Skip to Content
TS-FS-03 Trust & Stewardship Financial Stewardship CORE Compliance v2.9.7

Robust accounting system

This criterion assesses whether the organization has implemented a reliable, secure, and appropriate accounting system that accurately records all financial transactions and produces timely financial reports. A robust accounting system is fundamental to financial management, transparency, and accountability. Scope includes system configuration, access/security, audit trails, period controls, journal workflows, reconciliations support, and interface/import controls. Budgeting/forecasting and strategic performance reporting are assessed only insofar as they are generated from the accounting system.

Assessment Questions
  1. How does the organization ensure that all financial transactions are recorded accurately, completely, and in a timely manner in accordance with its accounting policies?
  2. Describe the accounting system/software in use. What measures are in place to ensure its reliability, security (e.g., access controls, data backups), and integrity?
  3. What is the process for generating key financial reports (e.g., Statement of Financial Position, Income Statement, Cash Flow Statement), and how is their accuracy and timeliness ensured?
  4. How frequently are financial accounts (e.g., bank accounts, payables, receivables) reconciled, and what is the process for investigating and resolving discrepancies?
  5. How is the financial data from the accounting system used to support budgeting, forecasting, and strategic decision-making across the organization?
  6. How does the organization ensure its accounting practices and reporting comply with both local regulations and relevant Islamic accounting principles/standards (e.g., AAOIFI)?
  7. What is your month-end close timetable and average close time? How are prior periods locked?
  8. Describe your joiner–mover–leaver process. When was the last access recertification and SoD review?
  9. When was the last successful backup restore test? What are your defined RPO/RTO?
  10. How are journal entries approved and evidenced? Provide a sample audit trail.
  11. How is SORP-compliant fund accounting configured (restricted/endowment), and how are grants/projects tracked?
  12. Show how your CoA/funds map to SoFA headings and restricted fund movement reporting; provide a fund movement schedule from the system.
  13. Describe controls over bank feeds/imports/API integrations: who owns them, what exception reports exist, and how duplicates/failed imports are handled.
  14. If VAT-registered, how do you meet MTD digital links requirements between source systems and VAT returns?
  15. How do your system controls foster ṣidq (truthfulness) and amānah (trustworthiness) in daily postings? How does the concept of Tawakkul (tie your camel) apply to your backup and security controls?
Evidence Requirements
  • Documented accounting policies and procedures manual, including the Chart of Accounts.
  • A sample of key financial reports (e.g., P&L, Balance Sheet, Cash Flow) from the last three reporting periods.
  • Evidence of regular account reconciliations (e.g., signed-off bank reconciliation statements).
  • System-generated audit trails or access control logs from the accounting software.
  • Minutes of management meetings or board reports where financial data was used for strategic analysis and decision-making.
  • External or internal audit reports that comment on the accounting system and internal financial controls.
  • Quarterly user access review sign-offs and SoD analysis for the last two quarters.
  • Last 3 JML tickets (joiner, mover, leaver) showing approval and completion timestamps.
  • Screenshot/config export showing MFA enabled for finance users/admins.
  • Sample monthly privileged activity log review sign-off.
  • Change log and approvals for Chart of Accounts/master data changes in the last 12 months.
  • Documented results of the last annual backup restore/DR test, including RPO/RTO.
  • Period-close checklist with evidence of prior-period locks and completion dates for the last three months.
  • Vendor assurance: SOC 1/SOC 2 Type II or ISO/IEC 27001 certificate for cloud accounting provider and DPA/processor agreement.
  • MTD VAT digital links evidence (if applicable).
  • Sample end-to-end audit trail for a high-risk transaction (e.g., grant disbursement) from initiation to posting and reconciliation.
Scoring Guidelines
LevelRatingDescription
5 5/5 Advanced, secure system with excellent controls, integration, and reporting capabilities
4 4/5 Good system with appropriate controls and reliable reporting
3 3/5 Adequate system but with limited functionality or integration
2 2/5 Basic system with significant limitations or reliability issues
1 1/5 Inadequate or non-existent formal accounting system

Related Criteria

TS-FS-01 Trustees review management accounts TS-FS-02 Banking, procurement & AML controls TS-FS-04 Segregate and control Zakat vs Sadaqah (ledgers, banking, donor intent) TS-FS-05 Fundraising costs fairly reported TS-FS-06 Statutory accounts externally audited/examined with clean outcome and filed on time (all applicable regulators)
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 11:07:46.977254

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Updated islamic_references from mizan-297.json

Sign in to post a comment.

Back to Criteria