Seño, Geyle Fatima B.

PCBEA-01-703E

The Significance of Internal Control Accounting Systems

1. How internal controls improve auditing procedures, financial integrity, and

operational efficiency?
Financial integrity along with operational efficiency are two of the critical
aspects of organizational management and control. In the complex and diverse
environment of modern business where financial transactions incorporated in
organizational operations have grown increasingly multifarious, the significance
of maintaining financial integrity and operational efficiency can not be
overlooked. To maintain both these core elements in an organization, an
intensive oversight and validation of relevant data would be imperative. That
being said, auditing procedures serve as the medium that fosters financial
integrity and operational efficiency of an organization by vigorously examining
financial data for its fairness, compliance, accuracy and reliability and
organizational activities for its efficiency and effectiveness. However, all three of
these elements separately and distinctively, the auditing procedures, financial
integrity and operational efficiency of an organization are further enhanced and
improved by a process designed and implemented by those charged with
governance and management known as internal controls.
Internal controls as according to Kenton (2023), are the mechanisms, rules,
and procedures implemented by a company to ensure the integrity of financial
and accounting information, promote accountability and prevent fraud. They
continuously serve as a key business function not only because they help
promote compliance with laws and regulations along with accurate and timely
financial reporting and data collection, but they also help maintain operational
efficiency through identifying problems and correcting errors before they are
discovered in an external audit (Kenton, 2023). The way that they aid in
improving auditing procedures, financial integrity and operational efficiency can
be traced down to vast range of transactions and circumstances. In auditing
procedures, internal controls serve as a roadmap for auditors, optimizing their
efforts to perform less extensive audit procedures without so much as
compromising audit effectiveness. This is evident through several controls
involving segregation of duties, documentation standards, and internal checks
and balances,to reduce the risk of errors, irregularities, and fraud, making it
easier for auditors to identify and address any issues during the audit process
(Escala, Bercasio, & Carandang, 2022). This in turn helps contribute significantly
to the success of auditing procedures performed both by internal and external
auditors. On the other hand, internal controls such as reconciliation, verification
and even segregation of duties help improve the organization's financial
integrity by intensively examining the accuracy, completeness, and reliability of
financial information ensuring that they remain transparent and reliable. This
process helps identify any discrepancies or unauthorized transactions and
inturn reducing the risk of errors or fraud going unnoticed (Escala et al., 2022).
By implementing these internal controls and others like them, organizations can
maintain the integrity of their financial data, fortifying shareholder confidence in
its accuracy, reliability and trustworthiness. Lastly, internal controls help
improve operational efficiency by optimizing organizational activities and
processes and reduce the risk of waste, errors and inefficiencies. Structured
procedures and workflow documentation in the organization's controls could
significantly contribute to effective and efficient organizational performance by
providing employees with clear guidelines on how to accomplish tasks and
enhance overall operational efficiency (Escala et al., 2022).
To conclude, internal controls serve as the foundation of better
organizational management and control as it contributes significantly to
maintaining financial integrity and promoting operational efficiency within
firms, in addition to improving auditing procedures. That being said,
organizations should place a high priority on creating and maintaining a strong
internal control system to meet their operational and financial goals in addition
to fortifying stakeholder's trust.

2. What are internal controls?

As according to Escala, Bercasio, and Carandang (2022), internal controls
are essentially procedures and policies designed and implemented by the
management of an organization or those charged with governance so as to
foster financial integrity, operational efficiency, regulatory compliance, data
security, corporate governance and business continuity. To put it simply, they are
tools or methods employed by an entity to provide reasonable assurance that the
entity will operate effectively and efficiently as according to its predetermined
objectives. The goal of internal controls also incorporates compliance with
applicable laws and regulations and reliability of financial reporting along with
effectiveness and efficiency of operations. It is important to note however that
internal controls are not merely administrative procedures but essential tools for
ensuring an organization's success and longevity.
Internal controls include a wide range of activities that occur throughout
the organization, by supervisory and front-line personnel. Typically,
management is responsible for developing an appropriate system of internal
controls, but every employee has the responsibility to follow and apply those
practices in performing tasks and accomplishing objectives. Controls may
pertain to authorization and approvals, reconciliations, verifications, physical or
logical controls and segregation of duties (Escala et al., 2022). Authorization
takes the form of approval or affirmation that a transaction is valid, meaning to
say if the transaction exists as an actual economic event or was entered into
within an entity's policy. Reconciliations on the other hand are performed when
comparing two or more data elements such that when differences are identified,
they must be brought into action by taking necessary actions or measures.
Verification compares two or more items with each other where in any
discrepancy or noncompliance with a policy will immediately require a follow-up
action. The physical or logical controls mainly involve adequate security and
safeguard of entity assets against unauthorized access, acquisition use and
disposal. Lastly, segregation of duties involves dividing incompatible functions to
different employees including custody of assets, authorization of transactions
and recording to minimize the risk of fraudulent activities and prevent work
overload. All these actions described in organizational policies, procedures and
standards when implemented properly and followed accordingly can
significantly help management mitigate risks to ensure the achievement of
objectives. However it is important to note that internal controls, though they
contribute to achieving the objectives of an organization, are only capable of
providing reasonable assurance of their attainment. This is due to the existence
of inherent limitations that may affect the effectiveness of internal controls. This
inherent limitations include cost- benefit consideration that management
upholds when designing and implementing an internal control, the possibility
that those in the management with the power to exercise control abuse that
power, the risk that people inside and outside the company may conspire to get
around controls and commit fraud, the possible inadequacy of controls due to
changing conditions and standardization to routine transactions, andhuman
error (Escala et al., 2022). However despite all these limitations, it is beyond
doubt a proven fact that effective and efficient internal controls could
significantly aid in organizational management and control along with ultimate
organizational success.
Internal controls have been widely underappreciated in many
organizations. They are often seen as inconvenient or unnecessary procedures
that are rather costly than beneficial which is why some companies perform
their operations and make do even in the absence of them. However internal
controls are important business functions meant to keep things in order and
prevent large- scale problems to occur thus it is important that they are properly
designed and implemented in an entity.

3. Does internal control ensure accuracy and prevent fraud in financial

accounting?
Internal controls are geared towards the attainment of the entity’s
objectives, to ensure that it is conducting its business effectively and efficiently,
assets are safeguarded and utilized appropriately, frauds and errors are
prevented and detected, accounting records are complete and accurate, and
reliable financial information is timely prepared. Among the internal control
objectives provided, fraud prevention and financial information accuracy have
been mentioned and thus it is reasonable to affirm the proposed imposed by the
prevailing question, internal control does ensure the accuracy and prevention of
fraud in financial accounting. However it is to be noted that internal controls are
incapable of providing absolute assurance that fraud and discrepancies in
financial information can be detected, eliminated and prevented since the
internal controls themselves are subjected to inherent limitations.
According to the Financial Accounting Standards Board (FASB) in the
United States, internal control over financial reporting (ICFR) is defined as, “
process designed to provide reasonable assurance regarding the reliability of
financial reporting and the preparation of financial statements for external
purposes in accordance with generally accepted accounting principles (GAAP).”
In addition to this, effective ICFR provides reasonable assurance that corporate
records are not intentionally or unintentionally misstated (FASB). From this we
can assume that internal controls are indeed capable of preventing fraud and
inaccuracy to some extent, most especially in financial accounting records.
However, just as the cited definitions have provided, these internal controls are
limited to providing reasonable confidence to both the management and
stakeholders when it comes to the same aspect. Again this limitations are
stemmed from cost- benefit consideration that management upholds when
designing and implementing an internal controls, the possibility that
management responsible for exercising control abuse that responsibility, the risk
that people inside and outside the company may conspire to get around controls
and commit fraud, the possible inadequacy of controls due to changing
conditions such as technological advancements, corporate strategy and change
in leadership, human mistakes of judgment, the existence of the fact that controls
are most often designed to tend to routine transactions and others. However, just
as I have mentioned before, regardless of the existence of these inherent
limitations in the control environment, the benefit from employing internal
controls to organizational processes and operations is incomparable to the risks
that come with employing it.
To conclude, internal controls are key organizational tools which when
properly implemented could significantly contribute to both the accuracy of
financial records and the prevention of fraud in financial accounting.

4. What is separation of duties?

Fraud and errors are one of the irregularities or discrepancies that can
occur in various aspects of an organization's operations which when left
unattended could have significant effects not only in the context of financial and
accounting processes but the entire organization as a whole. The difference
between the two lies in the intention and purpose of the one responsible for it
(Aditya, 2023). Fraud had the intention to deceive for personal gain while error is
a mistake done due to oversight of technical issues in the absence of intentional
deception. But regardless of the intention from whom the discrepancy stemmed
from, both fraud and error pose a major threat in the financial accuracy and
integrity of an organization which could jeopardize not only its performance but
also stakeholder trust. And thus to prevent that from happening, organizations
are to perform internal controls suitable to this prevailing circumstance, and that
which is commonly practiced is the separation or segregation of duties.
Separation of duties is an essential element of an internal control system
of an entity designed to prevent error and fraud by segregating incompatible
functions or tasks to several individuals so that no person is solely in control of
the entire transaction. According to Awati (2022), the idea is to assign different
parts of a task or transaction to different people to prevent any one person from
gaining exclusive or excessive control over it that may lead to abuse of that
control for illegal or unauthorized purposes, such as perpetrating fraud or
embezzling company funds. As such tasks that could be reasonably completed by
a single individual are broken down to multiple tasks assigned to multiple people
ensuring that everyone has equal and divided access and control to the data
involved with it. To achieve optimum segregation of duties and responsibilities
Escala, Bercasio, and Carandang (2022) listed the following tasks as functions to
be performed by different employees: internal audits, custody of assets,
authorization of transactions, recording of transactions, and execution of
transactions. It has been further added that in the event the entity finds it
impractical to segregate the given functions into five, at a minimum, three
functions must be segregated incorporating custody of assets, authorization of
transactions and recording of transactions. However, since it may be a different
case for owner- managed small businesses and adequate separation of duties
may prove to be impractical, the owner may choose to actively and effectively
conduct and oversight over the operations of its business to compensate for the
inadequacy.
To conclude, an organization that seeks to prevent fraud and error to exist
in its business operations, shall opt to perform segregation of incompatible duties
to at least aid in minimizing the risk of that happening.
5. What are access controls?
In the complex and diverse environment of modern business today where
data stemming from both inside and outside of the entity have not only grown
significant in number, but also significantly sensitive as time marches forward
accompanied by its growth and progress as a business entity. Data becomes
progressively more sensitive over time not only due to technological
advancements and digital revolution or to regulatory prohibitions but also
because of the growing threat of cybersecurity attacks. That being said, the
increased vulnerability of information paved the way for data security measures,
regulatory compliance, and responsible data handling to protect individuals'
privacy and maintain trust in the digital age, which are referred to as access
controls.
Access controls are critical tools for managing a vast amount of financial
data, maintaining data privacy, compliance, and overall security. According to
Tunggal (2023), it is a method of restricting access to sensitive data by providing
only those with verified identity the access to company data through an access
control gateway. In addition to this an access control system has five main
components which are authentication, authorization, access, manage and audit
(Tunggal, 2023). Authentication involves proving an assertion or a claim made
by a person or a computer user. Authorization, on the other hand, involves
designating specific access rights or privileges to resources depending on the
subject involved Access is that which is provided upon authorization and
authentication. Manage takes the form of adding or removing access rights or
privileges of users to resources as according to prevailing policies. Lastly, audit
which is used to enforce the principle of least privilege where access rights or
privileges may be removed gradually from users due to removal of the need to
access it. It is important to note however that regardless of the type of access
control system, all these five components would still be present to make up a
functioning access control.
In conclusion, access control is an important organizational tool that
fortifies the foundation of the company’s information security, data security and
network security, a fundamental aspect of maintaining trust and security in an
ever changing digital world not to be overlooked.

6. What is data timestamping and back-ups in Accounting Information System?

In the complex and diverse environment of modern business where
significant changes have been constantly occurring, Accounting Information
System became the backbone of financial record- keeping and management. It
served as a useful tool for organizations to manage their financial data and
resources flexibly as according to the changing conditions (Escala, Bercasio, &
Carandang, 2022). These specialized computer- based systems essentially served
as an organizational tool for an entity to effectively and efficiently track their
financial transactions, manage financial resources, and make informed business
decisions so as to achieve its pre established objectives. Among the critical
components of this accounting information system are that which are referred to
as data time stamping and backups.
Data time stamping essentially involves recording the date and time when
financial transactions occur within an accounting information system. This
practice of record- keeping as according to eMudhra Editorial (2023) is a process
of assigning a label to identify a specific transaction that occurs in a digital
system. To put it simply, time stamping takes the form of providing each digital
event or transaction a particular label stating the exact time and date the
transaction or event had occurred. The primary purpose of time stamping is to
establish a chronological order of events to maintain the integrity of financial
records (eMudhra Editorial, 2023). This is also done to prove the authenticity of
transactions and events that happened as shown in the digital records. By
providing the precise date and time the transaction happened, it becomes
impossible for ill doers to manipulate the data without being detected. This is
why data time stamping is often performed by organizations to prevent
fraudulent activities from happening.
On the other hand, back-ups or data back-ups, is essentially one of the
fundamental aspects of data management within AIS. From the word itself, data
back-ups involves establishing a back-up of financial data and records through
creating duplicate copies of the same data from computers and network systems
which allows for the organization to retrieve them in the event of data loss
(Mathieu, 2023). Backups protect against human error, hardware failure, virus
attacks, power outages and natural disasters, and in turn saves both money and
time from being unnecessarily consumed and wasted (Mathieu, 2023).There are
many kinds of data backup services that verify business data is secure and
important information isn’t lost in a natural disaster available for organizations.
However, due to several technological advancements in the digital age, data has
become available for several forms of backups: local backups, remote backups
and even cloud storage backups (Mathieu, 2023). Regardless of the form,
organizations should ensure to back up their data in regular intervals to enhance
security while minimizing data loss or business interruption.
Both data time stamping and back-ups serve distinct and significant
purposes in the accounting information system and must therefore be given
equal importance by the organization.

7. What is the Relationship between External Audits and Internal Controls?

External audits and internal controls are both assurance functions
independent of each other but complements one another in the aspect of
financial oversight and accountability. That being said, regardless of the distinct
and separate functions they serve, both should maintain a close and constructive
relationship while maintaining independence and objectivity at the same time.
External audits is that which independent certified public accountants
perform so as to evaluate an organization's financial health, adherence to
accounting standards, and compliance with relevant laws and regulations.
Unlike internal audits which are conducted by the auditing department of the
company itself and seeks to identify internal weaknesses and poor performance
areas of a company while recommending solutions for improvement, an external
audit focuses on ensuring that the company complies with existing regulations
and maintains an excellent financial position (Indeed Editorial Team, 2023).
Internal controls on the other hand are procedures and policies designed and
implemented by the management of an organization or those charged with
governance so as to foster financial integrity, operational efficiency, regulatory
compliance, data security, corporate governance and business continuity. They
are essentially tools or methods employed by an entity to provide reasonable
assurance that the entity will operate effectively and efficiently as according to
its predetermined objectives and will be in compliance with relevant rules and
regulations accordingly. From this it can be inferred that external audits and
internal controls have a common ground in terms of providing assistance and
guidance for the entity to achieve its objectives in relation to reliable financial
reporting, effective and efficient operations, and compliance with laws and
regulations. The relationship between external audits and internal controls can
best be seen in how audit procedures performed by auditors are performed as
according to the entity’s internal controls.
An external auditor performs a lot of planning before it could actually
proceed to performing audit services. In the process of doing so, the auditor
considers and obtains an understanding of the internal control system of the
entity sufficient to plan the audit and develop an effective and efficient audit
approach. If the entity’s internal control is found to be operating effectively after
sufficient appropriate evidence has been gathered by the auditor then this could
lead to less extensive further audit procedures. This is due to the reasonable
assurance provided by effective internal controls that controls are capable of
effectively preventing, or detecting and correcting material statements. And thus,
audit efficiency is improved without so much as compromising audit
effectiveness. In addition to this, any findings of the audit procedures performed
by the independent auditor could significantly help improve the internal controls
already existing within the entity to optimize performance, counter weaknesses
and refine overall management policies
To conclude, external audits and internal controls have a complementary
relationship that unanimously fosters financial transparency, accountability, and
compliance within organizations.

8. How can you ensure that you get the most out of internal accounting controls
in the accounting information system?
It has already been an established fact that internal controls serve as an
effective organizational tool to obtain reasonable assurance for the achievement
of an entity's objectives. However, it is important to note that despite the benefits
incorporated in the design and implementation of controls, it is also a known fact
that internal controls could be costly depending on the size and complexity of the
business. According to an online article “Advantages and Disadvantages of
Internal Control” (2023), a notable disadvantage of employing an internal
control is that it can be significantly expensive. It requires not only money but a
significant amount of both time and effort to design, implement, maintain and
oversee the system which can be a significant burden for smaller organizations.
However that notion is arguable as i’ve mentioned before the cost is dependent
on the size and complexity of the business. Regardless of the size of the company
involved, implementing an internal control system is bound to incur expenses
one way or another, in this case the only solution that a company should
perform is to make sure that it makes the most out of the internal controls it had
applied in its accounting information system
There are several ways that a company could make the most out of its
internal accounting controls, but it must begin with having the right internal
accounting controls suitable to accommodate the transactions and operations of
the entity itself. The only way that the internal controls of an organization will
prove to be useful is if it is tailored to be useful for the entity, if not then the
organization should seek to design their controls according to how they operate
so that internal controls could function as they are intended(Internal Controls,
n.d.). It could also help maximize the benefits of internal accounting controls by
promoting employee training and awareness most especially those involved in
accounting systems within the control environment. Having employees who are
well trained and aware of internal controls, allows for proper utilization of
accounting control systems and exhaustion of its benefits (Pathock Team, 2023).
This in turn allows for the achievement of internal control objectives, since
internal controls will only be useful when it is properly utilized and adhered to
by people within the entity to whom the controls are for. Subjecting internal
accounting controls to continuous improvements could also significantly help
maximize the benefits that can be derived from it by ensuring that they remain
effective and relevant against changing conditions and emerging risks.
There are a variety of approaches that could help the organization make
the most out of its whole entire internal control system, and recover the
expenses incurred to design, implement and maintain its internal controls. The
retrieved benefits may not be monetary in form but that which is not is what
provides significantly longer benefit for the company.
References:

Aaliya N. (2023). Why (ICFR) Internal Control Over Financial Reporting is

Important. Linked In.
https://www.linkedin.com/pulse/why-icfr-internal-control-over-financial-reportin
g-important-noor/

Aditya. (2023). How to distinguish between fraud and error. Integrity Malaysia.
https://www.integrity-malaysia.com/how-to-distinguish-between-fraud-and-error
/#:~:text=The%20 difference%20between%20fraud%20and,of%20
unintentional%20 mistake%20 or%20 negligence.

Advantages and Disadvantages of Internal Control. (2023). Aspiring Youths

https://aspiringyouths.com/advantages-disadvantages/internal-control/#:~:text=
Can%20be%20costly%20%E2%80%93%20Implementing%20an,significant%20
burden%20for%20smaller%20organizations.

Awati R. (2022). Segregation of duties (SoD). TechTarget.

https://www.techtarget.com/whatis/definition/segregation-of-duties-SoD

Bercasio, R.C., Carandang, J.C., & Escala, R.A. (2022). Auditing and Assurance
Principles. Escala Book Publishing

eMudhra Editorial. (2023). What is Timestamping?. e-Mudhra.

https://emudhra.com/blog/what-is-timestamping

Indeed Editorial Team. (2023). What Is External Auditing? (With Benefits and
Qualities). Indeed.
https://ca.indeed.com/career-advice/career-development/external-auditing

Internal Controls. (n.d.). University of California San Francisco.

https://audit.ucsf.edu/internal-controls#:~:text=operations%20or%20programs-,I
nternal%20control%20structure,differently%20than%20large%20ones%20do.

Kenton, W. (2023). Internal Controls: Definition, Types, and Importance.

Investopedia.
https://www.investopedia.com/terms/i/internalcontrols.asp

Mathie. (2023). The Importance of Data Back-Up.

https://www.bocasay.com/importance-data-back-up/

Pathock Team. (2023). 4 Types of Internal Controls Weaknesses and 5 Ways to

Fix Them. Pathlock.
https://pathlock.com/learn/4-types-of-internal-controls-weaknesses-and-5-ways-t
o-fix-them/

Tunggali A. (2023). What is Access Control? The Essential Cybersecurity Practice.

Upguard.
https://www.upguard.com/blog/access-control