The concept of internal control has developed along with audit practice. As demands have been made for greater accountability in corporate governance, the significance of internal control systems in companies has increased. Traditionally internal control has had a fairly direct relationship to financial reporting quality but wider approaches to internal control have expanded those boundaries much further. Stakeholders are increasingly concerned with the effectiveness of internal controls, and disclosure requirements are making firms to go public with regard to their internal control systems. From a design perspective, current research suggests that internal control designs are contingent upon variables such as company strategies, risk appetite, regulatory characteristics, and organizational size. Also there is much to learn about internal control quality, and the way internal control quality is associated with overall corporate governance quality. This book fills that gap.
With globalisation, deregulation and the advent of derivatives, credit institutions and the treasury operations of manufacturing, merchandising and service companies are finding that their traditional tools for management control no longer suffice. They must develop more efficient processes able to measure and monitor their risks in real-time. Internal control is a dynamic system covering all types of risk, addressing fraud, assuring transparency and making possible reliable financial reporting within such organisations. In Implementing and Auditing the Internal Control System , Dimitris N. Chorafas defines both auditing and internal control, and explains the value of internal control, why it must be audited, and how it can be most effectively achieved. He addresses top management's accountability for internal control, and uses case studies to demonstrate the application of such systems, and the importance of sound and well-informed analysis of the information gathered. Internal control systems are examined within the context of the globalization of financial markets, under the impact of the growth of information technology, and from the viewpoint of new regulations by supervisory authorities in Group of Ten countries as well as by the Basle Committee on Banking Supervision. Based on an extensive research project in the UK, US, Germany, France, Austria, Switzerland and Sweden, this book is an invaluable source of practical advice for implementing internal control systems, and making existing systems more efficient. It provides managers and professionals with guidelines for the interpretation and use of the resulting internal control intelligence.
This publication is a collection of papers from the Third International Working Conference of IFIP TC-11 Working group 11.5 on "Integrity and Internal Control in Information systems". IFIP TC-11 Working Group 11.5 explores the area of integrity within information systems and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support the corporate governance codes. We want to recommend this book to security specialists, IT auditors and researchers who want to learn more about the business concerns related to integrity. Those same security specialists, IT auditors and researchers will also value this book for the papers presenting research into new techniques and methods for obtaining the desired level of integrity. The third conference represents a continuation of the dialogue between information security specialists, internal control specialists and the business community. The conference objectives are: • To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; • To present the results of research that may in future be used to increase the level of integrity or help management maintain the desired level of integrity; • To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general.
A how-to guide to small business anti-fraud protection and internal control Internal Control/Anti-Fraud Program Design for the Small Business is a practical guide to protection for businesses NOT subject to the Sarbanes-Oxley Act. Written by an expert with three decades of forensic investigation experience, this book is geared specifically toward private, non-public small businesses and their unique needs in the realm of fraud protection. Covering all elements of an internal control structure applicable to the small business community, this guide provides a step-by-step roadmap for designing and implementing an effective, efficient internal control structure/anti-fraud program tailored to your business's particular needs. Case studies are used throughout to illustrate internal control weaknesses and the fraud that can result, and follow-up analysis describes the controls that would have reduced the probability of fraud had they been in place. You'll learn how to analyze your company's internal control issues, and implement a robust system for fraud prevention. Guidance toward Sarbanes-Oxley compliance is readily available, but there is little information available for the many businesses not subject to the act —until now. This book is the step-by-step guide for instituting an internal control program tailored to your small business. Understand the five elements of internal control Avoid gaps in protection with relevant controls Design the ultimate anti-fraud program Implement internal control tailored to your needs The majority of small business owners simply do not know the elements of or implementation process involved in internal control, and Sarbanes-Oxley guidelines don't necessarily scale down. Internal Control/Anti-Fraud Program Design for the Small Business helps you design and install the internal control/anti-fraud protection your business needs.
Many people in organizations resent internal control and risk management; these two processes representing unwelcome tasks to be completed for the benefit of auditors and regulators. Over the last few years this perception has been heightened by the disastrous implementation of section 404 of the Sarbanes-Oxley Act of 2002, which is generally regarded as having been too expensive for the benefits it has brought. This important book offers a way of improving this prevailing perception and increasing the value of control and risk management by bringing creativity and design skills to the fore. The value of risk and control activities is often limited by the value of the control ideas available and so Matthew Leitch provides an arsenal of 60 high performance control mechanisms. These include several alternative ways to design controls and control systems, as well as providing controls for monitoring and audit, controls for accelerated learning, and techniques for finding and recovering cash. This design material is combined with insights into the psychology of risk control, strategies for encouraging helpful behaviour and enabling change, and a surprisingly simple integration of internal control with risk management. The book is realistic, practical, original, and easier reading than most in the field. The material is not specific to any one country and has international appeal for internal auditors and all those concerned with risk management, corporate governance and security.
