Practice free →
HomeCA FinalfinancialreportingAccounting and Technology — RPA, Cloud, ERP, Cybersecurity, Blockchain & AI › Suspense accounts and unauthorised access contro…

Suspense accounts and unauthorised access controls are flagged as ICOFR weaknesses in an ERP-driven listed company. Which control combination is the MOST effective response?

AManual reconciliation of suspense balances at year-end only and password sharing among senior staff for emergencies
BPeriodic reviews of suspense balances with documented ageing, plus user-access reviews against the RAM, supplemented by independent review of reconciliations of all significant accounts
CAnnual external audit alone, since auditors are responsible for ICOFR effectiveness
DOutsourcing suspense reconciliation to a vendor with no access controls applied
Answer & Solution
Correct answer: B. Periodic reviews of suspense balances with documented ageing, plus user-access reviews against the RAM, supplemented by independent review of reconciliations of all significant accounts
The chapter prescribes monitoring of suspense accounts, user-administration controls tied to RAM, and independent reconciliation review. Annual external audit alone (C) does not discharge management's ICOFR responsibility; password sharing (A) and uncontrolled outsourcing (D) violate access control principles.
Solve this in the app — CA Final practice & 24k+ MCQs →
Related questions