Internal controls

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)

What are internal controls and why are they important for your business?download

It is important that you have good control over your business and know where it’s weak spots are.

If you know where the weak spots are you can in the next step go ahead and do something about those spots. By doing this you do not do anything else than cut potential risks and gain predictability of your business processes.

So, again, what are internal controls? Do you really need them? Why are they important for your business?

Go through the ideas mentioned further below and give yourself the answer after reading…

What are the internal controls?

Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations, and policies.

Internal controls are systematic measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to

  • conduct its business in an orderly and efficient way,
  • safeguard its assets and resources,
  • deter and detect errors, fraud, and theft,
  • ensure accuracy and completeness of its accounting data,
  • produce reliable and timely financial and management information, and
  • ensure adherence to its policies and plans.

Internal controls are translated into real life by writing them down in the form of procedures that are also part of the audit process ( internal and external audit ).

Internal controls are the financial processes and procedures that enable the organization to safeguard its assets.

How is this done?

The most effective procedures are those that have the greatest segregation of duties. The more people involved in the process, the less likely it is that an error or defalcation will occur.

For example, the person who writes the checks should not be the person signing the checks. The person who orders the service or product should approve the invoice. The person with budget responsibility should also approve the expenditure and should code the invoice.

Are there Different Types of Internal Controls?

Yes, generally speaking, there are two types: preventive and detective controls. Both types of controls are essential to an effective internal control system. From a quality standpoint, preventive controls are essential because they are proactive and emphasize quality. However, detective controls play a critical role by providing evidence that the preventive controls are functioning as intended.

Preventive Controls are designed to discourage errors or irregularities from occurring. They are proactive controls that help to ensure departmental objectives are being met. Examples of preventive controls are:

  • Segregation of Duties: Duties are segregated among different people to
    reduce the risk of error or inappropriate action. Normally, responsibilities for authorizing transactions (approval), recording transactions (accounting) and handling the related asset (custody) are divided.
  • Approvals, Authorizations, and Verifications: Management authorizes employees to perform certain activities and to execute certain transactions within limited parameters. In addition, management specifies those activities or transactions that need supervisory approval before they are performed or executed by employees. A supervisor’s approval (manual or electronic) implies that he or she has verified and validated that the activity or transaction conforms to established policies and procedures.
  • Security of Assets (Preventive and Detective): Access to equipment, inventories, securities, cash, and other assets is restricted; assets are periodically counted and compared to amounts shown on control records.

Detective Controls are designed to find errors or irregularities after they have occurred. Examples of detective controls are:

  • Reviews of Performance: Management compares information about current performance to budgets, forecasts, prior periods, or other benchmarks to measure the extent to which goals and objectives are being achieved and to identify unexpected results or unusual conditions that require follow-up.
  • Reconciliations: An employee relates different sets of data to one another, identifies and investigates differences, and takes corrective action, when necessary.
  • Physical Inventories
  • Audits

Who is Responsible for Internal Controls?

Management is responsible for establishing and maintaining the control environment. Auditors play a role in a system of internal controls by performing evaluations and making recommendations for improved controls. Furthermore, every employee plays a role in either strengthening or weakening the Institution’s internal control system. Therefore, all employees need to be aware of the concept and purpose of internal controls.

Internal Controls – Myths & Facts

Because there are many misconceptions about internal controls, knowledge sharing is vitally important to an effective control system. Part of the educational process is to dispel the myths about internal controls. Here are a few myths and the corresponding facts



Internal controls result from a strong set of policies and procedures (i.e., “If a policy doesn’t exist, we don’t have to do it”).

Internal controls are based on a strong control environment and solid business practices that, in most cases, will be supported by policies; however, lack of formal policies does not preclude good business practices.

Internal controls? That’s why we have internal auditors.

Management and departmental personnel are the owners of internal controls.

Internal controls are all about finance and accounting. We do what the Office of Financial Affairs or the Department of Finance tells us to do.

Internal controls are integral to every aspect of a business.

Internal controls are essentially negative, like a list of “thou shalt nots.”

Internal controls make the right thing happen the first time.

Internal controls are a necessary evil. They take time away from our core activities and responsibilities.

Internal controls should be built into, not onto, business processes.

If controls are strong enough, we can be sure that errors and irregularities will always be detected.

Internal controls provide reasonable, but not absolute, assurance that the organization’s objectives will be achieved.

 After reading the above, what do you think? Do you need internal controls? Are they important?
I would say, YES and YES.
Internal controls are nothing else but the rules of the game called your business that make sure that you don’t get cheated.
You want to know more about how such a thing can be introduced to your company , get in contact with TopCFO we are glad to help you have a reasonable internal control system that is supporting your business and gives you as a stakeholder/shareholder/business manager the comfort that things are evolving the right way and that the assets of the company are protected and that the set objectives will be met.
Want internal controls? TopCFO is the place to start …contact us !!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: