Internal Control Defined

posted Jul 12, 2012, 6:56 AM by John Ye
Internal control is a process designed to provide reasonable assurance regarding the
achievement of objectives in the following categories:
· Effectiveness and efficiency of operations
· Reliability of financial reporting
· Compliance with applicable laws and regulations
Several key points should be made about this definition:
1. People at every level of an organization affect internal control. Internal control is, 
to some degree, everyone's responsibility.  Within the University of California,
administrative employees at the department-level are primarily responsible for
internal control in their departments.
2.  Effective internal control helps an organization achieve its operations, financial 
reporting, and compliance objectives. Effective internal control is a built-in part of 
the management process (i.e., plan, organize, direct, and control).  Internal control
keeps an organization on course toward its objectives and the achievement of its
mission, and minimizes surprises along the way.  Internal control promotes
effectiveness and efficiency of operations, reduces the risk of asset loss, and helps to 
ensure compliance with laws and regulations.  Internal control also ensures the
reliability of financial reporting (i.e., all transactions are recorded and that all recorded 
transactions are real, properly valued, recorded on a timely basis, properly classified, 
and correctly summarized and posted).
3. Internal control can provide only reasonable assurance - not absolute assurance -
regarding the achievement of an organization's objectives. Effective internal control 
helps an organization achieve its objectives; it does not ensure success.  There are 
several reasons why internal control cannot provide absolute assurance that objectives 
will be achieved: cost/benefit realities, collusion among employees, and external
events beyond an organization's control.