An internal control system is a system within a company that designs methods and procedures to produce effective operations, establish reliable financial reporting, avoid fraud and maintain compliance with regulations and laws. Within an internal control system, five interrelated components are present. These components are used to develop an internal control system and are also the means for evaluating it. These components all work together to form a strong set of methods and procedures the company follows in its operations.

Control Environment

The control environment is the first interrelated component of internal controls. This is the environment that sets the tone of the company. It includes factors such as integrity, ethical values, competence of the workers and the management’s philosophy about the way the organization operates. It is the component that provides the foundation needed for the other components of internal control.

Risk Assessment

Risk assessment is another interrelated component used for identifying risks in the system. For risk assessment to be effective, preventative measures are put into place by establishing clear objectives. This component identifies and analyzes possible risks internally and externally. This component manages risk by developing precise procedures to achieve consistent objectives within the organization. Risk assessment always takes change into consideration within the objectives set forth.

Control Activities

Organizations develop control activities to assist in monitoring risk assessment. Control activities include policies, procedures and practices developed to increase risk management strategies. Specific control activities include separation of duties, verifications, reconciliations and physical security of assets. These policies are designed to ensure that management directives are fulfilled.

Information and Communications

Information must be identified, captured and communicated timely and effectively and is achieved through this internal control component. This component is designed to allow employees the ability to carry out their responsibilities in the best manner possible. Information must be communicated externally as well to all parties involved in the company. Information that is communicated in this fashion allows control activities and employee responsibilities to occur more effectively.

Monitoring

Monitoring includes assessing the performance of internal control components, ensuring they are operating effectively. This component includes allowing managers clear responsibility guidelines so they are able to effectively do their jobs. It also includes performing evaluations through audits and other independent parties, ensuring that the company is handling the operations of the business correctly.