Document Entity-Level,
Process-Level and IT Controls
Those processes that affect financial reporting and related activities must be documented in detail for your organization to achieve compliance. In this phase, you go about reviewing and documenting both Entity-Level Controls and Process Level Controls. This is generally the most time-consuming part of your ICFR project.
What You Need to Do in This Phase
- Review and document Entity Level Controls (the Control Environment, Risk Assessment, Information and Communication and Monitoring)
- Review and document Process Level Controls (Revenue, Disbursements, Financial Statement Preparation/ Disclosures, Treasury, IT Controls, etc.)
- Assess segregation of duties trouble spots
Lessons From Other Companies
- Efficiently manage the time it takes to document controls
- Clearly and easily report on or display processes; you don't want to be spending an inordinate amount of time formatting reports
- Invest in tools to easily update documented processes if you make any changes in the future
See how Compliance PARTNER, Internal Controls™ can ease your Entity-Level documentation burden.
See how Compliance PARTNER, Internal Controls™ can ease your Process-Level documentation burden.