150 likes | 392 Views
Chapter 4. Internal controls. Outline. Objectives Definition of internal control Internal control purposes Risk exposures COSO frameworks Examples. Definition of internal control. four common elements: Process Reasonable assurance In a few areas Involves people.
E N D
Chapter 4 Internal controls
Outline • Objectives • Definition of internal control • Internal control purposes • Risk exposures • COSO frameworks • Examples
Definition of internal control four common elements: • Process • Reasonable assurance • In a few areas • Involves people
Internal control purposes • Safeguard assets • Reliability of financial statements • Operating efficiency • Compliance
Operational risk Systems risk Human error risk Financial risk Market risk: Credit risk Liquidity risk: Hazard risks Strategic risks Legal and regulatory risk Business strategy risk: Risk exposures – Brown’s Taxonomy
COSO • The Committee of Sponsoring Organizations • Treadway Commission • Frameworks • internal control (1985) • enterprise risk management (2004).
COSO frameworks Internal Control: Integrated Framework • Control environment • Risk assessment • Control activities • Information and communication • Monitoring
COSO frameworks Enterprise Risk Management: Integrated Framework • Internal environment • Objective setting: organizational goals • Event identification:
COSO frameworks Enterprise Risk Management: Integrated Framework • Risk assessment: likelihood and impact • Risk response: generic ways to deal with risk • Control activities: specific procedures for responding to risk
COSO frameworks Enterprise Risk Management: Integrated Framework • Information and communication: • Monitoring
Adequate documentation Background checks Back-up computer files Back-up power supplies Bank reconciliation Batch control totals Data encryption Document matching Edit checks Internal Control Examples
Firewalls Insurance and bonding Internal audits Limit checks Lockbox systems Physical security Preformatted data entry screens Prenumbered documents Restrictive endorsements of checks Internal ControlExamples
Internal Control Examples • Daily deposit of cash receipts • Segregation of duties • User training