organization. Discussed below are a few highlights from our discussion.
Internal controls are arguably the most important component of an organization. If internal controls have been properly designed and implemented by management, followed by all personnel of the organization, and consistently monitored, then management may be reasonable assured that the following are being achieved:
• Safeguard of assets
• Reduced risk of fraud
• Compliance with laws and regulations, including federal, state and local compliance requirements.
• Preserve integrity
• Prevent adverse publicity
Management should assess the organization's goals and objectives, including federal, state and local compliance requirements, and design controls to obtain reasonable assurance that the goals and objectives are met.
Management should send the message that all in the organization are responsible for internal controls. All policies and procedures designed and implemented by management should always be followed. In addition, management should set the "Tone at the Top" by leading by example and using discipline when necessary.
Controls should be segregated as much as economically feasible. At a minimum, the following duties should not be performed by the same individual:
• Custody of assets
• Approval or authorization
• Recording or reporting
One of the most important, and often over looked, components of internal control is monitoring. So often is the case that management designs and implements controls but never observes to see if the controls are meeting the organization's goals and objectives. Management should continually assess the effectiveness of the organization's internal controls. By monitoring, management can determine if:
• Controls are in place
• Controls are effective
• There are areas of risk that need improvement
Finally, an organization must always provide a method of reporting fraud and abuse.
Management should design and implement a whistle blower policy and ensure all employees are aware of the policy and the method of anonymously reporting known or suspected fraud. A popular method is by utilizing fraud hotlines.
I hope this summary has been helpful and will assist your organization in planning, evaluating and monitoring internal controls.
Guest Blogger: Jason D. Brooks, CPA, Watkins, Ward and Stafford, PLLC
Jason D. Brooks, CPA is a partner with Watkins, Ward and Stafford, PLLC in Houston, MS. Mr. Brooks' practice is concentrated in auditing and consulting nonprofit and governmental organizations with an emphasis on single audits and organizations utilizing the GMS software. Watkins, Ward and Stafford, PLLC has been auditing organizations using GMS for over 30 years. Mr. Brooks has also been a guest speaker at the annual GMS Financial Management Conference for the past several years teaching sessions such as Year End Intensives and Designing and Implementing Internal Controls. Mr. Brooks is a member of the Mississippi Society of Certified Public Accountants and the American Institute of Certified Public Accountants.