The use of flowcharting, which shows sequence of activities, would have shown that postings of cash
            receipt to the subsidiary account was done daily, whereas the posting of the invoice to the subsidiary
            accounts-receivable ledger was performed monthly. An informed individual would certainly ask: “Would
            this process not result in credit balances in the subsidiary accounts receivable?” “How would these errors
            be corrected?” “When would they be corrected?” and so forth.

            If the ICQ was a standard ICQ and not tailored to a specific system, then the standard ICQ might omit
            questions relevant to the specific system or might include a large number of questions inappropriate to
            the system being evaluated.

            As noted previously, an open-ended question often will reveal characteristics of the system that cannot
            be obtained from an ICQ.

            For example, the ICQ used to document the university’s cash-receipts system and posting to the
            subsidiary accounts receivable should have included an open-ended question such as: “How are
            unapplied cash-receipts processed?” The responses to these questions most likely would have revealed
            that there was a problem in the posting of unapplied cash.

            Finally, ICQs typically do not classify controls as either preventive or detective. A preventive control is
            usually less costly than a detective control. A detective control identifies a problem after it has occurred.
            Costs associated with correcting the problem will be incurred. A preventive control stops a problem from
            occurring. Obviously, when preventive controls exist, costs associated with correction of a problem
            should not be incurred. Detective controls are often performed significantly later than when the problem
            occurred. For example, many companies reconcile inventory to the books on an annual basis. Problems
            in recording, theft, and other issues associated with inventory are not detected until the end of the year
            and adjustments to the books are oftentimes recorded only annually.

            A matrix approach can be used to classify internal controls as either preventive or detective. The matrix
            approach will be addressed in the following exhibit.
































            © 2020 Association of International Certified Professional Accountants. All rights reserved.    8-4