Internal Control System

In: Business and Management

Submitted By Muaz
Words 1113
Pages 5
ASSESSING THE EFFECTIVENESS OF INTERNAL CONTROL SYSTEM

Ascertaining Internal Control System
Methods of ascertaining the control systems are summarized as follows:
* Examining previous audit work,
* Client’s own documentation of the system,
* Interviews with client’s staff,
* Tracing transactions,
* Examining client’s documents,
* Observation of procedures.

a. Examining previous audit work:
The audit work should provide a record of the previous audit and how the system operates. Any change in the audit work should be documented for updating.

b. Clients own documentation of the system:
Some organizations have their on Standard Operating Procedures (SOP). These Standard Operating Procedures provides source of information and to the existing control systems. It is therefore important to check whether the system as described in the (SOP) is what actually practiced.

c. Interview with staff:
During various stages of the audit, the auditor will need to some members of the staff of the client and find out how they carry out the assigned duties. These questions will reveal existing control and give indication of potential problems.

d. Tracing transactions:
Walk through checks allow auditors to identify any examples of actual procedures that vary from intended procedures. It also helps the understanding of the entire process as well as identification of risks.

e. Examining client’s documents:
The auditor can also ascertain the clients control systems by examining some available documents provided by the client. For example minutes of management meeting may reveal control issues that require further investigation. Implementation or steering group meetings should be held for significant systems changes and documentations of these will be useful source of information.

f. Observation of procedures:
Observing staff…...

Similar Documents

Justification for an Internal Control System

...Justification for an Internal Control System It is the responsibility of the Controller to analyze company performance in operations, compliance and reporting, as well as aid management in the development of budgets and goals (McCarthy & Flynn, 2004, p. 265). It is also their responsibility to analyze and manage risks the company may encounter. To perform these tasks controllers and company financial officers establish internal controls. A system of internal controls ensures preparation reliable financial statements, compliance with financial regulations, reduce risks, and identify and achieve short and long-term goals. Management uses internal controls to adapt to economic changes (AICPA, 2011, p. 2). Insurance and portfolio theory are approaches to managing and analyzing risk and play an important part in an internal control system. Internal Control Systems An internal control system is composed of five inter-related components, 1) Control Environment, 2) Risk Assessment, 3) Control Activities, 4) Information and Communication, and 5) Monitoring. The control environment is the company’s fundamental values and directives, risk assessment is the identification and analysis of possible material misstatements, control activities are the policies and procedures used to identify and manage risks, information and communication involves the processing and distribution of information needed to meet company objectives, and monitoring “assesses the quality of the system’s...

Words: 671 - Pages: 3

Internal Control System

...ASSESSING THE EFFECTIVENESS OF INTERNAL CONTROL SYSTEM Ascertaining Internal Control System Methods of ascertaining the control systems are summarized as follows: * Examining previous audit work, * Client’s own documentation of the system, * Interviews with client’s staff, * Tracing transactions, * Examining client’s documents, * Observation of procedures. a. Examining previous audit work: The audit work should provide a record of the previous audit and how the system operates. Any change in the audit work should be documented for updating. b. Clients own documentation of the system: Some organizations have their on Standard Operating Procedures (SOP). These Standard Operating Procedures provides source of information and to the existing control systems. It is therefore important to check whether the system as described in the (SOP) is what actually practiced. c. Interview with staff: During various stages of the audit, the auditor will need to some members of the staff of the client and find out how they carry out the assigned duties. These questions will reveal existing control and give indication of potential problems. d. Tracing transactions: Walk through checks allow auditors to identify any examples of actual procedures that vary from intended procedures. It also helps the understanding of the entire process as well as identification of risks. e. Examining client’s documents: The auditor can also ascertain...

Words: 1113 - Pages: 5

Schematic Evaluation of Internal Accounting Control System

... INTERPRETATION OF PETRI NETS ..................................... 50 3.3.2 PETRI NET MODELING OF ACCOUNTING PROCEDURES ....................................... 56 CHAPTER 4. CONTROL PRIMITIVES, CONTROL PATTERNS, AUDIT PATTERNS, AND AUDIT RULES IN THE PURCHASE AND PAYMENT CYCLE .............................................. 57 4.1 A TYPICAL INTERNAL ACCOUNTING CONTROL SYSTEM FOR THE PURCHASE AND PAYMENT CYCLE........................................................... 57 4.2 COMMON CONTROL PATTERNS IN THE PURCHASE AND PAYMENT CYCLE .................... 60 4.2.1 CONTROL PATTERNS OF ACCOUNTING PROCEDURES ....................................... 61 4.2.1.1 CONTROL PATTERNS OF PRECEDENCE RELATION AMONG TASKS ....................................... 65 4.2.1.2 CONTROL PATTERNS OF INFORMATION-TASK RELATION .... 67 4.2.2 CONTROL PATTERNS OF ORGANIZATIONAL STRUCTURE .............. 69 4.3 AUDIT PATTERNS AS DEVIATION OF CONTROL PATTERNS ..................................................... 72 4.3.1 COMMON CAUSES OF FRAUD .......... 72 4.3.2 DERIVATION OF AUDIT PATTERNS . . . 74 4.4 FORMULATION OF AUDIT RULES................. 76 4.4.1 THE GENERAL PROCESS FOR FORMULATIING AUDIT RULES ................ 77 4.4.2 FORMULATION OF WEAKNESS IDENTIFICATION RULES ......................... 79 4.4.3 FORMULATION OF ACTION IDENTIFICATION RULES AND FRAUD IDENTIFICATION RULES ......................... 83 4.5 CONTROL PRIMITIVES AND DOMAIN-SPECIFIC DEDUCTIVE RULES ......................................... 91......

Words: 32893 - Pages: 132

Internal Control

...Memo To: John Clarks; President of LJB Company From: Certified Public Accountant Date: 1/22/2012 Re: LJB Internal Control Analysis Dear John, In regards of your company going public, you must be informed that under the Sarbanes Oxley Act all publicly traded U.S. corporations are required to maintain an adequate system of internal control. These internal controls are reliable and effective and if your company fails to comply, it will be a subject to fines, and company officers can be imprisoned. There are five primary components of internal control which must be applied when going public: • A control environment. This will be the responsibility of top management including your effort to make it clear that the organization values integrity and that unethical activity will not be tolerated. • Risk assessment. Your company must identify and analyze the various factors that create risk for the business and must determine how to manage these risks. • Control activities. This activity helps in reducing the occurrence of fraud and your management team must design policies and procedures to address the specific risks faced by the company. • Information and communication. The internal control system must capture and communicate all pertinent information both down and up the organization, as well as communicate information to appropriate external parties. • Monitoring. Internal control systems must be monitored periodically for their adequacy. Significant deficiencies...

Words: 1212 - Pages: 5

Internal Control

...Every entity faces a variety of risks from external and internal sources that must be assessed. A precondition to risk assessment is establishment of objectives, linked at different levels and internally consistent. Risk assessment is the identification and analysis of relevant risks to achievement of the objectives, forming a basis for determining how the risks should be managed. Because economics, regulatory and operating conditions will continue to change, mechanisms are needed to identify and deal with the special risks associated with change. Objectives must be established before administrators can identify and take necessary steps to manage risks. Operations objectives relate to effectiveness and efficiency of the operations, including performance and financial goals and safeguarding resources against loss. Financial reporting objectives pertain to the preparation of reliable published financial statements, including prevention of fraudulent financial reporting. Compliance objectives pertain to laws and regulations which establish minimum standards of behavior. The process of identifying and analyzing risk is an ongoing process and is a critical component of an effective internal control system. Attention must be focused on risks at all levels and necessary actions must be taken to manage. Risks can pertain to internal and external factors. After risks have been identified they must be evaluated. Managing change requires a constant assessment of risk and the...

Words: 572 - Pages: 3

Internal Control System

...The intent of this report is to justify the need for the internal control system when controls are in place with insurance and portfolio approaches. An internal control system is described as a way to better regulate an organization, to minimize the risks, to reduce the losses, and to achieve the organizational goals. Many organizations rely on insurance and/or portfolio approach to manage a business risk, while some organizations rely on the benefits of an internal control system. The two types of approaches that are used in the organizations are insurance and portfolio approaches. The insurance approach is mainly used where the insurance is acquired to transfer certain risks that could affect employees, business property, or other business assets. This type of approach becomes more like a tool to prevent business losses. Also, this approach is more a financial risk tool than a risk management tool. The insurance approach mitigates the impact of the losses, rather than protecting the business assets from the potential losses. Thus, making this approach more reactive, than proactive. Portfolio risk management is more complex and structured approach, which provides processes and procedures during decision making time. The main goal of this approach is to minimize risk while maximizing the return on investment. Portfolio risk management approach should help the organization to assess its risk tolerance while optimizing business operations. The organizations that use...

Words: 469 - Pages: 2

Justification for an Internal Control System

...Internal Control Systems are very important for the risk management department of a company. This system helps keep the company protected from losing assets or incorrect use of assets. They also assist the company with keeping record and staying on track with objectives needed to be met. A controller’s duty would be to support management and the reporting of accounting and financial information. To start off, insurance and portfolios would complete the internal control system. Having a complete internal control system can further protect the company from risks. The controller is or can be an employee who’s job title is mainly to be the backbone for management when dealing with accounting and financial records that deal with the controls of organizations and organizational goals. If the main focus of the controller is financial controls and the financial process, along with the internal control system in play, the more genuine the information that the controller provides will be. Just having insurance does not guarantee that a company is protected from risks. Companies cannot ensure every risk. The insurance can cover things that happen to the company or facility and their equipment. Things that can be covered would be flooding, fires, or accidents that occur on their property. With insurance, the company is only expecting a small loss. A risk that is not protected by insurance would be a risk that can destroy the company’s reputation. It takes time to build a...

Words: 911 - Pages: 4

Setting Up an Internal Control System

... every stage is accomplished. Internal control in some quarters is viewed as internal audit but in respective of the name given to this unit, it has the same set of objectives. Setting up an internal audit department from scratch is best done by internal auditors who have not only gained sufficient practical experience in carrying out audits themselves, but who have also been involved in advising other internal auditors on the latest thinking and methods in the field. Your candid plan to have a sophisticated internal audit system can only be activated with professional competent personnel not minding the cost but the deliverables and the values. All those interview questions asked are relevant but permit me to let you know that internal audit set up is more of implementation and field inclined than the oral interview. Internal control or internal audit personnel must possess the following distinctive qualities which over the time must be reviewed side by side in light with recent habitual disposition of the staffers. (a) Integrity A professional internal control officer or internal auditor should be straightforward and honest in all professional and business relationships. (b) Objectivity A professional internal control officer or internal auditor should not allow bias, conflict of interest or undue influence of others to override professional or business judgments. (c) Professional Competence and Due Care A professional internal control officer or internal......

Words: 1527 - Pages: 7

Internal Control System

...INTRODUCTION Internal control, the strength of every organization, has become of paramount importance today in Nigerian banks. The reason being that the control systems in any organization is a pillar for an efficient accounting system. The need for the internal control systems in the organizations, especially banks, cannot be undermined, due to the fact that the banking sector, which has a crucial role to play in the economic development of a nation is now being characterized by macro economic instability, slow growth in real economic activities, corruption and the risk of fraud. Fraud, which is the major reason for setting up on internal control system, has become a great pain in the neck of many Nigerian bank managers. It has also become an unfortunate staple in Nigeria’s international reputation. Fraud is really eating deep into the Nigerian banking system and that any bank with a weak internal control system, is dangerously exposed to bank fraud. The CBN reported that cases of attempted fraud and forgery in banks, as at half-year 2007 have surpassed what was recorded for the whole year 2006. The CBN half-year report for 2007, revealed a total of 741 cases of attempted fraud and forgery, involving 5.4 billion, $35,406.1, 150 Euros were reported as at June, 2007. In 2006, 1,193 cases were reported involving 4.6 billion, $1.8 million and 14,389.7 pound sterling. The CBN also reported that the backward development was attributable to weaknesses in the internal...

Words: 5108 - Pages: 21

Justification for an Internal Control System

...Internal controls, controls the risk of companies financial loss or misstatements. Insurance and portfolio theory are the combined methods of internal controls. This paper will justify the need of internal control systems, insurance, and portfolio approaches, and why an internal control system is more beneficial. An internal Control system is responsibility of the Controller to analyze company performance in operations, compliance, and reporting as well as aid management in the development of budgets and goals (McCarthy & Flynn, 2004). Internal Control system is also responsibility to analyze and manage risks the company may encounter. An internal control system is composed of five interrelated components (AICPA, 2013): • Control Environment – the company’s fundamental values and directives. • Risk Assessment – the identification and analysis of possible material misstatements. • Control Activities – the policies and procedures used to identify and manage risk. • Information and Communication – the processing and distribution information needed to meet company objectives. • Monitoring- assesses the quality of the system’s performance over time. Insurance approach is a risk-financing tool for companies providing protection when a loss occurs. Most companies have insurance because not many organizations will be able to pay expenses following a loss. Even though insurance compensate losses it does not prevent any fraud in the company. Certain companies have a...

Words: 464 - Pages: 2

Justification for an Internal Control System

...Justification for an Internal Control System Companies must mitigate risk to achieve maximum profitability. Mitigating the risk can be accomplished by implementing controls. While insurance and portfolio approaches are important control strategies, they are only single components of an overall risk management plan. Implementing an internal control system will assist management in monitoring and deterring risk. Current Controls The current approaches of insurance and portfolio are valid controls. One way to mitigate risk is to transfer some of the risk to a third party. The third party willingly accepts the risk for a fee or premium. This approach is called insurance. However, this approach is limited and considered reactive as it does nothing to deter harm to company assets. In addition, there are only certain risks that insurance companies are willing to take on and others that simply cannot be insured (McCarthy & Flynn, 2004). With the portfolio approach, all departments are treated as one unit so that interrelated risks can be identified and put “in the context of all the other risks and the company’s business strategy” (McCarthy & Flynn, 2004, pg. 255). However, it does little to deter risk. Internal Control System An internal control system is an ongoing process that ensures compliance with laws and regulations, reliable financial reporting and efficient and effective operations of an organization. According to Ratcliffe and Landes (2009), “an effective...

Words: 522 - Pages: 3

Internal Control System Justification

...Internal Control System Justification Brandy Ritz ACC/445 May 5, 2014 Bunney Schmidt Internal Control System Justification Internal controls are a good way to keep records up to date and valid. Insurance and portfolio approaches are great to have set in place for risk management, but a system of controls would provide extra security with the books. Below is an overview of insurance and portfolio approaches along with why internal control systems would enhance the business. Risk Management Approaches Insurance Approach Insurance policies give financial protection to businesses in the event of any losses. These losses are unforeseeable and help with risk management ("Investopedia", 2014). The first step in this approach is to categorize the risk and find the policy for those risks. The losses can cover property, income, and liability ("Insurance and Risk", n.d.). This approach is valid because having the insurance to cover economic or natural events will help rebuild a company. This helps give the business security. Portfolio Approach The portfolio approach has parameters defined both on an individual and combined basis. The purpose of this approach is to help make decisions that are more certain (Thomas, 2002). The contents usually include objectives, risk tolerances and constraints, and developing and implementing strategies. The portfolio needs to be monitored and adjustments made when changes occur (Thomas, 2002). The portfolio approach is a valid...

Words: 649 - Pages: 3

Internal Control System

... know how best they are satisfying their needs. Kloot adds that organizations should continuously improve their services through assets accumulation, create value, improved quality services and flexibility internal control system is intervened with organizations operating activities and it is most effective when controls are built into the organizations infrastructure becoming part of the very essence of the organizations success in terms of continued improvement on performance standards as part of the competitive advantage of the organization. However, the performance of Medipoint Industries Limited seems to be declining. The stakeholders are increasingly complaining on the stagnant asset accumulation, inadequate staff members especially in the accounts department low quality services provided by Equity bank, Wandegeya branch to mention but a few Medipoint Industries Limited annual report (2009/10). 1.2 Statement of the problem Despite of the important role played by internal controls in organizations, Medipoint Industries Limited is experiencing low levels of performance, in terms of low levels of innovations, slow asset accumulation, inefficiency and fraud cases (Annual report, 2009/2010). The unsatisfactory performance could be attributed to weak internal control systems used by Medipoint Industries Limited. 1.3 Purpose of the study The study sought to establish a relationship between internal control and organizational performance of...

Words: 9967 - Pages: 40

Justification for an Internal Control System

...Justification for an Internal Control System Christine Griffin ACC 544 July 28, 2014 Richard Cornett Justification for an Internal Control System As the controller for my company, I monitor all financial activities, conduct audits as needed, create high-level financial reports, and implement accounting methodologies to make the company run efficiently (PayScale, n.d.). The leadership of the company has asked me why there is a need for an internal control system when controls are in place with insurance and portfolio approaches. Insurance Approach A company will purchase insurance to protect their assets. The owner of a company will purchase liability insurance to protect his income, home, and other personal items of worth. The company will do a risk analysis to determine the most significant risks of the company. Then the company will purchase insurance to mitigate these risks. Not all risks require insurance as they can be eliminated by changing procedures. Some of the risks that should be covered by insurance are • Property damage • Inventory loss or damage • Employee theft • Various liabilities – injuries to customers, et cetera • Errors and omissions liabilities • Business interruption • Death of an owner or disability of owner The techniques to deal with risk is to find ways to avoid it by eliminating dangerous products or procedures, reduce the frequency and severity of risks, and transfer the risk to an insurance company. The transfer will...

Words: 629 - Pages: 3

Internal Control System

...The Internal Control System Accounting is the process of identifying, analyzing, recording, summarizing, interpreting and reporting financial information to decision makers. Accounting information should be presented to society in a form that represents a true and fair view of operation. To accomplish this, accountants should have a clear understanding of accounting principles and concepts that govern the preparation of accounting statements and develop systems such as internal controls that assure the entity’s operations are properly and effectively recorded. Internal control systems help to ensure that the employees within an organisation carry out their duty and responsibility and act for the good of the business. There are certain key ingredients of a control system such as: environment control, risk assessment, control of flow of activities and monitoring. There are five main internal control procedures – proper authorization, segregation of duties, adequate documentation and records, physical safeguards over assets and records, and independent checks.  Proper authorization of transactions and activities helps ensure that all company activities adhere to established guide lines unless responsible managers authorize another course of action.  Segregation of duties requires that different individuals be assigned responsibility for different elements of related activities, particularly those involving authorization, custody, or recordkeeping.  Adequate documents...

Words: 1149 - Pages: 5