ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Internal Control Procedures

Updated on April 22, 2015

After companies like Enron, WorldCom, and Tyco decided to turn in dishonest financial statements and resulting with Wall Street being shaken with plumbing (worthless stock). Not to mention employees who were affected by this. Congress had to take immediate action to keep other executives, management, etc. from thinking they could fraud the company. Congress did this by implanting the Sarbanes-Oxley Act of 2002. This act changed the rules of auditor independence and also put more responsibility for management to make sure every employee is following the companies internal controls.

Internal Controls

"Internal control is a process effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following thee categories:

  • Reliability of financial reporting
  • Effectiveness and efficiency of operations
  • Compliance with applicable laws and regulations." (Louwers, Ramsey, Sinasom, & Strawer, 2007, p149)

When an auditor comes to do an audit on the company. The auditor will make an internal control checklist(example below). This checklist is to make sure they company is following the internal controls and they are not the auditor will suggest ways to improve this section. There is five components of internal controls.


Five Components

The five components of internal control are control environment, risk assessment, control procedures, information and communication, and monitoring.

Control Environment

The control environment component sets up the main tone of the organization. "It provides discipline and structure. Control environment factors include the integrity, ethical values, and competence of the company's people. (Louwers, Ramsey, Sinason, & Strawer, 2007, P151) The control environment consist of integrity and ethical values, commitment to competence, managment's philosophy and operating style, organizational structure, assignment of authority and responsibility, and human resource policies and practices. For each of these sub components I will provide examples of questions that will be found on an auditors checklist.

  • Integrity and Ethical Values: Are there policies in place that explain acceptable business practices?, Is there a code of conduct?, Does management set a good example of integrity for the employees to follow?, etc.
  • Commitment to Competence: Are there clear descriptions of job responsibilities for each level?, Are employees trained to give them knowledge of the job?, Do the office employees (marketing, accounting, etc.) have the required educational background for their position?, etc.
  • Management's Philosophy and Operating Style: Does the company have a mission statement, vision statement and guiding principles?, Does the company provide full disclosures of financial statements?, Does the company ensure employees are following government laws?
  • Organization Structure: Is there an organizational structure in place?, Do all employees know the organizational structure?, Do managers know who to report to in which order during a situation?, etc.
  • Assignment of Authority and Responsibility: Does management understand their responsibilities? Does management know where there authority ends for each level?, etc.
  • Human Resource Polices and Practices: Does the company give an ethical pre-assessment for calling potential employees for an interview?, Does the company do a detailed interview?, Are employees always supervised?, etc.

Risk Assessment

Risk assessment is where the business thinks of the many risks that could happen to keep the company from meeting their objectives. The subcomponents of risk assessment is organizational goals and objectives, and managing change, etc.

  • Organizational Goals and Objectives: When directions are changed have they be tested first?, Are budgets detailed and realistic?, Does management know how to achieve budget goals?, etc.
  • Managing Change: Does management show support of change? etc.

Control Procedures

After a company identifies the risks of the company they must come up with a set of control procedures. The subcomponent of control procedures is written policies and procedures, and controls over information systems.

  • Control Procedures: Does the general manager monitor the store's performance against the budget?, In the office is there separation of duties (one person authorize the transaction while another records it)?, Does the company have a disaster plan in place?, etc.
  • Written Policies and Procedures: Does management have access to updated government policies and procedures?, Does the company have documentation of the company's policies and procedures?, etc.
  • Controls over information systems: Does the company keep their computer software up to date?, Is their virus protection on their computers?. etc.

Information and Communication

This component is necessary to achieve management's objectives. Subcomponents for information and communication is access to information, communication patterns, etc.

  • Access to Information: Does the company report their daily sales to the office daily?, Does the company secure information that is not meant for everyone( Ex. Password protecting a document)?, etc.
  • Communication Patterns: Does the company foster trust within their staff?, Are employees and lower management encouraged to make recommendations for improvement?, etc.


Lastly internal controls are pointless if the company is not going to monitor them to make sure they are effective.

  • Does management do random checks to make sure that records and transactions are meeting expectations?, Are budgets compared to actual result in a timely manner?, etc.

"Some monitoring controls include these:

  • Operating managers' comparison on internal reports and published financial statements with their knowledge of the business.
  • Analysis of customer complaints of amounts billed
  • Analysis of vendor complaints of amounts paid...."(Louwers, Ramsey, Sinason, & Strawser, 2007, p160)

Louwers, T.J., Ramsay, R., & Sinason, D. (2007). Auditing and Assurance
Services: A look beneath the surface
(2nd ed.). New York, NY: Mcgraw-Hill


    0 of 8192 characters used
    Post Comment

    No comments yet.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
    ClickscoThis is a data management platform studying reader behavior (Privacy Policy)