Updated July 11, 2023
Introduction to Control Activities Meaning
The term “control activities” (CA) refers to the policies, procedures, and mechanisms put in place by the management of an organization to reduce the risks identified during the risk assessment process. In short, Control Activities refer to the actions taken by the management to either mitigate or minimize risk.
Typically, companies conduct risk assessments to identify risks that could hinder the achievement of their organizational goals and then device appropriate Control Activities to mitigate the risks. Hence, the need for control activities is an outcome of the risk assessment process.
How Does it Work?
The CA takes place at multiple levels and across all functions of an organization. It is the responsibility of the management to establish effective and efficient control activities, which can be a preventive, detective, or corrective in nature.
- Preventive: These types of CA are relatively cost-effective in nature as these are implemented upfront with the intention to prevent the loss of assets in the first place.
- Detective: If the preventive CA prove ineffective, then these type of control activities kick in wherein the errors or irregularities that can adversely affect the assets are identified.
- Corrective: Once the detective CA identifies the errors or irregularities, then these types of CA are implemented with the sole intention of fixing the issues at hand. In some cases, overhauling of the existing system is required to put in place a new system to prevent the issues.
Types of Control Activities
Although the following is not an exhaustive list of alternatives available to management, these are some of the most commonly used CA:
- Authorization: These types of CA are put in place to ensure that all transactions within the organization are carried out according to the limits and exceptions that have been stated in the policy framework or granted by the appropriate officials.
- Review & approval: These types of CA are put in place to ensure that the appropriate personnel reviews all transactions for accuracy and completeness.
- Verification: These control activities include various computer and manual controls that are put in place to ensure that all accounting information is captured correctly.
- Reconciliation: These control activities include validation of accounting information recorded in systems by comparing them with the source data.It helps in ensuring that the financial records are absolutely correct.
- Physical security over assets: These types of CA are put in place to ensure that the assets are protected from losses or damages due to negligence, fraud, theft, natural disaster, accident etc.
- Segregation of duties: These types of control activities help in reducing the risk of human error, negligence or fraud by involving more than one person in a particular process.
- Education, training & coaching: These types of control activities help in reducing the risk of error due to inefficiency in operations by providing proper education and training to the personnel so that they perform their duties commendably. However, it is important to review the education and training programs periodically to ensure that they remain updated as per the current industrial and organizational practices.
- Performance planning &evaluation: These types of control activities establish the key performance indicators that the organization can use to identify the unexpected and unusual changes in trends. These changes can be the precursor of something much worse and hence require deeper investigation. The evaluations are usually carried out at multiple levels within the organization or found appropriate by the management.
Examples of Control Activities
Now, let us look at some of the examples to understand how the CA help in an actual organizational set-up.
Over the years, technology has evolved to offer a very high level of accuracy. However, the outputs are still based on the inputs made by humans. Hence, the risk of inaccurate output due to erroneous and incorrect input is always there. To prevent the risk of human error, negligence or fraud, the duties can be segregated among two persons so that no one person handles the entire process. The first person will input the transactions, while the second person will authorize the transactions. This control system can mitigate the risk to a large extent only if the two persons don’t end up colluding to deceive the system.
A particular company designed some new policies to review and reconcile the accounts receivable to ensure timely detection of the delinquent accounts and planning of appropriate actions. The new policies mandate weekly reconciliation of the accounts receivable recorded in the system to the available receipts by the Accountant. The Assistant Controller should then review the reconciliation. At the end of the month, the Account Receivable Supervisor should age the outstanding receivable balances, which the Assistant Controller should then review. Finally, the delinquent accounts should be taken up for further investigation, while the Controller should approve the written-off bad debt.
- Control activities are the actions taken by the management at multiple levels and across all functions of an organization to either mitigate or minimize risk.
- There are three major types of CA – Preventive control activities, Detective control activities, and Corrective control activities.
- Authorization, review & approval, verification, reconciliation, physical security over assets, segregation of duties, education, training & coaching, and performance planning & evaluation some of the most commonly used CA.
This is a guide to Control Activities. Here we also discuss the definition and types of control activities along with how does it works?. You may also have a look at the following articles to learn more –