Show Menu

Basic Principles of Internal Control Cheat Sheet (DRAFT) by [deleted]

Basic Principles of Internal Control

This is a draft cheat sheet. It is a work in progress and is not finished yet.


Internal control is the process designed to ensure reliable financial reporting, effective and efficient operat­ions, and compliance with applicable laws and regula­tions. Safegu­arding assets against theft and unauth­orized use, acquis­ition, or disposal is also part of internal control.

The management style and the expect­ations of upper‐­level managers, partic­ularly their control policies, determine the control enviro­nment. An effective control enviro­nment helps ensure that establ­ished policies and procedures are followed. The control enviro­nment includes manage­ment's integrity, ethical values, and philos­ophy; a defined organi­zat­ional structure with competent and trustw­orthy employees, and the assignment of authority and respon­sib­ility.

Control activities

Are the specific policies and procedures management uses to achieve its object­ives. The most important control activities involve segreg­ation of duties, proper author­ization of transa­ctions and activi­ties, adequate documents and records, physical control over assets and records, and indepe­ndent checks on perfor­mance. A short descri­ption of each of these control activi­ties.

Principles - Control Activities

Segreg­ation of duties requires that different indivi­duals be assigned respon­sib­ility for different elements of related activi­ties, partic­ularly those involving author­iza­tion, custody, or record­kee­ping.
Proper author­ization of transa­ctions and activities helps ensure that all activities adhere to establ­ished policies and guidel­ines.
Adequate documents and records include adequate supporting ocumen­tation and timely prepar­ation of documents.
Physical control over assets and records helps protect comapny’s assets. These control activities may include electronic or mechanical controls (such as a safe, fireproof files, and locks) or comput­er-­related controls dealing with access privileges or establ­ished backup and recovery proced­ures.
Indepe­ndent checks of perfor­mance, which are carried out by employees who did not do the work being checked, help ensure the reliab­ility of accounting inform­ation and the efficiency of operat­ions.


To identify and establish effective controls, Fund Managers and department heads must contin­ually assess the risk, monitor control implem­ent­ation, and modify controls as needed

Common Core Principles