Justification for an Internal Control System
Many organizations use the insurance or portfolio approach to manage risks associated with business activities, whereas others explore the benefits of an internal control system. A sound internal control system is vital to an organization's risk management procedures. The following paragraphs will describe the insurance and portfolio approaches, and explain the benefits to installing an internal control system as a more beneficial alternative. Current Approaches
As stated above, two common approaches used with controls are the insurance approach and the portfolio approach. The insurance approach adheres to the fact that business is risky and therefore protecting the investment is necessary. Purchasing insurance then becomes a tool to protect against loss. However, this tool is more a risk financing tool than it is a risk management tool. In essence, this approach is more reactive, mitigating the impact of losses rather than protecting the assets from loss. The portfolio approach is a bit more structured in that it provides context and a process for decision-making (Thomas, 2002). The idea behind the portfolio approach is to minimize risk while maximizing investment. However, this approach does not provide protection assurance over the investment against risk, it merely organizes the decision-making process to an extent. Internal Control System
Internal controls consist of a system of policies and procedures that ensure the protection of an organization's assets. In addition, internal controls instill reliability in an organization's financial data, and endorse compliance with laws and regulations like those found in the Sarbanes Oxley Act of 2002. These systems also help to improve an organization's internal and external communication processes (Cuomo, n.d.). Unlike, the insurance approach, internal control systems are proactive tools in risk management, evaluating an organization to avoid loss to assets....
Please join StudyMode to read the full document