Internal control system

internal control describes

the policies, plans and procedures implemented by the management of an organisation to protect its assets, ensure accuracy and completeness of its financial info and to meet its business objectives

people involved in internal control system

people involved are board of directors, management, other key personnel

how does ics provide reasonable assurance

efficiency of operations
reliability of reporting

protection of assets
compliance with applicable laws and regulations

ICS objectives/advantages

• safeguard assets

• check the accuracy and reliability of accounting data

• promote operational efficiency

• enforce prescribed managerial policies

ics also organise and evaluate their corporate governance structure - there are several frameworks

INTOSAI

COCOS FRAMEWORK

COSOS IC FRAMEWORK

UK CORP GOVERNANCE CODE

THREATS TO AIS

natural and political disasters

software and equipment malfunctions

unintentional acts like human error

intentional acts like computer crime

at different phases there are different threats

at point where data is collected

• important to establish security controls that ensure transation is valid and free from error

during data processing phase

• eg creating illegal programs, viruses, deleting files

threats to database management

• unauthorised access can tamper with data

• failure to maintain backup files

threats to info generation and reporting phase

• eg theft or misuse of computer output