Skip to main content

The Relationship Between Internal Audit and Internal Control

One of the essential functions of management is internal control. The most accepted control model in the world is the COSO internal control framework, developed in 1992. Apart from this model, there are various reports, such as CoCo in Canada and the Turnbull Report in the UK, and approaches in the field of information systems in the style of the COBIT model.

The COSO report, an essential framework document on internal control, defines internal control as follows (COSO, Internal Control-Integrated Framework: 2013).

“Internal control is generally a process directed by an organization’s board of directors, executives, and other personnel, designed to provide reasonable assurance in achieving the following objectives.”

  • Protecting business assets
  • Ensuring the accuracy and reliability of accounting information
  • Ensuring the efficiency of activities and compliance with policies
  • Ensuring economical and efficient use of resources
  • To ensure that the goals and objectives set by the management are achieved.

The internal control system is defined by the business management, persons responsible for management, and other relevant personnel. It is a system designed to provide reasonable assurance that the business achieves its objectives, activities, and transactions are carried out effectively, and laws and regulations are complied with.

Internal control provides reasonable assurance as a tool built into processes and workflows, influenced by people, and used to achieve the objectives of the business. In this respect, internal control is the responsibility of the business management. Internal audit activity is needed to evaluate its effectiveness and appropriateness. Therefore, internal control and internal audit should be considered as two different but complementary concepts.

While the existence of an internal control system constitutes one of the foundations of the institutionalization of organizations, the appropriateness and quality of internal controls are valued by the internal audit activity. Internal auditing takes on the role of being a strategic mind partner for the organization, developing and adding value, and indicating the precautions that need to be taken in advance by exhibiting a process-oriented approach rather than a transaction- and error-oriented approach, recommending that the right thing be done when the job is done correctly.

Bu gönderi şu adreste de mevcuttur: Türkçe