nature , objective and type of control
WHAT - Internal control comprise many thing, monitoring, mangement information etc to help achieve objective. The COSO model reflects these elements of EFFECTIVE, PERVASIVE APPROACH TO INTERNAL COTNROL ACROSS AN ORGANISATION. Internal control can help prevent rau and protect an org assets (financial, intellectual and physical) and reputation
HOW An effective control system manages risk to a defensible level - few if any that can eliminate risk. system can be seen as cycle. starts with environment tone at top which effects control consciousness of staff. Where risk tolerance and appetite set.
- Assessment of risk - liklihood and impact of undersirable event and what deem acceptable level of error or lost - control design and operated to reflect risk assement and risk appetite
Internal control process
- Assessment of risk - liklihood and impact of undersirable event and what deem acceptable level of error or lost
- control design and operated to reflect risk assement and risk appetite - too much = unwanted cost delay and hinder achievement of obj. Too little=risk unwanted events higher than deemed acceptable
- TYPES - can be physical, or logical. preventative, directive, corrective, detective
- effective system is balance of different types thus unwanted events are prevented, detected promptly and corrected asap
- process required to capture info on effectiveness o fconrols to improve as necessay
- effective system look at segregation of duties in key areas than reliance on specific or key controls - latter fail increased likelihood unwanted risk.
Control activities - SOAPMAPS
Segregation of duties
ALSO, SEE DEVELOPMENT OF AUDIT AND CONTROL REVISION MATRIX