The principles of internal control include guarding assets from disposal, acquisition, and theft or unauthorized use. Efficient operations, compliance with regulations, and thorough and accurate financial reporting are all products of internal control, a concept companies achieve through a control environment and control actions.
The policies and expectations of managers determine the control environment, which includes a management's integrity, ethical values and philosophy. In an effective control environment, employees follow specific policies and procedures in a clear organizational structure.
Both large and small businesses use internal control. Preventative controls prevent loss, and detective controls detect suspicious activity. Control activities include segregation of duties, authorization of actions, reliable documents and record-keeping, physical asset control, and independent efficiency checks. A segregation of duties creates a built-in system of checks and balances and ensures that one person is not responsible for an entire section of work.
Authorization keeps actions within set guidelines and standards. Accurate record-keeping proves that financial statements are complete and correct, and eases operation. Physical controls include electronic, manual and mechanical controls, such as employee passwords, safes, fireproof files and employee badges. When carrying out independent checks, employees other than the ones doing the work must verify and approve tasks to achieve smooth and effective operations.