Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,

Published byDonald Bruce Modified over 8 years ago

Similar presentations

Presentation on theme: "A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,"— Presentation transcript:

1 A Guide for Management

2 Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives, and control examples An approach for evaluating entity-level controls Questions and answers

3 Reasons for This Presentation Assists in fulfilling your responsibilities for financial reporting Emphasizes the importance of entity-level controls and how they mitigate financial statement risks Explains how entity-level controls differ from other controls Illustrates the benefits of strong entity-level controls

4 Reasons for This Presentation Provides an approach for assessing the adequacy of your entity-level controls

5

6

7 Benefits of Focusing on Entity-level Controls Pervasive effect on other controls Serve as a foundation Cost-effective to implement and operate May serve as key controls to prevent, detect, and correct errors or fraud

8

9 Internal Control – An Overview Process employed by the company to provide reasonable assurance of achieving financial reporting objectives Consists of five interrelated components To be effective, all components should be in place Applies to all companies—both small and large Helps prevent, or detect and correct, misstatements resulting from risks

10

11 Five Components of Internal Control Control EnvironmentRisk Assessment Information and Communication MonitoringControl Activities

12

13 Which of the Components are Entity-Level Controls? Control Environment Risk Assessment Information and Communication Monitoring Control Activities Entity-Level Controls

14 Control Activities Not Entity-Level Controls, But What Are They? Make up the majority of controls at most entities Apply to the processing of transactions Designed to achieve specific control objectives Often the focus of management, accounting personnel, and auditors

15 Control Activities Are Critical, But ….

16 Why “Entity-Level?” Impact is pervasive Not associated with specific accounts, transactions, or disclosures Often carried out by management

17 Why “Entity-Level?” Pervasiveness Risk Assessment Control Environment Information/ Communication Control Activities Monitoring

18 Entity-level Controls─ Control Objectives

19 Control Environment Objectives Those charged with governance are actively involved and have influence over financial reporting Management demonstrates character, integrity, and ethical values Management’s philosophy and operating style are consistent with a sound control environment The organizational structure is appropriate to support effective financial reporting Human resource policies and procedures promote integrity, ethical behavior, and competence Authority and responsibility are appropriately assigned The organization is committed to competence

20

21 Control Environment Control examples How risks are addressed Those charged with governance provide input and oversight to the financial statements Management is ethical in its business dealings Management demonstrates a sincere interest in achieving effective internal control and correcting deficiencies Mitigates risk of fraudulent financial reporting through objective oversight Demonstrates management’s commitment to ethical actions Ensures that internal controls are a priority and resources are allocated to their proper design and implementation

22 Control Environment Control examples How risks are addressed Lines of authority and responsibility are clearly defined Employee recruitment and retention practices are guided by principles of integrity and the necessary competencies associated with the positions Job descriptions and other forms of communication inform personnel of their duties Job performance and competence are periodically evaluated Ensures that the organizational structure includes appropriate levels of review and segregation of duties Promotes the hiring and retention of employees with integrity and ensures that they understand their roles Identifies employees with inadequate performance or job skills for corrective action

23 Risk Assessment Objectives Financial reporting objectives are established, documented, and communicated Accounting principles are properly applied Practices are established for identifying risks When assessing risks, the entire organization and extended relationships are considered Mechanisms are implemented to anticipate, identify, and react to changes Risks are properly evaluated and mitigated An appropriate fraud risk assessment and monitoring process exists

24

25 Risk Assessment Control examples How risks are addressed The accounting department has a process to identify and apply changes in GAAP Processes exist to identify changes in the business that affect the processing or recording of transactions Budgets or forecasts are updated to reflect changes in activities Ensures that all significant transactions and events are captured, accounted for, and reported in conformity with GAAP Ensures that changes in the business are monitored, communicated, and analyzed for proper financial reporting Identifies the likelihood and impact of changes on the entity’s financial results

26 Risk Assessment Control examples How risks are addressed Plans are developed to mitigate significant identified risks, including designing and implementing appropriate controls Fraud risk assessment is an integral part of the risk identification process Fraud risk assessment considers incentives and pressures, attitudes and rationalizations, and opportunities to commit fraud Ensures that actions are taken to mitigate risk by designing and implementing appropriate controls Considers fraud risk separately to ensure appropriate controls Assesses areas that have a higher inherent risk of fraud to consider how fraud might occur or how controls might be overridden

27 Information and Communication Objectives Information is identified, captured, used, and distributed at all levels of the entity Information for the functioning of internal control is identified, captured, used, and distributed to allow personnel to carry out their internal control responsibilities Communication exists between management and those charged with governance to enable role fulfillment All personnel receive a clear message that internal control responsibilities are to be taken seriously There is effective upstream communication

28

29 Information Control examples How risks are addressed Policies and procedures exist for capturing financial data completely, accurately, and on a timely basis Financial personnel meet with line management to discuss operating results Deadlines exist for period-end reporting which include appropriate reviews Ensures the completeness, accuracy, and timeliness of data that affects the accounting records Provides reliability of information and results through review of appropriate details and discussion with operating personnel Reinforces the timely processing, reporting, and review of information and results through adherence to deadlines

30 Communication Control examples How risks are addressed There are timely communications between management and those charged with governance Employees receive adequate information to complete their jobs Upstream communication is encouraged to improve performance and enhance internal control All reported improprieties are reviewed and investigated Enhances reliability through timely feedback Prevents errors by ensuring personnel have a clear understanding of policies, procedures, and expectations regarding job responsibilities Minimizes improprieties by motivating employees to use upstream communication knowing their comments will be taken seriously

31 Monitoring Objective Management monitors controls over financial reporting through: Ongoing monitoring Independent evaluations Remediation of identified deficiencies

32

33 Monitoring Control examples How risks are addressed Ongoing monitoring is built into operations throughout the entity and includes a definition of what constitutes a deviation Ongoing monitoring provides feedback on controls as well as processes Reports from external sources such as external auditors and regulators are considered for their internal control implications, and timely corrective actions are identified and taken Enables personnel throughout the organization to identify when a control has failed Identifies control deficiencies that might allow errors or fraud to occur and go undetected as well as inefficient or ineffective processing routines Provides an objective viewpoint to help identify better ways of doing things

34 Monitoring Control examples How risks are addressed Findings of deficiencies are reported to the appropriate person who can take corrective action and if applicable, one level of management above Deficiencies are communicated regularly and as necessary to management and those charged with governance Ensures that follow-up will occur when deficiencies are identified Deters fraud through involvement of multiple levels of management Ensures that top level management is aware of deficiencies so appropriate resources can be allocated to taking corrective action

35 Steps for Assessing Entity-Level Controls Assess Key Risks Consider Control Environment First Consider Objectives and Review Controls Prioritize Deficiencies Implement Changes

36

37

38

39 Tools for Making the Assessment Supporting tools can help with your assessment:  Complete (or update) a narrative describing your entity- level controls using “Understanding the Design and Implementation of Internal Control”  Supplement the documentation by completing the related “Entity-level Control Form”

40

41 Conclusion Evaluate all entity-level components— even at small entities Scale your controls to the size of the entity Consider how entity-level controls interact with each other and with key control activities Consider how entity-level controls help mitigate risks of errors or fraud

42 Questions?

Download ppt "A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,"

Similar presentations

An Internal Control Overview

An Internal Control Overview
Internal Control–Integrated Framework

Internal Control–Integrated Framework
Presented by YOUR NAME THE DATE

Presented by YOUR NAME THE DATE
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.

Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
Internal Control.

Internal Control.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
Purpose of the Standards

Purpose of the Standards
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Minnesota’s Internal Control Initiative National Association of State Comptrollers March 25, 2011 Speaker Jeanine Kuwik, MBA, CPA, CISA Director of Internal.

Minnesota’s Internal Control Initiative National Association of State Comptrollers March 25, 2011 Speaker Jeanine Kuwik, MBA, CPA, CISA Director of Internal.

Similar presentations

Ads by Google