Internal control
Internal control, as defined by accounting and auditing, is a process for assuring an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations, and policies. A broad concept, internal control involves everything that controls risks to an organization. It is a means by which an organization's resources are directed, monitored, and measured. It plays a vital role in detecting and preventing fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on achieving operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal controls refer to the actions taken to achieve a specific objective (e.g., how to ensure the organization's payments to third parties are for good services rendered.) Internal control procedures reduce process variation, leading to more predictable outcomes. Internal control is a critical element of the Foreign Corrupt Practices Act (FCPA) of 1977 and the Sarbanes–Oxley Act of 2002, which required improvements in internal control in United States public corporations. Internal controls within business entities are also referred to as operational controls. The main controls in place are sometimes referred to as "key financial controls" (KFCs)[Wikipedia]. Internal controls have become a critical business function for every U.S. company since the accounting scandals of the early 2000s.
In the wake of such corporate misconduct, the Sarbanes-Oxley Act of 2002 was enacted to protect investors from fraudulent accounting activities and improve corporate disclosures' accuracy and reliability. This had a profound effect on corporate governance. The legislation made managers responsible for financial reporting and creating an audit trail. Managers guilty of not properly establishing and managing internal controls face severe criminal penalties. The auditor’s opinion that accompanies financial statements is based on an audit of the procedures and records used to produce them. As part of an audit, external auditors will test a company’s accounting processes and internal controls and provide an opinion on their effectiveness. Internal audits evaluate a company’s internal controls, including its corporate governance and accounting processes. These internal controls can ensure compliance with laws and regulations and accurate and timely financial reporting and data collection. They help to maintain operational efficiency by identifying problems and correcting lapses before they are discovered in an external audit[Investopedia].
Internal Control - Integrated Framework (2010). Internet archive: Wayback Machine. URL: https://web.archive.org/web/20110623094304/http://coso.org/IC-IntegratedFramework-summary.htm
Internal Controls: Definition, Types, and Importance. Investopedia. Retrieved from: https://www.investopedia.com/terms/i/internalcontrols.asp