System of Internal Control

An organisation's system of internal control is established by management to provide reasonable assurance of effective and efficient operations, internal financial control, appropriate internal and external reporting and compliance with laws and regulations. The system of internal control should form part of the organisation’s culture, be capable of responding quickly to emerging risks and include procedures for reporting any significant control failures and weaknesses.

It must be stressed that the system of internal control has a significant human element. It is not merely the existence of regulations, policies and procedures but also the behaviour of people in their day to day work, the decision-making processes in place and the management style which play a pivotal role in control.

Any system of internal control can and should only provide reasonable and not absolute assurance as to effectiveness of the control arrangements. Given the human dimension and judgment required for the system, the requirement to give absolute assurance on all aspects of the organisation would significantly impair, promote a risk averse climate which would arguably prevent the organisation from the delivery of some of its services.

Controls may be classified as follows:-