Unit 7 : Internal Control (Introduction)

Annotations:

• 1: Its a means to an end and not an end in itself 2: Its all about people & processes 3: Provides reliable assurance & not absolute assurance 4: Helps achieve business objectives 5: Underlying framework for SOX reqirements

1. COSO Model

   Annotations:

   • Definition : Internal Control provides reasonable assurance in achieving the objectives of an organization through   1: effective and efficient operations 2: reliable financial reporting 3: compliance with regulations, laws
   1. Control Environment
      1. Sets the tone of the organisation
      2. Integrity, Ethos & Competence of the employees
      3. Management philosophy & operating style
      4. Structure & discipline in organisational activities
      5. Direction provided by the board of directors
   2. Risk Assessment
      1. Understanding the objectives of the organisation
      2. Understanding the risks to those objectives
      3. Understanding threats, likelihood and impact of the risks
      4. Its a continuous process
      5. Changes with rules, laws & operating conditions
   3. Control Activities
      1. Policies and procedures to carry our management directives and actions
      2. They include control sets and objectives to help mitigate, handle or avoid risks identified
      3. Activities such as approvals, authorizations, verification
      4. Reconciliations, security of assets, segregation of responsibilities
      5. Procedures are key and should be effective
   4. Information & Communication
      1. Pertinent identified, captured and communicated
      2. Reports related to finances, operations and compliance
      3. Communication needs to be across the board
      4. Communicate the responsibilities of people in clear terms
   5. Monitoring
      1. Internal Monitoring : Monitor day to day activities and system performance
      2. Separate Monitoring : Monitor the efficiency of the Internal Control system