BUSS1030 Chapter Notes - Chapter 6: Bank One Corporation, Cheque, Plaintext
CHAPTER 6: INTERNAL CONTROL AND CASH
INTERNAL CONTROL
• Internal control: the organisational plan and all related measures an entity adopts to
o Safeguard assets
o Ensure accurate and reliable accounting records à shows which areas are profitable or need work
o Encourage adherence of personnel to company policies
o Promote operational efficiency à cannot afford to waste resources
o General Controls (e.g. signing in and out) + Accounting Controls (e.g. witness when signing cheques to
prevent fraud)
o Part of corporate governance mechanism that operates within a business
• Components of internal control: MICER
o Monitoring of Controls à auditors monitor controls (internal + external)
o Information System à ensure only authorised users have access to various parts of accounting systems
o Control Procedures à to ensure the business’ goals are achieved
o Control Environment à managers must set example for employees
o Risk Assessment à higher risk = more controls in place to safeguard assets
• Characteristics of effective internal control system:
o Competent, reliable + ethical personnel
o Assignment of responsibilities
o Proper authorisation
o Separation of duties
§ Operations from accounting
§ Custody of assets from accounting
§ Authorisation of transactions from the custody of related assets
§ Separation of duties within accounting function
• Logical Security: fraud and information systems security
o Security should be assigned to data based on value + confidentiality requirements
o Access should be restricted to exception basis
o Should be formal authorisation process for new users
o Passwords should be changed at first login, and then at regular intervals à at least 6 characters + shouldn’t
be written down
o Reviews of access rights should be undertaken on a risk determined basis
o Logs of access rights should be reviewed for suspicious activity
o Personnel who move throughout org should have access reviewed to reduce risk of ‘access creep’
o Personnel who leave the org should have access revoked
o Access controls should reinforce the segregation of duties
INTERNAL CONTROLS FOR E-COMMERCE
• Internal control can protect against threats such as:
o Stolen credit-card numbers
o Computer viruses and Trojan horses
o Impersonation of companies
• What is encryption?
o Primary method of achieving confidentiality in e-commerce
o Plain-text messages are rearranged by some mathematical process
o Encrypted message cannot be read by anyone who does not know the process
• What are firewalls?
o Limit access to a local network to keep out intruders
o Usually several firewalls built into local network
o https:// = secure
LIMITATIONS OF INTERNAL CONTROL:
• Most internal control measures can be circumvented or overcome
• Cost versus benefit à cost of establishing procedure should not exceed expected benefit
• Human element à collusion and fraud
• Size of business
Document Summary
Authorisation of transactions from the custody of related assets. Internal control can protect against threats such as: stolen credit-card numbers, computer viruses and trojan horses. Limit access to a local network to keep out intruders: usually several firewalls built into local network, https:// = secure. Limitations of internal control: most internal control measures can be circumvented or overcome, cost versus benefit cost of establishing procedure should not exceed expected benefit, human element collusion and fraud. The bank reconciliation: contributes significantly to internal control over cash by, minimising amount of cash kept on hand, providing double record of all bank transactions. One by the business: helps a company safeguard its cash by using bank as depository and clearinghouse for cheques received + written, reconciling the bank account: Lack of agreement b/w firm"s books and bank statement can result for 2 main reasons: Time b/w cheque written and dated, and date paid by bank.