270 likes | 573 Views
Internal Control Structure. Learning Objectives. To understand the components of an organization’s internal control structure To know the objectives and limitations of internal control To learn which characteristics of a control environment promote accurate and reliable data
E N D
Learning Objectives • To understand the components of an organization’s internal control structure • To know the objectives and limitations of internal control • To learn which characteristics of a control environment promote accurate and reliable data • To learn which characteristics of an accounting system promote accurate and reliable data. • To describe good control procedures.
Example Situation 1 • The policy of installing a security system in the house is part of the control environment in the house. • The objective • is to safeguard property and life. • Threat • from intruders. • Risk • of loss of assets/life from this threat. • The control reduces the risk
Example Situation 2 • The policy of issuing a driver's licence and the procedure to obtain the licence is part of the control environment on the road. • The objective • safety on the road. • Threat • from people driving on the road not understanding the rules of the traffic. • Risk • of accidents and loss of assets, health and life. • The control reduces the risk
Example Situation 3 • When the person writing the check cannot also enter the corresponding cash journal entry, there is a control environment in the accounting department. • The objective • is to safeguard the assets of the company • to ensure accurate and reliable information. • Threat • from somebody wanting to commit a fraud. • The risk • is loss of assets and inaccurate records. • The control reduces the risk
The Pattern • In each of the above examples, there is an objective (usually safety) • there is a threat to the objective • there are risks associated with those threats, and • there is a control which counteracts the risk from the threat. • The controls are usually in the form of policies and/or procedures.
Why do we have • Police on the road ? • State laws ? • Federal Laws ? • Rules ? • Regulations ? • Policies ? • Procedures ?
For Controls How Do controls provide freedom?
Internal Controls • An organization's internal control structure consists of the policies and procedures established by management to achieve organizational objectives.
What are the Objectives ? • Objectives of Accounting Controls: • Safeguard Assets • Ensure Accurate and reliable accounting data • Objectives of Administrative Controls • Promote Operational Efficiency • Encourage adherance to management's policies
What are the Threats ? • Errors • Unintentional • Clerk enters wrong amount on check • Procedures can be designed to check for unintentional errors. • Irregularities • Intentional • Management Fraud • Defalcation
What are the risks ? • Inaccurate records • Unreliable data • Loss of assets • Cash • Inventory
Internal Control Structure • A company's Internal Control structure tries to fight the threats to minimize the risk so as to meet the objectives.
Reasonable Assurance • Note that risks can be minimized but not totally removed. • Total removal of risk will be extremely costly and often not cost justified. • Internal control policies and procedures are intended to provide reasonable but not absolute assurance that management's objectives are attained. • The above bullet point is called the concept of reasonable assurance.
Limitations of Controls • There are always limitations of controls • What are the limitations of Accounting Controls ? • Errors : e.g. a valid journal entry with wrong amounts. • Collusion: when two or more employees conspire to commit a theft and conceal it. • Management Override. • The cost of overcoming these limitations can be enormous.
Components of anInternal Control Structure • Control Environment • Those circumstances surrounding an organization’s accounting system that influence the effectiveness of the accounting system and control procedures • The Accounting System • Methods and records used to identify, assemble, analyze, classify and report accounting transactions • Control Procedures
Internal Control Structure The Control Environment
Internal Control Structure The Control Environment Accounting Systems
Internal Control Structure The Control Environment Accounting Systems Control Procedures
Control Environment • Management's philosophy and operating style • Organizational structure • Audit Committees • Methods of assigning authority and responsibility • Management control methods • Personnel policies and practices • External Influences • Computer Controls and Policies
Personnel Policies and Practices • Training • Recognition for work well done • Adequate Pay • Background check • Job Rotation • Required Vacation • Bonding
The Accounting System • Debit and Credit Analysis • Chart of Accounts • Standard Journal Vouchers • Trial balance • Transpositions • Misfootings • Abnormal Account Balances • Control Accounts • Sum of Subsidiary Ledger Accounts
Contol Procedures • Proper procedures for Transactions • Prompt recording • Visual checking • Balancing • Batch controls • General Authorization • Specific Authorization • Security for Assets and Records • physical security • Fixed responsibility
Contol Procedures Contd.. • Segregation of duties • Authorize Transactions • Record Transactions • Maintain Custody of Asset • Adequate Documentation and Records • Forms control • Prenumbered Documents • Independent Verification of Performance • Independent Auditors • Internal Auditors
Evaluating Internal Controls • Control Risk Assessment • Likelihood that controls do not prevent/detect material misstatement • Technically done for each management assertion for each transaction stream
Transaction Streams Sales Cash Receipts Inventory/AP Other Cash Disbursements Payroll Etc. Management Assertions Completeness Existence/Occurrence Valuation/Gross Valuation/Net Rights/Obligations Presentation/Disclosure Management Assertions and Transaction Streams
Steps in CRA • Evaluate Internal Control Environment • Evaluate potential management override • Evaluate computer controls--Computer auditor • Document Accounting Processes • Document Controls • Make Preliminary CRA • Test Controls • Make CRA based on Control Tests