Online College Courses for Credit

2 Tutorials that teach Internal Controls and Reconciliations
Take your pick:
Internal Controls and Reconciliations

Internal Controls and Reconciliations

Author: Sophia Tutorial

Compare the types of internal controls and reconciliations.

See More
what's covered
This tutorial will cover internal controls and reconciliations.

Our discussion breaks down as follows:

  1. Internal Controls
  2. Key Elements of Internal Controls
    1. Control Environment
    2. Risk Assessment
    3. Control Activities
    4. Information and Communication Systems
    5. Monitoring Processes
  3. Bank Reconciliations

1. Internal Controls

Internal controls are systems to provide reasonable assurance of efficient operations, reliable financial statements, and compliance with laws.

The key word here is that it provides reasonable assurance. Internal controls don't provide absolute assurance of those three items--just reasonable assurance.

Regarding internal controls, we need to comply with Sarbanes-Oxley. This law was enacted in 2002 and requires additional work and investigations surrounding the accuracy of financial reporting. It creates individual responsibility, forcing management to be individually responsible for the accuracy of their financial information.

This law was created to help prevent fraud and misconduct within the accounting industry.

2. Key Elements of Internal Controls

Now that we've covered a brief background of internal controls, let's discuss the five key elements of internal controls.

2a. Control Environment
The control environment is the policy and procedures of an organization. It's the mindset of management, or the structure management has put in place for that organization. Some might refer to it as the "tone at the top."

The control environment can be defined in the employee handbook as well as in the annual statement of an organization.

2b. Risk Assessment
The next element is risk assessment. Risk assessment is a process for identifying, reviewing, and responding to business risks.

Business risks can be internal as well as external.

There are several ways to perform risk assessments, such as through internal audit, fraud analysis, as well as employee training. We can identify items through internal audits and fraud analyses. We can review the results of the audit of that analysis, and we can respond by performing additional employee training.

2c. Control Activities
The third element is control activities. Control activities are the protection of assets and records, as well as client information.

Control activities also include proper documentation so that we have formal policies, and authorization procedures to regulate different authorizations for certain transactions.

The most important control activity is separation of duties.


One example is a bank reconciliation. The person preparing that bank reconciliation should not be the same person that makes the deposits or the same person that signs off on the review of that reconciliation. You would need to separate those duties among different people to help strengthen your controls.

2d. Information and Communication Systems
Another key element is information and communication systems, which is similar to control activities. Information and communication systems comprise procedures for the protection and security of our computerized systems.

Note, information and communication systems refers specifically to computerized systems. It is essentially all about the protection of our data--our sales data and customer data.

We as an organization could have very sensitive information about our customers, so we need to have certain controls and checkpoints for our information and communication systems to make sure that data is not compromised.

2e. Monitoring Processes
The final element is our monitoring processes. This includes auditing of our systems, including our security systems--in other words, we need to monitor our systems by auditing them.

However, we can't stop there. Once we perform that audit, then we have to analyze the results of that audit. Were there any weaknesses? What are the strong points of our systems?

Monitoring process also includes a review of transactions, such as monetary transactions, returns of merchandise, and non-monetary customer emails.

Essentially, this element involves checking if we're following our procedures, referring to those things that we put in our control environment and making sure we're operating within those policies and procedures.

3. Bank Reconciliations

We perform bank reconciliations to ensure that our financial systems match the bank balance. Essentially, it's to have control over our cash--because cash is very important to any business.

The elements of our internal control that a bank reconciliation involves are:

  • Protection of assets, or controlling cash.
  • Separation of duties. As mentioned earlier, the person preparing a reconciliation should not be the person that reviews it, and should not be the person that makes the bank deposits. Those should be three different individuals.
  • Monitoring processes. We're reviewing our transactions for reasonableness, making sure the transactions that were processed through our bank are reasonable, with no evidence of anything out of the ordinary.

Today we learned about internal controls. We discussed the five key elements of internal controls: control environment, risk assessment, control activities, information and communication systems, and monitoring processes. Lastly, we covered bank reconciliations and their connection to elements of internal control.

Source: Adapted from Sophia instructor Evan McLaughlin.