Control activities mitigate the risks identified and ensure accurate and reliable financial reporting as well as process efficiency.
Control activities include both general and detailed controls aimed at preventing, detecting and correcting errors and irregularities. In the Electrolux Control System, the following controls are implemented, documented and tested;
-
Manual and application controls – to secure that key risks related to financial reporting within processes are controlled. Examples of important manual and application controls are ones over journal entries, reconciliations, access rights and segregation of duties.
-
IT general controls – to secure the IT environment for key applications. Examples of important IT general controls are ones over change management, user administration, production environment and back-up procedures.
-
Entity-wide controls – to secure and enhance the control environment within Electrolux. Examples of important entity-wide controls are ones over Group policies, accounting rules, delegation of authority and financial reviews.
Every calendar year, usually between March and May, the documentation of controls is updated and quality-assured. Documentation of controls is stored in a central web-based tool. Documentation comprises of both flowcharts of the process and descriptions of the control activities detailing who performs the control, what he or she does and how often the control is performed. Each control activity documented is also evidenced, i.e., a document or file proving that the control actually has taken place is maintained.
Control activities – Example trade receivables
Process | Risk assessed | Control activity | Type of control | |||
Internal Control and Risk Management | Risk of incorrect and inconsistent financial reporting. | Periodic controls to ensure that the Accounting Manual is updated, communicated and adhered to. |
Entity-wide control | |||
Closing Routine | Risk of incorrect financial reporting. | Reconciliation between general ledger and accounts receivable sub-ledger is performed, documented and approved. |
Manual control | |||
Manage IT | Risk of unauthorized/incorrect changes in IT environment. | All changes in the IT environment are authorized, tested, verified and finally approved. | IT general control | |||
Order to Cash | Risk of not receiving payment from customers in due time. | Customers’ payments are monitored and outstanding payments are followed up. | Manual control | |||
Order to Cash | Risk of incurring bad debt. | Application automatically blocks sales orders/deliveries when the credit limit is exceeded. | Application control |