Internal Controls Policies and
Procedures
By Rose Hightower
According to the Committee on Sponsoring Organizations (COSO) internal control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. The author provides a comprehensive methodology for establishing an internal controls program. The first section provides an overview of governance with background information on COSO, Sarbanes-Oxley the Public Company Accounting Oversight Board (PCAOB), risk assessment, oversight and documentation. The next section presents the structure of the internal controls program covering the process, charter, authorization and approval, delegation of authority, information technology, end-user computing, account reconciliation, and certification programs. The final section provides control activity testing guides with instructions. Each area includes a flowchart, readiness checklist, control objectives and activities and key measures. The tools and checklists available in the book are also accessible online which to me is a necessary feature for all publications of this type. Every audit department should have this book in their professional library. It should also be a standard desktop reference guide for all accounting, financial and compliance functions within all types of organizations.
JMK 11/08