Chapter 3.2: Internal Controls

Objective 1: Safeguard assets

• Preventing theft, fraud, misuse or loss.

• Must protect assets or risk wasting away large amounts of resources.

Objective 2: Ensure accuracy and reliability of account records and data

• Essential for the proper functioning of the day-to-day operations of an organisation.

• Business must also comply w/ laws, regulations and financial reporting standards.

Objective 3: Promote operational efficiency

• To ensure resources are put to optimum use and expenses minimised.

• Overall, maximising profits for the business.

Objective 4: Encourage employees to adhere to prescribed organisational policies

• To ensure managers and staff work towards organisational goals.

Element 1: Control Environment

Refers to overall attitude of management and employees about the importance of controls.

Factors influencing Control Environment

• Management’s philosophy and operating style - ie whether management emphasizes the importance of internal controls and ensures adherence to control policies

• Business organisation structure for planning and controlling operations

• personal policies that incorporate job descriptions, employee code of ethics and conflict-of-interest policies to enhance the internal control environment

Element 2: Risk Assessment

• Examples of risks: customer requirements, competition, regulatory changes, changes in economic factors

• Management must identify such risks → analyse their significance → asses their likelihood of occurring → take actions to minimise them

Element 3: Control Procedures

• Designed to ensure that organisational goals are achieved and are built upon 8 principles.

Principle 1: Reliable, competent personnel

It is necessary for organisation to employ qualified personnel who are also reliable to carry out their responsibilities.

Principle 2: Responsibility

• Organisation should fix responsibility for the functions to be performed and confer the authority necessary to carry them out.

• Responsibility for tasks should not be shares so that actions can be traced back to the individual responsible for a particular task.

Principle 3: Separation of duties

• Responsibility of related operations should be divided among two or more individuals to minimise errors and fraud.

Principle 4: Rotation of duties

• Advisable to rotate duties among employees and mandate leave for all staff.

• It is so that errors caused by carelessness or fraud or dishonesty can be found out.

Principle 5: Authorisation

• Documents (eg purchase orders, blank cheques) used for authorisation and approval should be prenumbered, accounted for and safegaurded.

Principle 6: Verification

• Refers to the act of checking the accuracy of accounting records by some independent parties or means.

Principle 7: Adequate and accurate documents and records

• Documents should be consecutively numbered to ensure completeness and control missing documents.

• Source documents should be prepared on a timely basis to capture all transactions that have occurred.

Principle 8: Physical controls and security

• Refers to the controls that physically safeguard the assets (cash, inventories, fixed assets).

• Includes control over access through keys and employee identification cards, cash registers, safes, secure areas for inventory storage, video surveillance etc

Element 4: Monitoring of Controls

• To locate weaknesses and possible loopholes and strengthen the controls to overcome those weaknesses in the system.

• Includes observing employee behaviour and the accounting system for indicators of control problems.

• Requires constant evaluation of controls and independent compliance check by auditors.

Element 5: Information System

• Information is used by management for guiding operations and ensuring compliance w/ internal procedures and policies as well as external legal and regulatory requirements.