2. What are Internal Controls?
• It is comprised of policies, practices and
procedures employed by the organization to
achieve four (4) broad objectives:
– To safeguard assets of the firm
– To ensure the accuracy and reliability of accounting
records and information
– To promote efficiency of the firm’s operations
– To measure compliance with management’s
prescribed policies and procedures
3. Modifying Principles of Internal Control
•
•
•
•
Management Responsibility
Methods of Data Processing
Limitations
Reasonable Assurance
4. Limitations of Internal Control
1.
2.
3.
4.
Possibility of error
Circumventions
Management Override
Changing conditions
6. Preventive Controls
• First line of defense
• Passive techniques designed to reduce the
frequency of occurrence of undesirable events.
• Example is a well-designed data screen – only
valid entries and user-defined fields are entered.
7. Detective Controls
• Are devices, techniques and procedures designed
to identify and expose undesirable events that
elude preventive controls.
• Example – alert that the amount entered as
DEBIT in the system does not equal the CREDIT
entered, vice versa
8. Corrective Control
• The “fix.”
• Example – adjusting entries to erroneous
accounts used in entering in the journal entry.
10. What is COSO?
• Stands for “Committee of Sponsoring
Organizations of the Treadway Commission.”
• Included the following organizations:
– Financial Executives International (FEI)
– Institute of Management Accountants (IMA)
– American Accounting Association (AAA)
– AICPA
– IIA
12. The Control Environment
– Integrity and ethical values of management
– Organizational structure
– BOD and Audit Committee participation
– Management philosophy and operating style
– External influences
– HR policies and practices
13. Risk Assessment
– Changes in operating environment
– New personnel
– New/re-engineered systems
– Significant and rapid growth
– Introduction of new product lines or activities
– Organizational restructuring
– Entrance to foreign markets
– Adoption of new accounting principle(s)
14. Information and Communication
– Identify and record all valid financial information.
– Provide timely information about transactions in
sufficient detail to permit proper classification and
financial reporting.
– Accurately measure the financial value of
transactions so their effects can be recorded in
financial statements.
– Accurately record transactions in the proper time
period.
15. Monitoring
– Process by which the quality of internal control
design and operation can be assessed.
16. Control Activities
• Physical controls
relates primarily to the human activities employed in
accounting systems.
the six (6) categories of physical controls are:
Transaction authorization
Segregation of duties
Supervision
Accounting records
Access control
Independent verification
17. • IT Controls
– Application
Ensures validity, completeness, and accuracy of financial
transactions.
Examples include: limit checks, check digits, batch
balancing techniques.
18. – General
Also known as General Computer Controls, Information
Technology Controls
Include controls over IT governance, IT infrastructure,
security and access to operating systems and databases,
application acquisition and development and program
change procedures