Definition and Components of Internal Control
Internal Controls are operating practices or activities that are established to provide reasonable assurance that specific objectives will be achieved.
Primary objectives of an internal control system are:
- Compliance with applicable policies, procedures, plans, laws, regulations and contracts;
- Reliability and integrity of information;
- Economic and efficient use of resources; and
- Safeguarding of assets.
Accomplishment of these objectives increases the likelihood that the goals and objectives established by the University will be met.
The 5 “Components of Internal Control” represent those means by which the University can achieve its objectives:
- Control Environment – sets the overall tone of the organization;
- Risk Assessment – management’s identification of risk;
- Information and Communication System – a means of recording transactions and communicating responsibilities;
- Monitoring – assessment of internal control over time; and
- Existing Control Activities -policies and procedures established to ensure that management’s directives are carried out.
Controls are any action taken by management to increase the likelihood that established goals and objectives are achieved.
Internal Control is not always good if:
- It is excessive. A control that unnecessarily increases the complexity of a transaction process without adding value to the activity being controlled is ineffective and a waste of resources; and
- Have costs that outweigh the derived benefits.