Committee of Sponsoring Organizations (COSO) identifies five interrelated internal control structure components. These components of internal control structure are as follows:
Table of Contents
Components of Internal Control Structure
1. Control Environment
Environmental control sets the tone of the business organization, influencing the control consciousness of all level people. It is the basic foundation for all of the components of internal control, providing discipline and structure.
Numerous factors comprise the control environment in an entity, among which are the following:
- Integrity and ethical values
- Commitment to competence
- Board of directors and audit committee
- Management philosophy and operating style
- Organizational structure
- Assignment of authority and responsibility
- Human resource policies and practices
2. Risk Assessment
Risk assessment for financial reporting purposes in an entity’s identification, analysis, and management of risks relevant to the preparation of financial statements that are fairly presented in conformity with generally accepted accounting principles.
Management’s risk assessment should include special consideration of the risks that can arise from changed circumstances, such as new areas of business or transactions, changes in accounting standards, new laws or regulations, the rapid growth of the entity, and changes in personnel involved in the information processing and reporting functions
3. Information and Communication
The information system relevant to financial reporting objectives, which includes the accounting system, consists of the methods and records established to identify, assemble, analyze, classify, record, and report entity transactions and to maintain accountability for the related assets and liabilities.
4. Control Activities
Control activities are those policies and procedures that help ensure that management directives are carried out. Control activities relevant to a financial statement audit may be categorized in many different ways. One way is as follows:
- Information processing controls
- General controls
- Application controls
- Proper authorization
- Documents and records
- Independent checks
- Segregation of duties
- Physical controls
- Performance reviews
Monitoring is the process that assesses the quality of the internal control structure’s performance over time. It includes assessment by perfect personnel of the design and operation of controls on a suitably timely basis to determine that the ICS is operating as intended and that it is modified as appropriate for changes in conditions.
You May Like Also: