Question

2. Internal controls are perhaps the most important tools for managing operational risk. What are internal controls? Give three examples of internal controls and explain how each control is used to minimize operational risk.

Answer 1

Internal controls are the rules, process, mechanisms etc. developed and implemented by the company so that the integrity of financial reports and accounting information is maintained. Internal controls helps to comply with the laws and regulations, promote accountability, and protect the company from unnecessary frauds which improves the operational efficiency in the organization.

There are three types of Internal Controls:

1. Detective Control: these are the controls which helps to detect the events and place where there can be fault and can be prevented from occurrence or can be corrected if occurred.

For Example: Conducting internal Audits, Reviews, Reconciliations, Financial Reporting etc.

2. Preventive Control: these are the controls which helps to prevent an uncertain events, or fraud from occurring.

For Example: Training programs, segregation of duties and constant checks i.e. Assigning one person to write checks, and another staff member to authorize the payments, etc.

3. Corrective Control: these are the controls which helps to correct the errors which has occurred and analyze the event due to which they occurred so that they can’t occur in future.

Three examples of Internal Controls are as follows:

1. Audit: Conducting audit from time to time helps to keep a check on the unscrupulous activities that may happen in an organization and helps to reduce the fraud in an organization.

2. Training and development: conducting training and education of the employees from time to time about the procedures and process of the organization helps to reduce the fraud and errors in the organization, also it increases the operational efficiency and hence minimization of the operational risks.

3. Creating new policies and disciplinary action: by updating the organizational policies of the company from time to time and taking the disciplinary action against the unscrupulous activities happened in the organization, helps to reduce such activities in future, as if one is punished, then the other person will think before doing any such unethical practice in the organization, this will help to minimize the operational risk. Also by creating and updating the necessary policies of the organization will help to keep an employee or such other person informed about the consequences of the wrong acts etc.