Internal Controls and Auditing Techniques

Every business faces some amount of risk, from both internal and external sources. As previously discussed, the implementation of an Accounting Information System (AIS) can increase the current level of efficiency while decreasing the level of risk at hand. Risk will never be completely eliminated but it can be assessed and somewhat controlled. Maintaining a secure and protected environment through an AIS does require action on behalf of the user(s) on a regular basis. These actions include management creating a proper workplace environment, and all members of the organization adhering to and respecting the policies outlined. The universal, desired outcome of low risk and high efficiency can be achieved and monitored through a series of insider’s actions or internal controls.

According to well respected author Nancy Bagranoff (2008), “The control environment establishes the tone of a company and influences the control awareness of the company’s employees. It is the foundation for all the other internal control components and provides discipline and structure.” (Bagranoff, 2008, p.243). Bagranoff elaborates on this statement by including the following factors and requiring that they be necessary in a controlled environment: 1. The integrity, ethical values, and competence of an organization’s employees. 2. Management’s philosophy and operating style. 3. The way management assigns authority and responsibility as well as organizes and develops its employees. 4. The attention and direction provided by the board of directors. (Bagranoff, 2008, p.243).

Once the tone is set, the assessment of an organization’s current risk can begin. According to Bagranoff, it would be nearly impossible for internal controls to be implemented for every single risk that exists. Because of this fact, an assessment is needed. “It is not possible or even desirable to install controls for every possible threat. Therefore, the purpose of risk assessment is to identify...