volume ii (part-c) risk control matrices - … · part c - risk control matrices order to cash ......

Risk Control Matrices

522

Volume II

(Part-C)



523

Contents

Volume II

Part C - Risk Control Matrices

Order to Cash .......................................................................................................................... 524

Procurement ........................................................................................................................... 528

Legal and Regulatory .............................................................................................................. 533

Hire to Pay (H2P) .................................................................................................................... 535

Fixed Assets ........................................................................................................................... 537

Inventory ................................................................................................................................. 541

Treasury.................................................................................................................................. 544

Financial Closing & Reporting Process ................................................................................... 547

Joint Venture ........................................................................................................................... 551

Production ............................................................................................................................... 553


524

Order to Cash

1. Sales Order creation

Risk Number : O2C01

Risk Description : Invalid orders are created for further processing.

Control Activity/Mitigation Plan : Sales Order (all products) is prepared on the basis of the

reports received from Production department.

Crude Oil - report having measurement of receipt & dispatch through tank dips

Gas - SCADA report

LPG - report of bulk & cylinder quantities dispatch location wise

Wind Energy - report of units exported to the grid / customer

Financial Statement Assertion : Validity

Frequency of Control : Multiple

Nature of Control : Combination – Automated and Manual

Control Owner : SAP Core Team / Concerned executive from the Finance

department

2. Billing

Risk Number : O2C02

Risk Description : Crude Oil - Unauthorized Invoices are generated using

incorrect terms and prices.

Control Activity/Mitigation Plan: Every month Price master is updated by Finance

department on the basis of Rate per barrel derived from

Reuters Marketwire adjusted to the Gross Product Worth

(GPW) formula for the particular assay. Exchange rate

master is updated by Finance dept. on the basis of rate

derived from RBI website. SAP creates the invoice based

on the system configuration considering the prices

updated by Finance dept. on monthly basis with

reference to the delivery note created in the system by

the pipeline department.

Financial Statement Assertion : Validity, Valuation

Frequency of Control : Monthly



department


525

3. LPG Sale

Risk Number : O2C03

Risk Description : LPG - Unauthorized Invoices are generated using


Control Activity/Mitigation Plan : SAP automatically calculates value of invoice based on

condition types defined for LPG sale. The quantity is

picked up from the Sales Order.





department

4. Gas Sale

Risk Number : O2C04

Risk Description : Gas - Unauthorized Invoices are generated using


Control Activity/Mitigation Plan : Value of invoice is automatically calculated by SAP using

condition types defined for gas sale (for instance,

condition types for Quality, Calorific value, Pressure &

Volume according to the agreement with customers).





department

5. Power Sale

Risk Number : O2C05

Risk Description : Power - Unauthorized Invoices are generated using


Control Activity/Mitigation Plan: Value of invoice is automatically calculated by SAP using

condition types defined for power sale based on the

agreement.





department


526

6. Crude Oil Billing, Gas sale, LPG sale, Power

Risk Number : O2C06

Risk Description : Incorrect recording of invoices.

Control Activity/Mitigation Plan: Sales Invoices can be prepared only by Accounts officer.

These invoices can be released only by Senior Manager

(Finance and Accounts) (SMFA) who verifies & signs the

invoice.

Financial Statement Assertion : Completeness, Recording, Valuation




department

7. Credit Notes for discount to OMC

Risk Number : O2C07

Risk Description : Invalid Credit notes and adjustments to accounts

receivable

Control Activity/Mitigation Plan: Condition types have been configured in SAP which

automatically calculates customer-wise discount and

generates credit notes. The credit notes are prepared by

Accounts Officer & signed by SMFA.

Financial Statement Assertion : Validity, Recording, Valuation




department

8. Credit Notes for discount to OMC

Risk Number : O2C08

Risk Description : Credit notes and adjustments to accounts receivable are

based on invalid discount rates

Control Activity/Mitigation Plan : Ministry of petroleum and natural gas (MOPNG)

provides rate of discount per barrel in its order at the

end of every quarter. These rates are entered in SAP by

accounts officer and verified by SMFA.


Frequency of Control : Quarterly

Nature of Control : Manual

Control Owner : Concerned executive from the Finance department


527

9. Carbon Credits

Risk Number : O2C09

Risk Description : Carbon credits revenue is not appropriately identified

and accounted

Control Activity/Mitigation Plan : Carbon credits revenue is identified with each billing and

entry made in the books.

Financial Statement Assertion : Validity, Recording, Valuation, Cut-off




10. Collections

Risk Number : O2C10

Risk Description : All receipts are recorded inaccurately and in the wrong

period

Control Activity/Mitigation Plan : Statement of Accounts received from customer is

reconciled with AR balances periodically by accounts

officers.

Financial Statement Assertion : Recording, Cut-off




11. Collections

Risk Number : O2C11

Risk Description : Dispute with customer due to incorrect balances

Control Activity/Mitigation Plan : Balance confirmation is taken from the customer on

quarterly basis to ensure correct balances.

Financial Statement Assertion : Validity, Completeness




12. Write-off

Risk Number : O2C12

Risk Description : Unauthorized write-offs

Control Activity/Mitigation Plan : Any write-offs are approved as per delegation of

authority defined, before posting in SAP.

Financial Statement Assertion : Validity, Cut-off





528

Procurement

1. Purchasing

Risk Number : P2P01

Risk Description : Purchase orders are placed only for unapproved

requisitions.

Control Activity/Mitigation Plan : Materials

Purchase orders are created in the system based on

approved budgetary requisition. Purchase orders can be

created in the system only with reference to the

purchase requisition.

Services

The Service orders are based on Approved Service

Requisition. The Service Requisition is prepared on the

basis of approved budgetary requisition/ internal

estimation duly approved by Committee/ F&A.




Control Owner : SAP Core Team

2. Processing Accounts Payable

Risk Number : P2P02

Risk Description : Posting of amounts in incorrect accounts payable

account and represent goods received / in transit

Control Activity/Mitigation Plan : Goods / Services Received

SAP automatically matches vendor invoice transactions

to receipts of goods / Service Entry Sheet (SES) and

purchase orders. It then posts the invoices to the

appropriate vendor account in Accounts Payable and to

the Accounts Payable control account in the general

ledger. Alternatively, SAP can automatically generate and

post vendor invoices once the goods receipt / SES is

posted.

Goods In Transit:

In case of goods in transit where the property has passed

as per PO terms, the accounts payable is immediately

recognized on receipt of Vendor Invoice. Later on the

receipt, inspection & acceptance of goods the GRN is

prepared.

Financial Statement Assertion : Validity, Recording



529



department

3. Processing Accounts Payable

Risk Number : P2P03

Risk Description : Credit notes and other adjustments are incorrectly

calculated and recorded.

Control Activity/Mitigation Plan : Quantity in invoice is linked to GRN while invoice rate is

linked to the PO rate in SAP. There is automated 3-way

matching of invoice with GRN and PO. Discrepancy

Report are raised by MM Dept indicating the nature of

discrepancy of materials. Landed cost of short

shipped/defective materials are debited to the vendors'

account which ensures recovery of the same from the

vendors.

In case of services, as per delegation each authorized

officer reviews supporting documentation before

approving payments. Supporting documentation (hard

copy of vendor invoices, delivery documents, etc) is

cancelled once payment is made.

Financial Statement Assertion : Recording, Valuation




department


530

4. Processing Disbursements

Risk Number : P2P04

Risk Description : Disbursements not made for goods and services as per

terms of Purchase Order

Control Activity/Mitigation Plan : Goods:

As per delegation each authorized officer reviews

supporting documentation before approving payments.

Supporting documentation (hard copy of vendor invoices,

delivery documents, etc) is cancelled once payment is

made, to prevent duplicate recording of invoices.

Services:

As per delegation each authorized officer reviews

supporting documentation before approving payments.

Supporting documentation (hard copy of vendor invoices,

delivery documents, etc) is cancelled once payment is

made.






Risk Number : P2P05

Risk Description : Advances are not adjusted before making final

payments

Control Activity/Mitigation Plan : Advances appear in vendor ledgers in special G/L

Transaction codes and before making payments they are

adjusted in the SAP system.






531


Risk Number : P2P06

Risk Description : Disbursements are distributed to the wrong suppliers.

Control Activity/Mitigation Plan : Bank statements are regularly reconciled to general

ledger regularly by finance executive/cashier and

errors/omissions are rectified and the same is reviewed

by concerned Finance executive.






Risk Number : P2P07

Risk Description : Payments not routed through PO / WO route (FI

Payments).

Control Activity/Mitigation Plan : All FI payments are certified by appropriate user

authority as per delegation of power and note for

approval is sent along with invoice.





8. Vendor Ageing

Risk Number : P2P08

Risk Description : Dispute with vendor due to incorrect balances

Control Activity/Mitigation Plan : Balance confirmation is taken from the vendor on

quarterly basis to ensure correct balances.






532

9. Maintaining Supplier Master Files

Risk Number : P2P09

Risk Description : Unauthorized changes to supplier master

Control Activity/Mitigation Plan : Changes/ updations to vendor master are made on the

basis of approval by management and person granting

approval does not have access to update the same in the

system.






Risk Number : P2P10

Risk Description : Deductions not made as per discrepancy report, before

making payments

Control Activity/Mitigation Plan : Discrepancies report to be checked alongwith GRN

before booking invoices





11. Bank Guarantees

Risk Number : P2P11

Risk Description : Performance / Advance bank guarantees not taken /

renewed timely

Control Activity/Mitigation Plan : Monitoring over Advance / Performance bank

guarantees - Tagging in SAP with PO.






533

Legal and Regulatory

1. Taxes

Risk Number : L&R01

Risk Description : Risk of inaccurate charging of various direct/ indirect

taxes as per the requirement of law.

Control Activity/Mitigation Plan : The various tax rates are updated in the SAP system.

System configuration ensures that tax is calculated and

deducted at appropriate rate.

Financial Statement Assertion : Validity, Completeness, Recording



Control Owner : SAP Core Team

2. Taxes

Risk Number : L&R02

Risk Description : Risk of incorrect calculation and recording of various

direct/ indirect taxes (e.g. Income tax, Dividend tax etc.)

Control Activity/Mitigation Plan : Concerned finance executive (tax) calculates the income

tax, dividend tax and cess at the stipulated frequency.

This is verified by authorized finance executive (tax and

Financial Accounting) for recording in the books of

accounts.





3. Taxes

Risk Number : L&R03

Risk Description : Delay in submission or incorrect submission of various

taxes and related returns with statutory authorities.

Control Activity/Mitigation Plan : Tax compliances are timely monitored

Consultants are hired to get advice on selected matters.

Checklist of various due dates of submission of taxes and

returns should be prepared and monitored






534

4. Legal

Risk Number : L&R04

Risk Description : Incorrect assessment of contingent liability on account

of various regulatory cases in dispute.

Control Activity/Mitigation Plan : Legal department shares the details with finance

department for appropriate reporting

Financial Statement Assertion : Validity, Recording, Cut-off




5. Statutory dues

Risk Number : L&R05

Risk Description : Tracker to be maintained to monitor statutory dues like

VAT, cess, royalty, PF.

Control Activity/Mitigation Plan : Value of invoice is automatically calculated by SAP using

condition types defined for power sale based on the

agreement.






535

Hire to Pay (H2P)

1. Recruitment

Risk Number : H2P01

Risk Description : Risk of payroll disbursements and recorded payroll

expenses not related to actual time worked

Control Activity/Mitigation Plan : Payroll variance analysis is reviewed by Payroll Manager

& Fund manager prior to disbursement. Payroll manager

also verifies calculation of payroll on a sample basis.





2. Payroll

Risk Number : H2P02

Risk Description : Incorrect processing of salary resulting into excess or

short payout

Control Activity/Mitigation Plan : Salary is processed from the SAP based on the master

entered at the time of joining.

Changes to payroll master files in SAP is restricted to

authorised personnel. All changes are made based on

authorized source documents.

Payment process directly through Finance should be

authorised by the responsible person.

Salary processed should be reconciled with the master

and previous month salary for identifying any inaccuracy.





department


536

3. Payroll

Risk Number : H2P03

Risk Description : Inadequate deduction or settlement of loan and

advances resulting into financial loss or incorrect

reporting of loans and advances

Control Activity/Mitigation Plan : Payroll variance analysis is reviewed by Payroll Manager

& Fund manager prior to disbursement. Payroll manager

also verifies calculation of payroll on a sample basis.






537

Fixed Assets

1. Constructed Assets

Risk Number : FA01

Risk Description : Risk of delay in capitalization of Assets

Control Activity/Mitigation Plan : Finance enters the date put to use after AUC settlement

based on Job Closing Advise received from user

departments as and when the assets is commissioned/

installed. After entering the date put to use, asset moves

from AUC to Fixed Assets.





2. Constructed Assets

Risk Number : FA02

Risk Description : Incorrect identification and classification of constructed

asset under correct category resulting into incorrect

depreciation.

Control Activity/Mitigation Plan : Finance verifies the assets categorized and capitalized

under appropriate head.

Financial Statement Assertion : Validity, Completeness, Recording, Cut-off




3. Acquisition

Risk Number : FA03

Risk Description : Risk of not recording or delay in recording of acquired

Fixed Assets in the FAR with accurate value

Control Activity/Mitigation Plan : Concerned finance executive periodically reviews all

changes to the fixed asset register with the base

documents.






538

4. Physical Verification

Risk Number : FA04

Risk Description : Risk of incorrect reporting of Fixed Assets details in the

Financial Report

Inter-sphere/intra-sphere movement of assets not

recorded

Control Activity/Mitigation Plan : 1. The fixed asset register and/or master file data are

periodically reviewed by management for accuracy and

ongoing pertinence and are reconciled to the

corresponding general ledger accounts.

2. Any reconciling items are identified and addressed in a

timely manner

3. Access to Fixed Asset Register is restricted to

authorized personnel.

4. Physical verification of fixed assets is performed by

concerned department in SAP. Authorization for the

same is provided by ERP-FI.

5. Prenumbered identification tags are attached to fixed

assets on acquisition to facilitate accurate identification

of assets and recording of details

Financial Statement Assertion : Validity, Completeness, Recording, Valuation, Cut-off





539

5. Depreciation

Risk Number : FA05

Risk Description : Depreciation charges are not correctly calculated and

recorded in the appropriate period.

Control Activity/Mitigation Plan : 1. Depreciation is calculated by the system based on the

master data updated at the time of capitalization of

Assets.

2. Concerned finance executives reviews the depreciation

calculated by the system and performs variance analysis

for depreciation charge and in case of any major

deviations investigates the same.

Financial Statement Assertion : Completeness, Recording, Cut-off




6. Pre producing Properties

Risk Number : FA06

Risk Description : Pre Producing properties not being recorded and

capitalized correctly

Control Activity/Mitigation Plan : On the basis of Well status reports received by Finance

dept. from Drilling/ G&R on monthly basis:-

In case of success the transfer from well-WBS accounts to

Asset-under-construction (AUC) i.e. Pre-Producing

Property Account.

In case of failure the well WBS account is written off to

P&L manually in SAP after taking approval as per defined

delegation of authority.

In case of deviation from drilling plan the abortive

portion of well WBS account is written off to P&L account

through manual journal entry






540

7. Depletion charges

Risk Number : FA07

Risk Description : Depletion charges are not accurately calculated and


Control Activity/Mitigation Plan : Finance records depletion of Production Properties in

SAP based on the Reserves and Production figures given

in the G&R report & Production Department report on a

quarterly basis.

SAP automatically calculates depletion and passes

necessary accounting entries.

Concerned finance executives verifies the accounting

entries passed by SAP using offline calculations done in

Excel sheet. Necessary corrective entries, if any, are

passed.






541

Inventory

1. Material Receipt

Risk Number : INV01

Risk Description : Risk of incorrect recording of inventory at the time of

receipt of material resulting into incorrect inventory

record and excess/ short payout

Control Activity/Mitigation Plan : Goods received are matched on-line or manually with

purchase order details and/or invoices with challans,

packing list, and invoice and suitability report before

being accepted and taken into stock. Two layer check is

in place to verify goods received with PO. First layer

check is done by concerned finance officer (Accounts

Payable). Second layer check is done by concerned

finance executive (Accounts Payable2).





2. Material Receipt

Risk Number : INV02

Risk Description : Rejected material are not returned and accounted on

timely basis

Control Activity/Mitigation Plan : Rejected materials are adequately segregated from

other materials and regularly monitored to ensure timely

return to suppliers. Reports of rejected materials are

verified by top field/project management on a monthly

basis.






542

3. Material Accounting

Risk Number : INV03

Risk Description : Incorrect inventory value being reported in financial

reports

Control Activity/Mitigation Plan : 1. Physical inventory is counted periodically and

reconciled to the bin card by the materials department.

On a monthly basis, the same are reconciled with the

price stock ledger by the concerned finance executive,

Stores. Discrepancies are reported to the top

management monthly. Adjustment entries, if any, are

passed based on approved documents.

2. If goods received by the user department do not meet

merchantability standards, user departments initiate

return of inventories to materials department through

SAP (using MIGO) and taken up by materials department

with the vendor for correction/replacement.





4. Material Accounting

Risk Number : INV04

Risk Description : Incorrect recording of material issue and consumption

figures

Control Activity/Mitigation Plan : 1. Material is issued or consumed against the approved

requisition in system.

2. Material issued is verified by the store/ material

department.






543

5. Material Receipt

Risk Number : INV05

Risk Description : Delay in recording of GRN resulting into delay in

updating the inventory figures in financial records.

Control Activity/Mitigation Plan : Material receipt is monitored to ensure timely recording

of GRN.

Recording of all GRNs to be ensured before closure of

financial period

Financial Statement Assertion : Validity, Recording, Cut-off





544

Treasury

1. Investment

Risk Number : TR01

Risk Description : Investments of the organization are not recorded.

Control Activity/Mitigation Plan : Authorized personnel reviews the investments

recorded manually with the approval as per delegation

and values are reconciled in books





2. Investment

Risk Number : TR02

Risk Description : All Investment purchases, sales, and maturities are not

recorded accurately in the appropriate period.

Control Activity/Mitigation Plan : Reconciliation of GL account with Mutual funds

statement, bank statement and incoming remittances is

done by concerned finance executive.





3. Interest Accounting

Risk Number : TR03

Risk Description : Income on all investments is not correctly calculated

and recorded in the appropriate period.

Control Activity/Mitigation Plan : Interest is recalculated in excel sheets. These

calculations are verified with bank statements on

maturity. Accounting entry is passed by Accounts officer

and approved by concerned finance executive.






545

4. Dividend Receivable

Risk Number : TR04

Risk Description : All dividend income is not correctly calculated and


Control Activity/Mitigation Plan : Concerned Executives at Corporate Finance verifies the

proceedings of the Board Meetings/AGMs of the

companies, where investment has been made, to

ascertain Dividend declaration and probable date of

receipt.

Same is manually monitored and requisite entries are

passed in books.





5. Term Loans (including ECBs)

Risk Number : TR05

Risk Description : Interest on loans is not calculated and recorded

accurately in the appropriate period.

Control Activity/Mitigation Plan : Interest is recalculated in excel sheets. These

calculations are verified with bank statements.

Accounting entry is passed by Accounts officer and

approved by Treasury Manager






546

6. Bank Guarantees (BG) Issued

Risk Number : TR06

Risk Description : Charges for BG issued are not accounted correctly.

Control Activity/Mitigation Plan : BG to be issued are approved appropriately as per

delegation and are opened through designated banks

only. All BG charges are accounted by the concerned

finance executive.

Financial Statement Assertion : Validity, Recording, Valuation




7. Insurance

Risk Number : TR07

Risk Description : Inadequate / Inappropriate insurance coverage

Control Activity/Mitigation Plan : Insurance is centralized and should be taken for all - All

wells, transit, public liability (Only NELP blocks are

decentralized)

Financial Statement Assertion : Validity, Completeness, Valuation

Frequency of Control : Yearly


Control Owner : Concerned executive from the Finance department at

Duliajan


547

Financial Closing & Reporting Process

1. Financial Closing & Reporting Process

Risk Number : FCRP01

Risk Description : The financial closing and reporting process is not

adequate to identify and update the internal and external

financial reporting requirements and deadlines; the

methodology, format, and frequency of required

analyses; and the content of reporting packages from

departments.

Control Activity/Mitigation Plan : Management has established well-defined accounts

closure circulars to process financial reporting. The

circulars detail all key attributes (e.g., overall timing,

methodology, format and frequency of analyses).

Circulars are approved, and reviewed on a regular basis.

Financial Statement Assertion : Validity, Completeness, Recording, Valuation, Cut-off,

Presentation






Risk Description : Procedures and timetables for communicating relevant

information affecting the financial closing and reporting

process within the entity are not established /

documented, and updated on a timely basis.

Control Activity/Mitigation Plan : Processes and policies are established and documented

regarding the requirements for entity personnel to

communicate information timely to the financial

reporting department with respect to events and

transactions affecting financial reporting, including

reservoir data from G&R department, production

oil/gas/LPG disposal statement from production

departments, electricity generation and distribution from

electrical engineering department, business development

from business development department, joint venture

statements from joint venture operators in case of non-

operating joint ventures, SLOC status, imprest cash, etc.

The compliance with communication processes and

policies is monitored on a regular basis.


548


Presentation






Risk Description : Reconciliations for all significant accounts are not

performed or not prepared on a timely basis. Also, issues

identified (if any) are not resolved and recorded in the

general ledger on a timely basis.

Control Activity/Mitigation Plan : All significant analyses and reconciliations are

independently reviewed in comparison with established

guidelines. Key reconciliations done are, sub-ledger to

general ledger reconciliations, bank reconciliations, cost

ledger to finance ledger, sales reconciliations (sales value

is calculated separately and reconciled with general

ledger balances. Similar reconciliations are done for

royalty, cess, sales tax and service tax). Unusual items

and exceptions in analyses and reconciliations are

documented upon identification. Resolution and

treatment of unusual items identified are documented

and reviewed independently for appropriateness on a

timely basis. Management reviews resolution of items on

a regular basis.


Presentation





549



Risk Description : Journal entries are not reviewed, validated, authorized,

properly and inadequate recording in the accounting

period.

Control Activity/Mitigation Plan : Journal entries have adequate supporting

documentation and are reviewed and approved

independently prior to posting.


Presentation






Risk Description : Disclosure checklists and instructions (or other suitable

mechanisms) are not used in preparing and reviewing of

all draft financial-statement disclosures for completeness

and consistency.

Control Activity/Mitigation Plan : The entity uses up-to-date accounts closure circulars to

ensure that all relevant financial information is disclosed

(1) appropriately in accordance with generally accepted

accounting principles and the entity's accounting and

disclosure policies and (2) in the appropriate accounting

period. Closure circulars provide relevant checklists and

instructions to perform assigned duties in accordance

with the entity's disclosure policies.


Presentation





550



Risk Description : The application of the entity's accounting policies to

each non-routine event or transaction is not performed

and documented.

Control Activity/Mitigation Plan : Accounting treatment for significant non-routine events

and transactions (including those requiring the use of

accounting estimates and judgment (for e.g., actuarial

valuation of retirement benefits, reservoir estimation

based on engineering estimates in the selection and

application of accounting principles, service liability for

service provided but invoice not received) is researched,

analyzed, documented, updated, and communicated to

responsible parties on a regular basis. Such

communication also includes the timeframes and

appropriate methods for computing estimates and the

framework for judgments involved.


Presentation






Risk Description : Dividends paid / declared are not in accordance with

the company policy and prescribed laws and regulation.

Control Activity/Mitigation Plan : Dividend distribution is recommended by the BOD and

approved by the AGM.


Frequency of Control : Yearly




551

Joint Venture

1. Operated Venture

Risk Number : JV01

Risk Description : SAP is not configured correctly for joint ventures

Control Activity/Mitigation Plan : JV team (maker ; checker -concerned finance executive)

creates the JV in SAP on the basis of terms and conditions

(like, penalty percentage, share of overhead, share of

payroll etc.) agreed with the joint venture partners as per

the PSC/JOA. SAP automatically calculates penalties,

allocates share of expenses etc. based on the

configuration for the respective JV


Frequency of Control : Not Applicable

Nature of Control : Automated/Combination Control

Control Owner : JV Team

2. Operated Venture

Risk Number : JV02

Risk Description : Expenses recorded for particular joint ventures are not

valid

Control Activity/Mitigation Plan : Operator creates the budgets for expenses to be

incurred on the joint venture. This budget is approved by

the partners and DGH. JV team (maker checker -

concerned finance executive) configures the WBS in SAP

based on the approved budget. Any further changes to

the WBS are done similarly based on necessary

approvals. SAP does not allow recording any expense for

the JV that is not defined in the WBS.


Frequency of Control : Not Applicable

Nature of Control : Automated/Combination Control

Control Owner : JV Team


552

3. Operated Venture

Risk Number : JV03

Risk Description : Inaccurate processing of all JOA expenses & revenues

and recording after the period which they are disbursed/

received

Control Activity/Mitigation Plan : The share of each Joint Venture partner as per JOA

terms is configured in SAP. SAP automatically allocates

from Joint Venture 1, the joint cost of operation to all

Joint venture partners as per share of involvement

defined in PSC/JOA. Based on this the Finance dept.

monthly raises Cash Call to JV partners. Quarterly,

Finance dept. runs cut-back procedures in SAP & verifies

that the JV1 is reduced to zero balance.

Financial Statement Assertion : Validity, Completeness, Recording, Valuation




4. Non- Operated Venture

Risk Number : JV04

Risk Description : Inaccurate processing of all JOA expenses & revenues

and recording after the period which they are disbursed/

received

Control Activity/Mitigation Plan : Finance dept. books OIL's share of expenditures on the

JV's, on the basis of Cash calls & Monthly Billing

Statement received from Joint Operators. Any deviation

in cash call is reported to the operator for

modification/correction.

Financial Statement Assertion : Validity, Completeness, Recording, Valuation





553

Production

1. Production of crude oil/ condensate

Risk Number : PROD01

Risk Description : Crude oil produced is not recorded accurately and the

recorded period is not correct.

Control Activity/Mitigation Plan : Production is recorded in books (SAP transaction MIGO)

on the basis of measurement of receipt & dispatch

through tank dips taken on as & when basis by

Installation Manager of field installation, reviewed by

Chief Engineer / Zonal In-Charge and approved by Chief

Engineer.

Financial Statement Assertion : Recording, Valuation, Cut-off

Frequency of Control : Daily


Control Owner : Chief Engineer - Production Oil

2. Production of crude oil/ condensate


Risk Description : Crude oil produced is not recorded accurately and the


Control Activity/Mitigation Plan : Production department provides details of production,

losses, dispatch and stock to the Finance dept. on a

monthly basis which is then used by Finance department

to review inventory records in SAP.

Financial Statement Assertion : Recording, Valuation, Cut-off



Control Owner : Chief Engineer - Production Oil


554

3. Production of Gas


Risk Description : Gas produced is not recorded accurately and the


Control Activity/Mitigation Plan : As per contract, quantity produced is sold to the

customer, thus any adjustments to be made to the

production quantity as per contract terms, are based on

the reconciliation meeting held among the gas customer

as well as producer (OIL) / AGCL. This reconciliation

meeting is held in the first week of each month.




Control Owner : Chief Engineer - Production Gas (Utilization)

4. Production of Gas


Risk Description : Gas produced is not recorded accurately and the


Control Activity/Mitigation Plan : The Production of gas is recorded on the basis of daily

report from "SCADA” wherever the facility is available. In

other places where "SCADA" connection is not available

the data is collected manually (periodically) through

Square Root chart using planimeter. Composition of gas

is measured by Chemical department against the gas

sample provided by Production Gas department.




Control Owner : Chief Engineer - Production Gas (Gas Field)


555

5. Production of LPG/ condensate


Risk Description : LPG / Condensate produced is not recorded accurately

and the recorded period is not correct.

Control Activity/Mitigation Plan : The production of LPG and Condensate are recorded

and reported daily on the basis of measurement taken

through Mass Flowmeter by Sr. Engineer Operation (LPG)

and approved by Head-LPG




Control Owner : Head-LPG

6. Renewable energy


Risk Description : Power produced is not recorded accurately and the


Control Activity/Mitigation Plan : The Production is recorded on the basis of meter

reading taken by the Engineer - Renewable Energy




Control Owner : Chief Engineer - Wind Power

volume ii (part-c) risk control matrices - … · part c - risk control matrices order to cash ......

Documents