Financial Internal Controls Best Practices
eBook - ePub

Financial Internal Controls Best Practices

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Financial Internal Controls Best Practices

About this book

This chapter from Governance, Risk, and Compliance Handbook, edited by Anthony Tarantino, provides an overview of best practices for financial internal controls. It covers COSO II guidance, automation of controls, and other primary considerations. It also discusses how to achieve ROI on compliance investments.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Financial Internal Controls Best Practices by Anthony Tarantino in PDF and/or ePUB format, as well as other popular books in Business & Finance. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Wiley
Year
2010
Print ISBN
9781118108499
eBook ISBN
9780470909669
Edition
1
Topic
Business
Subtopic
Finance
Index
Business
CHAPTER 22
FINANCIAL INTERNAL CONTROLS BEST PRACTICES
Ian Rodgers
22.1 OVERVIEW
(a) Controls over Planning and Budgeting
(b) Controls over Operational Risk
(c) Controls over Financial Statement Risk
(d) Compliance-Related Controls
(e) The Audit Imperative
(f) Remediation
(g) Enterprise Risk Management, COSO ERM
22.2 COSO II
(a) Assessment of Controls
(i) Design Effectiveness and Operational Effectiveness
(ii) Scoping of the Audit Requirement
(iii) Materiality
(iv) Relevance
(v) Top-Down Approach to Controls Assessment
22.3 AUTOMATION OF CONTROLS
(a) Prevention versus Detection
(b) Field-Level Audit
22.4 TYPES OF AUTOMATED CONTROLS
(a) Access Controls
(b) Process Controls
(c) Continuous Monitoring
(i) Control Areas
(d) Transaction Controls
(e) Master Data Controls
(f) System Configuration Controls
(i) Accounting, Consolidation, and Financial Reporting Controls
(ii) Subsidiary Ledger Controls
22.5 PRIMARY FINANCIAL CONTROL CONSIDERATIONS
(a) Revenue Cycle
(b) Procurement Cycle
(c) Intangibles
(d) Property, Plant, and Equipment Cycle
(e) Inventory/Production Cycle
(f) HR/Payroll Cycle
(g) Equity Cycle
(h) Financial Close and Reporting Cycle
(i) Tax Cycle
(j) Legal Cycle
22.6 COMBINING COMPLIANCE AND OPERATIONAL REQUIREMENTS TO ACHIEVE AN ROI ON COMPLIANCE EXPENDITURE
(a) Practical Considerations
22.7 FURTHER CONSIDERATIONS
(a) Company-Level Controls and the Control Environment
(b) International Considerations
(c) COBIT
22.8 CONCLUSION
NOTES
22.1 OVERVIEW
In its pure essence, a business exists to generate profits. The accounting and financial reporting disciplines within it allow the owners of the business and potential investors to value the business by inspecting those profits and evaluating the costs incurred in generating them. The business operations and risk management functions ensure that the firm conducts its processes in the most efficient and cost-effective manner. Without the assurances provided by internal controls over financial reporting, this assessment of profitability would be impossible. Without controls over operational risk management, that same investor has no assurance that this performance is sustainable. Finally, that same business has a legal and social responsibility to conduct its operations in a manner that conforms to generally accepted accounting principles (GAAP) and the various other prescribed regulatory constraints. Compliance-related controls enforce these rules.
As discussed in earlier chapters of this volume, therefore, an Enterprise Risk Management (ERM) model must address the enterprise's objectives with the following categories of control objectives:
  • Planningā€”high-level planning, resource allocation, and budgeting
  • Operational riskā€”day-to-day activities
  • Financial reporting riskā€”presentation of financial results
  • Compliance riskā€”adherence to statutory requirements of all jurisdictions within which the company does business
Put simply, the internal controls in each area ensure that the business is being run in accordance with the overall plan, that the financial statements and management reporting present an accurate view of the operations, and that all activities (including reporting) that are covered by statutory regulations are being carried out within the constraints of those regulations.
Let us take for example a major sales transaction (say 20 percent of sales for the quarter) that is intentionally counted twice in order to boost apparent profits, or a significant cost that is counted twice, thereby reducing apparent profits. (If the main criterion for the deception or error is to boost or reduce the level of taxable income, the same violations might be committed in reverse.)
It would be reasonable to expect that effective internal controls would either prevent such a transaction from being booked a second time or detect that the duplication has happened.
From a planning (sales forecast) perspective, a single transaction of this magnitude would be large enough to be identified by variance reports. Therefore, controls over the planning and forecasting process might identify this problem. In operational terms, controls to prevent this type of error or infringement would be an essential quality assurance provision. Clearly, double counting of revenue represents a considerable financial and management reporting risk and must be prevented by the appropriate internal controls over financial reporting. For all of these reasons, the compliance imperative would necessitate that this policy violation be prevented or at least detected after the fact.
This chapter places its emphasis on financial internal controls since these are more easily scrutinized for discussion purposes than nonfinancial controls. However, most of the concepts encountered apply, just as effectively, to nonfinancial controls.
For example, in the United States, the compliance audit challenges raised by the personal privacy aspects of the Health Insurance Portability and Accounting Act (HIPAA)1 regulations, which protect the confidentiality of communications between a health provider and the insured party, are similar to many of the compliance audit activities that resulted from the Sarbanes-Oxley Act of 2002 (SOX) over financial reporting for public companies.
(a) CONTROLS OVER PLANNING AND BUDGETING. In many respects, the governance process can be considered to start with the planning and budgeting activity. Internal controls over planning and budgeting are an essential aspect of both operational and compliance-related activities. Resource planning and revenue forecasting are the main benchmarks against which financial and management reporting are compared.
To continue with our example, in many organizations, the first indicator of this policy violation would be that the variance between the revenue forecast and the actual revenue numbers for that quarter would have been exceeded, or that the costs would be less than expected. In other words, either metric would be unexpectedly favorable. Whether this outcome would be considered a subject for cautious review or cause for celebration used to be a matter of management st...

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Chapter 22: FINANCIAL INTERNAL CONTROLS BEST PRACTICES