 Internal controls are the organizational plan and all related measures adopted by a company to safeguard assets, ensure accurate and reliable accounting records, promote operational efficiency, and ensure compliance with laws and regulations. Let's look at each of these objectives in more detail. Companies must protect its assets from theft, destruction, misuse, etc. Policies help organizations meet goals and objectives. Having policies helps ensure that employees are doing the same task the same way. This aids in producing accurate, reliable accounting records. Promoting operational efficiency reduces expenses and increases business profits. Finally, all employees must be performing duties in compliance with laws and regulations, or an organization could be at risk. Within a plan of internal controls, there are five key components that we need to look at in some detail. They are the control environment, risk assessment, information systems, monitoring, and control procedures. The control environment generally means the overall attitude, awareness, and actions of directors and management regarding the internal control systems and its importance to the entity. This has expressed many different ways in the management style, the corporate culture, values, philosophies, operating style, organizational structure, and human resources, policies, and procedures. Companies must assess risk to see where exposures lie. One such type of risk is control risk. Control risk is the risk that misstatement could occur, but may not be detected and corrected or prevented by a business's internal control mechanism. Information is critical for managers to make accurate decisions. Internal controls are in place to ensure adequate approvals are in place for transactions and to prevent unauthorized access to accounting systems. Additionally, information systems aren't just for protecting a business's information, but also its customer information. You can see some of the common threats to e-commerce. To address the risks posed by e-commerce, companies have devised a number of security measures including encryption and firewalls. Publicly traded companies hire auditors to monitor internal control procedures. Larger companies may employ internal auditors who check for company policy adherence and monitor compliance with legal requirements. Internal auditors are employees of the company, and therefore they are not independent of the company. All publicly traded companies hire external auditors to monitor controls used in financial statement preparation, issue an assessment of these controls, and recommend improvements to management. External auditors are not employees of the company, and therefore they are independent of the company. Control procedures are the procedures designed to ensure that the business's goals are achieved. Some procedures include hiring competent, reliable and ethical personnel. In a business with good internal controls, no important duty is overlooked. Each employee has certain responsibilities. Clearly assigned responsibilities create job accountability, thus ensuring that important tasks get done. When management divides responsibilities between two or more people, this is known as separation of duties. Its purpose is to limit fraud and promote accuracy in the accounting records. Separation of duty can be divided into two examples. We separate operations from accounting. An example of this is the sales department gets a sales order, but the accounting department enters the order into the system. Fraud and overstating commissions and revenues could occur if salesmen were allowed to enter their own sales. The other one is separation of custody of assets from accounting. An example of this is the physical custody of the asset, like cash receipts, and recording the receipts need to be done by different people. Finally, documents provide details to transactions. Documents should be pre-numbered to prevent theft and inefficiency. A gap in the numbering sequence should draw attention. Finally, there are limitations to internal controls. Separation of duties can be circumvented when two or more employees collude or work together to commit fraud. Internal controls must be evaluated on a cost-benefit relationship. For example, it wouldn't make any sense to spend a million dollars on a vault to protect $10,000 of cash. Finally, small businesses are at the more risk for fraud than larger ones. They tend to not have resources to hire extra personnel to ensure proper separation of duties or highly trained competent employees, generally speaking. And that concludes this short video on objectives, components, and limitations of internal controls.