Source: Instrumental “Drops of H2O ( The Filtered Water Treatment )" by J.Lang (feat. Airtone),” Creative Commons, http://ccmixter.org/files/djlang59/37792
Hey, everyone. And welcome to our video today on internal controls and reconciliations. So what's today's video about? Well, today we're going to talk about internal controls. It's exciting. We're going to learn about what they are, why they exist, and we're going to focus on some key elements of internal controls. So let's start with our discussion of internal controls.
So what are they? What are internal controls? They're systems to provide reasonable assurance of efficient operations, reliable financial statements, and compliance with laws. So the key word there is that it provides reasonable assurance. So our internal controls don't provide absolute assurance, just reasonable assurance of those three items. So let's talk about laws, compliance with laws.
What laws do we need to comply with regarding internal controls? Well, Sarbanes-Oxley. Now, Sarbanes-Oxley was a law enacted in 2002 it requires additional work and investigations surrounding the accuracy of financial reporting. So it creates individual responsibility. It forces management to be individually responsible for the accuracy of their financial information. And why was this law created? Well it was created to help prevent fraud and misconduct within the accounting industry. So that's a little bit of background on internal controls, now let's talk about the five key elements of internal controls starting with our control environment.
The control environment is the policy and procedures of an organization. It's the mindset of management, what some would call the tone at the top. And the control environment would be defined or can be defined in the employee handbook as well as the annual statement of an organization. So, again, control environment, that's all the policies and procedures that an organization has and really what structure management has put in place for that organization. The next element is risk assessment. Risk assessment is a process for identifying, reviewing, and responding to business risks. So identifying, reviewing, and responding to business risks. And business risks can be internal as well as external. So a business is subject to both internal and external risks.
So what are ways that we perform risk assessments? Through internal audit, fraud analysis, as well as employee training or training our employees. So that's how we make risk assessments. We can identify items through internal audits, fraud analyses. We can review the results of the audit of that analysis. And we can respond by performing additional employee training.
So the next element, control activities. Control activities are the protection of assets and records as well as client information. Control activities also includes proper documentation so that we have formal policies. Authorization procedures so there has to be different authorizations for certain transactions. And a really important-- probably the most important-- control activity is separation of duties. One example is a bank reconciliation. So the person preparing that bank reconciliation should not be the same person that makes the deposits or the same person that signs off on the review of that reconciliation. So you need to separate those duties among different people to help strengthen your controls.
Another key element is information and communication systems. So this is similar to our control activities. And it is-- our information and communication system-- is procedures for the protection and security of our computerized systems. So information and communication systems refers specifically to our computerized systems. And it really is all about the protection of our data. So our sales data, our customer data. We as an organization could have very sensitive information about our customers. So we need to have certain controls and certain checkpoints for our information and communication system to make sure that data is not compromised.
And the final element is our monitoring processes. This includes auditing of our systems, including our security systems. So we need to monitor our systems by auditing them. But we can't stop there. Once we perform that audit, then we have to analyze the results of that audit. So were there any weaknesses? What are the strong points of our systems? And then it's also a review of transactions. So monetary transactions, returns of merchandise, non-monetary customer emails. And really it's checking if we're following our procedures. So for following those things that we put in our control environment, making sure we're operating within those policies and procedures.
So let's finish up by talking about reconciliations a little bit. So why do we perform bank reconciliations? Well, we perform bank reconciliations to ensure that our financial systems match the bank balance. So it's to have control over our cash. Cash is very important to any business. So what elements of our internal control does a bank reconciliation hit on? Well, protection of assets. So it's about controlling cash. Separation of duties like I mentioned earlier. The person preparing a reconciliation should not be the person that reviews it and should not be the person that makes the bank deposits. Those should be three different individuals. So it's that separation of duties. And, lastly, monitoring processes. So we're reviewing our transactions for reasonableness. So we're making sure the transactions that were showing, that were processed through our bank, are reasonable. There's nothing out of the ordinary
So now let's summarize what we talked about today. Well, today was all about our internal controls. We looked at the five key elements. We looked at the control environment, risk assessment, control activities, information and communication systems, and monitoring processes. So those are our five key elements of internal controls. I hope everybody enjoyed this video, and I hope to see you next time.