Auditing
2 Pages 605 Words
In order to fully comprehend what is meant by internal control we must look at the definition as stated in the COSO report. It is defined as, “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following three categories: reliability of financial reporting; effectiveness and efficiency of operations; compliance with applicable laws and regulations.” An important aspect of internal control to keep in mind is it’s reliance on people. No matter how much control a company implements, there will always be humans involved at some step of the way and therefore a chance for error and/or fraud. It is important to remember that these controls can only provide reasonable assurance, not absolute assurance, regarding the achievements of a company’s objectives.
Internal control consists of control activities. These activities include: performance reviews, segregation of duties, physical controls, and information processing controls. It is the responsibility of management to implement these activities effectively, and also to review the results so improvements or adjustments can be made. The auditor’s responsibility is to assess the level of risk connected to each control. After assessing the risks involved, tests must be performed to evaluate the effectiveness of the control in question. Some tests are more costly to run than the benefits that will be received. It is the job of the auditors to weigh the costs and benefits of performing each test and then determine which ones are to be carried out, and which will be scrapped.
The controls discussed so far focus on management’s internal control over its employees. But in a retail store, employees are not the only ones with access to product, and therefore are not the only ones capable of influencing the financial statements. Management in the reta...