Internal Control

Internal Control

A process, affected by the entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity’s) objectives on:

 Effectiveness and efficiency of operations

 Reliability of financial reporting

 Compliance with applicable laws and regulations

Control Objectives

 In each area of internal control (financial reporting, operations and compliance)

 Control objectives and

 Sub objectives exist

 Example: Area of financial reporting

 Top level objective – prepare and issue reliable financial information

 Detailed level applied to A/R sub objectives

• All goods shipped are accurately billed in the proper period

• Invoices are accurately recorded for all authorized shipments and only for such shipments

• Authorized and only authorized sales returns and allowances are accurately recorded

• The continued completeness and accuracy of A/R is ensured

• Accounts receivable records are safeguarded

Foreign Corrupt Practices Act

 Passed in 1977 in response to American corporation practice of paying bribes and kickbacks to officials in foreign countries to obtain business

 The Act

 Requires an effective system of internal control

 Makes illegal payment of bribes to foreign officials

Controls over Financial Reporting

 Preventive

 Aimed at avoiding the occurrence of misstatements in the financial statements

 Example: Segregation of duties

 Detective

 Designed to discover misstatements after they have occurred

 Example: Monthly bank reconciliations

 Corrective

 Needed to remedy the situation uncovered by detective controls

 Example: Backups of master file

 Controls overlap

 Complementary – function together

 Redundant – address same assertion or control objective

 Compensating – reduces risk existing weakness will result in misstatement

Components of Internal Control

 The Control Environment

 Risk Assessment

 The Accounting Information and Communication System

 Control Activities

 Monitoring

Control Environment Factors

 Integrity and ethical values

 Commitment to competence

 Board of directors or audit committee

 Management philosophy and operating style

 Organizational structure

 Human resource policies and practices

 Assignment of authority and responsibility

Risk Assessment--Factors Indicative of Increased Financial Reporting Risk

 Changes in the regulatory or operating environment

 Changes in personnel

 Implementation of a new or modified information system

 Rapid growth of the organization

 Changes in technology affecting production processes or information systems

 Introduction of new lines of business, products, or processes

Control Activities

 Performance reviews

 Information processing

 General control activities

 Application control activities

 Physical controls

 Segregation of duties

 Segregate authorization, recording and custody of assets

Objectives

...