You have no items in your shopping cart.

Internal Controls Toolkit

Internal Controls Toolkit

  • Author:
  • Publisher: John Wiley & Sons_
  • ISBN: 9781119554394
  • Published In: July 2019
  • Format: Hardback , 416 pages
  • Jurisdiction: U.S. ? Disclaimer:
    Countri(es) stated herein are used as reference only
HKD 750.00
Delivery Time: around 3 weeks
Extra 2-10 working days if shipping address outside Hong Kong
Free delivery Hong Kong?
Hong Kong: free delivery (order over HKD 1000)
OR
  • Description 
  • Contents 
  • Author 
  • Details

    Step-by-step guidance on creating internal controls to manage risk

    Internal control is a process for assuring achievement of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations, and policies.

    This is a "toolkit" approach that addresses a practical need for a series of standards of internal controls that can be used to mitigate risk within any size organization. Inadequate internal controls can cause a myriad of problems that adversely affect its ability to provide reliable, timely, and useful financial and managerial data needed to support operating, budgeting, and policy decisions. Reliable data is necessary to make sound business decisions.

    •    Toolkit approach with detailed controls and risks outlined for key business processes

    •    Foundational for SOX 404 initiatives

    •    Key material to improve internal control efforts

    •    Guidance during M&A projects

    Poor controls over data quality can cause financial data to be unreliable, incomplete, and inaccurate—this book helps you control that quality and manage risk.  

  • Introduction to The Internal Controls Toolkit 9

    Introduction 9

    Internal Controls And Fraud Prevention 9

    Internal Controls And Fraud Prevention: Additional Statistics 10

    Who Will Benefit From This Toolkit 11

    About The Standards of Internal Control 12

    How Were The Standards Developed? 12

    How Are The Standards Used? 12

    What Is The Basic Premise of The Standards? 12

    When Should The Standard Be Updated? 12

    What Is A Best Practice For Implementing And Using The Standards? 12

    General Standards of Internal Control 13

    How This Toolkit Is Organized 14

    1.0 Background On Internal Controls 15

    The Goals And Challenges of Internal Controls 15

    Risk Based Internal Controls 15

    Application of Internal Controls 16

    The Three Critical Corporate Controls 17

    The Background And History of Internal Controls 19

    Securities Act of 1933 19

    Securities Exchange Act of 1934 19

    Trust Indenture Act of 1939 19

    Investment Company Act of 1940 19

    Investment Advisors Act of 1940 19

    Foreign Corrupt Practices Act (Fcpa) of 1977 19

    Comprehensive Crime Control Act – 1984 20

    Federal Sentencing Guidelines For Organizations – 1991 20

    Internal Control – Integrated Framework – 1992 And 2013 20

    Coso’s Monitoring Guidance 21

    Cobit – 1996 23

    Systrust – 1999 23

    Corporate Frauds – 2001-2002 23

    U.S. Sarbanes Oxley Act of 2002 24

    Enterprise Risk Management (Erm) Integrated Framework – 2004 And 2013 25

    Example: Enterprise Risk Management (Erm) And The Application to The Procure to Pay (P2p) Cycle 26

    An Erm Checklist 27

    Internal Control Over Financial Reporting — Guidance For Smaller Public Companies - 2006 28

    Guidance On Monitoring Internal Control Systems – 2009 28

    Definition of Internal Controls 29

    Types of Internal Controls And Control Mechanisms 29

    Major Types of Internal Control 29

    Compensating Controls 30

    Other Controls 30

    Organization Controls 30

    Policy Controls 31

    Procedure Controls 31

    Supervisory Controls 31

    Review Controls 31

    Leveraging The Standards of Internal Control to Implement A Controls Self-Assessment (Csa) Program 32

    Ethics And “Tone At The Top” 34

    What Is ‘Tone At The Top’? 34

    What Are The Components of An Effective Ethics Policy? 34

    What Are The Components of A Well-Defined Code of Conduct? 34

    What Are Examples of Poor “Tone At The Top”? 35

    Code of Conduct Considerations 35

    Entity Level Controls 36

    Benefits For Entity Level Controls 36

    “Tone At The Top” 36

    Roles And Responsibilities For Internal Control 38

    2.0 The Order to Cash (O2c) Process 42

    2.1 Order Entry/Edit 45

    2.1 Order Entry/Edit (Continued) 46

    2.1 Order Entry/Edit (Continued) 47

    2.2 Export Controls 48

    2.2 Export Controls (Continued) 50

    2.2 Export Controls (Continued) 51

    2.3 Sales Contracts 53

    2.3 Sales Contracts (Continued) 54

    2.4 Credit 55

    2.4 Credit (Continued) 56

    2.5 Shipping 58

    2.5 Shipping (Continued) 59

    2.5 Shipping (Continued) 60

    2.6 Revenue Recognition/Billing 61

    2.6 Revenue Recognition/Billing (Continued) 62

    2.6 Revenue Recognition/Billing (Continued) 63

    2.6 Revenue Recognition/Billing (Continued) 64

    2.7 Accounts Receivable (Ar) 66

    2.7 Accounts Receivable (Ar) (Continued) 67

    2.8 Collection 69

    2.9 Cash Receipts And Application 70

    2.9 Cash Receipts And Application (Continued) 71

    2.10 Price Establishment 72

    2.10 Price Establishment (Continued) 73

    2.11 Promotional Activities 74

    2.11 Promotional Activities (Continued) 75

    2.11 Promotional Activities (Continued) 76

    3.0 Treasury Process 77

    3.1 General Treasury Controls 80

    3.1 General Treasury Controls (Continued) 81

    3.1 General Treasury Controls (Continued) 82

    3.2 Financing Operations 83

    3.2 Financing Operations (Continued) 84

    3.3 Investment of Available Funds 85

    3.3 Investment of Available Funds (Continued) 86

    3.4 Foreign Exchange 87

    3.4 Foreign Exchange (Continued) 88

    4.0 Procure to Pay (P2p) Process 89

    4.2 Purchasing/Ordering 99

    4.2 Purchasing/Ordering (Continued) 100

    4.2 Purchasing/Ordering (Continued) 101

    4.2 Purchasing/Ordering (Continued) 102

    4.3 Import Controls 103

    4.3 Import Controls (Continued) 104

    4.4 Receiving 105

    4.4 Receiving (Continued) 106

    4.4 Receiving (Continued) 107

    4.5 Accounts Payable 108

    4.5 Accounts Payable (Continued) 109

    4.5 Accounts Payable Continued) 110

    4.6 The Payment Process - General 111

    4.6 The Payment Process – General (Continued) 112

    4.6 The Payment Process – General (Continued) 113

    4.7 The Payment Process - Travel And Entertainment 114

    4.7 The Payment Process - Travel And Entertainment 115

    4.8 Research And Product Development 116

    4.8 Research And Product Development (Continued) 117

    4.8 Research And Product Development (Continued) 118

    4.9 Procurment Cards (P-Cards) 119

    4.9 Procurment Cards (P-Cards) (Continued) 120

    4.9 Procurment Cards (P-Cards) (Continued) 121

    5.0 Hire to Retire (H2r) Process 122

    5.1 Payroll Preparation And Security 125

    5.1 Payroll Preparation And Security (Continued) 126

    5.2 Payroll Payment Controls 128

    5.2 Payroll Payment Controls 129

    5.3 Distribution of Payroll 130

    5.4 Compensation And Benefits 131

    5.4 Compensation And Benefits (Continued) 132

    5.5 Hiring And Termination 133

    5.5 Hiring And Termination (Continued) 134

    5.6 Education, Training, And Development 135

    5.7 Contingent Workforce 136

    5.7 Contingent Workforce (Continued) 138

    6.0 The Supply Chain Process 139

    6.1 Planning & Control 142

    6.1 Planning & Control (Continued) 143

    6.2 Inventory Control 144

    6.2 Inventory Control (Continued) 145

    6.2 Inventory Control (Continued) 146

    6.3 Inventory Verification 147

    6.3 Inventory Verification (Continued) 148

    6.4 Inventory Valuation 149

    6.5 Product Cost Management 150

    6.5 Product Cost Management (Continued) 151

    6.5 Product Cost Management (Continued) 152

    6.6 Original Equipment Manufacturers (Oems) / Alliance Partners 153

    6.6 Original Equipment Manufacturers (Oems) / Alliance Partners (Continued) 154

    6.6 Original Equipment Manufacturers (Oems) / Alliance Partners (Continued) 155

    6.8 Tranportation And Logistics 158

    6.8 Tranportation And Logistics (Continued) 159

    7.0 Record to Report (R2r) 161

    7.1 International Transfer Pricing 166

    7.2 Intercompany Transactions 167

    7.2 Intercompany Transactions (Continued) 168

    7.3 Accumulation of Financial Information 169

    7.3 Accumulation of Financial Information (Continued) 170

    7.4 Processing And Reporting of Financial Information (The Final Mile) 171

    7.5 Fixed Assets 174

    7.5 Fixed Assets (Continued) 175

    7.5 Fixed Assets (Continued) 176

    8.0 Government Contracts 177

    8.1 United States Government Contracts - General 178

    8.1 United States Government Contracts – General (Continued) 179

    8.1 United States Government Contracts – General (Continued) 180

    8.1 United States Government Contracts – General (Continued) 181

    8.1 United States Government Contracts – General (Continued) 182

    8.2 United States Government Contracts - Non-Commercial Products 183

    8.2 United States Government Contracts - Non-Commercial Products (Continued) 184

    8.3 United States Government Contracts - Commercial Products 185

    8.3 United States Government Contracts - Commercial Products (Continued) 186

    8.3 United States Government Contracts - Commercial Products (Continued) 187

    8.4 Contracts With State And Local Governments And Educational Institutions Within The United States 188

    8.5 Contracts With Governments Outside The United States 190

    8.5 Contracts With Governments Outside The United States (Continued) 191

    9.0 Records And Information Management 192

    9.2 Standards of Internal Record Keeping Requirements 197

    9.2 Standards of Internal Record Keeping Requirements (Continued) 198

    9.2 Standards of Internal Record Keeping Requirements (Continued) 198

    10.0 Computer, Telecommunication And Systems Controls 201

    10.1 Owners, Users, And Service Providers 206

    10.1 Owners, Users, And Service Providers 207

    10.1 Owners, Users, And Service Providers (Continued) 208

    10.1 Owners, Users, And Service Providers (Continued) 209

    10.3 Computer Access Control 214

    10.4 Network Operations And Security Controls 224

    10.4 Network Operations And Security Controls (Continued) 225

    10.5 Systems Development Methodology 228

    10.5 Systems Development Methodology (Continued) 229

    10.5 Systems Development Methodology (Continued) 230

    10.6 Change Management 231

    10.6 Change Management (Continued) 232

    10.7 Computer And Telecommunications Backup For Production Restart/Recovery 235

    10.8 Disaster Recovery And Business Contingency Planning 237

    10.8 Disaster Recovery And Business Contingency Planning (Continued) 241

    10.8 Disaster Recovery And Business Contingency Planning (Continued) 242

    10.9 Input Controls 243

    10.10 Output Controls 245

    10.11 Paperless Transactions, Electronic Commerce, And Edi 247

    10.12 Non-Company Networks And Bulletin Boards 250

    11.0 Protection of Assets: Human, Physical And Intellectual 256

    11.1 Security Framework 258

    11.1 Security Framework (Continued) 259

    11.1 Security Framework (Continued) 260

    11.2 Perimeter Security 261

    11.2 Perimeter Security (Continued) 262

    11.3 Interior Security 264

    11.3 Interior Security 265

    11.4 Protecting Intellectual Property 266

    12.0 The Insurance Process 268

    12.1 Protection Against Physical Damage And Other Accidents 269

    12.2 Insurance (Property & Casualty Risks) 270

    12.3 Business Continuity 272

    13.0 Environmental, Health, And Safety (Eh&S) 273

    13.1 General Controls 275

    13.1 General Controls (Continued) 276

    14.0 Customer Services 277

    14.1 Policy 279

    14.1 Policy (Continued) 280

    14.1 Policy (Continued) 281

    14.2 Call Center Management 282

    14.2 Call Center Management (Continued) 283

    14.3 Warranty 284

    14.3 Warranty (Continued) 285

    14.3 Warranty (Continued) 286

    14.4 Support Sales 287

    15.0 Professional Services (Ps) 288

    15.1 General Controls 290

    15.1 General Controls (Continued) 291

    15.2 Opportunity-Bid Process 292

    15.2 Opportunity-Bid Process (Continued) 293

    15.2 Opportunity-Bid Process (Continued) 294

    15.3 Program Management 295

    15.3 Program Management (Continued) 296

    15.3 Program Management (Continued) 297

    15.3 Program Management (Continued) 298

    15.3 Program Management (Continued) 299

    15.4 Customer Order Management 300

    15.4 Customer Order Management (Continued) 301

    15.4 Customer Order Management (Continued) 302

    16.0 Entity Level Controls 303

    16.1 Compliance And Compliance Screening 305

    16.1 Compliance And Compliance Screening (Continued) 306

    16.2 Internal Controls Roles And Responsibilities 308

    16.2 Internal Controls Roles And Responsibilities (Continued) 309

    16.4 Audit Committee Controls 313

    16.4 Audit Committee Controls (Continued) 314

    16.4 Audit Committee Controls (Continued) 315

    17.0 Glossary 318

    18.0 Addendum – Additional Tools 327

    18.1 Example Internal Controls Policy 327

    18.2 Delegation of Authority (Doa) Policy 330

    18.3 Segregation of Duties (Sod) Policy 338

    18.4 System Access (Sa) Policy 352

    18.5 Pricing Policy Example 355

    18.6 Testing Internal Controls And Selecting Sample Sizes 357

    References 361

  • CHRISTINE H. DOXEY, CAPP, CCSA, CICA, CPC, is president of Doxey, Inc. Prior to forming her company, she served in executive positions with Verizon Business (formerly MCI), Hewlett Packard, Compaq, and Digital Equipment. Doxy is on the Advisory Boards of The Exchange Summit and The Institute of Internal Controls. She has authored several books and speaks at conferences globally on financial process best practices.

You may also be interested in these books: