Fall 2015 Issue of Horizons

Information and Communication This element of internal control is unique in the sense that it is an integral part of the other four elements which themselves cannot be effective unless they are communicated and baked into the culture of the organization. Attention should also be given to the flow of information throughout the entity such that those who need it receive accurate, relevant and timely information. Perhaps nowhere else in an organization is the flow of information more critical than the two- way flow between management and the governing body. Lastly, elected officials know the importance of the flow of information to external parties, such as constituents, citizenry or creditors such as bond holders and underwriters. Having a system that produces, communicates and packages information in a logical and effective manner can provide transparency and credibility for the organization. Monitoring If you have attended a major league baseball game this season, you have undoubtedly noticed the additional security put in place in the form of metal detectors. Have you traveled through an airport in the past 14 years, or how about the epidemic of identity fraud?

management in reducing the risk of fraud perpetrated against the organization by periodic discussion of each of these three attributes. Control Activities If control environment is the backbone of a system of internal control, control activities, including general controls over information technology, could be thought of as the hands and feet of the system – the first line of defense in preventing or detecting error or fraud. If the governing body chooses to meet with management to gain an understanding of how systems and procedures serve to protect the organization, it’s likely that most, if not all, of the conversation will center around control activities. Although this element generally comprises the bulk of an effective internal control system, the responsibility for its development, implementation and execution rests with management and as a result, little attention will be devoted to it in this elected officials focused article. However, an important governing body role in control activities is to help management assess what elements of risk should be absorbed by the organization and which should be mitigated by internal controls. Also important for elected officials to understand is the two pronged objective of control activities. That is, to either prevent or detect and correct misstatements.

Clearly yesterday’s controls are not sufficient for today and today’s controls

www.RubinBrown.com | page 53