Fall 2015 Issue of Horizons

∙ A Control Environment : This is the tone at the top of the organization.

The governing body, either directly or through the formation of an audit

committee, is responsible for overseeing and providing accountability that management is fulfilling their obligations concerning proper financial reporting and sound internal controls, which implies the need for a minimum level of understanding of internal controls. Earlier this year, the GFOA issued Internal Control, An Elected Officials Guide , a 36 page, 29 question booklet addressing various aspects of internal control that can help elected officials gain a high level understanding of the role of internal control in a government’s operations: What it is, how it works and who is responsible. Whenever something goes awry in any organization, one of the questions frequently posed is what can be done differently to prevent such an occurrence in the future. Inherent in the consideration of the question is a cost-benefit analysis. A system of internal controls should be designed to provide a “reasonable” level of assurance that the entity’s objectives are achieved. One might ask, if “reasonable” is good, wouldn’t “absolute” be better. In a vacuum, the answer would clearly be “yes.” However, in reality, everything has a cost. Would it be logical to spend $1.00 to save $0.70? Generally not. So it is with internal controls. Elected officials can provide guidance to management as to what risks should be assumed and which should be transferred or addressed through an effective system of internal controls. Which or how many controls are needed to attain the goal of “reasonable” assurance? No single control or even a few controls are sufficient no matter how well they’re designed or implemented. Although it doesn’t take a lot of controls to achieve an entity’s control objectives, it does necessitate effective controls in each of five functional areas:

∙ Ongoing Risk Assessment : This relates to an entity’s continual process of evaluating the risk that it may not capture, process and report transactions that result in accurate and complete financial statements. ∙ Effective Control Activities : These are the items most think of when the term internal control is used. These are generally employee-performed events consisting of (i) activities executed, usually on a daily or monthly basis, on transactions to ensure their accuracy, and (ii) activities applied to periodic financial reporting. ∙ Information and Communication : This element addresses how information is communicated among employees and moved throughout all facets of the organization. ∙ Monitoring : Often the forgotten aspect of an effective system of internal controls, this important element involves management’s processes to periodically ensure that the other four elements of internal control are operating effectively. Let’s take a closer look at each of the above five elements of internal control as they relate to the knowledge and use of an elected official. Control Environment An entities’ control environment either supports or impedes internal control. Elected officials should assess the following: Commitment to Integrity and Ethical Values Albeit logical that the governing body and senior management must themselves have integrity and ethical behavior in all they do, it is the continual display and communication of these characteristics to the rest of the organization that forms the fabric of good tone at the top.

www.RubinBrown.com | page 51