THE INTERNAL CONTROL STRUCTURE OF ORGANIZATIONS (STUDY OBJECTIVE 7)
All organizations face risks in both day-to-day operations and long-term management. Some risks may be beyond the control of management. For example, management would be unable to reduce the risk of an earthquake occurring, which could interrupt operations or destroy buildings and equipment. However, managers can undertake steps to lessen the negative impact of an earthquake. For example, they can ensure that buildings are designed to be resistant to earthquake damage. In fact, management has the ability and responsibility to take action to reduce risks or to lessen the impact of nearly all risks that the organization faces. These processes are called controls.
Accountants have a long history of being the professionals within the organization who help design and implement controls to lessen risks that have an impact on the financial standing of the organization. Accountants are usually experts in controls that can reduce risks in the following broad categories:
- The risk that assets will be stolen or misused
- The risk of errors in accounting data or information
- The risk of fraudulent activity by employees, managers, customers, or vendors
- The risks inherent in IT systems, such as
- Erroneous input of data
- Erroneous processing of data
- Computer fraud
- Computer security breaches
- Hardware or software failure
- Natural disasters that can interrupt computer system operations
Although management has the ultimate responsibility ...
Get Accounting Information Systems: The Processes and Controls, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.