home · Planning · Criteria for assessing internal control. Modern problems of science and education

Criteria for assessing internal control. Modern problems of science and education

Of great importance in the management system of an organization is the assessment of the performance of not only its production structures, but also functional departments, etc. internal audit. This allows us to improve the organization of the internal audit service and achieve the effectiveness of the results of control and audit activities when making decisions.

Assessing the effectiveness of the internal control (audit) system is a very complex problem. A methodological and practical solution to this problem provides the basis for finding the most appropriate areas for improving the organization and management of the internal control (audit) service. In this case, it is of utmost importance to clarify the influence of control itself on the final results of production development, since many factors interact in the financial and economic process. But identifying the equilibrium share of the control effect in achieving certain goals is a very difficult task. Control and audit activities must be purposeful, designed to achieve certain production and financial results. The quality of work of internal control (audit) services and the final effectiveness and efficiency of control depend on the validity of the goals set, on the correct comparison of goals and means of achieving them. Inaccurately set goals will not produce a significant production effect.

Efficiency in a broad sense is understood as the total effectiveness of work, actions, and systems of measures that are the result of certain material efforts. Economic efficiency is characterized by a comparison of production results with the resources used to achieve these results. It is revealed through concepts such as efficiency and economy, although they do not fully characterize it. For example, high results of production activities can be achieved in conditions of using prohibitively large resources exceeding the socially necessary level, and savings can be achieved with minimal costs with low production indicators, etc. Thus, an exhaustive assessment of economic efficiency should be carried out only by the relationship between effectiveness and efficiency.

Justification of the economic efficiency of control (audit) and its service is largely part of the general problem of determining the economic efficiency of production. Calculation of the economic efficiency of control (audit) can be made on the basis of general methodological principles. In relation to control, they come down to determining the ratio of the costs of its implementation to the results obtained. But determining the economic efficiency of production control also has its own specifics. It follows from the characteristics of control and audit activities and is related, first of all, to assessing the effectiveness of the system of internal control (audit).

Consequently, the general category of production control efficiency is the result of the functioning of internal control, ensuring the achievement of the goals set for the control object at the lowest cost.

Determining the effectiveness of a control system, for example, in agricultural production, through the final performance indicators of an organization is complicated by the fact that the management process is an integral part of production and economic activities. Therefore, its results are sharply intertwined with the simultaneous influence of a number of other factors of production efficiency. Consequently, the control and work of its service should be assessed in specific production conditions, taking into account the comparability of the objects of study on a number of indicators.

The effectiveness of the control system and the work of its service should also be assessed according to private categories, which to a certain extent express the interrelationships of indicators. The main private criteria for the effectiveness of control: the effectiveness / or productivity / of the work of the control service, the economy and efficiency of the apparatus of this service.

To determine these criteria, objective data are required on the number of internal control services, their remuneration, the results achieved and costs.

To assess the effectiveness of the internal control (audit) system, it is necessary, first of all, to determine the efficiency (E to) of the system as the ratio of expenses (Z to) for the maintenance and functioning of the service (internal control (audit) (salaries, office expenses, depreciation, maintenance of passenger vehicles etc.) to the number of average annual employees employed in the on-farm control system as a whole (Zр).

The smaller the Ek, the more economical the internal control (audit) management system. In dynamics, when comparing Ek for several reporting periods or years, it can be expressed by the efficiency index (Jek) in fractions of units, as the ratio of the indicator for a given reporting period to the previous one (Eko), taken as the basis of comparison:

1.

In addition to the indicated indicators, to assess the effectiveness of the functioning of the service as a whole of the internal control (audit) system, you can use a system of relative indicators:

    Profitability of the internal control (audit) service (%):

where P is profitability, %;

P 1, P 0 - respectively, the profit of the organization for the reporting period (after the implementation of internal audit) and the profit of the organization for the base period (before the implementation of internal audit), thousand rubles.

ZK – costs of maintaining and operating the internal control (audit) service, thousand rubles.

    Possible lost benefits coefficient (Kuv):

where VVR – internal results of increasing production efficiency identified during the audit, thousand rubles.

    Acquired Benefit Ratio (APR):

where MVVR is the mobilization of internal reserves identified during the audit into the activities of the organization, thousand rubles.

    Utilization ratio of identified internal reserves (Kiv):

This coefficient shows the degree of mobilization of identified on-farm reserves into the activities of the organization. This coefficient also makes it possible to establish to what extent the conclusions made by the internal audit auditor were justified and justified by certain amounts of identified internal reserves.

6. Coefficient of identified shortages, losses from damage and theft due to the fault of the organization’s employees (Knph):

where NPH is the total amount of shortages, losses and thefts identified during control and audit activities due to the fault of the organization’s personnel.

This coefficient can be calculated for individual reporting periods, processes of circulation of funds, types of activities, etc. It shows how many rubles of shortages, thefts, losses were identified per 1 ruble of costs for the maintenance and functioning of the internal control (audit) service.

    Coefficient of possible losses due to taxation errors (Kvp):

where FS is the amount of possible financial sanctions, thousand rubles.

this coefficient shows the effectiveness of the internal control service in detecting tax errors, correcting them on time and avoiding financial sanctions, i.e. savings per each ruble of costs for the maintenance and functioning of the internal control (audit) service.

    Coefficient of comprehensive assessment of the effectiveness of the internal control (audit) service (Kots):

Kots=Kpv * Knph * Kvp

This indicator shows the average effect of the work of the internal audit service per ruble of costs for the maintenance and operation of this service.

    The absolute amount of the effect of the work of the internal control (audit) service (Ase), rub.

Ase = MVVR (or VVR) + NPH + FS

The efficiency of the internal audit service is significantly influenced by the system of labor organization of employees of this service. Therefore, to quantitatively assess the level of labor organization of employees of the internal audit service (department), you can use the same indicators as to assess the labor organization of employees of the management apparatus of an economic entity:

a) coefficient of intensive use of working time (Ke):

where Pr – loss of working time during the audited period, %;

Nfr – nominal working time fund for performing control and audit work during the audited period (100%);

b) coefficient of stability of audit personnel (Кс):

where Z 1 is the number of employees of the internal audit service who quit during

reporting period, people;

Z 2 – average monthly number of audit service employees, people;

c) coefficient of labor discipline in the audit service (Kt):

where Dp is the number of person-days lost as a result of absenteeism and other violations of discipline, person-days;

To – total number of person-days;

d) coefficient of performance of duties by internal auditors (Ci):

,

where Zn is the number of employees of the internal audit service who received administrative penalties for improper performance of duties, people;

e) ratio of certified auditors (auditors with a certificate of a professional auditor or professional accountant) and non-certified auditors (KSP):

where Sof is the actual ratio of specialists - professionals, people;

Sop – normative (planned) ratio of specialists – professionals, people;

g) qualification coefficient of employees of the internal audit service (Kkr):

where Zkv is the number of employees of the internal audit service with higher and secondary specialized education, people;

h) coefficient of use of mechanization and automation means in control and audit activities (KMA):

where Oma is the volume of control and audit work performed using mechanization and automation equipment, man-hour or %;

Or – the total amount of work under the audit plan or program, man-hour or 100%.

In each specific case, when determining the effectiveness of certain measures aimed at improving the organization of the internal audit service and the management of its activities, it is advisable to select some of the listed indicators as evaluation criteria, and take others as a limiter, characterizing the conditions for achieving results measured by the main indicators.

In accordance with FPSAD No. 8 “Understanding the activities of the audited entity, the environment in which it is carried out and assessing the risks of material misstatement of the audited financial (accounting) statements”, the internal control system is a set of organizational measures, methods and procedures used by the management of the audited entity as means for the orderly and efficient conduct of financial and economic activities, ensuring the safety of assets, identifying, correcting and preventing errors and distortion of information, as well as the timely preparation of reliable accounting financial statements.

The basis of internal control of an economic entity includes five elements (Fig. 2.2).

Rice. 2.2 – Elements of the internal control system.

The control environment refers to the awareness and actions of the audited entity's management aimed at establishing and maintaining an internal control system, as well as an understanding of the importance of such a system. The auditor's knowledge and understanding of the specific environment allows him to determine whether the control conditions are sufficient to ensure an effective internal control system, and whether it helps to minimize misstatements in financial statements.

The control environment includes the following components:

The style and basic principles of management of this audited entity;

Organizational structure of the audited entity;

Distribution of responsibilities and powers;

Implemented personnel policy;

The procedure for preparing financial (accounting) statements for external users;

The procedure for carrying out internal management accounting and preparing reports for internal purposes;

Ensuring compliance of the audited entity’s business activities with legal requirements;

The presence and features of the organization of work of the audit commission and the internal audit service as part of the management body of the audited entity.

During the study of the control environment of KP Sibirsky Gurman LLC, it was revealed that the internal control system in the organization is based on compliance with the following principles:

1. Timely and proper documentation of transactions;

2. Actual control over property and documentation;

3. Availability of effective procedures for authorizing transactions;

4. Carrying out independent checks.

The executive body exercises control over the conduct of the company's economic activities by issuing relevant orders and instructions.

The chief accountant exercises control over ensuring compliance of ongoing business transactions with the legislation of the Russian Federation, control over the movement of property and the fulfillment of obligations.


The second component of the ICS is the assessment of business risk by the audited entity as a process of identifying risks, their possible consequences and responding to them. The auditor must understand how the entity identifies and addresses business risks that are relevant to the financial reporting objectives and what results this produces.

Risks related to the financial (accounting) statements of KP Sibirsky Gurman LLC are associated with both external and internal events and circumstances. When identifying possible risks, management considers their importance, the likelihood of their occurrence and how to manage them. Management makes plans, programs, and implements appropriate actions to eliminate these risks or decides to ignore risks due to the high cost of possible controls in relation to these risks or for other reasons. Risks may arise or change due to a number of circumstances, for example, macroeconomic changes, new personnel (new employees may have a different point of view on the internal control system or different priorities); the introduction of new or changes to existing information systems, new technologies, new types of goods, works, services, reorganization of the audited entity may be accompanied by a reduction in the number of personnel and changes in the distribution of responsibilities, as well as control functions performed by employees, which may also affect the risk associated with internal control system.

The third component of the ICS is an information system related to the preparation of financial statements and consisting of procedures and records. The auditor must understand how the organization communicates the roles and responsibilities of specific employees and significant matters relevant to the financial statements. The accounting department must clearly outline who does what and who is responsible for what. The auditor should check how well the job instructions are prepared and how conscientiously they are followed.

At KP Sibirsky Gurman LLC, the functioning of information systems related to the preparation of financial (accounting) statements is ensured by:

a) technical means;

b) software;

c) personnel;

d) relevant procedures;

e) databases.

An integral part of information systems is a personnel information system, which ensures that employees understand the duties and responsibilities associated with the organization and application of the internal control system in relation to financial (accounting) reporting.

The personnel information system can take such forms as internal regulations, guidelines for the preparation of financial (accounting) statements, instructions and guidelines. Information can be brought to the attention of employees using electronic communications, orally, and through instructions from management.

The fourth component of the internal control system is control actions. They refer to the policies and procedures that help ensure that management's orders are followed. These include procedures and activities carried out by the audited entity and beyond the scope of direct accounting and reporting. Examples of such specific control actions are: authorization by the management of the audited entity of control actions; checking the implementation of control actions; processing information obtained as a result of control actions; checking the presence and condition of the objects of the audited entity; division of responsibilities between employees of the audited entity during control actions and others.

The fifth component of the ICS is monitoring of controls. It refers to the process of assessing the quality of functioning of the internal control system. It is carried out through ongoing monitoring, individual assessments of the reliability of controls and ensures that controls are functioning effectively.

Controls must achieve the following objectives:

1) sufficient separation of duties;

3) correct documentation of transactions and their accounting;

4) ensuring the safety of assets and accounting records;

5) independent audits of activities.

In order to evaluate the internal control system, audit tests are carried out in areas of internal control.

The first stage of the audit was familiarization with the internal control system of the accounting organization.

Responsibility for the organization and state of internal control lies with the head of Sibirsky Gurman Semi-Finished Products Plant LLC. The accounting policies are drawn up in accordance with the legislation of the Russian Federation and the Tax Code of the Russian Federation. An organization's accounting policy is an important means of forming the values ​​of the organization's main performance indicators, tax planning, and pricing policy. It must provide complete and timely information about all facts of economic activity. An assessment of the completeness of the content and compliance of the accounting policies with the requirements of regulatory documents is presented in the Appendix

The accounting department of Siberian Gourmet Semi-Finished Products Plant LLC operates as a structural unit headed by a chief accountant. The accounting department includes

· material group responsible for accounting for the acquisition of material assets, their receipt and expenditure. In the same group, as a rule, they keep records of fixed assets;

· the wage accounting group, which records the labor costs of workers, calculates wages to employees, controls the use of the wage fund, records all settlements with employees of enterprises, and the budget. Social Insurance Fund and other departments related to wages;

· production and costing, which keeps track of production costs and calculates the cost of production;

· a general group, whose employees keep records of other transactions and the General Ledger, prepare a balance sheet and other forms of financial reporting.

When conducting an audit, at the first stage, a test is drawn up to assess the internal control of product sales (Table 2.1), which reflects the main issues of auditing the financial results of the enterprise.

In this case, the test can be compiled for individual components of the formation of financial results: accounting for revenue from sales of products and services; accounting for the cost of manufactured products and services, etc.

Table 2.1 Test for assessing internal control over product sales

R.A. NEUSTROEV, I.O. FEDOROVA, S.V. VASILIEV

FORMATION AND EVALUATION OF THE EFFECTIVENESS OF THE INTERNAL CONTROL SYSTEM

Key words: efficiency, analysis, audit, control.

The problems of forming and assessing the effectiveness of the internal control system, the differences between the inspection of an internal controller and an internal auditor are considered.

R.A. NEUSTROEV, I.O. FEDOROVA, S.V. VASILEVA FORMATION AND ESTIMATION EFFICIENCY PRODUCTIVITY SYSTEM OF DIFFERENCES CONTROL

Key words: productivity, analysis, audit, control.

Problems of formation and estimation efficiency productivity system of differences control testing differences control and differences audit formation of mortgage model in Russia of the state funds.

In accordance with the budget reform, it is intended to provide greater independence to participants in the budget process. However, this approach requires improvement of the internal control system.

The main task of internal control is to reduce financial losses arising for various reasons. The more developed and structured the control system, the higher the result of its action.

The prerequisites for the formation of an internal control system in the public sector include: increased competition, the establishment of requirements for increasing the efficiency of the management system, the need for objective and reliable information for decision-making, competent management, ensuring communication between internal and external control.

In accordance with Art. 158 and 269 of the Budget Code of the Russian Federation, the main managers are entrusted with control over the use of budgetary and extra-budgetary funds, their intended use, as well as the activities of organizations, the result of which are specific budget services. Accordingly, within the framework of internal control, the degree of fulfillment of budget service indicators by government agencies and organizations, established by their main managers on the basis of the program-target planning method, should be assessed in order to increase their responsibility for achieving the final result with the least expenditure of budget funds and the best quality, i.e. increasing the efficiency and effectiveness of institutions and organizations.

Thus, the concept of an internal control system should be based on indicators of the ratio of costs and quality that form the final result and determine the degree of achievement of the set goal. This means that internal control must ensure the identification and mobilization of financial, material and labor reserves available to organizations; increasing the efficiency and quality of their use, strengthening financial discipline, including pricing issues, as well as facilitating rapid response and management decision-making for the timely achievement of the organization’s ultimate goals.

The following areas of activity of the internal control system of a budgetary organization can be considered:

Compliance with indicators of budget services and criteria for their quality;

The presence of complaints about the quality and timeliness of the provision of budget services;

Use of budget funds for their intended purpose;

Validity of calculations of estimate assignments;

Execution of income and expenditure estimates and compliance with budget commitment limits;

Organization of placing orders for the supply of goods, performance of work, provision of services;

Efficiency of managing budgetary and extra-budgetary funds and property;

Justification of incurred costs associated with current activities and capital costs, compliance with general construction standards during construction work.

The objectives of internal control in terms of performance assessment can be:

Conducting audits and informing management of identified significant risks and control issues, as well as assistance in resolving these issues;

Providing an objective assessment of the organization’s effectiveness in achieving its goals and the effectiveness of its main processes;

Effective interaction with external auditors to reduce the costs of conducting an external audit if necessary;

Checking the adequate (timely, correct, reliable) reflection of business transactions in accounting and the correctness of preparation of both internal and external reporting;

Assessing the efficiency of business operations in order to reduce costs and increase profitability;

The creation of an internal control system requires the availability of appropriate information for control, a set of control techniques and procedures, and the development of a specific control methodology.

Internal control should be organized according to the organization’s activity cycles (from procurement to the implementation of budget services, including investments) and management stages (planning, organization, accounting and analysis, verification of corrective actions).

The algorithm for forming an internal control system, taking into account the tasks of ensuring the efficiency of the activities of government institutions and organizations, can be as follows:

1. Definition and description of the main business processes.

2. Approval of basic business process diagrams.

3. Identification and assessment of risks for each business process.

4. Determination and assessment of existing control procedures for relevant business processes.

5. Development of a list of possible control procedures to minimize existing risks.

6. Assessing the effectiveness of the “new” internal control system and procedures.

7. Selection of the most effective and popular control procedures and their implementation in the practice of the internal control system.

Elements of the internal control system: control environment, risk assessment, information and networks, monitoring, existing control procedures are reflected in Table. 1.

The implementation of the proposed algorithm can proceed as follows:

The first step is to describe the business process as it is, then determine how controls can be applied to those processes, and develop policies and procedures to minimize risks within the process. The result of the stage may be a document describing a special procedure.

At the second stage, an analysis of the main risks inherent in this process (standard risks) is carried out and control measures are developed to minimize these risks.

At the third stage, it is necessary to determine the purpose of the new procedure (as it should be). The new procedure must be tested. Based on the test results, a decision must be made about the effectiveness of the procedure. The procedure is introduced by order. Training in using the procedure is provided.

Table 1

Elements of the internal control system structure

Item Description Key Issues

Control environment overall assessment of the organization, its policies and procedures integrity, competence, independent management, management philosophy, organizational structure, assignment of responsibilities, personnel policies

Risk assessment Management identification of risks Risks arising from change

Information and networking techniques used to classify and reflect transactions and communicate roles and responsibilities by recording, processing, summarizing, and presenting transactions, conditions, and events. Communicating Roles and Responsibilities

Monitoring procedures necessary to assess the quality of application of the internal control system on an ongoing basis internal audit. Inspections and other procedures, including customer satisfaction assessments

Existing control procedures policies and procedures established to ensure that management's objectives are achieved timely reporting, processing of information, physical controls, assignment of responsibilities

Let's consider an example of the activities of the internal control service in the direction of placing a state (municipal) order, where the latter is one of the functions and areas of assessment of the internal control service.

Formation of a state order is the customer’s activity in planning, placing and monitoring the execution of a state contract for the supply of goods, performance of work, provision of services, i.e. a business process that describes the customer’s function in the procurement of goods, works, and services. From a management point of view, it includes planning the process of placing a government order, carrying out procedures related to placing a government order, analyzing and monitoring the implementation of the terms of the government contract, taking corrective actions to eliminate inconsistencies and violations that have arisen both during the placement of the order and during its execution . The main risks that government customers face when placing a government order include the following risks: procurement of goods, works and services from an unscrupulous supplier; implementation of the corruption motive; purchases of goods, works and services at inflated prices, insufficient sources of financing the order; provision of an advance without securing the execution of a contract, etc. The factors of these risks include: low qualifications;

tion of specialists in the field of placing government orders, low general and financial discipline of government customers. When drawing up regulations for the activities of the internal control service, these risks must be taken into account, and the elements of the control system must be structured in such a way as to ensure their maximum identification and prevention. The following can be used as means of control: a procurement plan for goods, works and services, approved by the customer, drawn up taking into account estimates and requests from departments; schedule for the purchase of goods, works and services by periods and forms of procurement, approved by the customer; authorization of the purchase of goods, works, services, carried out by the manager - representative of the customer, developed guidelines for determining the initial contract price, applying non-price criteria for evaluating applications, etc.

Control means can be divided into providing:

a) carrying out procedures for placing an order with the permission of the state customer: securing in the charter (regulations) of the organization the functions, rights and responsibilities of the manager for placing a state order; securing the rights and obligations of the authorized body upon its creation, regulations for the work of commissions, functions, rights of members of commissions created when placing an order, their approval by the customer, etc.;

b) the correctness of the procedures for placing a state order: criteria for the purchase of goods, works, services up to 100 thousand rubles; approval of the list of persons entitled to make purchases worth up to 100 thousand rubles; the procedure for forming the initial (maximum) contract price (lot price); availability of certificates and identifications for members of the commission in the field of advanced training in the field of placing government orders, etc.

The activities of the internal control service should be carried out on a systematic basis, i.e. be regulated by plans, schedules of internal inspections, goals and objectives, the presence of criteria for selecting inspection objects, methods, and reporting forms.

The consequences of insufficient use of internal controls include: lack of adequate management controls and a poor control culture, insufficient risk identification and assessment, poor communication between different levels of management, and ineffective auditing or remediation monitoring.

To determine the effectiveness of the established internal control system, its internal audit can be carried out, which should be considered as an independent competent assessment of management and control activities carried out within the organization, based on a systematic scientifically based process of objective collection, analysis and evaluation of evidence of economic actions and events in order to identifying the degree of compliance with their established performance criteria, forecasting future development, and making recommendations.

From an economic point of view, creating an internal audit service is advisable at the level of the main manager, when the organization has a complex structure, many reporting units (individuals), and implements joint programs (orders).

The differences between the internal controller and the internal auditor are reflected in table. 2.

Differences between internal controller and internal auditor

Subjects and nature of control is carried out by employees of the internal audit department; carried out by specialists of functional departments

Goals and objectives: quality control of the work of enterprise departments, assessment of the accounting and internal control system, development of sound recommendations and consulting services for an economic entity; carries out systematic, continuous monitoring of the safety and efficient use of all types of resources

Legal status is guided by the organization's charter, regulations on the internal audit service, is an independent unit and reports directly to the head, providing them with reporting, guided by the regulations on the relevant unit and job responsibilities, reports to the head or his deputy

Restrictions on activities Work is carried out according to plan and documented. They make recommendations, but do not participate in their implementation. There is a possible audit risk of failure to detect errors and distortions; management decisions are made based on instructions and orders from management; it is created if economic benefits are higher than costs. Possibility of ineffective control environment

The level of significance of the issues under consideration; decisions made based on the results of inspections generally relate to the activities of the business entity or the most important issues. Confirm the effectiveness and reliability of the internal control system. decisions made relate to certain types or areas of activity of individual departments and their employees

The place in management of the body monitoring compliance with the established procedure for conducting operations and procedures, as well as the reliability of the functioning of the internal control system, is a way of monitoring the effectiveness of the activities of the organization’s units; an independent control system that is part of the management of the organization and controls, through a set of special procedures, all issues of financial and economic activity and creating conditions for the effective operation of the organization

Interrelation and interaction in the management system interacts vertically with the management of the organization, external auditors, horizontally with employees of the organization’s divisions, ensures interaction between employees of the organization through a justified division of responsibility and authority in order to achieve the assigned tasks

The technology for carrying out control actions uses standards, special procedures and methods of audit control - preliminary planning, risk assessment, development of an audit plan and program, audit methods, evaluation and documentation of audit results, uses procedures and methods of administrative, accounting and economic control

Distinctive feature Internal audit Internal control

Assessing and documenting the results; drawing up auditor’s working documents, acts, documentary notes; summing up results; formulating conclusions; and making recommendations; prompt intervention and adjustment of business transactions; drawing up references for internal memos

Efficiency assessment allows us to consider the qualitative and quantitative certainty of individual elements of the internal control system and establish their differences. A measure of quantitative assessment of the result of the effectiveness of the internal control system can be the indicator of the average mathematical expected value of an event or result. Such assessments are usually based on expert opinions and are subjective. In this case, the auditor should check:

That the internal control procedures in place effectively detect and prevent abuse;

Correct implementation of control procedures during the period, including a complete check of all business processes, checking the most risky areas of activity and that all risky areas are covered by control procedures, checking the implementation of control procedures (make sure that existing control procedures cover risks within the established limits level).

NEUSTROEV ROMAN ALEXANDROVICH was born in 1979. Graduated from the Moscow Petrochemical Institute. Applicant for the Department of Enterprise Economics, Cheboksary Cooperative Institute, Russian University of Cooperation. Author of 4 scientific papers.

IRINA OLEGOVNA FEDOROVA was born in 1988. Financial manager. Author of 3 scientific papers.

VASILYEVA SVETLANA VALERYANOVNA was born in 1968. Graduated from the Moscow University of Consumer Cooperation, the Presidential Management Training Program at ChSU. Director of Gaztekhservice-Plus LLC of the Termotekhnika Group of Companies, senior lecturer at the Department of Enterprise Economics of the Cheboksary Cooperative Institute of the Russian University of Cooperation. Author of 6 scientific papers.

UDC 657.6

ASSESSMENT OF THE EFFECTIVENESS OF THE INTERNAL CONTROL SYSTEM

Makarenko Svetlana Anatolevna

Federal State Budgetary Educational Institution of Higher Education "Kuban State Agrarian University named after. I.T. Trubilina", Krasnodar, Russia (350044, Krasnodar, Kalinina St., 13), Associate Professor of the Audit Department,svetmakarenko888@ mail. ru, +7-989-825-62-32.

Shapovalova Alika Alekseevna

Federal State Budgetary Educational Institution of Higher Education "Kuban State Agrarian University named after. I.T. Trubilina", Krasnodar, Russia (350044, Krasnodar, Kalinina St., 13), master's student at the Faculty of Distance Learning,alikashap@ mail. ru, +7-918-033-41-10.

The internal control system is the most important tool for developing the effective activities of any commercial organization. The article discusses the theoretical aspects of assessing the internal control system by business entities. Methods for assessing the design effectiveness of implemented control procedures and assessing their operational effectiveness are proposed.

It is concluded that the internal control system can be effective if local regulations defining the strategy and tactics in the field of internal control are approved and regularly reviewed; the strategy and tactics of actions in the field of internal control are determined based on the results of the risk assessment; an infrastructure has been created to ensure the reality and effectiveness of control; information flows are organized efficiently and the security of their transmission channels is ensured; the internal control system is subject to independent monitoring.

Key words: internal control; efficiency; assessment of the internal control system.

EVALUATION OF THE EFFECTIVENESS OF THE INTERNAL CONTROL SYSTEM

Makarenko Svetlana Anatolyevna

Federal State Budgetary Educational Institution of Higher Education “Kuban State Agrarian University named after I.T. Trubilin", Krasnodar, Russia (350044, Krasnodar, Kalinina St., 13), Associate Professor of Audit, [email protected], +7-989-825-62-32.

Shapovalova Alika Alekseevna

Federal State Budgetary Educational Institution of Higher Education “Kuban State Agrarian University named after I.T. Trubilin", Krasnodar, Russia (350044, Krasnodar, Kalinina St., 13), master’s degree student of the faculty of correspondence education, [email protected], +7-918-033-41-10.

The internal control system is the most important tool for the development of effective activity of any commercial organization. The article discusses the theoretical aspects of the assessment of the internal control system by business entities. Methods for evaluating the effectiveness of the design of the implemented control procedures and evaluating their operational effectiveness are proposed.

It was concluded that the internal control system can be effective if local regulations defining the strategy and tactics in the field of internal control are approved and regularly reviewed; strategy and tactics of actions in the field of internal control are determined by the results of risk assessment; an infrastructure has been created to ensure the reality and effectiveness of control; information flows are organized efficiently and the security of their transmission channels is ensured; The internal control system is subject to independent monitoring.

Keywords: internal control; efficiency; evaluation of the internal control system.

The most important place in the management system of an organization is occupied by the assessment of the effectiveness of the departments and divisions of an economic entity. To solve this problem, it is necessary to introduce an internal control system. According to the requirements of Art. 19 of the Federal Law “On Accounting” No. 402-FZ dated November 6, 2011, each economic entity must organize a system of control over the facts of economic life and directly exercise internal control in the organization.

The definition of the internal control system proposed by V.V. Burtsev is most widely used in Russia. He understands the internal control system as “activities regulated by the internal documents of the organization to control the management links and various aspects of the functioning of the organization, carried out by representatives of a special control body as part of assistance to the management bodies of the organization (general meeting of participants of a business partnership or company, or members of a production cooperative, supervisory board, board of directors, executive body)".

According to E. S. Kolesov, the effectiveness of a commercial organization depends on the effectiveness of the internal control system. Indeed, in terms of assessing the effectiveness of the internal control system, one should talk not only about effectiveness (the number of identified deviations), but also about effectiveness (the activity of all subjects involved in the internal control system, the sufficiency of control measures, the consistency and systematicity of the control exercised).

To assess the effectiveness of the internal control system, regular monitoring of the control procedures carried out is necessary, which should cover all elements of internal control.

It is quite difficult to evaluate the internal control system, since it is important to find out the impact of the control itself on the final results of the organization. The quality of the internal control system depends on the goals set and the means to achieve them. Thus, assessing the effectiveness of the internal control system consists of:

– assessing the effectiveness of the design of control procedures;

– assessing the operational effectiveness of the internal control system.

The design of a control procedure will be effective when the internal control system achieves its goal. Based on the results of assessing the effectiveness of the design of control procedures, duplicative and ineffective control procedures are identified.

The operational effectiveness of internal control is assessed to confirm the implementation of internal control throughout the entire reporting period in full accordance with the approved design.

Methods for assessing the effectiveness of internal control include:

– survey of the organization’s personnel carrying out certain control procedures;

– monitoring of business transactions in order to confirm the implementation of control procedures;

– checking evidence of internal control;

– repeated implementation of control procedures.

Assessing the effectiveness of internal control can be carried out by:

– self-assessment;

– independent assessment (external audit).

In order to assess the effectiveness of the internal control system within the organization itself, a number of actions can be applied. It should be noted that the legislation does not provide any recommendations on the implementation of internal control, therefore organizations are given some freedom in fulfilling this responsibility.

To begin with, it is necessary to monitor the transactions performed and the means by which internal control is carried out. Assess the interest of the employee or employees who carry out internal control in conducting high-quality and independent control. Conduct a survey of the organization’s personnel in order to verify the compliance of the control methodology prescribed in the organization’s documents with the actions of the employees exercising control. It is also necessary to check evidence of the organization’s implementation of internal control, for example, using accounting sheets, acts and other documents that have evidence of control and are subject to analysis. The most important action is the regular implementation of the procedures outlined above and, of course, the internal controls themselves.

The study of the effectiveness of the internal control system by the external audit service is carried out in accordance with ISA 315 with the aim of:

– identifying and assessing the risks of material misstatement of financial (accounting) statements;

– planning and performing further audit procedures (justification of the size of the audit sample).

Elements of the control environment that the external auditor should evaluate include:

- organizational structure;

– philosophy and style of management;

– bringing to the attention of employees the principle of honesty and other ethical values ​​and their maintenance;

– commitment to professionalism;

– distribution of responsibilities and powers;

– personnel policy.

Elements of the risk assessment that the external auditor should evaluate include:

– identification of business risks related to financial reporting;

– assessment of the significance of risks;

– risk probability assessment.

– methods of risk management.

In relation to the information systems of an economic entity, external auditors evaluate:

– procedures by which business transactions are initiated, recorded, processed and reported;

– accounting records and accounting reporting items relating to initiated business transactions, their registration, processing and generalization;

– recording information events and conditions that are not part of similar transactions, but, nevertheless, may be significant for financial statements;

– the process of preparing and drawing up financial statements.

Let's summarize the results of the study. The results we obtained allow us to state that the internal control system is considered effective if:

– local regulations that define the strategy and tactics in the field of internal control of an economic entity are approved and regularly revised;

– the strategy and tactics of actions in the field of internal control are determined based on the results of the risk assessment;

– an infrastructure has been created to ensure the reality and effectiveness of control;

– information flows are organized efficiently and the security of their transmission channels is ensured;

– the internal control system is subject to independent monitoring.

Bibliography

  1. Dorofeeva D.P. Ways to improve internal control of economic entities / D.P. Dorofeeva, S.A. Makarenko // Problems and prospects for the development of economic control and audit in Russia: Sat. Art. based on materials from the VII interreg. scientific-practical conf. young scientists. Krasnodar, 2016. pp. 49-54.
  2. Burtsev V.V. Organization of an internal control system for a commercial organization. M.: Exam, 2000. 320 p.
  3. Kolesov E.S. On the issue of monitoring the efficiency of economic activity / E. S. Kolesov // Siberian Financial School. 2016. No. 3. P. 78-81.
  4. Makarenko S.A. Theoretical foundations for constructing an internal control system in commercial organizations / S.A. Makarenko, L.V. Gladkikh, V.V. Adisultanova // Economics and entrepreneurship. 2017. No. 1 (78). pp. 1113-1117.
  5. Makarenko S.A. Conceptual basis for introducing internal control into the management system of small and medium-sized businesses / S.A. Makarenko, A.A. Golubtsova, A.P. Babak // Innovative development of the economy. 2016. No. 6 (36). pp. 132-137.

References

  1. Dorofeeva D.P. Puti sovershenstvovaniya vnutrennego kontrolya ekonomicheskikh subektov / D.P. Dorofeeva, S.A. Makarenko — Problemy i perspektivy razvitiya ehkonomicheskogo kontrolya i audita v Rossii: Sb. st. po materialam VII mezhreg. nauch. - prakt. conf. Molodykh uchenykh. Krasnodar, 2016. p. 49-54.
  2. Burcev V.V. Organizatsiya sistemy vnutrennego kontrolya kommercheskoy organizatsii. M.: Ekzamen, 2000. 320 p.
  3. Kolesov E.S. K voprosu o kontrole effektivnosti khozyaystvennoy deyatelnosti / E.S. Kolesov - Sibirskaya finansovaya shkola. 2016. no 3. p. 78-81.
  4. Makarenko S.A. Teoreticheskie osnovy postroeniya sistemy vnutrennego kontrolya v kommercheskikh organizatsiyakh / S.A. Makarenko, L.V. Gladkikh, V.V. Adisultanova - Ekonomika i predprinimatelstvo. 2017. no 1 (78). p. 1113-1117.
  5. Makarenko S.A. Kontseptualnye osnovy vnedreniya vnutrennego kontrolya v sistemu upravleniya organizatsii malogo i srednego biznesa / S.A. Makarenko, A.A. Golubtsova, A.P. Babak - Innovatsionnoe razvitie ekonomiki. 2016. no 6 (36). p. 132-137.

Reviewers:

Maltseva E.S. – Candidate of Economic Sciences, Associate Professor, ANO VO “Institute of Business and Design”.

Ilchenko S.V. – Candidate of Pedagogical Sciences, Head. Department of Housing and Personnel Management NOCCHU VO "Moscow Economic Institute".



Bosalko D.S.,
graduate student
Pacific State
University of Economics

The business management process was first divided into stages by Henri Fayol and currently includes the following main stages: planning, organizing, directing and controlling.

Planning in an enterprise is necessary in order to formulate the main goals and determine ways to achieve them. In order for an organization to optimally distribute work among subordinates, management must create the conditions and desires for people to work together to achieve the company’s goals, and control must assess the reality of the goals and find out what results the company was able to achieve.

The increasing complexity of business processes of enterprises, the growing mobility of the external environment, the increasing role of the human factor - these are the main reasons for the increasing role and diversity of control functions in modern conditions.

Control is a critical and complex management function. Its goal is to increase the overall efficiency of activities and ensure its safety at enterprises, preventing possible conflicts with the external and internal environment.

Types of control are extremely diverse. At the microeconomic level, that is, at the level of management of an economic unit (enterprise), a distinction is made between external control, exercised by management entities external to the organization, and internal control, exercised by entities of the organization itself. This article will focus on internal control.

At the moment, the problem of assessing the adequacy of internal control at an enterprise is acute.

Theoretically, this issue is not sufficiently covered.

Practitioners feel a lack of methods that allow them to assess the sufficiency and adequacy of the control carried out at the enterprise.

Before moving directly to assessing the adequacy of control at an individual enterprise, let us return to the idea that control is capable of preventing conflicts with the external and internal environment. Any likely changes (internal or external) must be identified in advance and, when they occur, measures must be put in place to mitigate their impact on the business. In order to distinguish changes by the nature of their impact, entrepreneurs agreed that probable events that could have a negative impact are called “risks,” and events that could have a positive impact are called “opportunities.”

In accordance with the concept of risk-oriented control, each type of activity is initially associated with specific (inherent) risks, and there is only one way to avoid them - not to engage in this activity.

However, it is possible, firstly, to identify these risks in a timely manner, and secondly, to create such management mechanisms (processes) that, when the risk is realized, will mitigate the consequences of its impact to an acceptable level. Internal control in this case is those parts of the business process that provide an acceptable level of controlled (or residual) risk for the business.

In itself, control at an enterprise is the process of identifying deviations between the actual values ​​of controlled indicators and planned or standard values. In other words, control acts as a management tool for identifying deviations of controlled indicators from standard values. When deviations are identified, management carries out some kind of control action, the actual value becomes equal to or tends to the normative value, the risk is reduced to an acceptable level.

– Will the risk of robbery be reduced if you install a metal door in your apartment?
– Unknown. It seems to be more reliable with her...

Let's reformulate the question.
– Will the risk of robbery be reduced if a metal door is installed and not locked?
- No.
– Can installing a metal door reduce the risk of robbery?
- No, if the door remains open; yes – if the door is closed.
– Is it control to check the condition of the door every day before leaving?
- Yes.
– Does installing a metal door increase the level of control provided that the condition of the door is checked daily before leaving?
- Of course yes .

This example shows an important characteristic of internal control: only in terms of the objectives of the process can the adequacy of the controls included in it be assessed. If the goal is to prevent an ordinary burglar from breaking into an apartment, then installing a metal door and checking its condition daily before leaving will probably be enough. If the goal is to stop a professional burglar, then in addition to the door, it may be necessary to install an additional alarm system. On the other hand, if we are sure that a metal door is enough to prevent a robbery (there are no professional robbers in the city), there is no point in installing an alarm, since the control will be redundant (inadequate).

Control will be adequate when, based on the results of activities (or a separate business process), the deviation of the actual value of the controlled indicator from the standard value tends to zero. Mathematically, this can be written as follows:

where is the adequacy of control;
– controlled indicator;
– actual value of the controlled indicator;
– standard value of the controlled indicator.

In this case, we say that control is effective, since it allows you to promptly detect shortcomings in the activities of the enterprise and take timely measures to eliminate them (carry out control actions).

We consider control as an element of a management system by objectives. Accordingly, if goals change, then it is logical to assume that control elements should change. It turns out that control is inherently goal-oriented and must be adjusted to the goals. In this case, it will help to identify deviations of the actual values ​​of controlled indicators from the normative ones, make it possible to make timely corrective actions and ultimately achieve the established goals.

To ensure the effectiveness of internal control, it must be organized into a system.

It is known that the unification of requirements for the internal control system of enterprises began in 1985 in the USA, when, with the participation and funds of five professional self-regulatory organizations - AICPA (American Institute of Certified Public Accountants), American Accounting Association , FEI (Financial Executives Institute), Institute of Internal Auditors (IIA) and Institute of Management Accountants created a national commission to combat misleading financial reporting, known by the name of its first chairman, James S. Treadway as the Treadway Commission.

The report they issued in 1987, among other recommendations, called on the listed sponsoring organizations of the Treadway Commission to join efforts to reach agreement on the basic concepts of internal control that were common to all. Based on this proposal, the working group under the auspices of

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) reviewed the then existing internal control literature. The result of this work was presented to the public in 1992 under the title “Integrated Framework of Internal Control” (Internal Control – Integrated Framework). Briefly, this document is usually called by the name of the organizing committee “COSO concept”, “COSO model” or simply COSO.

The internal control system (hereinafter – ICS), according to COSO, consists of five interrelated components:
1) control environment;
2) risk assessment;
3) control procedures;
4) collecting and analyzing information and transferring it to its intended purpose;
5) monitoring.

The interaction of elements in the internal control system can be represented as follows:

In order to assess the effectiveness of the internal control system, it is necessary to evaluate all of its above elements. Let's consider assessing the effectiveness of such an element as control procedures.

Control procedures(controls) are the policies and procedures designed and established to ensure that management's objectives are achieved. In terms of risk-based internal control, control procedures provide “reasonable” assurance that an emerging risk is responded to effectively and in a timely manner.

An example of control procedures can be actions to authorize and endorse something, division of powers, and verification.

Assessment of the effectiveness of the internal control system is carried out through assessment of the effectiveness of individual control procedures of the business process. In this case, the algorithm of actions is as follows:
- Comparison of a typical and actually existing set of control procedures in the process.
- Forming an opinion on the need for missing controls.
- Selection of controls for testing.
- Analysis of the design, implementation and execution of the control procedure from the point of view of its reliability, evidence and repeatability.
- Formation of a final opinion on the effectiveness of the control procedure under consideration.

Let's illustrate this with an example. Let's consider the process of purchasing material and technical resources (MTR) at an enterprise. Suppose we know that a typical set of control procedures (hereinafter referred to as CP) in this process has the following form:

This is our (normative value of the controlled indicator). The actual set of process CPs may have the following form (see Fig. 4):

Already at this stage, it is possible to draw a conclusion about the inadequacy of the internal control system of the process, the need for missing controls and regulatory influence on the part of management, since the effectiveness of individual selected process controls is then assessed.

It must be borne in mind that each control procedure has the following characteristics: design, implementation, execution.

Design is a set of standard control techniques that are designed for use in a given control procedure.

Implementation is how the design principles are implemented in the control procedure.

Execution– this is how the control procedure is actually performed.

In order to assess the effectiveness of a CP, it is necessary to evaluate all three of its characteristics in terms of reliability, evidence and repeatability.

Credibility– accurate and complete reflection of the transaction in the document.

Evidence – saving inspection results for later confirmation.

Repeatability– ensuring the same execution of control by independent performers and in different periods of time.

Each of the CP characteristics is determined by a number of features, each of the features has weight.

A set of characteristics and their weight must be developed for each enterprise individually, taking into account the specific nature of its activity. Below, as an example, is a possible set of criteria for assessing a control design from the point of view of evidence.

During the assessment process, a characteristic is assigned a value (for example, from 0 to 10) depending on its presence, partial presence or absence. The value is assigned using the method of expert assessments (to date, the possibility of using other methods has not been explored). The final assessment of design, implementation or performance according to the criterion of reliability, evidence or repeatability is obtained by summing the assessments of all attributes (Table 1).



The final assessment of the effectiveness of the control procedure is the arithmetic average of the assessments of its design, implementation and execution according to the criteria of reliability, evidence, and repeatability.

The ICS assessment is defined as the arithmetic average of the assessments of control procedures of business processes, according to which it was decided to study the effectiveness of the internal control system.

The choice of the arithmetic mean for assessing the control system is due to the simplicity of its use, as well as the fact that the weight (significance) of the control procedures is assumed to be equal (each of the control procedures under consideration is equally important, and shortcomings in any control system ultimately lead to the ineffectiveness of the entire control system).

Conclusions:
1. The internal control system cannot be analyzed without analyzing the organization's goals. Otherwise, if the goals of the activity are not clearly defined, the organization’s control system loses its effectiveness, since it is impossible to control everything.
2. The internal control system includes five elements: control environment, risk assessment, control procedures, information and communication, monitoring. To assess the effectiveness of the internal control system, it is necessary to evaluate all its elements.
3. Evaluation of the effectiveness of a particular control procedure is carried out by assessing the design, implementation and execution of the control procedure in terms of its reliability, evidence and repeatability.

The internal control system formed in the organization does not always ensure reliability and efficiency. The level of effectiveness of the internal control system is different for each enterprise. At the moment, there are still many questions that require research. So, for example, there is the question of choosing business processes and control procedures for assessing the effectiveness of the enterprise's internal control system, the question of determining the characteristics of control procedures when assessing design, implementation and execution, the question of assigning weight to each characteristic and the scale of assigned ratings. The situation is not entirely clear how to move from quantitative assessments to qualitative ones, expressed in terms of effectiveness and ineffectiveness, sufficiency and redundancy of control.

Literature
1. Kuznetsova N.V. Control of enterprise activities as an important component of the management process. – Materials from the site smartcat.ru/Management/Capital.shtml
2. Management: modern foundations of organizing control at an enterprise / L.A. Zhigun. – Rostov-on-Don: Phoenix, 2007. – P. 12.
3. Tikhomirov A. Focusing on risks, or how to evaluate internal control. Access mode: buhgaltery.ru/audit/audit/148/

Also on this topic.