Internal control is a very special phrase in the accounting profession. Tactically, it’s the set of processes that help a company produce accurate data throughout the organization. It follows reporting requirements and laws, and maintain consistency and accuracy in its operations. Strategically, it’s an entirely new way of thinking and doing business. Read more
Internal control helps to reduce organizational risk. It is what you put in place to avoid mistakes, intentional or accidental, and to control accuracy and quality. It impacts every aspect of an organization.
Concepts for Internal Control
Small businesses, should familiarize with the concept as it can help reduce risks they have not noticed. Here are some practical examples of good ideas that support internal control:
- For private and secure data, provide access only to employees who need the data and restrict access of others.
- Have someone check that your bank balance matches the reconciled amount in your books, and that someone should be different from the person who does the reconciliation. This is one way businesses can implement a segregation of duties.
- Lock up paper checks and use the missing check number report to make sure none of the stock could be used for nefarious purposes.
- Have employees sign in and out equipment that they take home. This is part of asset management.
- Write and enforce a hardware and software use policy that includes items like employees should make sure their anti-virus software is active at all times, they should not bring in disks or CDs, and they should not download games or other unauthorized programs. This protects from computer viruses and helps to avoid catastrophic network failures.
Small businesses can implement a number of internal control procedures as they grow and operations become more complicated.
Relation to Audits
Internal control is typically a big part of an audit or an attest function in accounting; it determines how many additional procedures an auditor needs to do in order to provide assurances about the reliability of the financial reports. But it’s also just good plain common business sense to implement as many internal control processes as are cost-effective for your business to protect it at the level of risk you’re comfortable with.
If you’d like to discuss the idea of internal control further, please feel free to reach out any time.