According to ISA 400, ―Risk assessments and internal control‖, the internal control system means all the policies and procedures adopted by the management of an entity, to assist in achieving managements‘ objective of ensuring, as far as practicable, the orderly and efficient conduct of its business, including adherence to management policies, the safeguarding of assets, the prevention and detection of error and fraud, the accuracy and completeness of accounting records and the timely preparation of reliable financial information.
NB: The internal control system extends beyond those matters, which relate directly to the functions of the accounting system and comprises:
(i) ―The control environment‖ which means the overall attitude, awareness and actions of directors and management regarding the internal control system and its importance to the entity.
ii. Control procedure: procedures established to achieve the entity‘s specific objectives such as the ones mentioned in (a) above.