INTERNAL CONTROLS

OBJECTIVES
• Requirements for an internal control
system.
• Nature of internal controls
• Typical systems
– Sales system
– Purchases
– Payroll
NEED FOR INTERNAL CONTROL
SYSTEM
• Companies Act

• Corporate Governance Code

C.2 The board should maintain sound risk management and internal control
systems.
C.2.1 The board should, at least annually, conduct a review of the effectiveness
of the company’s risk management and internal control systems and should
report to shareholders that they have done so.

• FSA Disclosure & Transparency Rules

Corporate governance statement must describe main features

• Sarbanes Oxley
 DEFINITION OF INTERNAL
CONTROL
Internal control is the process designed,
implemented and maintained by those charged
with governance, management and other
personnel to provide reasonable assurance about
the achievement of the entity’s objectives with
regard to reliability of financial reporting,
effectiveness and efficiency of operations and
compliance with applicable laws and regulations.
(ISA 315)
COMPONENTS OF AN INTERNAL
CONTROL SYSTEM

• The control environment

• The entity’s risk assessment process
• The information system
• Control activities
• Monitoring of controls
 CONTROL ENVIRONMENT
The overall attitude, awareness and actions
of management regarding internal control
and its importance in the entity.
 CONTROL ENVIRONMENT
• Communication and enforcement of integrity and
ethical values
• Commitment to competence
• Participation by those charged with governance
• Management’s philosophy and operating style
• Organisational structure
– Organisation plan
– Job descriptions
• Assignment of authority and responsibility.
• Human resource policies and practices.
LACK OF CONTROLS
 RISK ASSESSMENT
PROCEDURES
The process for identifying and responding to
business risks and the results thereof.

– Identify risk
– Prioritise risk
– Implement control strategies
• Accept
• Transfer
• Avoid
• Control
– Monitor
 INFORMATION SYSTEM
An information system consists of infrastructure
(physical and hardware components), software,
people, procedures and data.

Comprises:
– Initiation of transaction
– Recording.
– Processing.
– Reporting.
QUALITY OF THE INFORMATION
SYSTEM
• Procedures to ensure transactions are:
– Identified
– Adequate described
– Measured
– Recorded in correct period.
– Properly included in the financial statements
• Business continuity plan
• Communication
 CONTROL ACTIVITIES
The policies and procedures that help
ensure management directives are carried
out. They have various objectives and are
applied at various organisational and
function levels.
 CONTROL ACTIVITIES
• Performance reviews

• Information processing.

• Physical controls.

• Segregation of duties.
The separation of those responsibilities or duties
which would, if combined enable one individual
to record and process a complete transaction.
 MONITORING
Assessing the design and operation of
controls on a timely basis and taking
necessary corrective actions.
 DETERMINING SYSTEM
• Materiality
• The nature, potential impact and likelihood of
risks facing the company.
• Geographical distribution of the enterprise
• Degree of initiative required of staff
• Public interest in the entity
• Controls exercised personally by management
• Costs of setting up controls & benefits
obtained
 DETECTION V PREVENTION
• Prevention Applied before or during
the process and will usually
only cover one process

• Detection Applied after the occurrence

of the procedure and may
cover several processes
 LIMITATIONS
• Human error and faulty judgements

• Circumvention by collusion

• Abuse of authority and management override.

• Insufficient segregation of duties in a smaller

company
 SALES SYSTEM
Stages:
– Receive order
– Accept order
– Despatch goods
– Invoicing
– Receive payment

Which department should be responsible for each

stage, assuming segregation of duties is good?
 RECEIVE ORDERS
• All orders are received
– Pre-numbered order forms
– Maintain an order register
– Sequence checks
 ACCEPTANCE OF ORDERS
• Goods are available
– Check to stock records

• Customer is credit worthy

– Perform credit checks on new customers and set
credit limits
– Compare outstanding balance, orders in the
pipeline and current order to credit limit.
– Consider recent disputes, slow payers etc.
– Require cash with order for any doubtful customers
 DESPATCH OF GOODS
• All despatches are genuine orders, and no
orders are missed
– Despatch notes needed for movement of goods
– Pre-numbered despatch notes with sequence
checks.

• Correct goods are despatched

– Separate pickers and packers
– Check sample of despatches
 INVOICING
• All despatches are invoiced
– Despatch note register
– Matching of despatch note and invoice.

• Invoice is correct amount

– Check price to price list
– Check discounts are authorised
– Check casts and extensions

• Invoice is processed correctly

– Sequential numbers with checks and follow up.
– Batch totals
– Send out statements
 RECEIPT OF PAYMENT
• All remittances received
– Post opened by two people who list remittances
received
– Cheques are given to cashier and copy of
remittance advice to sales ledger department.

• Remittance is posted to correct account

– Match payment to specific invoice
– Review sales ledger for old debts, slow payers etc
and chase up
– Send out statements
 PURCHASES SYSTEM
Stages:
– Order goods
– Receive goods
– Receive and process invoice
– Pay suppliers
– Reconcile statement

Which department should be responsible for each

stage, assuming segregation of duties is good?
 ORDERING GOODS
• Orders should only be made in
accordance with company needs
• The supplier should be selected according
to quality and price
• Only genuine suppliers should be on the
masterfile.
• All orders should be processed.
 RECEIPT OF GOODS
• Only goods genuinely ordered should be
accepted.
• Goods received should be of an
appropriate quality and quantity
• Returns should be properly recorded
 RECEIPT OF INVOICE
• Ensure goods have been received and
accepted.
• Ensure invoice is for the correct amount
• Ensure invoice is authorised by the
appropriate manager
• Ensure invoice is processed correctly
 PAYMENT OF SUPPLIER
• Invoices are paid at the appropriate time
• Only genuine invoices are paid
• Invoices cannot be paid twice
• Payments are correctly recorded.
 PAYROLL SYSTEM
Stages:
– Maintain standing data
– Prepare weekly/monthly payroll
– Distribute wages
– Record costs

Which department should be responsible for

each stage, assuming segregation of duties
is good?
 MAINTAINING RECORDS
• Only genuine employees are included on
the payroll
• Standing data is accurate
 PREPARING PAYROLL
• Employees are only paid for hours worked
• Wages are correctly calculated
• Payroll is approved
 DISTRIBUTING WAGES
Assume cash payments
• Cash is collected in a secure manner
• Paypackets should be made up accurately
• Wages should be distributed to the correct
employee
• Unclaimed wages should be held secure
 RECORDING COSTS
• Payroll costs should be correctly recorded.