To install StudyMoose App tap and then “Add to Home Screen”
Save to my list
Remove from my list
Internal control is a process that aims to guarantee the achievement of an organization's goals in compliance with laws and regulations, operational effectiveness, and reliable financial reporting. In other words, it involves everything that controls risks to an organization. As a result, they represent several mechanisms that add value to the business and its stakeholders.
In order to deliver said value, it is required good governance, management of information and of information and technology (IT) assets. These practices must rely on boards, executives and management that embrace IT like any other significant operation of the business.
The COBIT (Control Objectives for Information and related Technology) framework provides assistance to enterprises to enable them to achieve their goals and deliver value through effective governance and management of IT assets. This framework translates into several benefits for the organization: (1) generate business value from IT-enabled investments, (2) maintain quality information to support business decisions, (3) maintain IT-related risk at an acceptable level, (3) achieve operational excellence, and (4) optimize IT services costs.
In this assignment it will be addressed a few topics related to the internal control arena which include a couple of certifications that enable the auditor professional to advance in his career.
Internal control involves identifying and avoiding fraudulent situations that affects the revenues from a business.
Fraud deterrence is a proactive process that consists on identifying and removing of different factors of fraud. For example, take an approved advertising budget of a company of $1,2 million. Its marketing manager hires ad agency and accepted $300,000 in kickbacks to steer business to that agency.
That means the true advertising expense was at most $900,000. This transaction translate into a lost amount of $300,000 that comes out of the pockets of the investors (Wells, 2011)
Fraud deterrence attacks the root causes. It reveals potential fraud opportunities in the process and it is performed in order to improve business organizational procedures to reduce the causal factors. This is considered the best defense against fraud. Fraud deterrence is based on the premise that fraud occurs where the conditions are right, not as a random occurrence. It involves both short term and long term initiatives.
This term is often confused with a similar concept: fraud detection. Fraud deterrence involves an analysis that affects enablers. It looks at what could happen given the process and the people operating that process. It is considered a preventive measure as it aims to reduce input factors (Cendrowski, Martin, Petro, 2007). Fraud detection, on the other hand, involves a review of historical transactions to identify non-conforming transaction. As an illustration, consider unhealthy weight gain and the actions that must be undertaken in response. By deciding to work out, it is applied a remediation measure, as the person has already gained weight. He is focused on losing the amount of weight gained by working out after realizing said gain. The longer the weight gain goes unseen, the more overweight he will become. If this person decides to stand on a scale frequently, he is taking an early detection measure, as the scale is used to detect gain before it is noticeable. He would not detect the weight gain unless weight is increasing. However, the weight has already been gained when the scale reads a higher number. By removing unhealthy foods from diet, it is taken a deterrence measure, as he would be removing causal factors.
As stated before, internal control refers to a process that assures achievement of an organization's goals in operational effectiveness, financial reporting, and compliance with laws. It basically involves everything that controls risks to an organization. It is focused on protecting the organization's assets, both physical (e.g., plant, facilities and properties) and intangible (e.g., intellectual property such as trademarks) and detecting and preventing fraud. It is a group of means by which an organization's assets are monitored, directed, measured, and therefore, managed.
The demand for both internal and external auditing is based on the need perform independent validation to reduce asset misappropriation, record-keeping errors, and fraud within organizations. The roots of auditing are described by Richard Brown, an accounting historian (1905, quoted in Mautz & Sharaf, 1961): “The origin of auditing goes back to times scarcely less remote than that of accounting…Whenever the advance of civilization brought about the necessity of one man being in trusted to some extent with the property of another, the advisability of some kind of check upon the fidelity of the former would become apparent"
Internal control has faced many challenges. In the XIX century, it was experienced declining costs, increasing average productivity of labor, and reduced growth rates of labor income. It has been found from the last two decades, that corporate internal control systems have failed to deal effectively with these changes, especially slow growth (Jensen, 1993). On the other hand, the agency theory, which studies "the inevitable conflicts of interest that occurs when individuals engage in cooperative behavior" (Jensen, 1993) has fundamentally changed organization theory and corporate finance, but it must address more researches on capital-budgeting procedures. As high level executives cannot assume managers automatically act (in opposition to their own best interests, agency theory) to maximize business value (Jensen, 1993).
However, there is an institute that was founded in order to advance the field of internal control: The Institute of Internal Auditors (IIA). Established in 1941, it is an international professional association with global headquarters in USA. The IIA is "the internal audit profession's global voice, recognized authority, acknowledged leader, chief advocate, and principal educator". Members of this institution work in internal auditing, risk management, governance, internal control, information technology audit, education, and security (IIAA, n.d.). It has more than 185,000 members and its mission is "to provide dynamic leadership for the global profession of internal auditing" (IIAA, n.d.). In order to achieve these goals, the institute: (1) advocate the value internal audit professionals add to their organizations, and (2) provide comprehensive professional educational and development opportunities, standards and other professional practice guidance, and certification programs (IIAA, n.d.)
In order to advance a career as an internal auditor professional, there are many certifications to pursue. First, it will be described the certifications supported by the Information Systems Audit and Control Association (ISACA).
As an independent, global association, ISACA focuses on the developing and adopting globally accepted, industry-leading knowledge and practices for information systems. It was previously referred to as the Information Systems Audit and Control Association, "ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves" (ISACA, n.d.). This institution provides benchmarks, practical guidance, and other effective tools for all enterprises that use information systems. It defines the roles of security, information systems governance, security, assurance and audit professionals worldwide. It is the institution responsible of the COBIT framework mentioned before, as well as many worldwide-recognized certifications: CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CGEIT (Certified in the Governance of Enterprise IT) and CRISC (Certified in Risk and Information Systems Control) (ISACA, n.d.).
Another valuable institution is the Association of Certified Fraud Examiners (ACFE), which "is the world's largest antifraud organization and premier provider of anti-fraud training and education"(ACFE, n.d.). It provides a top quality researches. For example, it has found that "The typical organization loses 5% of its revenues to fraud each year" and that "organizations with CFEs on staff uncover frauds 50% sooner and have losses 55% lower" (ACFE, n.d.). Proving to be an important reference on fraud investigation
The ACFE's Certified Fraud Examiners (CFEs) are trained to "identify the warning signs and red flags that indicate fraud" (ACFE, n.d.) as they expose fraud and implement processes to prevent fraud from occurring in the first place, and thus helping to protect the global economy. According to ACFE: "they combine knowledge of complex financial transactions with an understanding of investigative techniques, law and how to resolve allegations of frauds". Consequently, CFEs have proven to be reliable resources to any organization.
The Main Purpose of the Internal Controls Usage. (2024, Feb 21). Retrieved from https://studymoose.com/the-main-purpose-of-the-internal-controls-usage-essay
👋 Hi! I’m your smart assistant Amy!
Don’t know where to start? Type your requirements and I’ll connect you to an academic expert within 3 minutes.
get help with your assignment