In today’s world of constant security risks, it is critical to have a solid internal control system in place. These systems can not only detect and prevent fraudulent activity, but they also offer protection to the resources in your organization. In addition, regulatory requirements such as Sarbanes-Oxley require that organizations be in compliance and this also leads to disciplined organizational governance. Microsoft Dynamics GP can help you avoid internal control issues and keep your organization in check.
Start from the Beginning
Before implementing a good internal control system, we must understand what that means. BusinessDictionary.com defines Internal Controls as: Systematic measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to (1) conduct its business in an orderly and efficient manner, (2) safeguard its assets and resources, (3) deter and detect errors, fraud, and theft, (4) ensure accuracy and completeness of its accounting data, (5) produce reliable and timely financial and management information, and (6) ensure adherence to its policies and plans. As we can see, this covers a lot of territory so a thorough internal control system is needed.
The Devil is in the Details
Now we need to figure out what all this means. The Committee of Sponsoring Organizations of the Treadway Commission (COSO), published a report in 1992 titled, “Internal Control – Integrated Framework.” They developed this document to help organizations design and deploy impactful internal control systems. COSO determined that there are five components that make up internal controls:
- Control Environment
- Risk Assessment
- Information and Communication
- Control Activities
- Monitoring
It is important to understand that internal control is really a process impacted by people, and assisted by systems. By properly utilizing your team and your technology, your organization can achieve solid internal control to reduce confusion and be in compliance.
Developing Your Structure
In defining strong internal controls, one must first understand the structure of its staffing and evaluate where system or process controls need to be implemented to ensure separation of duty. Smaller organizations certainly have a greater challenge in maintaining this separation of duty. As a result, an important component of strong internal controls is to build in processes that provide for periodic review of reports, logs and supporting documentation.
Structure = Foundation
In general, ERP systems such as Microsoft Dynamics GP do a good job of maintaining security, offering different levels of access, and providing approvals or authorization through workflow. There are areas, however, where gaps in security may exist. It is important to identify these and develop a plan to mitigate the risk.
It is also a good idea to utilize the latest technology for audit tracking, which provides detailed information on record/transaction changes, time/date/user identification as well as reports tracking the history of all the changes made.
Despite all the technology and rules that are established, it is important to note that every single person in your organization should take responsibility, to some extent, for maintaining internal control. The most effective approach takes the best from your people, processes and technology to create a strong, stable internal control system.
To find out how Dynamics GP can benefit your organization, contact Steve Kane (301-634-2404 and skane@broadpoint.net) at BroadPoint Technologies, Virginia’s most experienced Dynamics GP Microsoft Partner.
by Broadpoint, Microsoft Dynamics Partner
 |
Related Posts
- Small Unions, Big Issues: Internal Controls and Financial Compliance
- If Security is an Issue for Your ERP System, Consider Using a Role-Based Security Model in Microsoft Dynamics GP
- Role Based Security within Microsoft Dynamics GP 2010
- A Fool-proof Method for Preventing ERP Implementation Failures
- 7 Tips to Preventing Payroll Errors
