Internal control systems





                           COSO model of internal control




               In 1992 COSO (Committee of Sponsoring Organisations) stated that effective internal
               control systems consist of five integrated elements.


               3.1  Control environment

                    The control environment can be thought of as management's attitude, actions
                     and awareness of the need for internal controls – the ‘tone at the top’.


               3.2  Risk assessment

                    Need to identify and assess risks in respect of established objectives.

                    Assessment should consider internal and external factors and distinguish
                     between controllable and uncontrollable risks.


               3.3  Control activities (= internal controls)

                    Once controllable risks have been identified, actual specific control activities
                     can be undertaken to reduce those risks.


               3.4  Information and communication

                    In order for managers to operate the internal controls, they need quality
                     information.


               3.5  Monitoring

                    If the system is not monitored it will be very difficult to assess whether it is out
                     of control and needs amendment.

                    This element of an internal control system is associated with internal audit, as
                     well as general supervision.


















                                                                                                       33