EssaysForStudent.com - Free Essays, Term Papers & Book Notes
Search

Internal Controls

By:   •  Essay  •  845 Words  •  February 7, 2010  •  990 Views

Page 1 of 4

Join now to read essay Internal Controls

Internal Controls

Internal controls are an essential part of a company’s financial and business policies and procedures. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) defines internal control as “a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations” (COSO).

Internal control systems function at different levels of effectiveness. An effective internal control system is one that provides reasonable protection of assets, the reliability of financial information, and the compliance with laws and regulations (UCOP). An effective internal control helps the organization not only achieve its goals and mission, but also helps the organization promote more effective operations and reduce the possibility of asset loss. Internal controls, however, do not ensure success. The size of the staff, the cost of implementing the system, as well as external events that are beyond the company’s control are among the reasons why internal controls do not provide absolute assurance.

The internal control process consists of five interrelated components: control environment, risk assessment, control activities, information and communication, and monitoring.

• Control environment refers to the “atmosphere in which people conduct their activities and carry out their control” (UCOP). Control environment factors include the integrity and ethical values of the company’s employees, management philosophy and operating style, the way management assigns authority and responsibility, how management organizes and develops its people, and the organization’s policies and procedures. Management needs to make sure that the company has well-written policies and procedures and that all employees are familiar with these.

• Risk assessment is the identification and analysis of relevant risks that affect the achievement of the company’s objectives (operations, financial and compliance) and determining how these risks should be managed. It is imperative for managers to determine the level of risk they are willing to assume, identify these risks and prioritize them.

• Control activities refer to the policies and procedures that help ensure that management directives are carried out. These controls can be either preventive or detective. Preventive controls are the ones that are proactive and include written policies and procedures, approvals, limits to authority and supporting documentation. Detective controls, on the other hand, do not prevent undesirable acts but help detect them. These controls include reconciliations, verifications, and reviews.

• Information and communication refers to the identification of information, the way it is communicated and the time frame in order for people to carry out their responsibilities.

• Monitoring is the process that assesses the quality of the performance of the control system over time. This is accomplished by ongoing monitoring activities and frequent evaluations of the internal controls which help detect existent deficiencies.

There are a variety of internal control techniques that organizations can implement. Implementing segregation of duties to make sure that no one in the organization has control over all aspects of any financial transaction is imperative. It is also important to ensure that all records are frequently reviewed and reconciled by other person

Download as (for upgraded members)  txt (5.9 Kb)   pdf (90.4 Kb)   docx (11.9 Kb)  
Continue for 3 more pages »