Latest Blogs from SBS and Company LLP

    Internal Control


    An Internal Control is a practice, policy or procedure that is established within an organization to create value or minimize risk. Internal Controls are the methods put in place by a company to ensure the integrity of financial and accounting information, meet operational and profitability targets and achieve management policies throughout the organization. Internal controls are classified based on the size and nature of the business. Internal Control means different things for different people. 

    It helps an entity to achieve its performance and profitability targets and prevent loss of resources and ensure reliable financial reporting. It can help an organization in avoiding damage to its reputation and other consequences if properly executed. In sum, it pushes an entity to reach where it wants to go and avoid pitfalls 

    Internal Control is defined as set of policies designed, implemented and effected by an organization to provide reasonable assurance regarding achievement of organization objective in the following categories:


    1. Effectiveness and Efficiency of operations
    2. Reliability of financial reporting
    3. Compliance with Rules and Regulations


    Effectiveness and Efficiency of operations-refers to Organization’s basic objectives such as safeguarding and optimum utilization of resources, performance and profitability goals


    Reliability of financial reporting-refers to preparation and presentation of financial statements.


    Compliance with Rules and Regulations-refers to the all the applicable laws, rules and regulations to be complied with by the organization




    Detective Controls-designed to detect the errors and regularities occur within the organization


    Preventive Controls-designed to prevent the errors and regularities from occurring in the organization


    Corrective Controls-designed to correct the errors and regularities that have been detected


    The main important preventive internal control is segregation of duties. Tasks are delegated among several employees to ensure that no single employee is designated to authorize, record, and be in custody of a financial transaction and the resulting asset. Authorization of invoices and verification of expenses, limiting physical access to equipment, inventory, cash and other assets are some other internal controls


    Detective internal controls includes the use of performance reviews, including the use of budgets, forecasts



    31 | P a g e


    SBS Interns' Digest                                                                                                                     


    It is important to note that there is no specific scope for designing internal control for an organization as it depends upon case to case. It is up to the organization to design which is suitable and adaptable to it. It is neither limited to pre-framed set of controls/ policies/procedures.




    The evaluation of Internal Control System in an organization shall be carried out by verifying the ability of individual process controls to achieve some of the pre-determined objectives


    1. Authorization- To ensure all the transactions are approved by the appropriate authority before the transaction is recorded in the books of accounts


    1. Completeness- To ensure non omission of all the transactions in the accounting records affected by the organization


    1. Accuracy- To ensure all the recorded transactions are consistent and accurate and captured information in timely manner


    1. Validity – To ensure all the recorded transactions are valid and represents the events actually occurred within and pertaining to the organization


    1. Physical Safeguards and Security–To ensure that access to physical assets and information system are controlled properly and restricted only to the Authorized


    1. Error Handling- To ensure that the errors are able to identify and rectify at every stage of process and reported to the appropriate level of authority


    1. Segregation of duties-To ensure the allocation of the work in such a manner that no individual has the control to executive more than one duty relating to a particular transaction


    Elements of Internal Control:


    Internal Control constitutes five elements. These components derived from the Organization management and they shall be aligned with the management process. Although these components to applicable to all the entities, there impact shall differ from one entity to another entity.


    1. Control Environment


    It sets the tone of the Organization. It can be considered as the foundation for all other elements, as it includes the ethical values and competence of the people within the entity, management operating style, way the management controls and manages the entity environment, way the management assigns authority and responsibilities to the team


    1. Risk Assessment


    Every entity faces the risk either externally or internally. To sustain in the competitive environment, one of the precondition is to assess the risks associated and affecting the entity on regular basis. Organization should aware of how to manage the risks and must always be able to grab the opportunities.







    32 | P a g e

    Internal Control



    SBS Interns' Digest                                                                                                                    


    1. Control Activities


    Control activities will occur within the organization at all levels and in all functions. They are a set of procedures and policies to ensure that the organization objectives are achieved. They include wide range of activities such as approvals, authorizations, reconciliations, segregation off duties, e.t.c


    1. Monitoring


    It involves a process of having a continuous examination on how the management performing and to what extent. The scope and frequency of monitoring shall vary from organization to organization


    1. Information and Communication


    It is an important resource to an organization. It involves identifying and capturing the pertinent information to an Organization and communicating in a format and time frame enabling the employees to carry out their responsibilities. It deals the data and information pertaining to both internal and external sources




    All power is within you; you can do anything and everything


    – Swami Vivekanada