With the growing sophistication of processes implemented by companies in today's very competitive business environment, the application of appropriate and strong internal controls becomes very relevant to provide a tool for a company to protect its interests, ensure compliance with regulations, and ensure accurate and timely reporting.
In connection with this, the Philippine Institute of Certified Public Accountants (PICPA) Doha hosted a webinar titled “Internal Controls: What You Need To Know” on March 25.
The webinar was facilitated by Jeffrey C Quinto, CPA, CIA, CISA, CRMA is an auditing, risk management, and internal control expert. He started his discussion by discussing the common misconceptions about internal control and the difference between internal audit and internal control. “Control is critical in any business since no company can succeed if its controls are inadequate or non-systematic,” he said.
During his presentation, Quinto emphasised the importance of having effective internal controls as well as ways to have them. He also discussed the parties responsible for the organisation’s internal control.
This was followed by a discussion of the five components of internal controls as provided by the Committee of Sponsoring Organisations (COSO) framework, which include control environment, risk assessment, control activities, information and communications, and monitoring activities.
The discussion included the distinction between risk assessment and risk management, risk strategies, and classification of control activities on whether preventive or detective control. Internal control activities such as segregation of duties, documentation, authorisation and approvals, security of assets, and reconciliation and review were also discussed during the webinar.
“Internal control is adequately designed and properly executed if all five components are present and functioning as designed. It is effective if management and interested stakeholders have reasonable assurance that they understand the extent to which operations objectives are being achieved and if published financial statements are being prepared reliably and applicable laws and regulations are being complied.” he explained.
The session concluded with a discussion of various limitations of internal controls such as unforeseen circumstances, human error, management intervention, and fraud.
At the end of his presentation, Quinto said: “Internal control provides reasonable, not absolute assurance against identified risk. The point of internal control is to prevent what is preventable, not to prevent everything. Remember, one of the key component of internal control is assessment.”
Overall, the entire session was very informative and engaging among the participants through series of poll questions related to each topic. It provided a complete overview of the internal control system of an organisation including internal control components, importance of effective internal controls for financial, operational and compliance reasons, and the parties responsible for the organisation’s internal control.
Participants at the PICPA webinar.