Skip to main content

Have you thought about ways to make your entity more efficient and secure? By understanding the elements of internal controls and the implementation of these controls, you will be able to do just that.

Properly designed internal controls have the ability to mitigate risk and help an entity carry out managements directives. When designing internal controls, the control environment and control activities should be considered.

Control Environment

The control environment sets the tone of an organization, influencing the conscience of its employees. It is the base for all other components of internal control, providing discipline and structure. Control environment factors include the following:

Commitment to competence

Effective controls require dedication and adherence to the implemented controls by employees and management.

Human resource policies and practices

An entity can mitigate control difficulties relating to new employees by implementing sound hiring and training policies for employees.

Organizational structure

A company that operates internationally or has several business lines has different internal control challenges than one operating entirely within a single business unit or location. Consider the structure of your organization, and determine risks related to the roles and responsibilities of employees and management in a small business environment vs. a large business environment.

Philosophy of management

Management’s belief in the importance of a strong control environment will affect the attitude of the employees responsible for carrying out the controls. Tone at the top, or the ethical values held by management, sets the precedent for attitude and responsibility for all employees.

Responsible assignment

Controls should be assigned to separate employees with the proper level of authority. It is important to ensure that the responsibilities align with the employee’s position and any one employee does not have too much power.

Control Activities

Control activities are the policies and procedures implemented to help ensure that management directives are carried out. Examples of control activities are as follows:

Review of financial performance

Reviewing company performance is the way management can view, at a high level, financial trends, financial anomalies, profits, losses, spending patterns, performance ratios, successes and failures. Reviewing financial performance can also alert company management to fraud; such as misappropriation of assets and fraudulent financial reporting. Examples of financial performance reviews can include: budget vs. actual results, prior year to current year comparisons, and financial to non-financial results.

Information processing

How the company’s financial information is processed within its accounting software is the foundation for financial accounting and reporting. The activities associated with data entry must have effective and efficient controls and these controls must be closely monitored.

Physical controls

Access to assets should be designated to certain employees and restricted to limit opportunities for theft and fraud.

Segregation of duties

Segregating duties between employees reduces the opportunity for any one person to be in a position to both perpetrate and conceal errors or fraud in the normal course of their duties. Segregating the following responsibilities is a great first step to fraud mitigation:

  • Authorization of transactions
  • Recording or posting of transactions
  • Custody of assets
  • Reconciliations or comparisons of bank statements

For additional support or general questions about strengthening your internal controls, feel free to contact Kristi Yanover, Audit Partner, at 858-558-9200 or any member of our Accounting & Assurance Team; we would be happy to assist you. Also, stay tuned for next month’s article on implementation and monitoring internal controls.

Leave a Reply

LB Advisors is Now EisnerAmper! Learn More >>