Accounting firms apply internal control which is the process designed to ensure reliable financial reporting,aides in ensuring financial statements are free from material misrepresentation and assets are sufficiently protected from misappropriation, effective and efficient operations, and compliance with applicable laws and regulations. Safeguarding assets against theft and unauthorized use is also part of internal control.
Control environment is the management style and the expectations of upper‐level managers, mainly their control policies, determine the control environment. An effective control environment helps ensure that established policies and procedures are followed. The control environment includes independent oversight provided by a board of directors and by an audit committee; management's integrity, and ethical values,a defined organizational structure with trustworthy employees; and the assignment of authority and responsibility.
Control activities are the specific policies management uses to achieve its objectives. The most important control activities involve segregation of duties, proper authorization of transactions and activities,physical control over assets and records, and independent checks on performance. A short description of each of these control activities appears below.
Segregation of duties requires that different individuals be assigned responsibility for different elements of related activities, particularly those involving authorization, or recordkeeping. For example, the same person who is responsible for an asset's recordkeeping should not be responsible for physical control of that asset Having different individuals perform these functions creates a system of checks and balances.
Proper authorization of transactions and activities helps ensure that all company activities adhere to established guide lines unless responsible managers authorize another course of action. For example, a fixed price list may serve as an official authorization of price for a large sales staff.
Adequate documents and records provide evidence that financial statements are accurate. Controls designed to ensure adequate recordkeeping include the creation of invoices and other documents that are easy to use and sufficiently informative; the use of prenumbered, consecutive documents; and the timely preparation of documents.
Physical control over assets and records helps protect the company's assets. These control activities may include electronic or mechanical controls (such as employee ID cards, fences, cash registers, fireproof files, and locks) or computer-related controls dealing with access privileges or established backup and recovery procedures.
Independent checks on performance, which are carried out by employees who did not do the work being checked, help ensure the reliability of accounting information and the efficiency of operations. For example, a supervisor verifies the accuracy of a retail clerk's cash drawer at the end of the day. Internal auditors may also verity that the supervisor performed the check of the cash drawer.
An internal control system aides in ensuring financial statements are free from material misrepresentation and assets are sufficiently protected from misappropriation