Subject Code: BAGOSBUSX

Subject Title: GOVERNANCE, BUSINESS ETHICS, RISK MANAGEMENT

AND INTERNAL CONTROL

Subject Description: This course is intended to build understanding of students on

fundamental concepts of corporate governance, risk management
process, and internal control system. At the end of course, students are
expected to be competent on these fundamental concepts in applying
to actual corporate setting and on how to evaluate and improve
financial and operational processes of organization’s risk management,
control, and governance.

No. of Units: 3

Class Schedule: Synchronous: MTh 09:00am – 11:00am; 11:00am – 01:00pm;

03:00pm-05:00pm

Course Learning Outcomes:

At the end of the course, the student must be able to:
1. Execute consolidation of simple financial statements.
2. Describe principles and characteristics of IFRS/IAS for consolidated financial statements.
3. Evaluate differences between IFRS/IAS and local GAAPs and apply intricate IFRS/IAS
requirements (e.g. IAS 12, IAS 21)
4. Apply acquired knowledge and skills to pass professional licensure / certifications and use
these skills for future job aspects.
5. Appraise ethical problems / issues in practical business and accounting situations and
recommended appropriate course action that adheres to the professional code of ethics.

About the Instructor:

She is a graduate of Bachelor of Science in Accountancy at Baliuag University batch 2014 with
honors (Cum Laude).
After passing the CPA Board Exam, she joined the accounting firm Punongbayan & Araullo, the
Philippine member firm of Grant Thornton International Ltd (GTIL), one of the world's leading
organizations of independently owned and managed accounting and consulting firms as an Audit
Associate.

She completed her Masters in Business Administration at Baliuag University in 2017. Until recently,
she is the Internal Auditor for Bela Star Distribution Systems Inc., one of the leading commodities
trading companies in North Central Luzon.

-Ms. Fideliz Arca Vidal, CPA, MBA

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
Contact Information:
Facebook Account: FIDELIZ ARCA VIDAL
Email Address: fcvidal@nu-baliwag.edu.ph
Contact Number: 0917-125-7539 (globe)

Topics:

Module 7: Internal Controls

1. Types of Internal Control
2. Control Procedures
3. Control Categories

Control Procedures
1. Physical Controls
2. Authorization and Approval Limits
3. Segregation of Incompatible Duties
4. Management Controls
5. Arithmetic and Accounting Controls
6. Human Resources Controls

DISLAIMER: The information content provided in this course material is designed to provide helpful
information on the subjects discussed. Some information’s are compiled from different materials and
summarized from different books. Some information’s are based on contributors' perspective and
understanding. References are provided for informational purposes only and do not constitute
endorsement of websites or other sources. Readers should be aware that the websites/electronic
references listed in this course material may change. Hence, the contributors do not claim any
information presented in the materials and do not reflect their own work.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 MODULE 7:
INTERNAL CONTROL & CONTROL PROCEDURES

I. Activity:

II. Learning Outcomes

At the end of the topic the students should be able to:
1. Discuss the Control Process
2. Discuss and illustrate Primary and Secondary Controls according to COSO
3. Discuss and illustrate Time-Based
4. Classification Controls according to COSO
5. Discuss and illustrate Manual and Automated Controls according to COSO

III. Content:

NATURE AND PURPOSE OF INTERNAL CONTROL

INTERNAL CONTROL. The process designed and effected by those charged with governance,
management and other personnel to provide reasonable assurance about the achievement of the
entity's objectives with regard to reliability of financial reporting, effectiveness and efficiency of
operations and compliance with applicable laws and regulations.

Objectives of Internal Control

 Those objectives fall into three categories:

 Reliability of the entity's financial reporting
 Effectiveness and efficiency of operations
 Compliance with applicable laws and regulations

INTERNAL CONTROL SYSTEM means all the policies and procedures (internal controls) adopted by
the management of an entity to assist in achieving management's objective of ensuring, as far as
practicable, the orderly and efficient conduct of its business, including adherence to management
policies, the safeguarding of assets, the prevention and detection of fraud and error, the accuracy and
completeness of the accounting records, and the timely preparation of reliable financial information.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 ELEMENTS OF INTERNAL CONTROL

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
Factors Affecting Internal controls
 Size of business
 Nature of business
 Nature of operations
 Geographical dispersion of its activities
 Objectives of the organization

A. CONTROL ENVIRONMENT

- the overall attitude, awareness and actions of directors and management regarding the
internal control system and its importance in the entity.
- The control environment has an effect on the effectiveness of the specific control
procedures.
o Illustration:

A strong control environment is one with tight budgetary controls and an

effective internal audit function, can significantly complement specific control
procedures.

However, a strong environment does not, by itself, ensure the effectiveness of the
internal control system.

Factors affecting Control Environment

- Management's philosophy and operating style
- The entity's organizational structure and methods of assigning authority and
responsibility
- Management's control system including the internal audit function, personnel
policies and procedures and segregation of duties.

Several Components of Control Environment

1. Communication and Enforcement of Integrity and Ethical Values
2. Commitment to Competence
3. Participation by those Charged with Governance
4. Management’s Philosophy and Operating Style
5. Organizational Structure
6. Assignment of Authority and Responsibility
7. Human Resources Policies and Procedures

B. ENTITY’S RISK ASSESSMENT PROCESS

Risk Assessment. The identification, analysis and management of risks pertaining to the
preparation of financial statements.

Example: Possibility of transactions not being recorded

Assessment of significant estimates recorded in financial statements

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 Circumstances that may raise and change a risk
- Changes is operating environment
- New personnel
- New or revamped information system
- Rapid growth
- New technology
- New business models, products, or activities
- Corporate restructurings
- Expanded foreign operations.
- New accounting pronouncements

C. INFORMATION SYSTEM, INCLUDING THE BUSINESS PROCESS, RELEVANT

TO FINANCIAL REPORTING AND COMMUNICTION

Components of Information System

1. Infrastructure
2. Software
3. People
4. Procedures
5. Data

Procedures and Records related to Information System relevant to Financial Reporting

1. Initiate, record, process, and report entity transactions and to maintain accountability for
related assets, liability and equity
2. Resolve incorrect processing of transactions
(Example: automated suspense files and procedures followed to clear suspense items
out on a timely basis)
3. Process and account for system overrides or bypasses to controls.
4. Transfer information from transaction processing systems to general ledger.
5. Capture information relevant to financial reporting for events and conditions other than
transactions
(Example: depreciation, amortization and changes in recoverability of accounts
receivables)
6. Ensure information required to be disclosed by the applicable financial reporting
framework is accumulated, recorded, processed, summarized and appropriately reported
in the financial statements.

Journal Entries
- To record sales, purchases, and cash disbursements in the general ledger
- To record accounting estimates that are periodically made by management
- To record non-recurring, unusual transactions or adjustments

Related Business Processes

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 1. Develop, purchase, produce, sell and distribute an entity's products and services;
2. Ensure compliance with laws and regulations; and
3. Record information, including accounting and financial reporting information.

Information system encompasses methods and records that:

1. Identify and record all valid transactions

2. Describe on a timely basis the transactions in sufficient detail to permit proper
classification of transactions for financial reporting.
3. Measure the value of transactions in a manner that permits recording their proper
monetary value in the financial statements.
4. Determine the time period in which transactions occurred to permit recording of
transactions in the proper accounting period.
5. Present properly the transactions and related disclosures the financial statements in the
financial statements.

Communication provides an understanding of individual roles and responsibilities pertaining

to internal control over financial reporting.

Examples:
Policy manuals, accounting and financial reporting manuals and memoranda.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
D. CONTROL ACTIVITIES

- the policies and procedures that help ensure that management directives are carried
out, for example, that necessary actions are taken to address risks that threaten the
achievement of the entity's objectives. Control activities, whether within IT or
manual systems, have various objectives and are applied at various organizational
and functional levels.

Major Categories of Control Procedures

1. Performance Review
i. Accounting and Operating data are used to assess performance
 Actual performance (or Operating results) versus Budgets,
Forecasts, Prior period performance, or competitors’ data or
tracking major initiatives (i.e. cost-containment or cost-
reduction programs to ensure the extent to which targets are
met.
 Investigating performance indicators based on operating or
financial data, such as quantity or purchase price variances or
the percentage of return to total orders.
 Reviewing functional or activity performance
ii. Take corrective actions

2. Information Processing Controls

- Policies and procedures designed to require authorization of transactions and to

ensure the accuracy and completeness of transactions

 General Controls are control activities that prevent or detect

errors or irregularities for all accounting systems. It affects all
transaction cycles and apply to information processing as a
center, hardware and systems software acquisition and
maintenance, and backup and recovery procedures.

 Application Controls are controls that pertain to the

processing of a specific type of transaction, such as payroll,
sales or collection. They help ensure that transactions occurred,
are authorized, and are completely and accurately recorded and
processed.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 o General IT-controls are policies and procedures that
relate to many applications and support the effective
functioning of application controls by helping to ensure
the continued proper operation of information system.

Internal Control that Relates to Objectives of Accounting System

i. Transactions are executed in accordance with management’s general or

specific authorization.
ii. All transactions and other events are promptly recorded in the correct
amount, in the appropriate accounts and in the proper accounting
period.
iii. Access the assets and records is permitted only in accordance with
management’s authorization.
iv. Recorded assets are compared with the existing assets at reasonable
intervals and appropriate action is taken regarding differences.

GROUPS OF CONTROL ACTIVITIES

a. Proper authorization of transactions and activities
b. Segregation of duties
c. Adequate documents and records
d. Safeguards over access to assets
e. Independent checks on performance

3. Physical controls
a. The physical security of assets, including adequate safeguards such as
secured facilities over access to assets and records
b. The authorization for access to computer programs and data files.
c. The periodic counting and comparison with amounts shown on control
records

E. MONITORING OF CONTROLS
- The process that an entity uses to assess the quality of internal control over time.
- Involves assessing the design and operation of controls on a timely basis and taking
corrective action as necessary

V. Evaluation

1. The basic concept of internal control which recognizes that the cost of internal control should
not exceed the benefits expected to be derived is known as
a. Management by exception.
b. Management responsibility.
c. Limited liability.
d. Reasonable assurance.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
2. Of the following control environment characteristics, identify the one that contributes most to
effective internal control
a. The audit committee consists of the president, two vice- presidents, and the corporate
controller.
b. The company does not have a centralized human resources function.
c. The company has an effective internal audit staff that monitors controls on a
continuous basis.
d. The company routinely transacts business with related parties.

3. It would be appropriate for the payroll accounting department to be responsible for which of
the following functions?
a. Approval of employee time records.
b. Maintenance of records of employment, discharges, and pay increases.
c. Preparation of periodic governmental reports as to employees' earnings and
withholding taxes.
d. Temporary retention of unclaimed employee paychecks.

4. The most effective control to prevent unbilled and unrecorded shipments of finished goods is
to
a. Require all outgoing shipments to be accompanied by a prenumbered shipping order
and bill of lading (signed by the carrier). Forward a copy of these documents to
accounting, to be placed in an open file awaiting receipt of the customer invoice copy.
b. Forward a copy of the shipping order and bill of lading to billing.
c. Implement a policy that prevents sales invoices from being mailed to customers in the
absence of a properly approved shipping order and bill of lading signed by the carrier.
d. Forward a copy a the signed bill of lading to the stores manager.

5. Alpha Company uses its sales invoices for posting perpetual inventory records. Inadequate
internal control procedures over the invoicing function allow goods to be shipped that are not
invoiced. The inadequate controls could cause an
a. Understatement of revenues, receivables, and inventory.
b. Overstatement of revenues and receivables, and an understatement of inventory.
c. Understatement of revenues and receivables, and an overstatement of inventory.
d. Overstatement of revenues, receivables, and inventory.

6. Which of the following is not an element of an entity's internal control?

a. Control risk.
b. Control activities.
c. The information system
d. The control environment.
7. In general, material irregularities perpetrated by which of the following are most difficult to
detect?
a. Internal auditor
b. Keypunch operator
c. Cashier
d. Controller

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph
 8. Controls that enhance the reliability of the financial statements may be classified as prevention
controls and detection controls. Which of the following is primarily a detection control?
a. Separation of duties between recording cash receipts and depositing cash.
b. Bank accounts are reconciled monthly by persons independent of cash recording and
cash custody.
c. The human resources department authorizes the hiring of only those persons for
accounting positions that meet the written job requirements specified by the corporate
controller.
d. An accounting manual, accompanied by a detailed chart of accounts, carefully and
clearly describes each type of transaction affecting the entity.

9. Internal control procedures are strengthened when the quantity of merchandise ordered is
omitted from the copy of the purchase order sent to the
a. Department that initiated the requisition
b. Receiving department
c. Purchasing agent
d. Accounts payable department

10. In a properly designed set of internal control procedures, the same employee should not be
permitted to
a. Sign checks and cancel supporting documents.
b. Receive merchandise and prepare a receiving report.
c. Prepare disbursement vouchers and sign checks.
d. Initiate a request to order merchandise and approve merchandise received.

VI. References

Cabrera, M. E. (2021). Corporate Governance, Business Ethics, Risk Management and Internal
Control. Manila, Philippines: GIC Enterprises & co., Inc.

SM Baliwag Complex, Dona Remedios Trinidad Highway, Brgy. Pagala, Baliwag, Bulacan
(+63) 927-533-0342 – (+63) 923-949-5265 admissions-nubaliwag@nu.edu.ph