There are seemingly never ending demands on the owners and managers of most organizations. Attracting new business is challenging in these economic times. Quality delivery is paramount. Administration is demanding. An effective system of internal control is often overlooked. Too often, overreliance is placed on trust which contributes to problems such as fraud, bad decisions, poor allocation of resources and ineffective reaction to errors.
Internal control includes the processes and procedures an organization puts in place to safeguard assets, enhance the accuracy and reliability of financial information and to comply with financial and legal obligations, for example Canada Revenue Agency or Internal Revenue Service reporting requirements and covenants that may exist through agreements with financial institutions.
It can be challenging for smaller organizations to implement controls. Segregation of duties is a key control. For example, the person who handles cash receipts should not be responsible for bank deposits. With a small team, it can be difficult to achieve this. Nevertheless, there are some practical steps that can be taken.
Effective internal control is very dependent on the "tone at the top". Owners and senior management must demonstrate a commitment to ethical behaviour and support the operation of effective controls. Consideration should be given to establishing specific codes of conduct, communicating them to all members of the organization and including them in employment agreements. Hiring procedures warrant careful consideration. It is important to request references and perform background checks.
It is very important to clearly define and document your business processes and controls. Written business processes not only support internal control, they serve to train new staff and to add value to your organization because key processes are documented and not dependent on the knowledge of one or more key employees. In addition, business continuity in the face of a departure of a key employees becomes less of a risk.
To help identify what your key controls should be, think about what could go wrong and identify practical steps to prevent the problem from occurring. For example:
* Do your inventory management processes include adequate controls to protect your inventory such as secure storage areas with appropriately restricted access?
* Do you have documented guidance that provides reasonable assurance that transactions will be coded to the correct accounts in your financial records, contributing to accurate information to make effective decisions?
* Have you established a budget and do you compare actual results to your budget to identify areas requiring further investigation for potential problems?
The above are only a few examples of control considerations to establish an effective internal control environment. Above all, your controls must be practical, support efficient business operations and be cost effective. It's also important to remember that controls will never eliminate risk; rather, appropriately designed controls will contribute to effective risk management.
Your organization can benefit from an annual review of your internal control environment - as organizations grow and change, controls must change accordingly. Our OTUS Financial Management Assessment includes an overview assessment of internal control to determine if there are opportunities for improvement.
0 Responses to 'Reduce Risk With Internal Control'
Post a Comment