Microsoft Dynamics vendors provide comparisons and opinions to professionals in the ERP/Accounting software selection process


BroadPoint, Inc.

Internal Controls: The Role Your ERP System Plays in Protecting and Preventing Trouble

Email | Print

In today’s world of constant security risks, it is critical to have a solid internal control system in place.  These systems can not only detect and prevent fraudulent activity, but they also offer protection to the resources in your organization.  In addition, regulatory requirements such as Sarbanes-Oxley require that organizations be in compliance and this also leads to disciplined organizational governance.  Microsoft Dynamics GP can help you avoid internal control issues and keep your organization in check.

Start from the Beginning

Before implementing a good internal control system, we must understand what that means. defines Internal Controls as:  Systematic measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to (1) conduct its business in an orderly and efficient manner, (2) safeguard its assets and resources, (3) deter and detect errors, fraud, and theft, (4) ensure accuracy and completeness of its accounting data, (5) produce reliable and timely financial and management information, and (6) ensure adherence to its policies and plans.  As we can see, this covers a lot of territory so a thorough internal control system is needed.

The Devil is in the Details

Now we need to figure out what all this means.  The Committee of Sponsoring Organizations of the Treadway Commission (COSO), published a report in 1992 titled, “Internal Control – Integrated Framework.” They developed this document to help organizations design and deploy impactful internal control systems.  COSO determined that there are five components that make up internal controls:

  1. Control Environment
  2. Risk Assessment
  3. Information and Communication
  4. Control Activities
  5. Monitoring

It is important to understand that internal control is really a process impacted by people, and assisted by systems.  By properly utilizing your team and your technology, your organization can achieve solid internal control to reduce confusion and be in compliance.

Developing Your Structure

In defining strong internal controls, one must first understand the structure of its staffing and evaluate where system or process controls need to be implemented to ensure separation of duty.   Smaller organizations certainly have a greater challenge in maintaining this separation of duty.   As a result, an important component of strong internal controls is to build in processes that provide for periodic review of reports, logs and supporting documentation.

Structure = Foundation

In general, ERP systems such as Microsoft Dynamics GP do a good job of maintaining security, offering different levels of access, and providing approvals or authorization through workflow.  There are areas, however, where gaps in security may exist.  It is important to identify these and develop a plan to mitigate the risk.

It is also a good idea to utilize the latest technology for audit tracking, which provides detailed information on record/transaction changes, time/date/user identification as well as reports tracking the history of all the changes made.

Despite all the technology and rules that are established, it is important to note that every single person in your organization should take responsibility, to some extent, for maintaining internal control.  The most effective approach takes the best from your people, processes and technology to create a strong, stable internal control system.

To find out how Dynamics GP can benefit your organization, contact the BroadPoint team, Virginia’s most experienced Dynamics GP Microsoft Partner.

by Broadpoint, Microsoft Dynamics Partner

One Response to “Internal Controls: The Role Your ERP System Plays in Protecting and Preventing Trouble”

  1. Internal control system is very important for risk management department of a company.the system helps keep the company protected from losing assets or incorrect use of assets.

Ask This Expert a Question / Leave a Comment