COSO places integrity and ethical values at the heart of what it calls the control environment. In arguing the importance of integrity and ethics, COSO makes the case that the best designed control systems are subject to failure caused by human error, faulty judgment, circumvention through collusion, and management override of the system. COSO goes on to state that:
Ethical behavior and management integrity are a product of the “corporate culture.” Corporate culture includes ethical and behavioral standards, how they are communicated and how they are reinforced in practice. Official policies specify what management wants to happen. Corporate culture determines what actually happens, and which rules are obeyed, bent or ignored. 1
Review Question Explain what is meant by the control environment. What elements might comprise the control environment? |
Management is responsible for internal control and can respond to this requirement legalistically or by creating a “control environment.” That is, management can follow the “letter of the law” (its form), or it can respond substantively to the need for control. The control environment reflects the organization’s (primarily the board of directors’ and management’s) general awareness of and commitment to the importance of control throughout the organization. In other words, by setting the example and by addressing the need for control at the top of the organization, management can make an organization control conscious.
For example, reward systems might consider ethical, legal, and social performance, as well as the bottom line. Strategies should be developed so as not to create conflicts between business performance and legal requirements. Management should consistently find it unacceptable for personnel to circumvent the organization’s system of controls and, as importantly, should impose stiff sanctions for such unacceptable behavior. These actions are included in what some call the “tone at the top” of the organization. Some question whether the large campaign contributions made by Enron and its executives set the proper tone at the top of that organization.
Review Question Explain how business ethics relates to internal control. |
A number of companies have articulated the ethical behavior expected of employees in a very tangible way by developing corporate codes of conduct that are periodically acknowledged (i.e., signed) by employees. The codes often address such matters as illegal or improper payments, conflicts of interest, insider trading, computer ethics, and software piracy.
- 3608 reads