) Separation checklist Audit Program Payroll Pay Practices Ghost Employees Gen Payroll Controls 7/5/2012

SEGREGATION OF DUTIES Risk # Risk Expected Control Step # Testing Documents/Info Needed Payroll personnel are able to enter or delete employees in the system, providing opportunity to Payroll personnel are not able to enter or delete employees in the system. If they do then there is a report generated, which is reviewed by an 1 create and pay fictitious employees without detection independent party. SOD1A Observe for both regular and special payroll runs N/A 2 3 4 Payroll personnel are able to change pay rate and benefit information, in the system, providing opportunity to give themselves or others a pay raise or additional benefits Reconciliation of payroll bank account is performed by payroll personnel, providing opportunity to conceal any misappropriation Reconciliation of what is recorded in the G/L to the payroll register is performed by payroll personnel, providing opportunity to conceal any misappropriation Payroll personnel are not able to change pay rate and benefit information in the system. If they do then there is a report generated, which is reviewed by an independent party. SOD1B Observe for both regular and special payroll runs N/A Payroll bank account reconciliation is performed by someone who did not process and/or sign the payroll checks. Reconciliation of G/L to the payroll register is performed by someone who did not process and/or sign the payroll checks. SOD2 SOD3 Obtain copies of payroll bank reconciliations for period under audit and identify who prepared and who reviewed the reconciliation Obtain copies of G/L entries for period under audit and trace to the payroll register. Identify who prepared and who reviewed the reconciliation. Completed Payroll Bank Reconciliation for period under audit Completed Payroll Reconciliation to the G/L for period under audit 5 Termination checks are distributed by payroll personnel, providing opportunity to pay a fictitious "terminated" employee without detection Termination checks are distributed by someone other than the person who inputs and authorized payroll. If not possible, terminated employees should be required to sign an acknowledgment that they ve received the last pay check. SOD4 Obtain copies acknowledgement of last pay check pick-up for a sample of employees terminated for period under audit Acknowledgement of last pay check pick-up for a sample of employees 6 Lack of segregation of duties No employee or group should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties. In general, the principal incompatible duties to be segregated are: Custody of assets, Authorization or approval of related transactions affecting those assets, and Recording or reporting of related transactions Control activity SOD5 Walkthrough Segregation of duties matrix for payroll N/A Audit Program Payroll Pay Practices Ghost Employees SOD 7/5/2012

BANK RECONCILIATIONS Dates in Scope: If recently performed by external auditors, these steps are N/A. Risk # Risk Step # g, Testing p p Documents/Info Needed timely. In addition perform detail testing for 1 of the months: 1) Test the schedule for clerical accuracy. 2) Agree bank balance and ending balance to the general ledger and bank statement, respectively. 3) agree reimbursement wire (transferred from the operating account) to the net pay per the period s payroll control total per the payroll system. 4) Select 3 reconciling items and test that the items were properly included as reconciling items, including tracing the selected items to the following month s bank statement to ensure all items properly cleared the account. Test additional items if large or unusual reconciling items exist. 5) Review the subsequent month s bank statement for unusual and/or large checks, checks of even dollar amounts (i.e. $500 or $1,000, etc.), or unreasonably out of sequence checks. 6) Review the outstanding checks list for 1 Payroll bank reconciliations are not performed effectively and/or timely BR1 checks outstanding for an unusually long period. Determine the status of the outstanding check, determine the need for any adjustments, and document findings. Document the company s process for dated checks and voided checks. 7) For voided checks, if any, review the voided checks to ensure they have been properly defaced. Inquire as to reasons for voided as deemed necessary. Payroll Bank Reconciliation and supporting documents for the past 3 months 2 Payroll data is not reconciled to the G/L effectively and/or timely BR2 Using the documents obtained from SOD3, determine reconciliation to the G/L is performed monthly. In addition perform detail testing for 1 of the months: 1) Agree balances on the reconciliation to the general ledger and the payroll ledger. 2) Review and investigate any large or unusual reconciling items. 3) Obtain Labor Distribution Report or similar report for a sample of departments and verify that payroll balance agrees with the G/L Payroll Reconciliation to the G/L and supporting documents for the past 3 months Audit Program Payroll Pay Practices Ghost Employees Bank Rec 7/5/2012

GHOST EMPLOYEES NOTE: Each test on its own would not indicate a ghost employee. However, employees with exceptions in several tests would warrant further review and explanations should be required for duplicates and discrepancies. Risk # Risk Step # Testing Documents/Info Needed 1 Ghost Employees GE1 Look for employees with PO box address Employee Master 2 Ghost Employees GE2 Look for different employee IDs with same or similar addresses Employee Master 3 Ghost Employees GE3 Look for different employee IDs with same or similar names Employee Master 4 Ghost Employees GE4 Look for different employee IDs with same or no SSN Employee Master 5 Ghost Employees GE5 Look for employees with duplicate employee number or out of normal range. Employee Master 6 Ghost Employees GE6 Look for employees with no withholdings 7 Ghost Employees GE7 Look for employees who aren't on the system email listing List of employees on the email system 8 Ghost Employees GE8 Look for employees with same SSN as travelers List of travelers with SSNs; Employee Master with SSNs. 9 Ghost Employees GE9 Look for different employee IDs with direct deposit going to the same bank account Report listing employees with direct deposit and their direct deposit info such as bank account # 10 Ghost Employees GE10 Look for employee IDs listed on the payroll register but not on the HR system and vice versa and Employee Master 11 Ghost Employees GE11 Look for employees in the payroll register that have different base rates than the rates listed in the employee master file and Employee Master 12 Ghost Employees GE12 Compare employee SSN to Social Security Administration list. http://www.ssa.gov/employer/ssnv.htm Employee Master 13 Ghost Employees GE13 Identify hotel addresses in the area and search for employees with those addresses Employee Master 14 Ghost Employees GE14 Look for employees with addresses at a mailbox etc. location Employee Master 15 Ghost Employees GE15 Look for employees with a base rate outside of job code range Employee Master and job code salary ranges Audit Program Payroll Pay Practices Ghost Employees Ghost Employees 7/5/2012

CONFLICT OF INTEREST Risk # Risk Step # Testing Documents/Info Needed 1 Conflict of Interest CI1 Look for employees that are on the vendor master list (by SSN or by Name) Employee Master and Vendor Master 2 Conflict of Interest CI2 Look for employees being supervised by a relative (same last name) Employee Master Audit Program Payroll Pay Practices Ghost Employees Conflict of Interest 7/5/2012

PAY PRACTICES Risk # Risk Step # Testing Documents/Info Needed 1 Possible misappropriation of assets PP1 Identify employees with more than $10,000 in gross pay and review back-up evidence to determine if the amounts paid are reasonable. 2 Possible misappropriation of assets PP2 Identify employees with more than $5,000 in net pay and review back-up evidence to determine if the amounts paid are reasonable. 3 Possible misappropriation of assets PP3 Identify employees paid the same amount as both a regular and a special check run or both as a check and a direct deposit during the same pay period. 4 Lack of compliance with policies and procedures PP4 Identify employees accruing greater than the maximum leave or sick pay per policy. Leave and Sick Balance Data 5 Lack of compliance with policies and procedures; Overcompensation PP5 Identify employees with negative leave or sick pay balances. Leave and Sick Balance Data 6 Lack of compliance with policies and procedures PP6 Identify employees receiving 1) leave; 2) holiday; or 3) sick pay who do not qualify. (Use hire date, not status change date) 7 Lack of compliance with policies and procedures PP7 Identify employees receiving benefits who do not qualify. (Use hire date, not status change date) 8 Lack of compliance with policies and procedures; Overcompensation PP8 Identify employees receiving bonuses who do not qualify (only if applicable). 9 Lack of compliance with policies and procedures PP9 10 Lack of compliance with policies and procedures PP10 11 Lack of compliance with policies and procedures PP11 12 Lack of compliance with policies and procedures and inefficient use of resources and inefficient use of resources. PP12 13 Lack of compliance with policies and procedures PP13 Identify employees receiving 1) bereavement pay; 2) jury duty pay; 3) continuing education pay who do not qualify for it. (Use hire date, not status change date) Identify employees receiving 1) relocation pay or 2) moving expense reimbursement more than six months after their hire date or that have not been authorized by HR. Identify employees paid shift differential and test a sample to determine whether they are qualified (based on position and department) to receive it. Identify per-diem employees and summarize number of hours worked per pay period and compare to policy. Also 1) compare departments with high overtime to departments with low per diem and 2) identify per diem employees with zero hours. Determine whether employees receiving call-back and/or on-call pay are eligible according to policies and procedures. 14 Inefficient use of resources PP14 Identify departments and employees with most 1) call back and 2) on-call pay. 15 Inefficient use of resources PP15 Identify employees with 1) call back pay and no on-call pay; and 2) on-call pay and no call back pay. 16 Overcompensation PP16 Identify employees with 1) both licensed and non-licensed on-call pay; and 2) licensed call pay who do not have a licensed position. 17 Inefficient use of resources PP17 Identify departments and employees with most overtime pay. 18 Inefficient use of resources PP18 Identify departments and employees with most incremental overtime pay. Incremental overtime is less than 1 hour 19 Inefficient use of resources PP19 Identify departments and employees with most double-time pay. Audit Program Payroll Pay Practices Ghost Employees Pay Practices 7/5/2012

2 Risk # Risk Step # Testing Documents/Info Needed 20 Inefficient use of resources PP20 Identify full-time employees working more than 18 regular hours per day (Do not include leave hours) Determine for how many pay periods this occurred for each employee. Timekeeping Data 21 Inefficient use of resources PP21 Identify full-time employees working more than 80 regular hours per pay period. (Do not include leave hours). Determine for how many pay periods this occurred for each employee. 22 Inefficient use of resources and underpaying for benefits. PP22 Identify part-time employees working more than 72 regular hours per pay period. (Do not include leave hours). Determine for how many pay periods this occurred for each employee. 23 Inefficient use of resources PP23 Identify employees receiving regular + leave hours greater than their standard hours in the same pay period. 24 Inefficient use of resources and overpaying or underpaying for benefits. PP24 Identify employees who continuously worked 1) more or 2) less than their FTE requirement. Continuously means if they worked more than their FTE for 6 consecutive pay periods. 25 Overcompensation PP25 Identify exempt employees with premium pay 26 Inefficient use of resources PP26 Identify timecards edits which resulted in increased or decreased pay. Determine which departments and employees have most number of timecard edits Timecard Edits Data 27 Inappropriate timecard approval and lack of segregation of duties. and lack of segregation of duties. PP27 Identify individuals who can approve their own timecard Timecard Approval Data 28 Inappropriate timecard approval PP28 Identify individuals below supervisor level who have ability to approve timecards Timecard Approval Data 29 Inappropriate timecard approval PP29 Identify individuals who can approve individuals outside their own cost center Timecard Approval Data 30 Unauthorized timecard PP30 Identify timecards for a specific period that were not approved by 1) the employee; 2) the employee's manager/supervisor; 3) neither Timecard Approval Data 31 Unauthorized overtime PP31 Identify employees with overtime pay whose timecards were not approved Timecard Approval Data; 32 Unauthorized leave or sick pay PP32 Identify employees with leave or sick pay whose timecards were not approved Timecard Approval Data; 33 Incompliance with policies and union contract PP33 Trace system pay rules to the HR policies and union contract (if applicable). Electronic Payroll pay rules; HR policies 34 Inefficient use of resources PP34 Identify departments and employees receiving the most bonuses 35 Unauthorized/unsupported pay raise/decrease PP35 Select a sample of employees with pay raise/decrease for period under audit and obtain supporting documents ensuring that pay raise/decrease is approved by the appropriate individual and supported by adequate documentation. ; Employee Master 36 Gross pay is not equal to hours worked per timecard x authorized pay rate PP36 Select a sample of employees and recalculate gross pay per the payroll register based upon hours worked per timecard approved by manager and/or employee and authorized pay rate per employee's personnel action form or equivalent form ; Personnel Action Form or equivalent Audit Program Payroll Pay Practices Ghost Employees Pay Practices 7/5/2012

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information