In this chapter, we began our study of process control plans, the third level in the control hierarchy (shown in Table 8.3). Our study of process control plans will continue in THE “ORDER-TO-CASH” PROCESS: PART I, MARKETING AND SALES (M/S)–THE BUSINESS REPORTING (BR) PROCESS, where we will apply the control framework and explore controls that are unique to each business process.
Before we leave, let’s address one more aspect of process controls. Many of these controls attempt to detect data that may be in error. For example, a reasonableness test may reject a price change that is beyond a normal limit. But, it may be that the price change has been authorized and correctly entered. As another example, perhaps a customer order is rejected because it does not pass the credit check. But, it might be that it is in the best interest of the company to permit the sale anyway. In these cases, we need to be able to override the control and permit the event to process. If our control system is to remain effective, these overrides must be used sparingly and require a password or key and signature be necessary to effect the override. Finally, a record of all overrides should be periodically reviewed to determine that the override authority is not being abused.