The basic goals of a proper Internal Control System (ICS); Safeguard your assets

August 13, 2012 - Design / Build

Stephen Mannhaupt, Grassi & Co.

An Internal Control System (ICS) is necessary to the success of a company as it puts in place procedures to ensure that the organization achieves specific goals and objectives. It allows management to make sure information is recorded properly and allows them to safeguard their assets. The ICS ensures that a company will meet their desired goals. In addition, establishing a proper ICS can prevent financial statement misstatements, which can have a negative impact on future business operations and credit eligibility.
Misstatements
Having misstatements in financial reports and in operations can set a company back weeks or even months. See the list below for some examples of obvious and some not-so-obvious misstatements that can occur if the company does not have a proper ICS.
Obvious Misstatements
* Payments to vendors are processed for wrong amounts or late
* Requisitions could be collected and not deposited into company accounts
* Incorrect or late payroll tax processing
* Incorrect sales tax processing
* Excessive work performed on unapproved change orders
* Increased profit fades on projects - profit fluctuations
* Poor cash flow - sign of poor internal controls
Not-so-obvious Misstatements
* Confusion among employees
*The entire organization is not aware of the company's goals
* Reports not prepared or issued timely
How to Implement an ICS to Help Eliminate Misstatements
When initially setting up an ICS, it is important to keep in mind that internal controls are always evolving. A proper ICS is specific to the company in which it was designed. A proper ICS allows management to be more nimble and open to change. In addition to creating more room for change and improvement, it is important to continuously monitor and adjust weak areas in the system. A well implemented and established system can improve the performance of management, production, change and marketing processes, so that the organization can achieve a better position and greater leverage in the market.
In order to begin establishing an ICS, the management team should analyze significant processes, including Payroll and Disbursement and Report Collection, to find weaknesses by asking the following questions:
* What could go wrong?
* Does one individual have too much control?
* Is there appropriate authorization and approval by management at each level?
* Is there a process in place to prevent errors before they occur or identify errors after they occur?
Asking these questions will help enable you to identify existing weaknesses in your processes and based on the findings derived from the analysis, your primary next steps will be to:
* Design a new control for a process that currently lacks the monitoring necessary to ensure efficiency
* Change an existing control to adjust for gaps or weaknesses identified
Once you have identified your areas of weakness and controls that require adjustments, the next step is to set up your ICS Team. Determining who is going to implement the ICS is extremely important. Key participants include: ICS manager, internal inspector, accounting, management, CFO and human resources.
ICS Manager
The ICS manager is responsible for the management and ultimate success of the ICS. His/her key responsibility is to organize the ICS and advise, motivate and train the staff.
The ICS manager should contain the following attributes:
* A detailed knowledge of the company's standards and its internal standard
* A good knowledge of the ICS procedures and documents
* The ability to run a team and train other people
* Efficiency in administrative tasks
* Authority in management of documents and data
* The person who will raise awareness of the ICS and organize the training
The Internal Inspector
The role and responsibilities of the internal inspector demands an eye for detail. The internal inspector is the 'eyes and ears' of the ICS. The success of the ICS will depend on the support and the resources made available to the internal inspector to accomplish his/her tasks.
* Qualities required of the internal inspectors
* Ability to read, write and produce reports
* Technical and social knowledge of principles and practices of your company
* Demonstrable competence in control procedures and internal standards
* No conflicts of interest that would compromise the integrity of the role
* Respected by staff members
Inspections and approvals must be done by different people. Approval and decisions can be taken either by one person or a group of qualified people.
* Qualities required of the approval personnel
* Good knowledge of the internal standards
* Respected among the staff
Like many areas of life today, technology has had a big impact on the effectiveness of the ICS. It has allowed processing information to be done much faster such as the electronic approval of vendor payments and increased security features such as passwords. SOX risk assessment has also required more electronic documents such as bank statements. This eliminates confusion and misplacement of documents.
Having the right ICS team in place can pave the way to an enjoyable working environment, whereas having the wrong team in place can impact the entire company in big ways such as incurring misstatements.
In addition to establishing an ICS, there are a number of daily activities that an organization can implement to reduce the occurrence of misstatements.
Primary activities that should become standards at your organization include:
* Proper and consistent reporting to management
- Review cost and billing reports regularly
- Management reviews original documents
- Rely on Advisors to assist with unknown
- Profit Analysis
* Surprise inspections
- Proper internal controls includes an internal audit or inspection process
- Use outside providers
- Basic Review
* Regularly meet and ask questions of staff
- Segregation of duties
- Have an approval process in place
- One staff member prepares
- Another reviews and approves
* Proper Custody of Assets
If there is one thing we can be certain of, it's that nothing is certain. So once you've implemented an ICS how are you going to make sure it flourishes? You will have to constantly review and evaluate systems and trust your management. If management feels they are not meeting their goals, you may need to change some procedures.
Stephen Mannhaupt, CPA, is a partner at Grassi & Co., Jericho, N.Y.
Thanks for Reading!
You've read 1 of your 3 guest articles
Register and get instant unlimited access to all of our articles online.

Sign up is quick, easy, & FREE.
Subscription Options
Already have an account? Login here
Tags:

Comments

Add Comment