The most important concern of business owners is to ensure that the company assets are adequately protected from loss. With this in mind, many companies engaged in many different approaches in to accomplish this goal. Among such approaches are; insurance, portfolio and internal control system. There is a popular saying that prevention is better than cure. Our company does not currently have internal control system in place which is a preventive measure. The approaches that are currently employed by our company are the insurance and portfolio approach. In this report I will write to justify the vital need for internal control system with insurance and portfolio approach. I will also explain the benefit of the current approach and why internal control system is more beneficial. I understand the passion of the leadership of this organization for the existing risk management approach [insurance and portfolio] however, I will also like to share with you my observation since I have been appointed as the controller of this company. To mention but few, some of my observations are as follows:
The company is at the risk of incorrect data imputing. Data imputing error could either be deliberate on accidental. In either case, this situation demanded the attention of management. This could result in overstating the asset of the company. In the account receivable process, there is no proper record for trade debtors. There are tendencies of removal and deletion of a credit sales record which will cause the company to suffer losses. Depending on the volume of such fraudulent practices, it could ultimately lead to business closure. Under the current account payable process where payments to vendors [trade creditors] were annotated on the account there are grate tendencies for alterations. Such alteration might not be easily detected thereby causing the company a huge loss.
The payroll process currently in place, is time card punching, and the majority of the staff still receives paper checks. Employee could possibly duplicate payroll records or add fictitious overtime. This kind of practice could result in serious inflated salary figure which could run the company short of fund.
As defined in accounting and auditing, “internal control is a process for assuring achievement of an organization’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies.” This is a very valuable tool in the hand of management to measure, direct and monitor the company assets. According to COSO, internal control is said to have five components:
1. “Control Environment: sets the tone for the organization, influence the control consciousness of its people. It is the foundation for all other components of internal control.
2. Risk Assessment: the identification and analysis of relevant risks to the achievement of objectives, forming a basis for how the risk should be managed.
3. Information and Communication: systems or processes that support the identification, capture and exchange of information in a form and time frame that enables people to carry out their responsibilities.
4.
