Internal Control

• If company owners did all the work themselves, assuming they always acted in their own best interest, there would be virtually no loss from internal theft, unreliable financial reporting, non-compliance with applicable laws and regulations, or inefficient use of resources.
  As soon as you hire employees or outside contractors, you introduce those losses, or at least the risk of those losses. To control that risk, the owners then need to set goals and objectives for employees to strive for, define tasks, identify and quantify risks, establish policies, set boundaries, monitor progress, and take corrective action when needed.
  Control what?
  
  Before designing a system of internal controls, it is important to understand what needs to be controlled. This involves identifying risks and the potential cost of each risk. Determine how often you expect each type of loss would likely occur, and what the cost per occurrence is likely to be. Multiply these two numbers together to get the total loss potential for each type of loss. Later you will compare loss potential with the cost of controls, in order to do a cost-benefit analysis and make sure controls don’t cost more than the potential losses they are designed to prevent.
  
  Meaning:
  
  The systems used by a company to minimize the risk of loss are known as internal controls. Internal control is the responsibility of both directors and managers of the company.
  
  Internal Control System is system of controls, both financial and non-financial, set up by the management of an organization to carry out the function of the company in an orderly and efficient manner. The system should ensure that management policies are adhered to, assets are safeguarded, and the records of the company's activities are both complete and accurate. In other words, internal control is defined as a process established by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's resources are directed, monitored, and measured. It provides reasonable assurance of
  Effectiveness and efficiency of operations,
  reliability of financial reporting, safeguarding of assets,
  reliability and integrity of information assets and
  Compliance with policies, procedures, laws and regulations.
  
  Internal control is a process; it is means to an end and not an end itself:
  Internal control assists in achieving the organizational goal in more systematic and organized manner. Organisation aim to maintain good internal control to achieve its objective, off course maintaining the sound internal control system alone will not achieve its objective, it is one of the effort organization has to make in order to reach its goal.
  
  Effective internal control helps an organization achieve its operations, financial Reporting and compliance objectives:
  Effective internal control is a built-in part of the management process (i.e., plan, organize, direct, and control). Internal control keeps an organization on course toward its objectives and the achievement of its mission, and minimizes surprises along the way. Internal control promotes effectiveness and efficiency of operations, reduces the risk of asset loss, and helps to ensure compliance with laws and regulations. Internal control also ensures the reliability of financial reporting (i.e., all transactions are recorded and that all recorded transactions are real, properly valued, recorded on a timely basis, properly classified, correctly summarized and posted).
  
  People at every level of an organization affect internal control:
  Internal control is affected by people; it’s not merely policy, manual, and forms, but people at every level of the organization. In other words the traditional understanding of internal audit limited to policy, manual and forms no longer support achieving business objective in today’s complex and dynamic challenging work environment. In the present context every people of the organization is part for effective internal control.
  
  Internal control can provide only reasonable assurance - not absolute assurance -regarding the achievement of an organization's objective:
  Plenty of stakeholders and managers still believe that implementation of internal control gives them absolute assurance relating to effectiveness and efficiency of their operation to entity’s management and other stakeholders; this concept has to be clarified so that over reliance on internal control can be prevented. The stakeholders must be educated that the existence of internal control does not give absolute assurance to the business. The internal control merely gives reasonable assurance to the business. Off course Effective internal control helps an organization achieve its objectives; it does not ensure success. There are several reasons why internal control cannot provide absolute assurance that objectives will be achieved: cost/benefit realities, collusion among employees, and external events beyond an organization's control.