Internal control is the framework designed, planned and implemented by the management and the personnel of any company to provide accuracy and assurance of financial statements of the company, compliance of laws and regulations of the company. It is mostly decided by an entity’s Board of directors and management of the company.
Objectives of Internal Control
Internal control is necessary for both auditor and the company management, personnel etc.
For Auditor– Auditor is bound to produce accurate and reliable information about the company, also ensure that the company is in compliance with laws and regulations. To comply with these duties, auditor needs to ensure that the auditor has an adequate understanding of the internal control system of the organisation.
For Client– Having internal control in an organisation ensures that the transactions are valid, no valid transactions are omitted, physical assets and information systems are adequately controlled. For client, it is required for decision making and to conduct business activity in an efficient manner.
Characteristics of Internal Control:
A company’s internal control generally has the following characteristics:
- Control Environment
- Efficient organization plan
- Authorization of transactions
- Top level reviews
- Segregation of duties
- Information and communication
- Sound practice
- Physical safeguards
- Application control
- Internal Audit
Limitations of Internal Control:
Internal control can provide reasonable assurance about the financial position or the objectives of the company but it does not provide absolute assurance, also constraint by cost of incremental control procedures. There is possibility of collusion all the time in the organization even if Internal control of a company is maintained. Following are the major limitations:
- Cost factor– Fraud is expensive but prevention of fraud also comes with a cost. To choose cost effective control system, the management may also in that case compromises with the effectiveness of internal control system.
- Management Override– If management overrides any existing internal control and enforces management’s decision, the latter shall always prevail.
- Human error– Internal control is a part of daily and routine transactions, some human errors may arise which can threaten the validity of all transactions. Some irregular transactions may also be overlooked.
- Staff turnover– If there are not many staff in the organization to ensure the internal control, it may result in less efficient.
Scope of Internal Control
The areas where internal control is applied in an organization are as follows:
Auditor’s role in Internal Control
An auditor is required to ensure that the management has implied proper internal control in the organization. Testing of internal control includes inspecting sources, interviewing management and employees, if required provide advice to the management for better internal control system. However, an auditor is not authorized to advice but if asked, they can give necessary suggestions. The main task of auditor is to review and evaluate internal control system.
Review of Internal Control System
- In case of any fraud, mistakes are likely to be located.
- Audit program should be framed according to present circumstances.
- To keep a check on accounting standards are followed or not.
- To verify the reliability of reports and records of internal control system.