Babich
E. Y., Yerysh L. A.
Donetsk
National University of Economics and Trade Named after Michail Tugan-Baranovsky
The organization of An Internal Control System
Senior executives have long sought ways to
better control the enterprises they run. Internal controls are put in place to
keep the company on course toward profitability goals and achievement of its
mission, and to minimize surprises along the way. They enable management to
deal with rapidly changing economic and competitive environments, shifting
customer demands and priorities, and restructuring for future growth. Internal
controls promote efficiency, reduce risk of asset loss, and help ensure the
reliability of financial statements and compliance with laws and regulations.
Because internal control serves many important
purposes, there are increasing calls for better internal control systems and
report cards on them. Internal control is looked upon more and more as a
solution to a variety of potential problems.
The internal control definition—with its
underlying fundamental concepts of a process, effected by people, providing
reasonable assurance—together with the categorization of objectives and the
components and criteria for effectiveness, and the associated discussions,
constitute this internal control framework.
Internal control can help an entity achieve its
performance and profitability targets, and prevent loss of resources. It can
help ensure reliable financial reporting. And it can help ensure that the
enterprise complies with laws and regulations, avoiding damage to its
reputation and other consequences. In sum, it can help an entity get to where
it wants to go, and avoid pitfalls and surprises along the way.
Unfortunately, some people have greater, and
unrealistic, expectations. They look for absolutes, believing that:
Internal control can ensure an entity's
success—that is, it will ensure achievement of basic business objectives or
will, at the least, ensure survival.
Even effective internal control can only help
an entity achieve these objectives. It can provide management information about
the entity's progress, or lack of it, toward their achievement. But internal
control cannot change an inherently poor manager into a good one. And, shifts
in government policy or programs, competitors' actions or economic conditions
can be beyond management's control. Internal control cannot ensure success, or
even survival. Internal control can ensure the reliability of financial
reporting and compliance with laws and regulations.
This belief is also unwarranted. An internal
control system, no matter how well conceived and operated, can provide only
reasonable—not absolute—assurance to management and the board regarding
achievement of an entity's objectives. The likelihood of achievement is
affected by limitations inherent in all internal control systems. These include
the realities that judgments in decision-making can be faulty, and that
breakdowns can occur because of simple error or mistake. Additionally, controls
can be circumvented by the collusion of two or more people, and management has
the ability to override the system. Another limiting factor is that the design
of an internal control system must reflect the fact that there are resource
constraints, and the benefits of controls must be considered relative to their
costs.
Everyone in an organization has responsibility
for internal control.
The chief executive officer is ultimately
responsible and should assume "ownership" of the system. More than
any other individual, the chief executive sets the "tone at the top"
that affects integrity and ethics and other factors of a positive control
environment. In a large company, the chief executive fulfills this duty by
providing leadership and direction to senior managers and reviewing the way
they're controlling the business. Senior managers, in turn, assign
responsibility for establishment of more specific internal control policies and
procedures to personnel responsible for the unit's functions. In a smaller
entity, the influence of the chief executive, often an owner-manager, is
usually more direct. In any event, in a cascading responsibility, a manager is
effectively a chief executive of his or her sphere of responsibility. Of
particular significance are financial officers and their staffs, whose control
activities cut across, as well as up and down, the operating and other units of
an enterprise.
Management is accountable to the board of
directors, which provides governance, guidance and oversight. Effective board
members are objective, capable and inquisitive. They also have a knowledge of
the entity's activities and environment, and commit the time necessary to
fulfill their board responsibilities. Management may be in a position to
override controls and ignore or stifle communications from subordinates,
enabling a dishonest management which intentionally misrepresents results to
cover its tracks. A strong, active board, particularly when coupled with
effective upward communications channels and capable financial, legal and
internal audit functions, is often best able to identify and correct such a
problem.
Internal auditors play an important role in
evaluating the effectiveness of control systems, and contribute to ongoing
effectiveness. Because of organizational position and authority in an entity,
an internal audit function often plays a significant monitoring role.
Internal control is, to some degree, the
responsibility of everyone in an organization and therefore should be an
explicit or implicit part of everyone's job description. Virtually all employees
produce information used in the internal control system or take other actions
needed to effect control. Also, all personnel should be responsible for
communicating upward problems in operations, noncompliance with the code of
conduct, or other policy violations or illegal actions.
Literature:
1. 1.David Coderre Internal audit : efficiency through automation[Text] / David Coderre. - John Wiley & Sons, Inc., 2009. – 250 p.
2. Pickett, K. H. Spencer. The internal auditing handbook [Text] / K.H. Spencer Pickett. – 3rd ed. - - John Wiley & Sons, Inc., 2010. – 1070 p.
3. www.cpa2biz.com