QS Study

Internal Control objectives are desired goals or conditions for a specific event cycle which, if achieved, minimize the potential that waste, loss, unauthorized use or misappropriation will occur. They are conditions which we want the system of internal control to satisfy. For a control objective to be effective, compliance with it must be measurable and observable. Internal Audit evaluates Mercer’s system of internal control by accessing the ability of individual process controls to achieve seven pre-defined control objectives. The control objectives include authorization, completeness, accuracy, validity, physical safeguards and security, error handling and segregation of duties.

Authorization – The objective is to ensure that all transactions are approved by responsible personnel in accordance with specific or general authority before the transaction is recorded.

Completeness – The objective is to ensure that no valid transactions have been omitted from the accounting records.

Accuracy – The objective is to ensure that all valid transactions are accurate, consistent with the originating transaction data and information is recorded in a timely manner.

Validity – The objective is to ensure that all recorded transactions fairly represent the economic events that actually occurred, are lawful in nature and have been executed in accordance with management’s general authorization.

Physical Safeguards & Security – The objective is to ensure that access to physical assets and information systems are controlled and properly restricted to authorized personnel.

Error handling – The objective is to ensure that errors detected at any stage of processing receive prompt corrective action and we reported to the appropriate level of management.

Segregation of Duties – The objective is to ensure that duties are assigned to individuals in a manner that ensures that no one individual can control both the recording function and the procedures relative to processing the transaction.

A well-designed process with appropriate internal controls should meet most, if not all of these control objectives.