Scribd
Upload
65 views

Internal Control

The document defines internal control as any actions taken by management to reasonably ensure that an organization achieves its objectives related to operations, financial reporting, and compliance. It discusses control frameworks, components of an effective control system, types of controls, and characteristics of effective controls. Internal control is a process effected by the board of directors, management, and other personnel to help an entity achieve its objectives.

Uploaded by

Janelle Mendoza
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
65 views

Internal Control

The document defines internal control as any actions taken by management to reasonably ensure that an organization achieves its objectives related to operations, financial reporting, and compliance. It discusses control frameworks, components of an effective control system, types of controls, and characteristics of effective controls. Internal control is a process effected by the board of directors, management, and other personnel to help an entity achieve its objectives.

Uploaded by

Janelle Mendoza
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 27

INTERNAL CONTROL

CONTROL DEFINED
IIA:
“Control is the employment of all the means devised in
an enterprise to promote, direct, restrain, govern &
check upon its various activities for the purpose of
seeing that enterprise objectives are met. These means
of control include, but are not limited to, form of org.,
policies, systems, procedures, instructions, standards,
committees, charts of accts., forecasts, budgets,
schedules, reports, records, checklists, methods, devices,
& internal auditing.”
CONTROL DEFINED
IIA Practice Advisory 2100-1:
“Control is any action taken by mgt. to enhance the
likelihood that established objectives & goals will be
achieved. Controls may be preventive (to deter undesirable
events from occurring), detective (to detect & correct
undesirable events that have occurred), or directive (to
cause or encourage a desirable event to occur). The concept
of a system of control is the integrated collection of control
components & activities that are used by an org. to achieve
its objectives & goals.”
CONTROL DEFINED
Committee of Sponsoring Org. (COSO):
“Control is a process effected by an entity’s board of
directors, mgt. & other personnel, designed to provide
reasonable assurance regarding the achievement of
objectives in the ff. categories:
 Effectiveness & efficiency of operations

 Reliability of financial reporting

 Compliance with laws & regulations


COSO DEFINITION: KEY ELEMENTS
1. Internal Control is a Process.
- A dynamic, iterative process
- Control process includes:
a. Setting standards (in terms of quantity, quality, time,
cost)
b. Measuring performance

- Control pts.: pts. at w/c performance is measured;


deemed critical.
c. Evaluation & correction
COSO DEFINITION: KEY ELEMENTS
2. Internal Control is Effected by People
a. BOD & Senior Mgt.
BOD: obtains assurance re effectiveness of
control processes
Senior mgt.: oversees establishment,
administration, & assessment of risk mgt. system &
control processes.
COSO DEFINITION: KEY ELEMENTS
b. Org’s Managers
- Assess control processes in respective areas
c. Internal & external auditors
- Provide assurance about effectiveness of risk
mgt. & control processes
COSO DEFINITION: KEY ELEMENTS
3. Internal Control can provide only reasonable assurance
- Level of assurance supported by generally accepted
audit procedures & judgment.
4. Internal control is geared towards achievement of
objectives in 1 or more separate but overlapping
categories:
 Operations objectives

 Reporting objectives

 Compliance objectives
INTERNAL CONTROL LIMITATIONS
1. Human imperfections
 Controls may fail ‘coz of simple human

errors/mistakes
2. Collusion can circumvent controls
3. Mgt. may inappropriately override internal control
- May be done for personal gain or misrepresentation
of firm’s performance
INTERNAL CONTROL LIMITATIONS
4. No absolute deterrents to fraud.
5. Costs must not be > benefits of control
INTERNAL CONTROL FRAMEWORKS

 3 frameworks recognized globally:


1. Internal Control – Integrated Framework issued by
COSO
2. Guidance on Control issued by CoCo or The
Canadian Institute of Chartered Accountants
3. Internal Control Guidance for Directors on the
Combined Code (Turnbull) issued by The Institute
of Chartered Accountants – Wales, England
 COSO framework: most recognized & widely
accepted
INTERNAL AUDIT ROLE IN
ORGANIZATIONAL CONTROL
1. Internal audit activity is part of mgt’s concern for
total control process
2. Internal auditors must be familiar w/ org.
arrangements
3. Internal auditors must relate operational
arrangements to operational deficiencies
COMPONENTS OF CONTROL
- 5 components:
1. Control environment
2. Risk assessment
3. Control activities
4. Information & communication
5. Monitoring
COMPONENTS OF CONTROL
1. Control Environment
- Foundation of all other components
- Sets org’s tone; reflects attitude & actions re control
significance
- Provides discipline & structure for achievement of
internal control’s primary objectives
COMPONENTS OF CONTROL
Elements of Control Environment
a. Integrity & ethical values
b. Commitment to competence
c. Board of directors or audit committee
participation
d. Mgt’s philosophy & operating style
e. Organizational structure
f. Assignment of authority & responsibility
g. Human resource policies & practices
COMPONENTS OF CONTROL
2. Risk Assessment
- Based on set of complementary operational,

financial reporting, & compliance objectives linked


across all org. levels
- Identifies & analyzes internal & external risks

- Forms basis for how risks should be managed


COMPONENTS OF CONTROL
 Ff. factors affecting risk are given special attention:
 Changes in operating environment
 New personnel
 New/revamped info systems
 Rapid growth
 New technology
 New business lines, products, activities
 Corporate restructuring
 Expanded foreign operations
COMPONENTS OF CONTROL
3. Control Activities
- Policies & procedures aimed at ensuring mgt.

directives are executed & actions are taken to


address risks
- Control devices: quantitative (e.g., budgets, quotas)

or qualitative (e.g, job instructions, quality control


standards)
COMPONENTS OF CONTROL
Elements of Control Activities
 Policies

 Procedures

Policy: any stated principle that requires, guides or


restricts action
Procedures: methods employed to carry out activities
in conformity w/ prescribed policies
COMPONENTS OF CONTROL
Factors to Consider in Developing Control Activities
a. Performance reviews (by top mgrs, & at
functional/activity level)
- e.g., Actual performance vs. budgets
a. Analysis of performance indicators
b. Information processing (may involve application &
general controls)
c. Physical controls (e.g., asset security, periodic count)
d. Segregation of duties (separation of functions of
authorization, record keeping & asset custody)
COMPONENTS OF CONTROL
Factors in Evaluating Overall Effectiveness of Control
Processes
 Were reportable conditions discovered? If so, were
corrections/improvements made after the discoveries?
 Do the discoveries & their consequences lead to
conclusion that a pervasive condition exists resulting in
unacceptable level of business risk?
 Reportable conditions: control weaknesses involving
significant deficiencies in:
 Control environment
 Acctg. system
 Control procedures
TYPES OF CONTROLS
A. As to Function (note: additional items added here not in
book)
1. Preventive
- Intended to deter undesirable events
- Intended to function during activity/transaction
- functions that must be segregated:
a. Authorization
b. Recording
c. Custody
d. Execution (to the extent possible)
e. Setting up of accountabilities
TYPES OF CONTROLS
Principles
1. No one person should exercise the 5 functions
- Incompatible functions: enable person to commit &
cover up irregularities
2. No one person should control 2 or more functional
responsibilities
Benefits of Proper Segregation
1. More difficult perpetration of irregularities
2. Errors more likely to be uncovered & corrected
3. Permits specialization to achieve efficiency
TYPES OF CONTROLS
2. Detective/Corrective
- detect & correct undesirable events
3. Directive – cause/encourage a desirable event to occur
B. As to Nature (note: definitions not in book)
1. Accounting control: plan of enterprise & procedures &
records concerned w/
 Safeguarding of assets

 Reliability of financial records

2. Administrative control: includes, but not limited to, plan of


enterprise & procedures & records concerning decision
processes leading to mgt. authorization of transactions
TYPES OF CONTROLS
C. Other Types
1. Feedback controls:
- Provide info as to whether desired state has been
attained/maintained
- Corrective action after fact

2. Concurrent controls:
- Adjust ongoing processes

- Real-time controls

3. Feedforward controls
- Anticipate & prevent problems

- Require long-term perspective


CHARACTERISTICS OF
EFFECTIVE CONTROL
1. Economical
2. Meaningful
3. Appropriate
4. Congruent (consistent w/ need for & ability to
obtain precise measurement)
5. Timely
6. Simple
7. Operational (relevant to a planned result)
CONTROLS OVER BUSINESS PROCESSES

 See sample controls for sales & collection, &


acquisitions & payment processes in book

You might also like