Internal Control

Five Elements of Internal Control:

• Control Environment

A business’s control environment is the overall attitude of management and employees about the importance of control. Three factors that influence the control environment are:

- Management’s philosophy and operating style, because a management that over emphasizes operating goals and deviates from control policies may indirectly encourage employees to ignore controls.

- Business’s organizational structure, which is the framework for planning and controlling operations.

- Personnel policies, which involve the hiring, training, evaluation, compensation, promotion of employees, job descriptions, employee’s code of ethics, and conflict-of-interest policies are part of the personnel policies. Such policies can enhance the internal control environment if they provide reasonable assurance that only competent, honest employees are hired and retained.

• Risk Assessment

All companies face risks, such as changes in costumer requirements, competitive threats, regulatory changes, and employee violations of company policies and procedures. The management must be aware of these risks and take necessary actions to control them. Once risks are identified, they can be analyzed to estimate their significance, to assess their likelihood of occurring, and determine actions that will minimize them. Some examples are:

- Clear objectivities regarding operating, financial reporting, and law compliance functions

- An entity-wide review to assess and evaluate risks.

• Control Procedures

Control procedures are established to provide reasonable assurance that business goals will be achieved, including the prevention of fraud. Some control procedures that can be integrated throughout the accounting system are:

- Competent personnel, rotating duties, and mandatory vacations. The successful operation of accounting system requires procedures that ensure that people are able to perform duties to which they are assigned. Thus, it is necessary to have all accounting employees trained and supervised in performing their job.

- Separating responsibilities for related operations. This can be done to decrease the possibility of inefficiency, errors, and fraud by dividing responsibility for related operation to two or more people.

- Separating operations, custody of assets, and accounting. This can be done to decrease the possibility of having errors and fraud. Then, the accounting records cans serve as an independent check on the individuals who have custody of the assets and who engage in the business operations.

- Proofs and security measures. This should be done to safeguard asset and ensure reliable accounting data. Some examples of security measures are:

1. Immediately deposit all cash in a bank account.

2. Use cash registers to record sales.

3. Have employees bonded

4. Install security cameras or hire security guards.

• Monitoring

Monitoring can help locates weakness and improves control effectiveness. In this way, the internal control system can react dynamically, changing as conditions warrant. Some examples include:

- Regular receipt reports of problem in the internal controls (from external/internal auditors).

- Prompt follow-up on unusual variances from budget.

• Information and Communication

Information and communication are essential because they enable people to capture and share the information needed to conduct, manage, and control operations; also, to ensure compliance with reporting, legal, and regulatory requirements. The management can also use external information to assess events and conditions that impact decision making.