Page 58 - DCOM509_ADVANCED_AUDITING
P. 58

Unit 4: Internal Control




          4.2 Types of Internal Control                                                         Notes

          The Committee of Sponsoring Organizations (COSO) of the National Commission on Fraudulent
          Financial Reporting (also known as Tread way Commission) defines internal control as:

          “Internal Control is a process, effected by an Entity’s Board of Directors, Management and other
          personnel, designed to provide reasonable assurance regarding the achievement of objectives
          in the following categories:
          1.   Effectiveness and efficiency of operations
          2.   Reliability of financial reporting
          3.   Compliance with applicable laws and regulations.

          From the study of above two definitions, following key concepts of internal control emerge:
          1.   Internal control is a process. It is a means to an end, not an end in itself.
          2.   It is designed, implemented and maintained by personnel at every level of organization.

          3.   Internal  control  provides  reasonable  assurance  not  absolute  assurance  about  the
               achievements of stated objectives of an entity.
          4.   The stated objectives can be regarding reliability of financial reporting, effectiveness and
               efficiency of operations, safeguarding of assets and compliance with applicable laws and
               regulations.
          Based on objectives internal controls can be classified into two ways:

          1.   Preventive  Controls:  Designed  to discourage  errors  or  prevent  irregularities  from
               occurring. They are proactive controls that help to prevent a loss.


                 Example:  Separation of duties, proper authorization,  adequate documentation and
          physical control over the assets.
          2.   Detective Controls: Designed to find errors or irregularities after they have occurred.


                 Example: Reviews, analysis, variable analysis, reconciliations, physical inventories and
          audits.
          Based on functions, internal control can again be classified in two ways:

          1.   Accounting Controls: It comprises “the plan of organization and all methods and procedures
               that are concerned mainly with, and relate directly to, safeguarding of  assets and the
               reliability of financial records.”


                 Example: Authorization and approval of transactions, separation of duties with regard
          to record keeping and accounting reports from those concerned with actual business operations,
          custody of assets, physical control over assets and internal audit.

          2.   Administrative Controls:  It  comprises “the plan of organization and  all methods and
               procedures  that are concerned  mainly with  operational efficiency  and adherence to
               managerial policies, and usually relate only indirectly to the financial records.”

                 Example: Statistical analysis, time and motion studies, performance reports, employee
          training programme, and quality controls.




                                           LOVELY PROFESSIONAL UNIVERSITY                                   53
   53   54   55   56   57   58   59   60   61   62   63