overview internal control standards for the philippine ...gacpa.com.ph/files/pdf/ms...

OVERVIEW

INTERNAL CONTROL

STANDARDS FOR THE

PHILIPPINE PUBLIC

SECTOR (ICSPPS)

1

2Internal Auditing Research and Development Committee (IARDC)

Session Overview

• Philippine Internal Control Framework

for Public Sector

• Importance of Internal Control

• Definition and/or concepts of Internal

Controls

• Components, Principles and Principle

Foci


What does

Control

mean to me?


Concept of Control

With Controls Without Controls

Adopted from CICA Seminar

https://www.bing.com/images/search?view=detailV2&ccid=8HwoRzV4&pccid=Ee4s01sk&id=2E5EE3CF124FC792D7B342D46465ACA2484B157A&pmid=3DFC61275B9D473D631463971E5A8F5F5A7349A4&q=Crossing+Light&qpvt=Pedestrian+Crossing+Flashing+Lights&psimid=608054426268010905&ppageurl=http://keywordsuggest.org/gallery/1409439.html&iss=VSI&selectedIndex=15&first=1&count=35&vw=bc955+5b476+09935+52e99+b0246+3348b+02d3e+294f5+09985+7edcd+2f73f+06d93+364e5+b0542+364be+b6128+af9fb+28ef9+372c4+560a0+5ea8727c38855a81b877a6e45dcea88b1a1dc0918544ec08a27d80ac712e2f6ed0b7585b13606bb26d79530f79999f431689c6faa5b56fac76a7efb436d1bdcf70ac8dd985a001f3f7ee2b1f840adb002ccb7beb3660bd183dcd8ce1c46d72c7d4999522e125a362661b8d3b2375372b64cf3a6a5cb2528a35c86dd06c6a0b9d9a06430a235bca70af348347adf448e3ad252ce38836&simid=608054426268010905&qpvt=Pedestrian+Crossing+Flashing+Lights

ICS Concepts 5

Why is internal control

important?


Importance of Internal Control

Internal Control Standards for the Philippine Public Sector (ICSPPS)

Internal

Control

ICS Concepts 7

Consequences of weak/poor

internal control

ICS Concepts 8

Consequences of Poor

Internal Controls

• Errors in

financial and

other forms of

information

ICS Concepts 9


Internal Controls

• Inaccurate financial information

normally leads to poor decision-

making

ICS Concepts 10


Internal Controls

• Irregularities, waste and fraudulent

transactions cannot be readily

detected

ICS Concepts 11


Internal Controls

• Programs/projects do not address

the needs, demands and priorities

Legal Basis for Internal Control

ICS Concepts 12

It shall be the direct

responsibility of the agency

head to install, implement,

and monitor a sound system

of internal control

Section

124

of

PD No.

1445

to determine whether or not

the fiscal responsibility that

rests directly with the head of

the government agency has

been properly and effectively

discharged

Section

25

of

PD No.

1445

An evaluation shall be made of

the system of internal control

and related administrative

practices to determine the extent

they can be relied upon to

ensure compliance with laws

and regulations and to provide

for efficient, economical and

effective operations

Section

55

of

PD No.

1445

However, if the internal control system of the audited agencies is inadequate, the Commission may adopt such measures, including temporary or special pre-audit, as are necessary and appropriate to correct the deficiencies

Section

2,

Article IX-D

of

the

1987

Constitution



Section 2(2), Article IX-D of the 1987 Constitution

Commission on Audit (COA) has the exclusive authority to promulgate auditing rules and regulations



Items 3 and 4 of Section

25, Chapter 2 of

Presidential Decree No.

1445

Mandates the Commission on Audit to institute control measures and promulgate auditing rules and regulations



Section 4 of Republic Act No. 3456, or the Internal

Auditing Act of 1962 as

amended by RA 4177

The Auditor General shall be responsible for the promulgation and enforcement of general policies, rules and regulations on internal auditing; and shall also develop for execution, working plans and training programs to maintain continuously the effectiveness of these internal audit services

Goal F:

To Empower and Enable

Government Agencies

Objective 1:

Strengthening of Internal

Control System and Effective

Functioning of Internal Audit

Services

COA

Strategic

Plan 2016-

2022


The Internal Auditing Research and Development Committee (IARDC) was created pursuant to COA Office Order No. 2016-301 dated April 13, 2016

Tasked to develop the Internal Control Framework and the Philippine Internal Auditing Standards.

IARDC


What is

Internal

Control?


Internal Control as defined

in Internal Controls

Standards for the

Philippine Public Sector

(ICSPPS)



Definition of Internal Control

Internal Control is an integral process that is effected by an agency’smanagement and personnel, and is designed to address risks andprovide reasonable assurance that in pursuit of the agency’s mission,the general objectives are being achieved.



- series of actions that permeate

an agency's daily activities.

- These actions occur throughout

an agency’s operations on an

ongoing basis.

- They are pervasive and inherent in the way

management runs the organization.

An integral process



People are what make

internal control work.

It is effected by people who

must know their roles,

responsibilities, and limits of

authority.

It is accomplished by

agency management

and other personnel.

Effected by people



Who are the parties

involved and what are

their responsibilities in

maintaining effective

internal controls?

5/26/2018 33

PERSONS RESPONSIBLE for Internal Control

☺ Management

☺ Board of Directors

☺ Internal Auditor

☺ Other Personnel

☺ External auditors



Whatever the agency’s mission may be, its achievement will face all kinds of risks.

To identify and respond to the risks in order to maximize the likelihood of achieving the agency’s mission.

To address risks



- Internal control cannot provide absolute assurance regarding the achievement of the general objectives.

- Reflects the notion that uncertainty and risks relate to the future, which no one can predict with certainty.

To provide reasonable assurance



The agency’s

“reason for being.”

The public sector is

generally concerned with

the delivery of a service

and a beneficial outcome

in the public interest.

In pursuit of the agency’s mission



Internal control is geared to the achievement of a separate but

interrelated series of general objectives of an agency

Achievement of objectives



Philippine Internal Control Framework

- designed to guide government agencies

- in developing and maintaining

- a comprehensive internal control system



Philippine Internal Control Framework

40

PHILIPPINE INTERNAL CONTROL FRAMEWORK

FOR PUBLIC SECTOR

Objectives



Objectives of Internal Controls



OPERATIONS OBJECTIVES

executing orderly,

economical, efficient,

effective and ethical,

operations



REPORTING OBJECTIVES

Encompass developing, maintaining, and making available reliable and relevant financial and non-financial information, and by means of a fair disclosure of that information in timely reports, to internal as well as external stakeholders, or other terms as set forth by regulators, recognized standard setters, or the agency’s policies.



COMPLIANCE OBJECTIVES

Deal with agency’s adherence to laws, regulations, contracts, managerial policies, and management directives.



SAFEGUARDING OF ASSETS

Safeguarding resources against

loss, misuse, and damage

due to waste, abuse,

mismanagement, error, fraud

and irregularities

46


FOR PUBLIC SECTOR

Components

5/26/2018 47

Components of Internal Control

COMPONENTS PRINCIPLES PRINCIPAL FOCI

Control Environment 5 18

Risk Assessment 3 8

Control Activities 3 8

Information and Communication 3 9

Monitoring 2 4

16 47

5/26/2018 48

Components of Internal ControlCOMPONENTS PRINCIPLES

CONTROL ENVIRONMENT

1. Management demonstrates personal and professional integrity and

ethical values; 2. Management sets the “tone at the top”; 3. Management establishes an appropriate government

organizational structure; 4. Management exhibits commitment to competence; and 5. Management establishes human resource policies and practices.

RISK ASSESSMENT

6. Management identifies and defines objectives and risk tolerance in

specific and measurable terms; 7. Management identifies, evaluates, and assesses agency’s risks;

and 8. Management determines appropriate response to the identified,

evaluated, and assessed agency’s risks.

CONTROL ACTIVITIES

9. Management designs control activities which are appropriate,

consistently functioning according to plan throughout the period, cost-effective, comprehensive, reasonable, and directly related to the control objectives.

10. Management develops control activities which include a range of diverse policies and procedures; and

11. Management develops effective information technology control activities.

INFORMATION AND COMMUNICATION

12. Management develops and maintains reliable and relevant financial

and non-financial information; 13. Management communicates information throughout the agency;

and 14. Management communicates information with external parties.

MONITORING

15. Management establishes and operates activities to monitor the

internal control system, and evaluates the results; and 16. Management takes appropriate actions on the findings and

recommendations of audit and other reviews.

Control

Environment


FOR PUBLIC SECTOR

5/26/2018 50

CONTROL ENVIRONMENT

sets the tone of an organization

and is the foundation for all other

components of internal control,

providing discipline and structure

51

Control Environment

52

Principles of Control Environment

1. The management demonstrates personal and

professional integrity and ethical values.

2. Management sets the “tone at the top.”

3. Management establishes an appropriate government

organizational structure.

4. Management and staff exhibit commitment to

competence.

5. Management establishes human resource policies and

practices.

Risk

Assessment


FOR PUBLIC SECTOR

Risk Assessment

Risk – The possibility that an event will occur and adversely affect the achievement of objectives.

▪ Stages:✓ Risk identification✓ Risk analysis✓ Risk response

55

Principles of Risk Assessments

6. Management identifies and defines objectives

and risk tolerance in specific and measurable

terms.

7. Management identifies, evaluates, and

assesses agency’s risks.

8. Management determines appropriate

response to the identified, evaluated, and

assessed agency’s risks.

Control

Activities


FOR PUBLIC SECTOR

Control Activities

X Company

• Policies

• Regulations

• Procedures

…that help ensure that management’s directives and control

objectives are carried out

58

Principles of Control Activities

9. Management designs control activities which are

appropriate, consistently functioning according to

plan throughout the period, cost effective,

comprehensive, reasonable, and directly related to

the control objectives.

10. Management develops control activities which

include a range of diverse policies and procedures.

11. Management develops effective information

technology control activities.

Information &

Communication


FOR PUBLIC SECTOR

5/26/2018 60

INFORMATION AND COMMUNICATION

• This component spans across all the other components of internal controls.

• These two elements arerelated where informationmust be communicated upand down through the agencyin a manner and time framethat allow people to carry outtheir various responsibilities.

ICS Concepts 61

Principles of Information and

Communication

12. Management develops and maintains reliable

and relevant financial and non-financial information.

13. Management communicates information

throughout the agency.

14. Management communicates information with

external parties.

Monitoring


FOR PUBLIC SECTOR

5/26/201863

Monitoring

• is the process of assessing thequality of the system’s performanceover time in order to help ensure thatinternal control continues to beapplied at all levels and across theagency, and that internal controlachieves the desired results

• is a function of the internal audit unitof the agency

http://www.clipart.com/en/close-up?o=1276113&memlevel=C&a=c&q=monitoring&s=1&e=13&show=&c=&cid=&findincat=&g=&cc=&page=

ICS Concepts 64

Principles of Monitoring

15. Management establishes and operates activities

to monitor the internal control system, and

evaluates the results.

16. Management takes appropriate actions on

findings and recommendations of audits and other

reviews.



Five Components and related Principles

It is the foundation for all the other components

of internal control, providing discipline and

structure.

the process of identifying and analyzing relevant

risks to the achievement of the agency’s

objectives .

the policies and procedures established to

address risks and to achieve the agency’s

objectives

effective processes and systems that identify,

capture and report information

the process that assesses the quality of the

internal control system’s performance over time

66


FOR PUBLIC SECTOR

Organizational

Units

67

Organizational Units where IC

Operate

Objectives may be set for the:

• government agency as a whole

• specific divisions/office

• operating units and

• functions within the agency



Relationship among the general objectives, components and levels

of agency structure

agency strives to achieve

Needed to achievethe components of

internal control operates

ICS Concepts 69

Limitations of

Internal Controls

• Internal control

must be attained

at reasonable

cost.

ICS Concepts 70

Limitations of

Internal Controls

• Good internal control

methods and measures

are not foolproof. They

are vulnerable to

collusion.

ICS Concepts 71

Limitations of

Internal Controls

• Strong internal controls

are still subject to

human fallibility, such

as negligence, errors of

judgment and lack of

complete

understanding.

• The internal control effective when all

components and the principles are

present, functioning and operating

together.

IC is effective when ---

5/26/2018 74

What Internal Control Can Do

• can help an entity achieve its performance and

targets

• can help ensure reliable financial and non-

financial reporting.

• can help ensure that the agency complies with

laws and regulations, avoiding damage to its

reputation and other consequences,

• prevent loss of resources.

5/26/2018 75

What Internal Control Can Do

In sum -

it can help an entity get to where it wants to

go, and avoid pitfalls and surprises along the

way.


Internal Control

Standards for the

Philippine Public

Sector (ICSPPS)

CP Resolution 2018-007 February 1, 2018

overview internal control standards for the philippine ...gacpa.com.ph/files/pdf/ms...

Documents