Financial fraud, bribery, embezzlement. Increased cost of capital, decrease in shareholders' wealth, and loss of a company's value. These issues are usually the result of a company's failure to establish effective internal controls.
Your company's internal controls include all the policies and procedures developed to prevent material and financial fraud, minimize errors, promote operating efficiencies, and achieve compliance with policies.
Although you may encounter obstacles in developing and implementing your company's internal controls (lack of knowledge, resources, time, lean budgets), we would like to encourage you to focus continually on this critical area of your business operations.
The COSO model focuses on five distinct elements:
1. Control environment. Values, the company's culture, effective business governance, industry and economy factors are some of the elements you can evaluate as it relates to the risks associated with the control environment.
2. Risk assessment. What are your management's efforts to identify and mitigate business risks in the areas of systems and technologies, personnel, or malicious events?
3. Information and communication. Do you have adequate systems in place to support timely and reliable communications, such as financial reporting and internal control information as well as internal and external communications?
4. Control activities. Your company's control activities should consist of written and monitored policies and procedures, physical control of assets and systems, and controls embedded in your company's software. Oftentimes, once developed and implemented, the internal controls are not reviewed and evaluated. As such, a company's control activities become weak and ineffective. Hence, the need for the fifth element.
5. Monitoring. Systematic monitoring will evaluate the results of the internal controls, such as outcomes and violations as well as it will identify the need for changes in the internal controls.
A good internal control system means good business.
