3.3. Work-Related /Organization Wide
Definition of Internal Control & Compliance: Internal control is the process, affected by a company's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the effectiveness and efficiency of operations, the reliability of financial reporting and compliance with applicable laws, regulations, and internal policies. Internal controls are the policies and procedures established and implemented alone, or in performance with other policies or procedures, to manage and control a particular risk or business activity, or combination of risks or business activities, to which the company is exposed or in which it is engaged. Figure: 1 Internal Control and Compliance Process Reasons for Internal Controls The reasons for internal controls can be seen in the example. They include: Minimizing the company’s business risks. Ensuring the continuing effective functioning of the company. Ensuring the company complies with relevant laws and regulations. Most of these reasons funnel back to the ultimate objective that the company continues to operate. For example, if the company failed to comply with relevant laws and regulations, it might be forced to stop operations. Control Environment Risk Assessment Monitoring Information & Communication Control Activities Internal Control & Compliance Process
3.4 Internal Control and Compliance Environment: The internal control and compliance environment is the framework under which internal controls and compliance are developed, implemented and monitored. It consists of the mechanisms and arrangements that ensure internal and external risks to which the company is exposed are identified; appropriate and effective internal controls are developed and implemented to soundly and prudently manage these risks; reliable and comprehensive systems are to be put in place to appropriately monitor the effectiveness of these controls. Each company needs to have in place an appropriate and effective internal control and compliance environment to ensure that the company is managed and controlled in a sound and prudent manner. The factors which together comprise the control environment are: A board of directors that is actively concerned with sound corporate governance and that understands and diligently discharges its responsibilities by ensuring that the company is appropriately and effectively managed and controlled; A management that actively manages and operates the company in a sound and prudent manner; Organizational and procedural controls supported by an effective management information system to soundly and prudently manage the company's exposure to risk; and An independent audit mechanism to monitor the effectiveness of the organizational and procedural controls.
- Fall '13
- Internal Control & Compliance