THE

INTERNAL
CONTROL
SYSTEM
 Definition According to
Committee of Sponsoring Organizations (COSO) Framework

Effectiveness
 a process, effected by an and
Efficiency of
entity’s board of directors, operations
management and other
personnel, designed to
INTERNAL
provide reasonable CONTROL
assurance regarding the Compliance
with Reliability of
achievement of objectives applicable
laws and
Financial
Reporting
in the following categories: objectives
  Comprises the plan of
INTERNAL organization and all coordinated
CONTROL methods and measures adopted
within a business to

check the encourage

safeguard accuracy and promote adherence to
reliability of its operational prescribed
its assets accounting efficiency managerial
data policies
What are the Types of Internal
Control System?
 PREVENTIVE INTERNAL CONTROLS

 are designed to discourage

errors or irregularities from
occurring.

 They are proactive controls that

help to ensure departmental
objectives are being met.
 EXAMPLE OF
PREVENTIVE INTERNAL CONTROL
SEGREGATION OF DUTIES

Duties are segregated among

different people to reduce the risk
of error or inappropriate action.

Normally, responsibilities for authorizing

transactions (approval), recording
transactions (accounting) and handling
the related asset (custody) are divided.
 EXAMPLE OF
PREVENTIVE INTERNAL CONTROL
APPROVALS, AUTHORIZATIONS, AND VERIFICATIONS

Management authorizes employees to

perform certain activities and to execute
certain transactions within limited
parameters.

In addition, management specifies those

activities or transactions that need
supervisory approval before they are
performed or executed by employees.
 EXAMPLE OF
PREVENTIVE INTERNAL CONTROL
SECURITY OF ASSETS

Access to equipment, inventories,

securities, cash and other assets is
restricted;
assets are periodically counted and
compared to amounts shown on control
records.
DETECTIVE INTERNAL CONTROLS

 are designed to find

errors or irregularities
after they have  They serve as part of
occurred a checks-and-
balances system and
to determine how
efficient policies are.
 EXAMPLE OF
DETECTIVE INTERNAL CONTROL
REVIEWS OF PERFORMANCE

Management compares information

about current performance to
budgets, forecasts, prior periods, or
other benchmarks to measure the
extent to which goals and objectives
are being achieved and to identify
unexpected results or unusual
conditions that require follow-up.
 EXAMPLES OF
DETECTIVE INTERNAL CONTROL
RECONCILIATIONS

An employee relates different

sets of data to one another,
identifies and investigates
differences, and takes corrective
action, when necessary.
 EXAMPLES OF
DETECTIVE INTERNAL CONTROL
PHYSICAL INVENTORIES
SURPRISE CASH COUNTS
AUDITS
CORRECTIVE INTERNAL CONTROLS
 are put into place to correct any errors that
were found by the detective internal controls
 EXAMPLES OF
CORRECTIVE INTERNAL CONTROL

TRAINING PROGRAMS and

PROGRESSIVE DISCIPLINE FOR ERRORS
 positive discipline to prevent
employees from making future
errors and continuous
improvement processes to adopt
the latest operational techniques.
What are the Components of Internal
Control System?
CONTROL ENVIRONMENT
 “set of standards, processes and structures that
provide the basis for carrying out internal control
across the organization”

 This component comprises the tone at the top,

communication about ethical behavior and internal
control with all levels of staff, and the overall
integrity and values of the organization.

 These components provide the overall basis for a

successful system of internal control.
CONTROL ENVIRONMENT

An effective Control Environment is one that

establishes and promotes collective positive
attitude towards achieving effective internal
control and conscientious management.
 ELEMENTS OF CONTROL ENVIRONMENT
Integrity and Ethical Values
 The cooperatives should seek to
promote honesty and integrity among
their employees on a day-to-day basis.
 If these values are communicated
effectively to employees and enforced,
this will have the effect of increasing
confidence in the design, administration
and monitoring of controls – leading to
a reduced risk of material
misstatement in a company’s financial
statements.
Commitment to Competence
 Competence is the knowledge and
skills necessary to accomplish tasks
that define the individual’s job.
 If individual employees are tasked
with carrying out duties that are
beyond their competence levels, then
desired objectives are unlikely to be
met.
 ELEMENTS OF CONTROL ENVIRONMENT
Organizational Structure
 It is the framework within which an
entity’s activities for achieving its
objectives are planned, executed,
controlled and reviewed.
 the appropriateness of an entity’s
organizational structure depends, in
part, on its size and the nature of its
activities
Board of Directors and Audit
Committee
 Directors are responsible for
overseeing the strategic direction of
the company and its obligations
related to its accountability.
 If individual employees are tasked
with carrying out duties that are
beyond their competence levels, then
desired objectives are unlikely to be
met.
 ELEMENTS OF CONTROL ENVIRONMENT
Management’s Philosophy
and Operating Style Assignment of Authority and
Responsibility
 A company’s board of directors will
comprise of individuals each with a
 Cooperatives need to deal with
different mind – set as to philosophy
ensuring that appropriate levels of
and operating style, manifested in
authority and responsibility are
characteristics such as their:
assigned to appropriately qualified
 approach to taking and managing
and experienced individuals.
business risk
 attitudes and actions toward financial
 They also need to ensure that
reporting
adequate reporting relationships and
 attitudes toward information
authorization hierarchies are in place.
processing and accounting and
functions personnel.
Factors Affecting the CONTROL ENVIRONMENT

Integrity and Organizational

Ethical Values Structure

Commitment Board of Directors

to and Audit
Competence Committee

Management’s Assignment of Human

Philosophy and Authority and Resource
Operating Style Responsibility Policies and
Procedures
 RISK ASSESSMENT
 is the process of identifying and analyzing relevant risks to
the achievement of the cooperative objectives and
determining the appropriate response

 Is an activity of identification and analysis of risks that

potentially hinder the achievement of corporate objectives.
The results of this identification and analysis will be used as a
basis for controlling those risks.

An effective Risk Assessment establishes and

maintains process to identify, analyze, and
manage risk relevant to achieving a unit’s goals
and objectives.
Points of focus in the Risk Assessment Process

Company- Process-level
wide Objectives
Objectives

Risk Managing
Identification Change
and Analysis
 CONTROL ACTIVITIES
 include all policies and procedures designed and implemented
to address the risks and ensure that management directives
are carried out throughout the organization to achieve the
cooperative objectives

An effective Control Activity is one that is

properly designed and implemented to
mitigate the risks
Points of focus in assessing the Control Activities

Outsourcing Policies and

Procedures

Business Security
Continuity/ (Application
Backups and Network)

Application
Change
Management
 INFORMATION AND COMMUNICATION
 encompasses the methods for identifying, capturing, and
communicating pertinent information in a time frame that
enables people to carry out their responsibilities

An effective Information and Communication System

ensures that information relevant to operating the
business and the maintenance of internal control and
records are identifies, captured, and communicated
to appropriate individual on a timely basis.
 MONITORING

 Assessing the
quality of An effective Monitoring
System detects and
internal control remedies control
system deficiencies throughout the entire
performance internal control system.
over time.
 Prepared by:

REGGIN C. SAMBAJON
Master in Cooperative Management