Scribd Logo
Upload

Welcome to Scribd!

  • 28 views

    Control Framework Ais

    Uploaded by

    Adin Ihti

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Control Framework Ais

    Uploaded by

    Adin Ihti
    28 views4 pages

    Original Title

    Control Framework ais.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    28 views4 pages

    Control Framework Ais

    Uploaded by

    Adin Ihti

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    Control Framework

    COSO’s Internal Control Framework

    The Committee of Sponsoring Organization (COSO) consists of the


    American Accounting Association, the American Institute of Certified
    Public Accountants, The Institute of Internal Auditors, the Institute of
    Management Accountants, and the Financial Executives Institute. COSO
    issued Internal Control-Integrated Framework (IC) in 1992, that
    recognized as competence of internal control and divided into policies,
    rules, and regulations that utilized to control business activities.

    COSO’s Enterprise Risk Management Framework

    The second control framework developed by COSO is Enterprise Risk


    Management-Integrated Framework (ERM), purposed to improve risk
    management process. The basic principles of ERM:

    1. Companies are formed to create value for their owners.

    2. Management must decide how much the uncertainty it will accept


    when it creates value.

    3. Uncertainty contains risk, which can probably bring negative effect to


    the company as it creates or preserves value.

    4. Uncertainty contains opportunity, which can probably bring positive


    effect to the company as it creates or preserves value.

    5. The ERM framework can supervise uncertainty as well as create or


    preserve value.
    ERM Framework versus IC Framework

    Five interrelated components of COSO’s Internal Control Framework:

    1. Control environment

    The main part of any business is on the people and the environment
    in which they operate.

    2. Control activities

    Control policies and procedures help to ensure the continuity of the


    company performance as necessary to address risk and achieve
    company’s objectives effectively.

    3. Risk assessment

    The company has to identify, analyse, and manage its risk. It must set
    objectives to keep the organization to work in concert.

    4. Information and communication

    Information and communication systems capture and exchange


    information for conducting, managing, and controlling the
    organization activity.

    5. Monitoring

    It is important to monitor the entire process and change made as


    necessary so the systems can adjust to the condition.

    The Internal Control Framework has been widely recognized as the


    way to evaluate internal controls. However, it examines regardless to the
    purposes and risks of business process and provides little condition for
    evaluating the result so it is hard to know which control is the most
    important.

    The ERM Framework is more comprehensive as it is a risk-based


    not a control-based approach. ERM also more flexible and relevant as it
    added three additional components to IC Framework: setting objectives,
    identifying events that may affect the organization, and developing a
    response to the assessed risk. It also recognizes that risk can be accepted,
    avoided, diversified, shared, or transferred.

    Case Study Analysis:

    1. Control environment

    Officials. Especially the minister of religion. Due to their status as a


    minister of religion, they gain the trust of the people in the matter of Hajj
    with ease. Because of the remaining quota of pilgrims from those who
    failed to leave due to illness, death, or failing to pay the hajj, Suryadharma
    Ali, as minister of religion and leader of Hajj in 2012 using the quota of
    Hajj and the 30 people, namely children, wife, brother-in-law, and
    colleagues. In fact, the quota should be used for prospective pilgrims next
    year, especially those who are elderly.

    2. Control activities

    Some pilgrims are not able to follow the Hajj (for example, those who
    already passed away), officials use the Hajj fee to improve the quality of
    Hajj services. An example is the renovation of hajj dormitories because
    they get complaints from the hajj followers.

    3. Risk assessment

    Hajj funds should not be used for things that have nothing to do with
    the pilgrimage. The article states that the hajj contribution fund is used to
    create a parking lot and renovate the hajj hostel. These funds should be
    provided by the APBN.

    4. Information and communication

    Lack of transparency and accountability of internal parties to


    prospective pilgrims. Evidence is seen from the funds channelled for
    things that are not related to the salary affairs.
    5. Monitoring

    The government sent investigators to inspect the flow of funds for Hajj.
    KPK also questioned Suryadharma Ali about the flow of the funds and his
    involvement in corruption allegation and his usage of Hajj quota.

    You might also like