x5c1co

The need for controls is determined by asking whether the controls would reduce the organization’s exposure to net financial loss. Any situation in which the installation of controls would create potential savings is called a control risk. (Of course, accounting and processing controls cannot always create actual savings.) When the implementation of controls would, on the average, create savings greater than their costs, then the risk is also a control weakness. Thus, a control weakness is any control risk in which the excepted savings exceed the expected installation and operating cost of the control, since by definition a weakness is cost-effectively correctable. All control weakness should be corrected by implementing controls. If analysis shows that a risk cannot be corrected cost-effectively because the cost of the required procedures would exceed the potential savings, the organization should protect itself by acquiring insurance against risks or by avoiding the situation that causes the risk. Figure 1 illustrates these points logically.

Figure 1 Management Strategy for Control Risk and Weakness
The basic characteristic of a weakness is that it can be corrected cost-effectively by means of appropriate controls
Control risk exists

Buy insurance

No problem; Must no controls or carry risk insurance needed alone
Objectives of Controls on Processing
Accounting controls, like other controls, consist of objective, preventive, feedback, and comparative follow-up elements. More specifically, the objective, the excepted result (specified as a preventive measure), the actual result (specified as a feedback measure), and the follow-up form the backbone of accounting controls. They provide assurance that accounting processing meets four major objectives:
· Authorization: approval for a transaction to take place; the control objective is to ensure that all transactions are authorized.
· Recording: creating a documentary or computer record of the data in a transaction; the control objective is to ensure that all transactions are recorded.
· Access: the use of assets, including production, processing, and transfer to an outside party; the control objective is to allow access to assets only for authorized purpose and to record access whenever it occurs.
· Asset accountability: having accounting records that describe the organization’s assets; the control objective is to ensure that accounting records describe only real assets and describe all of them.

Specific controls must be designed to achieve each of these objectives. Control success depends on intelligent design and use. Most procedures that serve accounting control objectives can be incorporated into the internal structure of hardware, software, and administrative routines.
A lot of latitude is possible in designing procedure to meet each objective. However, each procedure must be related to one or more objectives by specifying (1) a statement of the planned or excepted result; (2) a method for measuring the actual result; and (3) recommended follow-up procedures, including comparison of expected and actual results. Procedures that support the respective objectives include the following:

Objective 1: Authorization Designate appropriate individuals to-
· Set policies and procedures
· Approve transaction
· Set asset valuations
· Authorize policy exceptions
· Follow up to ensure policies and procedures work as intended
· Follow up reported information that requires a response

Objective 2: Recording Ensure that all transactions are · Real
· Recorded in all appropriate accounting records
· Properly valued and classified
· Recorded in a timely way
· Summarized and posted correctly

Objective 3: Access Ensure that all tasks involving access to assets or records are · Appropriately segregated so that the authorization, the process, and the associated record keeping are performed by different individuals
· Documented to delineate applicable policies and procedures
· Performed by competent, properly trained people
· Recorded pursuant ton applicable policy and procedures
· Protected from unauthorized access

Objective 4: Asset accountability Ensure that all asset records are · Prepared according to authorized policies and procedures
· Protected from unauthorized access
· In agreement with supporting records; for examples, that the control account agrees with the total of the subsidiary ledger
· Recorded in agreement with recent evidence from other entities (such as accounts receivable confirmations)
· Recorded in agreement with physical examination of assets

Above and beyond these accounting controls, data processing controls should ensure that transaction processing outputs are produced by the budgeted inputs, that is, that data processing is operationally efficient.