Control Activity

The Committee of Sponsoring organization (COSO) has defined internal control

framework to measure the effectiveness of systems of internal control.
Organization set policies and procedures to ensure that accounting records are
providing correct information and financial reports are free from any material risks.
These are internal controls which are broadly divided in two categories:-
1. Physical Control Activity
2. IT control Activity

Broad Classes of Control Activities defined by COSO

1. Transaction Authorization:-
Every transaction should be entered by the authorized personnel only. There should be
special authorization for any exception entry. E.g. issuance of cheque to a vendor over
the specified limit requires specific approval. This leads to valid and accurate
information and prevent any fraud.

2.Segregations of duties:-
It means combination of tasks in order to avoid errors. The record keeping and
authorization function should be done by separate individuals.
E.g. If the sale manager is approving the credit as well as entering the records in the
books. The sale manager can embezzle funds by writing off debtors in the books, as he
has authority to record and approve credits both. This control ensures that duties
should be separated and accountability should be defined
3.Supervision of Duties:-
People can commit errors moreover the competence of accountant differs from the
auditor or the supervisor. Hence, analyzing the report from analytical point of view
requires supervision. This control ensures that work done by subordinate is error free
and no risk of material misstatement.

4. Accounting Records:-
Accounting records means the where all accounting information is being recorded.
E.g.Journal, cash book, ledger. There should be strict control over accounting records
as these are basis for any operating decisions. Every transaction should have a base
document and audit trail.
E.g. Loan booked under borrowing head should be well supported by loan schedule
provided by financer organization and approval document should be attested by
management.

5. Access Control:-
Only authorized personnel should have access to firm’s assets, accounting records and
document. Any unauthorized access could lead to misstatement or fraudulent activity.
E.g. if an employee may remove the vendor balance to misappropriate the funds.
Password protection is control measure to avoid this.

6. Independent Verification:-
Independent verification means the verification of any transaction by the person who
is directly not involved with the transaction. Evaluating the correctness of accounting
data is verification procedure.
E.g. By reviewing AR balance, Auditor ensures that debtors/ Accounts receivables are
properly accounted; bad debts are properly recognized as per the set criteria.

Conclusion
Thus, COSO defined various control measures/activity in order to enhance operational
effectiveness of firm.