Plans and actions of the organization including management s attitude, methods, procedures and other measures that provide for reasonable assurance that the following general objectives are achieved

errors. fraud and other irregularities Laws. Assets are safeguarded against loss due to waste. 2. abuse. mismanagement. regulations and management directives are complied with Reliable financial and management data are developed maintained and fairly disclosed in timely reports . 3.1.

Understanding of internal controls is important in order to Assess the risk an organization is facing in its daily transactions and routine course of business In order to make recommendations for improvements Identify the reasons as to why the error occured . 2. 3.WHY LOOK AT CONTROLS y 1.

UNDERSTANDING & EXAMINING INTERNAL CONTROLS y The auditor is expected to review the internal controls as a part the audit 1. 2. 4. Review and document the systems and procedures in place to carry out transactions and other operations (permanent file) Identify the points in accounting system and other systems being audited Identify and document the controls and determine that the controls are operating Assess the adequacy and effectiveness of the controls . 3.

Internal Control Questionnaire Walk trrough .DOCUMENTING THE CONTROLS y y Narrative Flow chart METHODS OF ASSESSING THE CONTROLS 1. 2.

RESPONSIBILITY OF MAINTAINING THE CONTROLS y Internal controls are the responsibility of the management to install. review and update the control system y In government it is also the responsibility of the Controller General of Accounts to y lay down the principles governing the internal financial controls for government departments in consultation with the Ministry of Finance and provincial Finance Departments .

ELEMENTS OF CONTROL y Control Environment y Risk Assessment y Control Activities y Information and Communication y Monitoring .

CONTROL ENVIRONMENT y Methods of assigning responsibility y Management and staff s integrity and values y Management and staff s commitmant to competence y Management s reaction to outside change and influence y Internal audit unit .

RISK ASSESSMENT y Identification and assessment of risks to the achievement of objectives y This would allow the management to install internal controls .

4.CONTROL ACTIVITIES y y 1. Policies and procedures that help management directives are carried out. They help ensure that necessary actions are taken to address the identified risks Control Activities include 2. 3. Proper authoriztion Control over physical assets and records Inependent checks on performance Segregation of duties .

INFORMATION AND COMMUNICATION y y 1. Prompt and proper recording of transactions Prompt communication of instructions 2. vertical and horizontal Outside and inside .

MONITORING y Ongoing and periodic evaluation of internal controls y Spot checks .

LIMITATION OF INTERNAL CONTROLS y Internal control structure can provide only a reasonable and not an absolute assurance y Judgments in making decisions can be faulty y Controls can be circumvented by collusion .

2. By verbal enquiry and observation conclude on the overall level of control consciousness Questions include Do employees have clear understanding of their responsibilities Is management accountable for the establishment of internal controls Are controls applied all the time .INTERNAL CONTROL QUESTIONNAIRE (ENVIRONMENTAL ) y y 1. 3.

3. Communication of what is acceptable Employee evaluations provide a feedback on their performance Promotions and rewards are consistant with performance . 2.y Are there clear procedures and directives and are there clear management procedures to ensure they are complied with 1.

3. 4.ICQ ON ORGANIZATION y 1. 2. Is organization clearly defined in terms of: Functions and Authority Responsibility for decision making Rotation of officers in key positions Limitations on authority .

Are these functions performed independently of each other Accounting and internal audit Recording of receipt and collection of money Approval/authorization of payment Recording of expenditure and issue of payment Recording of assets This can be done by obtaining an organizational chart.2. description of duties and responsibilities .

ICQ ON COMPETENCE OF PERSONNEL y Do procedures for selection of staff ensure that staff selected is competent y Do staff get adequate training y Do staff have a clear description of their dutues y Is the staff properly supervised y Evaluation and rewarding systems are in place .

ICQ ON MANAGEMENT AND OPERATING STYLE y Clear policies and procedures y Extent of computerization y Do PAO and DDO exercise adequate control over financial matters like timely budget and account preparation and analysis y Benchmarks for performance y Corrective actions .

REPORTING y Are management reports prepared and circulated regularly y Are management reports used for monitor financial and operational activities\ y What are the checks on reliability of data y What actions are taken on the reports .

PROTECTION OF ASSETS AND RECORDS y Are there checks for protection of cash collection and custody y Are checks there for avoiding unauthorized access to records (manual & comptuer) y Disaster recovery plan y Record retention plan .

Internal Audit y It is a kind of internal control y For the management y System analysis and effectiveness y Advise for greater efficiency and effectiveness .

Thank you .