Essay I –Internal controls
I. Internal Controls: Internal control structures minimize risk to the company that objectives will not be achieved. Internal control is a process, put into place by the board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
A. Operations: Helps to assure effectiveness and efficiency.
B. Reporting: Assures reliability of reporting.
C. Compliance: Helps to assure compliance with laws and regulations.
II. Key Points: There are three key points to developing n sound and effective Internal Control Structure:
A. Core Organization: The people who determine whether an organization operates well and minimizes risk.
B. Risk Assessment: A thorough risk assessment must be done to determine what risks will get in the way of achieving the corporate objectives. In light of recent restructuring and re-engineering it is important to note new risks. “These organizational changes often involve removal of control-related activities and experienced managers that have performed such activities. The resulting elimination of excess costs and improved productivity clearly has benefited shareholders, including employees fortunate enough to also be investors. With extreme cost pressures, there is an understandable reluctance to accept more regulation and standards.” (Larson, 1996)
C. Control: Analyze all risk areas and control activities to mitigate the risk, including financial reporting and compliance.
III. Resulting Errors: Lack of controls may result in many types of errors.
A. Operational: Lack of controls may result in misappropriation, wasted time, and risk to the entity
1. Inadequate Segregation of Duties: The most common finding, - physical custody of an asset should be separate from the related record keeping control. (Indiana U)
2. Misappropriation: Converting an asset to the use of a non-owner. Assets should be physically safeguarded against improper use or theft
3. Misstatement: To incorrectly represent a fact, either intentionally or not. It is important that all relevant personnel be knowledgeable about the policies and procedures governing their area.
B. Reporting: It is also important to comply with all GAAP so reports can be relied upon. Investors and other stakeholders rely on the information provided in financial statements to make investment decisions. The entity has an obligation to them to conform to standards and follow all rules and laws.
IV. All Employees Reduce Risk: Personnel at all levels can utilize the COSO Framework “to strengthen processes that reduce the likelihood of material failures of all kinds, not just those associated with financial reporting. Operating personnel must play a vital role in establishing and maintaining an effective internal control process”. (Larson) Adequate training and a thorough understanding of the five components will enable all employees to participate in the internal control process. (Burnaby)
A. Control Environment: A shared vision, ethical standards and a commitment to competence are soft controls that help provide discipline and structure. Other environmental factors which will help a company include buy-in by senior management, and an organizational structure which helps everyone understand roles and responsibilities.
B. Risk Assessment: Employees must be certain that they understand all the policies and procedures that their company uses which comply with GAAP, Generally Accepted Accounting Standards.
C. Control Activities: Control activities are policies and procedures which the company has put in place to ensure that everyone knows what to do. HR practices, which promote this such as