INTERNAL CONTROL – Kinds of Internal Control – Methods of Evaluating Internal Control System

Auditing

Kinds of Internal Control

The type of internal control system to be employed in an organization depends upon the requirements and nature of the business. Generally, there are three types of Internal Control in an organisation preventive control, detective control and corrective control. These types of controls are essential for an effective internal control system. From a quality standpoint, preventive controls are essential because they are proactive and emphasize quality. However, detective controls play a critical role by providing evidence that the preventive controls are functioning as intended.

1. Preventive Controls:

Preventive controls are designed to discourage errors or irregularities from occurring. They are proactive controls that help to ensure departmental objectives are being met.

Examples of preventive controls are:

Segregation of Duties: Duties are segregated among different people to reduce the risk of error or inappropriate action. Normally, responsibilities for authorizing transactions (approval), recording transactions (accounting) and handling the related asset (custody) are divided.

Approvals, Authorizations, and Verifications: Management authorizes employees to perform certain activities and to execute certain transactions within limited parameters. In addition, management specifies those activities or transactions that need supervisory approval before they are performed or executed by employees. A supervisor’s approval (manual or electronic) implies that he or she has verified and validated that the activity or transaction conforms to established policies and procedures.

Security of Assets (Preventive and Detective): Access to equipment, inventories, securities, cash and other assets is restricted; assets are periodically counted and compared to amounts shown on control records.

2. Detective Controls:

They are designed to find errors or irregularities after they have occurred.

Examples of detective controls are:

Reviews of Performance: Management compares information about current performance to budgets, forecasts, prior periods, or other benchmarks to measure the extent to which goals and objectives are being achieved and to identify unexpected results or unusual conditions that require follow-up.

Reconciliations: An employee relates different sets of data to one another, identifies and investigates differences, and takes corrective action, when necessary.

• Physical Inventories

• Audits

3. Corrective Controls:

Corrective controls target at the correction of errors and irregularities as soon as they are detected.

Methods of Evaluating Internal Control System

The following are the methods of evaluating internal control system:

1. Narrative Record or Memorandum Approach:

It is a complete and exhaustive descriptive record of the system. It is appropriate in circumstances where a formal control system is lacking, like in case of small businesses. Gaps in the control system are difficult to identify using a narrative record.

2. Check List:

It is a series of instructions that a member of the audit staff is required to follow. They have to be signed or initialled by the audit assistant as proof for having followed the instructions given. A specific statement is required for every weakness area.

3. Flow Chart:

It is a pictorial representation of the internal control system depicting its various elements such as operations, processes and controls, which help in giving a concise and comprehensive view of the

Leave a Reply