Internal control audits have always been important but in recent years new emphasis has been placed on internal controls by the government and investors because of numerous corporate accounting scandals. As a result internal control audits are more important now than ever before. Internal control audits are conducted to ensure that internal control systems are functioning as intended, to identify material weaknesses that need to be corrected and to comply with the external reporting requirements of the Securities and Exchange Commission and the Sarbanes-Oxley Act.
Accurate and timely accounting records are necessary for directors and managers to determine operating results and to be able to make adjustments when necessary in their operations. They are necessary for satisfying external reporting requirements, for government regulators to determine compliance with laws and regulations and for investors to make sound investment decisions. Accurate and timely accounting records allow for the efficient and effective management of a business. Without timely and accurate accounting records confusion and chaos would result.
This is where internal controls come into play. A strong internal control system is necessary to provide reasonable assurance of accurate and timely accounting records.
According to the Committee of Sponsoring Organizations of the Treadway Commission (COSO), internal control is a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial reporting, and compliance with laws and regulations.
The COSO integrated internal control framework, which is generally accepted in the United States, has five components: control environment, risk assessment, information and communication, control activities, and monitoring.
The aggregate control system of the organization as defined by COSO includes accounting controls but goes much further to include administration, operations and governance. All five components apply to the entire organization, not just the accounting and financial reporting functions.
Properly designed internal controls provide reasonable assurance that objectives will be met. There cannot be absolute assurance because there are inherent limitations to internal controls and at some point the cost of tighter and/or more controls outweighs the benefit of those incremental control procedures. The concept of reasonable assurance implies a high degree of assurance, limited by cost/benefit considerations and other inherent limitations.
Since internal control involves human action, there is always the possibility of errors in processing or judgment. Internal controls can also be overridden by employee collusion or coercion by top management.
Internal Control Audits
Internal control audits are mandated by the Sarbanes-Oxley Act, otherwise known as SOX, and are part of the annual SEC reporting package for public companies. On a quarterly basis, section 302 of SOX requires management to assess their internal controls and report any material weaknesses as well as corrective actions. The CEO and CFO must certify these reports. On an annual basis an independent audit firm must be engaged to conduct an internal control audit under section 404 of SOX. The external auditor must provide an annual opinion as to the reliability of the control representations (certifications) made by the CEO and CFO. These internal control audits focus on internal controls over financial reporting and would disclose any noncompliance by management with regard to management's quarterly assessments and reports. Section 906 requires that the CEO and CFO ensure all financial reporting accurately represents the financial position and results of operations of the company and that they are in compliance with SOX. This section also has criminal penalties for noncompliance.
CEO and CFO Requirements
Section 906 requires that a company's CEO and CFO ensure all financial reporting accurately represents the financial position and results of operations of the company and that they are in compliance with SOX. This section also has criminal penalties for noncompliance.
Because these internal control audits are mandated by law and have been made a part of the SEC reporting package, they are very important to management, regulators and the investing public. Internal control audits verify that proper internal controls are in place and are functioning as intended.
What Is Financial Auditing?
Financial audits are one of several different types of audits conducted in the United States. They are a review of the financial...
Purpose of Auditing Financial Statements
Audited financial statements are an important piece of information for investors and economists when judging the health of a company and the...
Objectives of Internal Control
Internal controls are techniques employed by managers to ensure that specific control objectives are continuously met. Controls can be implemented to protect...
Describe the Importance of Internal Control in Business
Internal controls are the standards and rules used by companies to ensure that they achieve their stated goals in the marketplace. Profitability...
Importance of an Internal Quality Audit
If a company wants to improve its processes, become more efficient and identify problem areas, then it needs to spend time performing...
Importance of Internal Controls in Corporate Governance
Accounting principles and internal audit rules require that companies establish adequate and functional internal controls to improve corporate governance processes. These principles...
Types of Internal Audit Controls
Internal audit controls are also known as internal controls. Companies rely on these policies to safeguard operating assets against the risks of...
The Importance of Stock Control
Businesses maintain a stock of raw materials, business supplies, works in process and finished products to create products and function on a...
The Importance of Project Procurement
Project management will at some points require project procurement, which involves the organization obtaining goods or services from third parties in order...
The Importance of Project Audit
An audit is a monitoring system that uses quantitative and qualitative assessments tools to measure performance outcomes. Risk management is built into...