Auditing is a process of independent and systematic examination of different types of financial statements of the business organizations in order to ascertain that they are prepared on true and fair basis (Louwers et al., 2015). In the audit operations, auditors provide great importance on the Internal Control of the businesses. In terms of accounting as well as auditing, Internal Control is the process that assures that all the major financial and accounting objectives of the companies are effectively achieved. It implies that it is the responsibility of internal control to main the operational efficiency and effectiveness of businesses (Stefaniak, Houston & Cornell, 2012). Thus, it is essential for firms to implement effective internal control for their business operations. This particular report takes an honest attempt to analyze and evaluate different major aspects of organizational internal control. In addition, this report also puts light on the limitations of internal control for the development of effective audit strategies.
Five Components of Internal Control
In the business organizations, Internal Control has five crucial components and all of these five components have vast effect on the external audit procedures of the companies. Following discussion shows the description of five components of internal Control:
Control Environment: Control Environment refers to the attitude of organizational employees and management towards the need of implementing internal control within the organizations. Two major factors of control environment are function of the management and governance. Management of the companies are responsible for implementing internal control by complying with all required standards, principles and policies. External auditors are able to understand the nature and philosophy of management from the implementation of effective internal control (Abbott, Parker & Peters, 2012).
Risk Assessment Process: Most important role of the auditors is the identification of major material misstatements in company’s financial statements. It implies that the responsibility to ascertain the risks lies on the management with the assistance of effective internal control. At the time of audit operations, external auditors get great helps from this due to the prior identification of risks (Arens, Elder & Mark, 2012).
Information and Communication: Within the organization, all necessary information regarding internal control is required to be effectively communicated within the management. One of the major need of the external auditors is to acquire major understanding about different information and communication process of the companies (Laudon & Laudon, 2016). Thus, it implies that the effective communication of major internal control related information provides great assistance to the process of external audit of the companies.
Control Activities: Control activities is the combination of appropriate accounting system, information technology and various other systems for increasing the effectiveness of internal control within the businesses. All these activities play a crucial part in the identification and understanding of the nature of authorization of company’s management by the external auditors. On the other hand, with the help of these control activities, management can implement the means to protect and secure confidential information of the businesses (Al Sawalqa, & Qtish, 2012).
Monitoring: The overall assessment of organizational internal control can be done with the help of effective monitoring process as the internal control assessment report plays works as a base for the external auditors in the identification of gaps and loopholes of internal control. Thus, it can be considered as a major part of internal control (Srigley et al., 2014).
Benefits of Internal Control
External auditors can be vastly beneficial from the implementation of effective internal control in the organizations. Following discussion shows the major benefits of internal control:
Reliability in Financial Reporting: Internal control plays a crucial role in the preparation of reliable financial reports by complying with the major principles of required accounting standards and these reports help the external auditors in conducting audit operations. Implementation of effective internal control provides the external auditors with true and fair financial information so that they can prepare error free audit report for various stakeholders (William Jr, Glover & Prawitt, 2016).
Compliance Maintenance: One of the major responsibilities of internal control of the companies is to ascertain the fact that all the accenting works and financial statements are prepared by complying with the required standards and rules of accounting standards. While recording various financial information, financial executrices of the companies need to follow the required accounting standards. As a result of this, external auditors do not feel much work pressure as they do not have to conduct compliance check (Al Sawalqa, & Qtish, 2012).
Reliability: Effective implementation of internal control provides the organizations with the opportunity to increase reliability aspect of financial information. The users of financial statements should have confidence in provided financial information of the companies. In addition, the external auditors should also have confidence on the prepared financial statements. The presence of effective internal control makes the external auditors rely on the provided financial information of the businesses (William Jr, Glover & Prawitt, 2016).
Operational Efficiency: Managements of the companies get the opportunity to increase the overall efficiency of various business operations in the presence of effective internal control. As a result of this, external auditors face fewer difficulties at the time to conduct audit operations. These are the major benefits of having effective internal control within the organizations (Al Sawalqa, & Qtish, 2012).
Enhancing the Performance of External Auditors
From the earlier discussion, it can be observed that Risk Assessment is an integral part of organizational internal control as it helps in the enhancement of external auditor’s performance. Day by day, the business environment is becoming more complex and this aspect demands the risk assessment process to become more comprehensive and rigorous. Now a days, it has become mandatory for the external auditors to gain knowledge about the management and accounting procedures of the businesses for the identification and assessment of material misstatement risks of financial information in a more accurate manner. In addition, another major part of internal control is Data Analysis (Combes, Braun & Galusha, 2017). Data analysis makes the external auditors able to acquire effective understanding regarding different risk factors of their audit clients. With the help of the techniques of data analysis, external auditors become able to test large population of financial data. This inspection helps the auditors in ascertaining various audit risks in earlier stages. Hence, from the above discussion, it can be observed that the process of risk assessment provides the external auditors with effective knowledge and understanding regarding various financial operations of their audit clients (Combes, Braun & Galusha, 2017). This process is largely beneficial in the assessment of the risk of material misstatement in more appropriate manner.
In this context, the case of Department for Work and Pension (DWP) in United Kingdom can be mentioned. The head of internal audit of DWP, Mr. Mark Repley, states that various aspects of internal control is highly associated with project life cycle of different projects of DWP. According to him, they are able to get continuous report of periodic audit engagement activities and other audit program with the help of their effective internal control system (nao.org.uk, 2017). Hence, the example of DWP states that internal control has an integral role in the audit process of the companies.
Limitations of Internal Control
However, there are some major limitations of internal control in the organizations. Following discussion shows the major limitations of internal control:
Collusion: Collusion is a major limitation of internal control and it can be noticed when the responsibility of internal control lies on the hands of two or more people.
Management Override: There are many instances when people responsible for organizational internal control override some major dimensions of internal control. It can be happened intentionally as well as unintentionally. However, in both the cases, it is a major limitation (Louwers et al., 2015).
Human Error: Sometimes people responsible for internal control make mistakes. It can be happened due to the reason that people responsible for internal control do not have sufficient knowledge regarding different computerized system of internal control. It can be considered as a major limitation of internal control (Shappell & Wiegmann, 2012).
Lack of Management Support: There are many instances where organizational internal control fails due to the lack of support from the management. This is a big limitation of internal control (Louwers et al., 2015).
Missing Segregation of Duties: Effective internal control ensures proper segregation of duties and responsibilities among all organizational members. Lack of segregation is considered as a major loophole of organizational internal control.
From the above discussion, it can be observed that internal control plays a crucial part in the procedures of auditing. Five major components of internal control ensures the effectiveness of internal control; they are control environment, assessment of risk, technology and communication, control activities and the process of monitoring. Major effects of these factors can be seen on external audit procedures. The above discussion also states that external auditors can become majorly beneficial from the implementation of effective internal control like generation of reliable financial statements, proper financial reporting by complying with the regulations of accounting standards and many others. ISA 315 (Revised) states that the performance of external auditors can be enhanced with the implementation of effective internal control. However, some major limitations of internal control are human error, les support from management, collusion, management override and others.
Abbott, L. J., Parker, S., & Peters, G. F. (2012). Internal audit assistance and external audit timeliness. Auditing: A Journal of Practice & Theory, 31(4), 3-20.
Al Sawalqa, F., & Qtish, A. (2012). Internal Control and audit program effectiveness: Empirical evidence from Jordan. International business research, 5(9), 128.
Arens, A. A., Elder, R. J., & Mark, B. (2012). Auditing and assurance services: an integrated approach. Boston: Prentice Hall.
Combes, K., Braun, P., & Galusha, L. J. (2017). U.S. Patent No. 9,721,303. Washington, DC: U.S. Patent and Trademark Office.
Internal Audit in Practice. (2017). Nao.org.uk. Retrieved 7 December 2017, from https://www.nao.org.uk/wp-content/uploads/2013/04/Internal-audit-in-practice-case-studies.pdf
Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education India.
Louwers, T. J., Ramsay, R. J., Sinason, D. H., Strawser, J. R., & Thibodeau, J. C. (2015). Auditing & assurance services. McGraw-Hill Education.
REVISION OF ISA 315 (REVISED), IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT. (2017). Iaasb.org. Retrieved 7 December 2017, from https://www.iaasb.org/system/files/meetings/files/ISA-315-Revised-Project-Proposal_Final-September-2016.pdf
Shappell, S. A., & Wiegmann, D. A. (2012). A human error approach to aviation accident analysis: The human factors analysis and classification system. Ashgate Publishing, Ltd..
Srigley, J. A., Furness, C. D., Baker, G. R., & Gardam, M. (2014). Quantification of the Hawthorne effect in hand hygiene compliance monitoring using an electronic monitoring system: a retrospective cohort study. BMJ Qual Saf, 23(12), 974-980.
Stefaniak, C. M., Houston, R. W., & Cornell, R. M. (2012). The effects of employer and client identification on internal and external auditors' evaluations of internal control deficiencies. Auditing: A Journal of Practice & Theory, 31(1), 39-56.
William Jr, M., Glover, S., & Prawitt, D. (2016). Auditing and assurance services: A systematic approach. McGraw-Hill Education.