I think option B will be the most effective choice as an auditor.
The following are the reasons for choosing option B.
First, the best way to safeguard one’s business is proactive action. Proactive actions are intended to bring about changes rather than just reacting to cause a change. For one’s business to survive any form of competition, it has to be proactive, involving productive actions since actions speak louder than words. It is imperative to put a range of both external and internal controls in place, and also creating a fraud limiting timeline by ensuring that the bases are covered.
Primarily, there are two forms of internal controls; functional and physical.
Functional controls are designed to prevent and detect fraud. It also includes activities such s approving payments, authorizing transactions and separation of duties.
Physical controls are designed with a motive of putting physical barriers in place, that play a crucial role in the prevention of access to records, cash or any other accounting information that may be used to conceal any form of fraud.
Below is a list of functional and physical controls that are fairly easy to put in place and also offer protection to business dividends over the long term;
Make a review of your account each day and question any exception items immediately.
Institute dual controls as well as a separation of duties to make the payment process easier.
Purchase insurance coverage to minimize risk.
Have a thorough discussion with your insurance provider on cyber theft protection to assess if it makes any sense for your firm.
Never at any moment send financial data using regular email, since it is insecure and also, easily compromised.
Educate employees about the issue of fraud risks and how to avoid any threats.
Set strict passwords and regularly have a review of your privacy policies. Besides, delete any insensitive and unneeded client data.
Restrict firm network access to make payments to the only firm issued PCs or laptops.
Lock all file cabinets as well as desk drawers that contain sensitive data.
Moreover, the bank is there to assist with any security matters.
Again, review service agreements and your bank account as well, because they include both the client’s protections and responsibilities.
In case of a suspicion of fraudulent activity on your bank account, stolen cads, possible compromised credentials, notify your banker with due effect so that they can act to assist resolve the issue.
It is also imperative to build a good relationship with your bank so that they can familiarize with
Auditors duties
The auditors must meet the management to discuss issues of internal control.
Typically, weak internal controls result in a material misstatement. Therefore, if an auditor gets informed about the weakness of internal control, he or she should give the management the way forward, for instance, the adoption of a strong internal control. Strong internal controls not only detects but also prevent fraud errors.
To sum up, by having a look at the reasons mentioned above, it is precise that an auditor should go for option B.Prevention is indeed better than the cure.