copyright© 2010 wecomply, inc. all rights reserved. 10/17/2015 internal controls
TRANSCRIPT
Copyright© 2010 WeComply, Inc. All rights reserved.
04/20/23
Internal Controls
Copyright© 2010 WeComply, Inc. All rights reserved.
04/20/23
Internal Controls
Copyright© 2010 WeComply, Inc. All rights reserved. 3
What Are Internal Controls?
Controls: Used to manage risks and make sure things happen the way we want them to
They are —•Intended to ensure that internal operations work as they’re supposed to•Managed/used by people inside the organization•Built into our business activities
Good internal controls help us make sure we —•Use and provide accurate/reliable information•Comply with laws, regulations, policies and procedures•Reduce exposure to fraud/theft
Copyright© 2010 WeComply, Inc. All rights reserved. 4
Types of Controls
Purposes:•Prevention: Preventive controls deter/prevent unwanted events from happening•Detection: Detective controls detect unwanted acts that have happened
Both types are integral to effective system
Preventive controls are proactive and emphasize quality
Detective controls provide evidence that preventive controls are working
Winning combination is a mix of strategically placed controls throughout/following transactions
Copyright© 2010 WeComply, Inc. All rights reserved. 5
Internal-Control Standards
Internal controls are developed to meet general or specific standards
•General standards describe what objectives we want to achieve
•Specific standards tell us how to achieve them
Examples of general standards:
•Reasonable Assurance
•Supportive Attitude
•Competent Personnel
•Control of Objectives
Copyright© 2010 WeComply, Inc. All rights reserved. 6
Internal-Control Standards (cont’d)
Examples of specific standards:
•Documentation
•Authorization
•Separation of Duties
•Supervision
•Security
Copyright© 2010 WeComply, Inc. All rights reserved. 7
Risk
Risk: Likelihood that an event or action will adversely affect our organization
•Internal risks — lack of experience or training, personnel turnover, lost or incorrect information, theft, fraud/abuse
• External risks — acts of nature, economic downturns, technological problems, lawsuits, restrictive legislation, changing needs
Each unit's risk is assessed in risk assessment
• Rating is assigned to each unit
• Ratings are considered in developing controls and scheduling reviews
Copyright© 2010 WeComply, Inc. All rights reserved. 8
Pop Quiz!
Please complete the following sentence: A primary purpose of internal controls is to identify risks associated with the achievement of an organization’s objectives and to do what is necessary to ______ .
A.Eliminate those risks.
B.Manage those risks.
C.Achieve those objectives.
Copyright© 2010 WeComply, Inc. All rights reserved. 9
Handling Risk
We need to balance risks and controls
Internal-control system decreases risk to an acceptable level
Goal is to attain reasonable assurance
Three ways of handling risk:
•Accept the risk
•Insure the risk
•Control the risk
Copyright© 2010 WeComply, Inc. All rights reserved. 10
Security
Many controls are directed at keeping personnel or data more secure
•Physical inventories
•Computer security
•Anti-theft
•Limited access
•Separation of duties
Copyright© 2010 WeComply, Inc. All rights reserved. 11
In the news…
Copyright© 2010 WeComply, Inc. All rights reserved. 12
Employee Responsibilities
All employees are responsible for dealing with controls that apply to job duties
Ask probing questions, e.g. —
•What are my risks and how are they controlled?
•Does this control help me get my job done?
•Does this internal control work correctly?
•Is there too little or too much control?
•How can we make internal controls better?
Copyright© 2010 WeComply, Inc. All rights reserved. 13
Employee Responsibilities (cont’d)
All employees are expected to —
•Fulfill responsibilities established in job description and meet performance standards
•Attend appropriate education/training programs to increase awareness and understanding
•Take steps to safeguard assets against waste, loss, unauthorized use, misappropriation
• Exhibit ethical values and integrity in your daily activities
• Report any breakdowns in or concerns about internal controls
Copyright© 2010 WeComply, Inc. All rights reserved. 14
Pop Quiz!
A university's employees are divided into two groups based on their job responsibilities: (1) managers (Deans, department chairs, center directors, supervisors, administrative office managers) and (2) employees. Who is expected to participate in training sessions?
A.Managers only.
B.Employees only.
C.Both managers and employees.
Copyright© 2010 WeComply, Inc. All rights reserved. 15
In Sum...
Without effective internal controls, we are more likely to
•Violate laws or regulations
•Lose assets and opportunities
•Fail to meet key goals and objectives
With effective internal controls in place, we can
•Boost our credibility
•Position ourselves to seize opportunities
•Minimize theft, fraud and wasted time
Thank you for your help!
Copyright© 2010 WeComply, Inc. All rights reserved.
04/20/23
Final Quiz
Copyright© 2010 WeComply, Inc. All rights reserved.
04/20/23
Questions?
Copyright© 2010 WeComply, Inc. All rights reserved.
04/20/23
Thank you for participating!
This course and the related materials were developed by WeComply, Inc. and the Association of Corporate Counsel.