This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Case Study: Internal Control Self-assessment Procedures

Abstract

An organisation recognised that the policies and procedures they had in place could not ensure the continued effectiveness of their operations.

 

Challenge

We were engaged by an organisation to develop procedures that would allow them to assess the internal financial controls that were in place. The scope of this engagement also included the review of these procedures as they were implemented to ensure their effectiveness.

Approach

  • The approach taken in this engagement involved examination of a number of areas:
  • Policies and procedures are clearly stated
  • Adequate review processes are exercised
  • Systems in operation are effective and efficient

As part of our work we developed a tailored self-assessment internal financial controls questionnaire. We created a variety of review and evaluation procedures and we also conducted numerous walk-through tests on the main financial transaction cycles to confirm the understanding of the financial controls.

Our review also consisted of consultation with appropriate personnel and testing to gain understanding of financial internal controls in place.

The focus of our review was to obtain assurance as to whether:

  • Policies and procedures are clearly stated
  • Adequate review processes are exercised
  • Systems in operation are effective and efficient

Solution

  • Documented policies or procedures covering all areas are not yet available in a relevant procedures manual.
  • No formal procedures, such as the creation of a risk register, exist with respect to the identification and evaluation of the financial implications of business risks.
  • Significant financial and non-financial risks may not be identified or assessed and related effective controls established.
  • With the aid of new procedures for self-assessment, formal documentation of controls can be made and included in a Policies and Procedures manual.
  • It is apparent from our high level review and walk-through testing, with the exception of a number of matters identified in our report, that the organisation has put in place a framework of processes and control procedures which will contribute to the reliability of financial information and the safeguarding of assets.  

Material on this website is © 2013 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

Get connected
Share your comments
More on Deloitte
Learn about our site