Internal control of accounting system

Internal Control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives.

COSO defines internal control as having five components

• Control Environment-sets the tone for the organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control.
• Risk Assessment-the identification and analysis of relevant risks to the achievement of objectives, forming a basis for how the risks should be managed
• Information and Communication-systems or processes that support the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities
• Control Activities-the policies and procedures that help ensure management directives are carried out.

Roles and responsibilities in internal control

Management

The Chief Executive Officer (the top manager) of the organization has overall responsibility for designing and implementing effective internal control.

Board of Directors

Management is accountable to the board of directors, which provides governance, guidance and oversight. Effective board members are objective, capable and inquisitive. They also have a knowledge of the entity's activities and environment, and commit the time necessary to fulfill their board responsibilities.

Auditors

The internal auditors and external auditors of the organization also measure the effectiveness of internal control through their efforts. They assess whether the controls are properly designed, implemented and working effectively, and make recommendations on how to improve internal control.

Limitations

Effective internal control implies the organization generates reliable financial reporting and substantially complies with the laws and regulations that apply to it. However, whether an organization achieves operational and strategic objectives may depend on factors outside the enterprise, such as competition or technological innovation.

Describing Internal Controls and Objective categorization

Internal controls may be described in terms of:

•  the objective they pertain to
•  the nature of the control activity itself.

Objetives:

• Existence (Validity): Only valid or authorized transactions are processed. 
• Occurrence (Cutoff): Transactions occurred during the correct period or were processed timely.
• Completeness: All transactions are processed that should be (i.e., no omissions)
• Valuation: Transactions are calculated using an appropriate methodology or are computationally accurate.

 

 

Activity categorization

Segregation of duties - separating authorization, custody, and record keeping roles to limit risk of fraud or error by one person. Authorization of transactions - review of particular transactions by an appropriate person. Supervision or monitoring of operations - observation or review of ongoing operational activity.
Physical safeguards - usage of cameras, locks, physical barriers, etc. to protect property, such as merchandise inventory. IT Security - usage of passwords, access logs, etc. to ensure access restricted to authorized personnel. Top level reviews-Management review of reports comparing actual performance versus plans, goals, and established objectives.

Control Precision and Consequences of Poor Internal Control

Precision is distinct from sufficiency; that is, multiple controls with varying degrees of precision may be involved in achieving a control objective or mitigating a risk.

Some results of poor internal controls include:
Theft and fraud.  
Wrong decisions made.
Action not taken in time to correct problems.
Poor decisions taken for the business.
Lack of resources allocated to correct any business situation.

 

Sources

TAKEN FROM

Øhttp://www.moneyinstructor.com/doc/internalcontrol.asp
               Principio del formulario
Øhttp://www.startrungrow.com/information/business/

              1,2350,1,types-of-internal-control.htm

ØWikipedia, the free encyclopedia

References

Ø^ COSO Definition of Internal Control

Ø^ van Creveld, Martin. The Rise and Decline of the State. Cambridge University Press. pp. 49. ISBN 0-521-65629-X

Ø^ SEC Interpretive Guidance

Ø^ Matti Mattila: The ECAR Model

Ø^ Statement on Auditing Standards #106

Ø^ PCAOB AS5

Ø^ PCAOB Small Co Guidance Draft

Ø^ Rezaee, Zabihollah. Financial Statement Fraud: Prevention and Detection. New York: Wiley; 2002.

Ø^ D&T Anti-fraud Programs & Controls

Ø^AICPA Management Antifraud Programs and Controls

Ø^ AICPA Management Override

Ø^ Managing the Business Risk of Fraud

Ø^ Using COSO Principles to Improve Performance, Bizmanualz

ØInternational Organization of Supreme Audit Institutions (INTOSAI): Guidelines for internal control standards (1992)

ØCommittee of Sponsoring Organizations of the Treadway Commission: Internal control - integrated framework (1994)

ØNew York State Internal Control Association (NYSICA)