What is an internal control environment?
• How does a company safeguard financial assets, money, information, and software? This includes both its own and particularly those of its clients. • How does a company control access to financial information and assets to only authorized users? • How does a company do business to manage risk, maximize efficiency, as well as prevent theft and defalcation? The answer to these questions is the very definition of an internal control environment. A SAS 70 audit is a detailed report and opinion by an independent, outside CPA firm to answer the above questions for customers, vendors, creditors, investors, and other third parties. It allows them to rely on the internal controls put in place by another company that impacts the controls over their financial information and assets. Internal control consists of a companys control environment, risk assessment, control activities, information and communication, and monitoring. To illustrate an example, consider a swimming pool. The swimming pool i
