Managers and Internal Controls: What Assurances Are There? Investigate the Systems If Weaknesses Are Found

Article excerpt

What can local governments learn from abuses at Enron, Tyco, WorldCom, and other companies caused by sloppy or nonexistent internal control, an absence of ethical behavior, and improper oversight? Subsequently, the Sarbanes-Oxley Act of 2002 was enacted to prevent further gross abuses in the private sectors.

The enactment of Sarbanes-Oxley led to debate about internal controls and the ability of local and state governments to provide reasonable assurances that public assets, public funds, and public transactions are not likely to undergo significant abuses. The specific connection between this article and Sarbanes-Oaxley is the mandate of having internal controls that ensure prudent and proper financial reporting.

This article shares techniques and insight about what local government managers--myself included--can learn from the private sector.

Focusing on the use of internal controls, this article aims to increase a manager's understanding of these controls. It will report on what managers should know about control systems, and it outlines the process for recognizing potential weaknesses in the control systems and evaluating those weaknesses; it also addresses the manager's responsibility. It concludes by outlining the biggest fallacy associated with implementation of these management controls in local government.


What Managers Ought to Know

Internal controls, also referred to here as management controls, are the systems and techniques that managers use to ensure an organization or department is accomplishing what is intended. Simply stated, the systems and techniques described here provide reasonable assurances that government departments and the organization as a whole are meeting intended objectives and goals in an ethical, legal, and efficient manner.

Government controls are frequently established in order to comply with legal or regulatory requirements. The control systems are designed and intended to prevent or detect problems as well as keep assets secure. They also assist in preventing problems because individuals are deterred from violating rules or laws for fear of being caught by the system.

To understand how control systems assist managers, it is essential to understand the broad definition of the concept. Internal controls are the processes put in place by management and other personnel. They are designed to provide reasonable assurances that an organization will achieve its objectives in an efficient manner, produce reliable reports, comply with rules and regulations, and safeguard assets. To this end, the control structure can assist managers in achieving program objectives by producing reliable performance and financial reports, complying with laws and regulations, and safeguarding assets.

Internal control systems are intended to provide reasonable assurances, not guarantees. Also, the cost of implementing the control and the control system should never exceed the value of the benefit-The system should always incorporate five basic components: (1) the control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring.

Recognizing Potential Weaknesses

When a review of internal control systems occurs, a manager may notice problematic descriptions of a department or organization. If so, the manager should initiate an investigation of the systems.

During any investigation, two of the most easily identifiable weakness indicators are 1) significant problems in the information resource management system and 2) vulnerabilities in the accounting system. Both of these are fairly easy to address. Other indicators are the lack of political or senior manager commitment to a sound internal control environment; this is recognizable, in part, by high turnover rates in key management positions and an inability to recruit and retain competent professional staff. …