Resume of Accounting Decision Tools

Internal Control
It is a process to ensure an organization's objectives for operational effectiveness and
efficiency, reliable financial reporting, and compliance with laws, regulations, and policies
reasonable.
 Protect and preserve the patrimony against loss, waste, misuse, irregularity or
illegal act.
 Demand reliability and timeliness of information
 Ensure efficiency and effectiveness of operations.
 Comply with the legal and technical system.
Components of internal control:
1. Control environment: Includes a set of factors that the manager and the
employees must establish and maintain to allow the development of a positive and
supportive attitude for internal control.
2. Risk measurement: It correspond to the identification and evaluation of the risk
faced by the company.
3. Control activities: Correspond to the policies and procedures that managers and
employees must established to ensure that the activities necessary for satisfactory
business performance are carried out.
4. Information systems: Process that managers identify, records and communicates
in the form, time and precise conditions, financial, administrative or other process
related to internal and external control.
5. Monitoring: Includes activities undertaken to asses the quality of operation of the
internal control system – and thus the achievement of business objectives and also
to ensure that the findings of the audit and the results of other reviews are
addressed promptly.
Pyramid
Polices of internal control

 The objective of the administration.

 The orderly and efficient conduct of your business.
 Adherence to management policies.
 Safeguarding assets.
 Prevention and detection of fraud and error.
 Accuracy and completeness of accounting records.
 Preparation of reliable financial information.
Types of risk
Inherent risk: is this of susceptibility of the balance of an account or class of transactions to
misrepresentation that could be of reliable importance.
Control Risk: is there a risk that an erroneous representation that could occur in the
account balance or class of transactions and that could be of reliable importance
individually or when aggregated with erroneous representations in order balances or
classes is not prevented or detected and corrected with opportunity by accounting an
internal control system.
Detection risk: Is there risk that an auditor’s substantive procedure fail to detect and
misrepresentation that exists in an account or balance or class of transactions that could
be material, individually or when aggregated with misrepresentation in other balances or
classes.

Types of control
Administrative control: it is not limited to the organizations plans and procedures that relate
to the decision process leading to the authorizations of exchanges is related to efficiency
in the operations established by the entity.
Financial accounting control: include the organization plans and records concerning by the
safeguarding of assets and the reliability of accounting and financial records.
Operational control: these will determinate the achievement of compliance with the
procedures of a company in the achievement of the objectives.
Objectives of internal control
Authorization objectives: authorizations objectives deal with all those controls that must be
established to ensure that the policies and criteria established by the administration are
being met and that these are adequate.
Transaction processing and classification objectives: these objectives deal with all those
controls that must be established to ensure the correct recognition, processing,
classification, registration and reporting of transactions occurring in a company as well as
adjustments to them.
Verification and immigration of objectives: These objectives deal with all those controls
related to the verification and periodic evaluation of the balances that are reported as well
as the integrity of the processing systems.
Physical safeguarding objectives: These objectives deal with those controls relating to
access to assets records important forms process locations and process for signatures.
Principles of internal control

 Limited liability
 Separation of incompatible functions
 Division of the processing of each transaction
 Selection of skills and training services
 Application of continuous accuracy testing
 Rotation of duties
 Bonds
 Written instructions
 Use of control accounts
 Use of mechanical equipment with test devices
 Use of pre-numbered forms
 Avoid the use of cash
 Use of minimum bank accounts
 Immediate and intact deposits
Limitations of internal control in the company’s accounts

 About procedures
 Proper instructions to staff
 Stuff induction
 Cost of internal control versus data controlled
 Expected and unusual operations
 Staff collusions
 Breach of trust

Risk measurement
It is the process half assessing and quantifying the level of risk associated particular
activity, investment or decision. It allows individuals and organizations to take informed
decisions based on the level of risk they are willing to take.
Methods used to measure risk

 Probability and impact analysis: this method involves assessing the probability of
an event occurring and the potential impact it could have on the organization.
 Scenario analysis this method: involves developing hypothetical scenarios and
analyzing the potential outcomes to determinate the level of risk associated with
each scenario
  Sensitivity analysis: this method involves assessing how changes in various factors
such as the interest rates or exchange rates could affect the outcomes of a
decision or investment
 Stress testing this method involves subjecting assistant our portfolio to extreme
and adverse market conditions to terminate the level of risk exposure.

Control activities
Control activities are one of the five components of internal control and refer to the specific
actions or measures taken by an organization to help mitigate risk and achieve its
objectives.

Examples of control activities

 Segregation of duties: this control activity involves separating the duties of

individuals involved in a process to prevent anyone person for having too much
control over a particular activity.
 Authorization and approval: this control activity involves requiring approval from
designate individuals before a transaction can take place.
 Physical controls: this control activity involves physical measures such as locks,
cameras and security guards to help prevent teeth or damage to assets.
 Information processing controls; this control activity involves ensuring that data is
accurate, complete and confidential.
 Performance reviews: this control activity involves regularly reviewing performance
and comparing it against established standards or benchmarks.
Information systems IS
They are a collection of hardware, software, data and personnel that are used to manage
process, store, and disseminate information within an organization.
Types of information systems

 Transaction processing systems TPS: these systems are used to persist and
record day-to-day business transactions such as sales, purchases and payments.
 Management information systems MIS: these systems are used to generate
reports and provide information to support decision making at the managerial level
 Decision support system DSS: this system are used to support decision making by
providing data analysis tools and models to help managers evaluate alternatives
and make informed decisions.
 Executive information systems EIS: these systems are used by senior executives
to monitor the performance for the organization and track key performance
indicators.
 Enterprise resource planning ERP systems: these systems integrate multiple
functional areas of an organization such as finance, human resources and
inventory management into a single software system.

IS also play a clear critical role in cybersecurity as they are frequent targets of cyber-
attacks to ensure the security of IS organizations must implement appropriate security
controls such as firewalls, antivirus, software, access controls and data encryption.