The basic principle of internal controls is separation of
responsibilities and ensuring an audit trail to control this.
I will limit my example to outgoing payments for purchases and
services, since control of cash and bank accounts is the most obvious
area a company should worry about. (Control of inventory may be just
important for a retail operation, applying similar controls, plus
physical controls, of course.)
Separation of responsibilites:
Persons authorized to order goods or services may not authorize
payments or control receipt of the goods, and vice versa.
Persons who may make payments must have documented authorization from
someone in a department with the responsibility to issue such
instructions (this would include other areas such as payroll, travel
expense reimbursement, where similar controls should exist).
The practice:
The ordering department orders items based on instructions from
management or stock control and passes copies to the payments
department and to the department that controls the receipt of goods.
When goods arrive, the latter controls that the goods have been
ordered, signing off on the delivery receipt and passing a copy to the
payments department.
THe latter receives the invoice and controls that the goods have been
received, and that the invoice agrees with the order before paying.
Signatures and stamps on the paperwork provide an audit trail that
allows subsequent verification that each step has been properly
handled.
This is supported by bookkeeping entries.
Of course, much of this can now be handled in a computer system that
obviates the use of paper but provides similar controls and an audit
trail.
Work-flow charts are a method of documenting how transaction are
processed which allow management and audit to recognize if the
procedures provide adequate internal controls.
Of course, this is only a very brief example. I hope it helps answer
your question.
Myoarin |
