Overview of Internal Controls

Internal Control is a process used in a company for these objectives

to ensure the reliability of financial reporting, compliance with laws and regulations, and effective and efficient operations.

• Operations

• Reporting

• Compliance

Operations (Internal Control)

• Promote effective operations to protects assets

• Maintain a good reputation

• Ensure a positive return on investment

• Increase market share, promote new product innovation, and use assets effectively and efficiently.

Reporting (Internal Control)

• Ensure accurate accounting and recordkeeping to produce reliable financial reports• Facilitate transparency and accountability in financial reporting.

Compliance (Internal Control)

• Adhere to laws and regulations to avoid legal penalties. • Establish policies and procedures to ensure ethical conduct and operational integrity.

These controls are put in place my management of a company and evaluated by auditors for effectiveness

• Management should design internal control activities to achieve objectives and to respond to risks

• The Committee of Sponsoring Organizations’ (COSO) established an integrated framework for internal controls

• This framework is the gold standard for creating a strong control environment

• Management should use this framework when developing and evaluating the company’s internal control processes and procedures.

Internal Control Systems Can

• Prevent theft and losses

• Optimize Operations

• Facilitate Financial Reporting

A well designed internal control system is based on three key objectives which are the umbrella objectives provided by the Committee of Sponsoring Organizations (COSO) Framework.

• Operations

• Reporting

• Compliance

According to the COSO Framework - Access risk through five integrated processes for Internal Control

1. Control environment

2. Risk assessment

3. Control activities

4. Information and communication

5. Monitoring

Control Environment (COSO) - Control Environment

• Commitment to integrity and ethical values

• Independent board oversight

• Ethical tone of the organization

• Web of standards, processes, and atmospheres set by management that condones and encourages ethical behavior

• Setting a good example is a key ingredient in creating a strong control environment

Control Environment (COSO) - Risk Assessment

• Risk identification and assessment of internal and external risks regarding the objectives of a business so that control measures can be taken

• Considers potential for fraud

Control Environment (COSO) - Control Activities

• Develop and implement internal controls

• Controls for processing data via software

• Put in place to reduce the risk identified in the risk assessment

Control Environment (COSO) - Information & Communication

• Internal communication

• External Communication

• A system should be in place to ensure a good flow of information, up, down, and across levels within the organization

Control Environment (COSO) - Monitoring Activities

• Ongoing evaluation and monitoring

• Corrective action for weakness

• To ensure once internal controls are put in to place they are functioning properly

• An organization could design a highly effective set of controls, but if they are not implemented and maintained properly they will not be effective.