Documenting Your Controls - Governance, Risk, and Compliance Topic for Oracle Applications - page 164

Database Reference

In-Depth Information

The flowchart for the Accounts Payable Month End Close process is automatically

generated by Oracle Tutor, which is shown in the following figure:

Accounts Payable Month End Close

A

Establishing Close

Schedule

AP Clerk

AP Clerk

- Determine whether GL

account distribution

errors exist. (10)

AP Clerk

- Correct account

distribution errors. (13)

> Window Name

- Notify AP Supvr that all

checks accounted for.

(4)

Start

AP Clerk

- Determine whether any

checks unaccounted for.

(1)

> Window Name

AP Supvr

- Verify that all requests

for payment hav been

vouchered. (5)

- Verify that all manual

checks have been

recorded. (6)

- Verify that documents

have been processed. (7)

- Close AP transactions

for fiscal month. (8)

AP Clerk

- Inform AP Supvr that

account distribution

errors have been

corrected. (14)

Distribution

errors exist?

N

B

C

B

Y

N

Checks missing?

AP Supvr

- Identity errors on AP

/general ledger entry

report. (11)

- Deliver annotated report

to an AP Clerk for

correction. (12)

AP Supvr

- Print a list of aged

AP balances & a listing

of all checks written

during month. (15)

> Window Name

> Window Name

A

C

Y

AP Clerk

- Locate missing checks.

(2)

- Void missing checks.

(3)

AP Supvr

- List all of GL account

entries made during

month. (9)

> Window Name

B

Risks and controls documents

A risk is a possibility of acts or events that could adversely impact an organization's

business process. Risks also provide the source for designing the controls that

mitigate damage, which could be caused by the risks and a control mitigates

the potential damage from a risk for a specific business process. For each risk

documented for a process, there must be a documented control. Controls provide a

safety mechanism to ensure that all risks are addressed by documented responses

that mitigate the risks.

Risks and controls documents are generally maintained as a matrix of each

business process that link the risks to the business process and describe who,

how, and when the controls mitigate risks. The matrix also contains detailed

risk characteristics—such as likelihood, impact, and type—as well as controls

characteristics—such as control objectives, frequency, type, and method. Control

documents required for compliance with Sarbanes-Oxley Act also include control

assertions that are linked to the Committee of Sponsoring Organization's (COSO)

Integrated Internal Control Framework.

Next Page

Governance, Risk, and Compliance Topic for Oracle Applications

Search WWH ::

Custom Search

Home