This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more.
Please note: This item is from our archives and was published in 1997. It is provided for historical reference. The content may be out of date and links may no longer function.
An effective internal control system enables you to manage significant risks and monitor the reliability and integrity of financial and operating information. It also ensures that the audit committee acts as a powerful and proactive agent for corporate self-regulation. The Committee of Sponsoring Organizations of the Treadway Commission developed the following questions to help senior executives and directors gain a better understanding of their organizations control systems.
ETHICAL ENVIRONMENT
Do board members and senior executives set a day-in, day-out example of high integrity and ethical behavior?
Is there a written code of conduct for employees? Is it reinforced by training, top-down communications and periodic written statements of compliance from key employees?
Are performance and incentive compensation targets reasonable and realistic, or do they create undue pressure for short-term results?
Is it clear that fraudulent financial reporting at any level and in any form will not be tolerated?
Are ethics woven into criteria used to evaluate individual and business unit performance?
Advertisement
Does management react appropriately when receiving bad news from subordinates and business units?
Does a process exist to resolve close ethical calls?
Are business risks identified and candidly discussed with the board of directors?
RISK ASSESSMENT AND CONTROL ACTIVITIES
Is relevant, reliable internal and external information timely identified, compiled and communicated to those positioned to act?
Are risks identified and analyzed and actions taken to mitigate them?
Are controls in place to ensure management decisions are properly carried out?
Advertisement
Does management routinely monitor controls in the process of running the organizations operations?
Are periodic, systematic evaluations of control systems conducted and documented?
AUDIT COMMITTEE EFFECTIVENESS
Has the board recently reviewed the audit committees written charter?
Are audit committee members functioning independently of management?
Do committee members possess an appropriate mix of operating and financial control expertise?
Does the committee understand and monitor the broad organizational control environment?
Advertisement
Does the committee oversee appropriateness, relevance and reliability of operational and financial reporting to the board, as well as to investors and other external users?
Does the committee oversee existence of and compliance with ethical standards?
Does the committee or full board have a meaningful but challenging relationship with independent and internal auditors, senior financial control executives and key corporate and business unit operating executives?
INTERNAL AUDITING FUNCTION EFFECTIVENESS
Does internal auditing have the support of top management, the audit committee and the board of directors?
Is the organizational relationship between internal auditing and senior executives appropriate?
Does internal auditing have and use open lines of communication and private access to all senior officers and the audit committee?
Advertisement
Is there an internal audit plan (reviewed by the audit committee) describing internal audit responsibility?
Source: Internal Control — Integrated Framework by the Committee of Sponsoring Organizations of the Treadway Commission, 1993.
The September Technology Q&A column shows how to create dynamic to-do lists with Excel's checkboxes and also how to set up multifactor authentication texts that don't rely on phones. Flip through both items and view a video walkthrough in our digital format.
