A control is anything that tends to cause the reduction of risk. Controls accomplish this either by reducing harmful effects or by reducing the frequency of occurrence.
The structure and application of controls must be clear to all parties concerned. In this respect, two levels of control exist within an environment: management and application controls.
Quality controls are primarily a subset of management controls; however, they may be found in application controls as well.
A “system” of internal control extends beyond those matters that relate directly to the functions of the accounting and financial departments. Internal control encompasses the plan of organization and all of the methods and measures adopted within a business to:
Safeguard its assets, Promote operational efficiency, Check the accuracy and reliability of its accounting data, Encourage adherence to prescribed policies.