Control procedures consist of entity-level and activity-level controls. For smaller entities, public or non-public, the design of control procedures should focus primarily on the entity-level (top-down) since the activity-level controls may be ineffective due to a lack of segregation of duties. Entity-level controls are the key controls for smaller entities and are the most effective for preventing errors or fraud from occurring and going undetected. If entity-level controls are properly designed, and if they are diligently performed by management and/or persons charged with governance, a small entity can have a good internal control system. This can be true even for an entity with only two or three accounting personnel!

WDC & Associates helps its clients implement the following six components to maintain a good internal control system:

  1. Management personnel should have high integrity and ethical values and be committed to diligently performing key internal control procedures. For a smaller entity, management’s character shapes the control environment.
  2. Boards of governance should have more “hands-on” oversight involvement in the entity’s activities. 
  3. Key controls performed by management personnel can overcome the lack of segregation of duties. 
  4. An IT system that limits risks of errors or fraud can produce better and more accurate financial reports. 
  5. Monitoring control activities are primarily the responsibility of management. Smaller entities’ management should be performing daily “walk-around” controls that provide feedback on the effectiveness of accounting, internal control and operational systems.
  6. The system of internal control should maximize effectiveness and efficiency by including activities that are tailored to the nature, size and complexity of the entity.

Will these internal controls prevent all errors or fraud from occurring and going undetected? Certainly not! They will ordinarily, however, accomplish management’s control objective of providing reasonable assurance an entity’s financial reporting process is accurate.

At WDC & Associates, we believe that experience results from applying lessons learned to new solutions.