Page 380 - Board Member Onboardin August 2019
P. 380

Internal Control Plan


               COSO, a comprehensive framework of internal control consists of the following five
               interrelated components.

               1. Control Environment: This is the foundation for all other components of internal control
               encompassing such factors as integrity and ethical values, commitment to  competence,
               boards of directors  and audit committee  participation, management’s philosophy and
               operating style, organizational structure, assignment of authority and responsibility, and
               human resource policies and practices.

               2. Risk Assessment: This component identifies, analyzes, and manages the potential risks
               (i.e. what could go wrong) that could prevent management from achieving its objectives.
               Change is one factor that can be used to identify risks. Another is  inherent risk usually
               associated with assets that can be readily converted to personal use.

               3. Control Activities: These are the policies and procedures needed to address the risks
               identified that could prevent management from achieving its objectives. Control activities
               generally relate to proper authorization of transactions, security of assets and records, and
               segregation of incompatible duties. Control  activities can  be further categorized into
               programmatic control and administrative and fiscal control.

               4.  Monitoring:  It is the responsibility of management to continually monitor control
               activities to ensure that they function properly and take the necessary corrective action to
               resolve potential problems or weaknesses in a timely manner. This component also involves
               evaluating the effectiveness of control, i.e., (1) control is properly  designed so they will
               accomplish their intended purpose and (2) control actually functions as designed.

               5. Information and Communication: Information provided to staff should be appropriate
               in content, timely, current, accurate, and accessible. Communication takes such forms as
               policy manuals, accounting and financial reporting manuals,  policy memoranda,  and
               regularly scheduled staff meetings.

               Control Environment

               The control environment is first of five interrelated components of internal control. It sets
               the tone of an organization including overall attitude towards adherence to sound business
               practices, integrity and ethics; influences the attitude and actions of the Boards of Directors
               and management regarding the significance  of control; how risk and opportunities are
               viewed; and affect control consciousness of its people based on how authority is delegated
               and accountability is enforced. It is the foundation for all other components of internal
               control by providing discipline and structure.

               CSCS’s Boards of Directors for the Apple and Pancake Co-ops have significant risk oversight
               responsibilities.  Board members understand the risks for all business units and integrate
               risk management into their decision making processes.  Specific issues are presented and
               discussed at regularly scheduled Board meetings which occur three times per year.  The
               Audit & Finance Committee of each Board is responsible for reviewing the financial results


               Centralized Supply Chain Services, LLC.                                                 Page 6
   375   376   377   378   379   380   381   382   383   384   385