Objectives of Internal Controls set by Management
- Part 11.1 - Summary of Qualitative Characteristics of GENERALLY ACCEPTED ACCOUNTING PRINCIPLES (GAAP)
- Part 11.2 - How and When to Recognize Revenues & Expenses in Accrual Accounting
- Part 11.3 - Functions in the Purchasing Process and how to Segregate Purchasing Duties
- Part 11.4 - Three Steps to Determining and Applying Materiality
- Part 11.5 - Assertions of Management about Economic Events in the Business
- Part 11.6 - Bank Accounting - Types of Bank Accounts, Cash Receipts & Disbursements, Disclosures Required for Cash Accounting
- Part 11.7 - Objectives of Internal Controls set by Management
- Part 11.8 - How to Test Internal Controls of an Organization
- Part 11.9 - Positive Accounting Theory (PAT)
- Part 11.11 - Accounting Information - Complex Commodity & Information Asymmetry
Internal controls are a system’s capability to prevent or detect material data processing errors or fraud and provide for correction on a timely basis. Common internal controls include segregation of accounting & operations duties, two signatures on every check, 2 approvals on any recquisitions, etc. The objectives of Internal controls are as follows:
1) Optimize use of Company Resources
o Prevent unnecessary duplication and waste
o Possible conflict between safeguarding of assets and providing reliable information and optimizing use of resources
2) Prevent and detecting error and fraud
3) Safeguard company's assets
o Adequate controls necessary to prevent theft, misuse or accidents
4) Maintain reliable control systems
o Necessary to produce accurate information to carry out operations
o Information must be timely and reliable
More specifically Management needs to ensure the following:
i) Validity – recorded transactions are valid and documented (purchases are supported by purchase orders, receiving documents, and invoices)
ii) Completeness – all valid transactions are recorded and none are omitted (all receiving documents are matched to purchase orders)
iii) Authorization – transactions are authorized according to company policy (purchases greater than $500 must be signed off by department head)
iv) Accuracy – transaction dollar amounts are properly calculated (receipts of inventory are correctly recorded in the accounting system)
v) Classification – transactions are properly classified in accounts (purchases of assets are correctly capitalized and amortized, purchases of inventory are correctly recorded as inventory)
vi) Accounting – transaction accounting is complete (all purchase orders are captured in the system, are matched to receiving documents and invoices as the goods are received)
vii) Proper period – transactions are recorded in the proper period (goods that have been received and there is no invoice yet received are accrued for at year end)
5 Components of Internal Control
1. Control Environment
• Management Philosophy and Operating Style
• BoD, Audit Committee – independent, level of involvement
• Organizational Structure – reporting relationships
• Management Control Methods – ability to delegate, supervise, overall budgets, performance evaluation system
• Assigning of authority and responsibility – conflicts of
interest
• Systems development – methodology, update of computer files/programs
• Personnel policies – hiring, terminations, training, performance evaluation, compensation
• Internal audit
2. Entity’s Risk Assessment Process
• How management identifies and responds to risks
• Should consider internal and external events and circumstances, their significance, likelihood of occurrence, and how they should be managed
• Risks can arise or change due
to the following:
o Changes in the operating environment i.e. increased competition
o New personnel
o New info systems
o New Technology
o Rapid Growth
o New business products/activities
o Corporate Restructuring
o International Operations
o New Accounting Pronouncements
3. Information and Communication
o Must consider the info system relevant to financial reporting- how does the system ensure all transactions are recorded
(completeness) valid, accurate and timely with all appropriate disclosures
o Need to understand how and when all information is captured for both regular and unusual transactions
o Consider extent of IT and E- Commerce
4. Control Procedures
o Policies and procedures are required- this ensures people know what they are supposed to do, when and how.
o Information processing controls are general (controls over the data centre/ server) and application
controls (processing of individual transactions)
o Physical controls- security over assets
o Segregation of duties- must segregate CAR (Custody/ Authorization/ Recording)
5. Monitoring Controls
o Assesses the quality of internal controls over time
o Take corrective action as required