Understanding Internal Controls and the COSO Framework

Slide Note
Embed
Share

Internal controls play a vital role in organizations, providing reasonable assurance on achieving objectives. The COSO framework outlines the five integrated components of internal control, emphasizing the importance of control environment, risk assessment, control activities, information, and monitoring. Management holds a fundamental responsibility in developing and maintaining effective internal controls to ensure effectiveness, efficiency, safeguarding of assets, and compliance. Internal controls are dynamic and adaptable processes built into operations, aimed at preventing risks and ensuring reliability and transparency in reporting.

reshma
reshma Follow

Uploaded on Aug 09, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Internal Controls Agenda: Basics of Internal Controls what are they? COSO framework Practical applications to your current processes 1

  2. Internal Control Basics What are internal controls? 2

  3. Connect What are you trying to achieve? Objectives What might thwart our efforts? Risks How can we manage risk? Controls 3

  4. Internal Control INTERNAL CONTROL is a process, effected by an entity s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to: Effectiveness Efficiency Safeguarding assets Operations Reliability Timeliness Transparency Reporting Compliance With regulatory environment Management has a fundamental responsibility to develop and maintain effective internal control. 4

  5. Internal Control INTERNAL CONTROLS are Built into operations Not one single event Dynamic Continuous Only you can prevent forest fires Effected by people Able to provide reasonable assurance Not absolute assurance To the entire entity or to a particular division, business process, etc. Adaptable 5

  6. COSO Framework What are the five integrated components of internal control? 6

  7. Updated COSO Framework At all levels of the organization The COSO cube 5 integrated components 7

  8. COSO cube 5 Integrated Components Control Environment for Financial Reporting E ntity-Level C ontrols C ontrol E nvironment Fraud C ontrols, including C ontrols O ver Management O verride R isk Assessment and R elated Policies Monitoring C ontrols Financial Statement C lose Process Information Systems Financial Statements Transactions C ontrol Activities, Including Fraud C ontrols 8

  9. COSO cube 5 Integrated Components Risk assessment should occur at the business process level as well as the entity level. Four Primary Factors Grading Filter 1. Materiality of the amounts Large dollars/transaction High volume of transactions Significant impact on key ratios or disclosures 2. Complexity of the process Limited internal skills Multiple data handoffs Highly technical in nature 3. History of accounting adjustments Accounting errors Valuation adjustments, etc. 4. Propensity for change in Business processes or controls Related accounting Process-level Risk Assessment Risk Assessment High Medium Low 9

  10. COSO cube 5 Integrated Components Risk Mapping Consider the organization s risk tolerance and risk appetite related to the risk response IV 1 III Impact 2 II I Impact (I) A B C D E F Likelihood (L) LOW MODERATE HIGH Impact: I Marginal; II Material; III Severe; IV Catastrophic Likelihood: A Almost Impossible ; B Remote; C Low; D Reasonably possible; E Probable; F Very High 10

  11. COSO cube 5 Integrated Components Risk Strategies Mitigation Improve controls to reduce likelihood/impact Transfer Avoidance Do not proceed! Shift responsibility to an external party Creation Seek risk activities strategically to maximize opportunities Acceptance Accept the risk! 11

  12. COSO cube 5 Integrated Components Preventive Control Prevents the occurrence of a negative event in a proactive manner Examples: Approval for purchase > $5,000 Passwords for access to Banner Petty cash held in lockbox Security and surveillance systems Pre-numbered checks Detective Control Detect the occurrence of a negative event after the fact in a reactive manner Examples: Supervisor review & approval Report run showing user activity Reconcile petty cash Physical inventory count Review missing/voided checks 12

  13. COSO cube 5 Integrated Components Control Activities If a weakness or limitation exists within the control environment, a compensatingcontrol may be relied upon to mitigate the risk Can be preventive or detective Example: A unit does not have the staff resources to establish an adequate segregation of duties. Potential compensating controls could include: o Automation of certain transaction data that cannot be altered by the staff o Manager review of detailed summary reports of the transactions initiated by the staff o Peer staff and/or manager selects a sample of transactions and vouches back to supporting documentation 13

  14. COSO cube 5 Integrated Components Control Activities Require action to be taken by employees, e.g., Obtain supervisor s approval for overtime Reconcile bank accounts Match receiving to POs Built into network infrastructure and software applications, e.g., Passwords Data entry validation checks Batch controls Manual Control Automated Control 14

  15. COSO cube 5 Integrated Components 4. Information and Communication Information is necessary to carry out internal control responsibilities to support achievement of objectives Communication: the continual, iterative process of providing, sharing, and obtaining necessary information Internal and external Information should be timely, accessible, and allow for successful control actions Key: To communicate the right information to the right people at the right time 15

  16. COSO cube 5 Integrated Components Information & Communication Things to communicate: Initiatives Goals Changes Opportunities Feedback Questions Answers Policies Procedures Standards Expectations 16

  17. COSO cube 5 Integrated Components Testing Control Processes Identify transactions to be tested key controls applicable standards to test the transactions (i.e., criteria to judge compliance effectiveness) Determine appropriate type of testing extent of testing Create test plan Conduct tests for effectiveness Document testing and results Assess test results Communicate findings, recommendations 17

  18. Practical Implications How can you incorporate internal controls within your current processes? 18

Related


Republic of South Africa (RSA): COSO Components 2 & 3 with 3 Lines of Defence Approach

Republic of South Africa (RSA): COSO Components 2 & 3 with 3 Lines of Defence Approach

kalina
Technical Guide on Audit of Internal Finance Controls in Public Sector Banks

Technical Guide on Audit of Internal Finance Controls in Public Sector Banks

hart
Understanding FDICIA, SOX, and COSO Regulations

Understanding FDICIA, SOX, and COSO Regulations

emmet
Understanding Internal Audit and Controls Process

Understanding Internal Audit and Controls Process

auden
Exploring Hybrid Auditing Methods in Corporate Governance

Exploring Hybrid Auditing Methods in Corporate Governance

charley
Understanding Internal Financial Controls and Regulatory Mandates

Understanding Internal Financial Controls and Regulatory Mandates

rupert
Ensuring Effective Internal Controls for Payment Collection

Ensuring Effective Internal Controls for Payment Collection

wolfgang
Internal Audit Process & Audit Committees Overview

Internal Audit Process & Audit Committees Overview

mairead
Impact of Data Analytics and Consulting Activities on Internal Audit Quality

Impact of Data Analytics and Consulting Activities on Internal Audit Quality

ellierose
Internal Audit Department Overview

Internal Audit Department Overview

bellatrix
Accelerator Safety Systems and Controls Overview

Accelerator Safety Systems and Controls Overview

rians
Understanding Hydrogen Sulfide (H2S) Hazard Controls in Industrial Operations

Understanding Hydrogen Sulfide (H2S) Hazard Controls in Industrial Operations

oskar
Understanding Airplane Flight Controls

Understanding Airplane Flight Controls

phoenix
FACILITY MANAGEMENT & SAFETY

FACILITY MANAGEMENT & SAFETY

tanith
Internal Controls and Separation of Duties in Cash Management

Internal Controls and Separation of Duties in Cash Management

nieve
Understanding the Three Lines of Defense in Risk Management

Understanding the Three Lines of Defense in Risk Management

yara
Audit Sampling Guidelines and Reference Materials for Internal Auditors

Audit Sampling Guidelines and Reference Materials for Internal Auditors

beryl
New Risk Management and Internal Audit Framework for Local Councils in NSW

New Risk Management and Internal Audit Framework for Local Councils in NSW

rico
Understanding U.S. Export Regulations and Agencies in 2015

Understanding U.S. Export Regulations and Agencies in 2015

fauna
Understanding Sanction Regime Framework and Screening Controls

Understanding Sanction Regime Framework and Screening Controls

theodosia
Understanding Controls in Ergonomics

Understanding Controls in Ergonomics

woolever_d
Understanding Homeostasis: Maintaining Internal Balance in the Body

Understanding Homeostasis: Maintaining Internal Balance in the Body

zimri
Hazardous Materials Business Plan Training Program

Hazardous Materials Business Plan Training Program

elva
Accounting and Accounting Controls Workshop Overview

Accounting and Accounting Controls Workshop Overview

chace

More Related Content

Controlling Silica Hazards: Effective Engineering Controls
Controlling Silica Hazards: Effective Engineering Controls
Accounting & Accounting Controls Workshop with Tom Walters
Accounting & Accounting Controls Workshop with Tom Walters
Overview of Mandatory Title 24 Lighting Requirements
Overview of Mandatory Title 24 Lighting Requirements
Internal Medicine Stage 1 Curriculum Teaching Toolkit: Capabilities in Practice
Internal Medicine Stage 1 Curriculum Teaching Toolkit: Capabilities in Practice
Overview of Internal Combustion Engines and Their Components
Overview of Internal Combustion Engines and Their Components
Understanding Internal Control Systems and Processes in Organizations
Understanding Internal Control Systems and Processes in Organizations
Lancashire Assessment and Planning Framework: Enhancing Child Welfare Through Comprehensive Assessments
Lancashire Assessment and Planning Framework: Enhancing Child Welfare Through Comprehensive Assessments
Effective Cash Collection Procedures and Controls
Effective Cash Collection Procedures and Controls
Performance Audit Report on Jamaica Urban Transit Company Ltd.
Performance Audit Report on Jamaica Urban Transit Company Ltd.
Understanding the Patient Safety Incident Response Framework (PSIRF)
Understanding the Patient Safety Incident Response Framework (PSIRF)
Overview of Framework-based Regents Examination in Global History and Geography II
Overview of Framework-based Regents Examination in Global History and Geography II
Understanding Bank Reconciliation in Accounting
Understanding Bank Reconciliation in Accounting
Revised Municipal Accreditation Framework 2023 Overview
Revised Municipal Accreditation Framework 2023 Overview
Enterprise Risk Management and Internal Control in Turkish Financial Audit: Practices and Framework
Enterprise Risk Management and Internal Control in Turkish Financial Audit: Practices and Framework
Understanding Business Environment: Internal and External Factors
Understanding Business Environment: Internal and External Factors
Understanding the First Law of Thermodynamics in Science Lectures
Understanding the First Law of Thermodynamics in Science Lectures
Understanding Internal Loadings in Structural Members
Understanding Internal Loadings in Structural Members
Understanding Homeostasis in Humans: The Key to Maintaining Internal Balance
Understanding Homeostasis in Humans: The Key to Maintaining Internal Balance
Internal Audit Planning and Practices for Effective Risk Management
Internal Audit Planning and Practices for Effective Risk Management
Understanding and Controlling Plant Pathogens for Sustainable Agriculture
Understanding and Controlling Plant Pathogens for Sustainable Agriculture
Business Environment
Business Environment
FRSC Corps Internal Audit Overview
FRSC Corps Internal Audit Overview
Medway and Swale Health & Care Partnership Training and Framework Overview
Medway and Swale Health & Care Partnership Training and Framework Overview
Understanding Environmental Factors in HRM Management
Understanding Environmental Factors in HRM Management