KEMBAR78
Internal Control and Accounting System Design | PDF | Internal Control | Information Technology Management
Scribd
Upload
74 views3 pages

Internal Control and Accounting System Design

Internal control is a process that helps an organization achieve its objectives through effective and efficient operations, reliable financial reporting, and compliance with laws and regulations. It involves establishing policies and procedures to direct operations and ensure the protection of assets. Internal control plays a key role in preventing and detecting fraud. Companies are responsible for implementing internal controls and evaluating their effectiveness on an ongoing basis.

Uploaded by

Hafidzi Derahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
74 views3 pages

Internal Control and Accounting System Design

Internal control is a process that helps an organization achieve its objectives through effective and efficient operations, reliable financial reporting, and compliance with laws and regulations. It involves establishing policies and procedures to direct operations and ensure the protection of assets. Internal control plays a key role in preventing and detecting fraud. Companies are responsible for implementing internal controls and evaluating their effectiveness on an ongoing basis.

Uploaded by

Hafidzi Derahman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Internal Control and Accounting System Design

Internal control, as defined in accounting and auditing, is a process for assuring


achievement of an organization’s objectives in operational effectiveness and
efficiency, reliable financial reporting, and compliance with laws, regulations and
policies. A broad concept, internal control involves everything that controls risks to
an organization.

It is a means by which an organization’s resources are directed, monitored, and


measured. It plays an important role in detecting and preventing fraud and protecting
the organization’s resources, both physical (e.g., machinery and property) and
intangible (e.g., reputation or intellectual property such as trademarks).

At the organizational level, internal control objectives relate to the reliability of


financial reporting, timely feedback on the achievement of operational or strategic
goals, and compliance with laws and regulations. At the specific transaction level,
internal control refers to the actions taken to achieve a specific objective (e.g., how
to ensure the organization’s payments to third parties are for valid services
rendered.) Internal control procedures reduce process variation, leading to more
predictable outcomes. Internal control is a key element of the Foreign Corrupt
Practices Act(FCPA) of 1977 and the Sarbanes–Oxley Act of 2002, which required
improvements in internal control in United States public corporations. Internal
controls within business entities are also referred to as operational controls.

Internal control plays an important role in the prevention and detection of


fraud. Under the Sarbanes-Oxley Act, companies are required to perform a fraud
risk assessment and assess related controls. This typically involves identifying
scenarios in which theft or loss could occur and determining if existing control
procedures effectively manage the risk to an acceptable level. The risk that senior
management might override important financial controls to manipulate financial
reporting is also a key area of focus in fraud risk assessment. The AICPA, IIA, and
ACFE also sponsored a guide published during 2008 that includes a framework for
helping organizations manage their fraud risk.

Controls can be evaluated and improved to make a business operation run more
effectively and efficiently. For example, automating controls that are manual in
nature can save costs and improve transaction processing. If the internal control
system is thought of by executives as only a means of preventing fraud and
complying with laws and regulations, an important opportunity may be missed.
Internal controls can also be used to systematically improve businesses, particularly
in regard to effectiveness and efficiency.

Internal control

An effective internal control structure includes a company’s plan of organization


and all the procedures and actions it takes to:

•Protect its assets against theft and waste.


•Ensure compliance with company policies and federal law.

•Evaluate the performance of all personnel to promote efficient operations.

•Ensure accurate and reliable operating data and accounting reports.

As you study the basic procedures and actions of an effective internal control
structure, remember that even small companies can benefit from using some internal
control measures. Preventing theft and waste is only a part of internal control.

In general terms, the purpose of internal control is to ensure the efficient operations
of a business, thus enabling the business to effectively reach its goals.

Companies protect their assets by (1) segregating employee duties, (2) assigning
specific duties to each employee, (3) rotating employee job assignments, and (4)
using mechanical devices.

Unfortunately, even though a company implements all of these features in its internal
control structure, theft may still occur. If employees are dishonest, they can usually
figure out a way to steal from a company, thus circumventing even the most effective
internal control structure. Therefore, companies should carry adequate casualty
insurance on assets. This insurance reimburses the company for loss of a
nonmonetary asset such as specialized equipment. Companies should also
have fidelity bonds on employees handling cash and other negotiable instruments.
These bonds ensure that a company is reimbursed for losses due to theft of cash
and other monetary assets. With both casualty insurance on assets and fidelity
bonds on employees, a company can recover at least a portion of any loss that
occurs.

Internal Control Responsibility

Internal control is the general responsibility of all members in an organization.


However, the following three groups have specific responsibilities regarding the
internal control structure.

• Management holds ultimate responsibility for establishing and


maintaining an effective internal control structure. Through leadership
and example, management demonstrates ethical behavior and integrity
within the company.
• The board of directors provides guidance to management. Because
board members have a working knowledge of the functions of the
company, they help shield the company from managers who try to
override some control procedures for dishonest purposes. Often, an
efficient board that has access to the company’s internal auditors can
discover such fraud.
• Auditors within the organization evaluate the effectiveness of the internal
control structure and determine whether company policies and
procedures are being followed. All employees are part of a
communications network that enables an internal control structure to
work effectively.

Computer Controls

Computerized financial records require the same internal control principles of


separation of duties and control over access as a manual accounting system. The
exact control steps depend on whether a company is using mainframe computers
and minicomputers or microcomputers.

In a personal computer environment, the following controls can be useful:

•Require computer users to have tight control over storage of programs and data.
Just as one person maintains custody over a certain set of records in a manual
system, in a computer system one person maintains custody over certain information
(such as the accounts receivable subsidiary ledger). Make backup copies that are
retained in a different secured location.

•Require passwords (kept secret) to gain entry into data files maintained on the hard
disk.

•In situations where a local area network (LAN) links the personal computers into
one system, permit only certain computers and persons in the network to have
access to some data files (the accounting records, for example).

Computerized accounting systems do not lessen the need for internal control. In fact,
access to a computer by an unauthorized person could result in significant theft in
less time than with a manual system.

You might also like