Policies, processes and procedures that are put in place by an organization to reasonably assist it in achieving its objectives of operations, reporting, and compliance.
Key Components:
Control environment – Tone at the top through such factors as management philosophy.
Risk assessment – It entails identification and analysis of relevant risks with a view of attaining stated objectives.
Control activities – They are policies and procedures that make sure that proper actions are taken to mitigate risks.
Information and communication – Appropriate data is identified, captured, recorded correctly within the organization itself or sent outside if necessary.
Monitoring – Continuous or periodic reviews done to determine whether internal controls as a whole are functioning as intended.
Example:
A thorough audit of the internal control system over inventories conducted for a manufacturer uncovered a shortage of goods worth more than $100,000.
Importance:
Efficient internal control leads to efficiency in operations, deters fraudulent financial reporting while ensuring compliance with legal obligations thereby making corporate reports more reliable.