Beruflich Dokumente
Kultur Dokumente
control environment
This sets the tone of an organization and is the foundation for all other
components of internal control, providing discipline and structure. It reflects:
risk assessment
control activities
The policies and procedures that help ensure that management’s directives
are carried out, including those related to the prevention or detection of
errors or fraud that could result in material misstatement. This includes a
range of activities such as approvals, authorisation, reconciliations and
segregation of duties and reminds me of my days as an ACCA student learning
the acronym SOAPMAPs (Segregation of duties, Organisation, Authorisation
and approval, Physical, Management, Arithmetical and accounting, Personnel
and Supervision) which has stood me in good stead for more than 20 years!
internal communications
monitoring
The processes that assess the quality of internal control performance over
time. This includes regular management and supervisory activities, and other
actions personnel take in performing their duties. This component considers
different types of monitoring:
ongoing during the course of operations (incl. regular mgmt and supervisory
activities)
audit reviews
The entity and its organisational units are depicted by the third dimension of
the cube which can be tailored to any part of an organisation, e.g. you could
look at all objectives across all components across the whole business or just
in unit A or just in relation to activity one.
Summary
All of the above components are vital to the success of an organisation and
provide the framework for good internal control throughout. Internal control
is not just important for internal auditors or even risk managers. It is relevant
to all managers from executive director downwards.