PhD Ivakhnenkov S.V.
Національний
університет
“Києво-Могилянська
академія”,
Україна
IS THE
TERMINOLOGY RELATED TO BUSINESS CONTROL CORRECT?
Background. Scientists as well as businessmen by the term
‘control’ understand the huge variety of concepts: control as one
of the main principles of management, control as the process (cycle) of
management and, ultimately, the control function of management. However,
despite the common use, the term ‘control’ itself is one of the
most poorly defined. One of the most popular meanings of
“control” and the related notion of “hierarchy” are
frequently used to define a ferocious, authoritarian approach to management [1,
p.93].
Purpose of the
research. There are many
definitions and meanings of control, and each tries to disclose its nature,
purpose and objective. The aim is to explore and systemize the control
terminology associated with business control and supporting activities.
Basic material. Oxford English Dictionary yields a fairly detailed
description to the term “control” [5]. Namely, this word comes from
the expression “the copie of a roll”,
which could most likely serve as an accounting information medium.
Indeed, a numerous amount of nuances and shades
of the definition may make ‘control’ quite an enigma until defined
more precisely. Two basic understanding of control in economic and business
sense are clearly differentiated: 1) control as an ownership and the related
receiving of economic benefits, 2) control as a function of management.
On the first aspect of control, even the
international financial reporting standards (IFRS – www.ifrs.com)
consider control as defining, decisive influence on financial and economic
policies of the company to obtain benefits from its activities. This approach,
used in the legislation of European countries, treats control as a direct or
indirect ownership, providing the largest number of votes in the governing
bodies of the company. Of course, one can see that this meaning of control is
closely related to the other, because any serious decisions on investment,
restructuring, entering new markets and other strategic issues are approved by
the dominant (control) group.
Therefore talking about the control concerning
business organizations, we can state the following. Control – is a process of testing, measurement, directing,
restraint, and feedback provision implemented by certain policies, procedures,
practices and structures in order to reach the goal of an organization.
As all management systems function inside the
environment that is a source of disturbances and uncertainty, a certain
mechanism must exist in order to monitor and respond to these disturbances to
achieve the management goals. This mechanism is a control system. To elucidate the concept of this term, let us define
what we mean by the word system.
Schoderbeck et al. [4] proposes a quite concise general definition as a
‘Set of objects together with relationships between the objects and their
attributes related to each other and to their environment so as to form a whole.’
Though this definition could be appropriate to a broad range of subjects such
as politics, sociology, economics, biology, engineering etc., the goal of this
work directs us only to the management view. Therefore, we can define a control system as a component of a
management system comprising of certain policies, procedures, practices and
structures which enable managers to measure, test and compare the results of an
entity’s functioning to react accurately and timely to any disturbances
in order to reach a certain objective.
Regarding the second, managerial understanding
of control, the control system can be considered as a black box transformation
of inputs into the output by a process where the internal details of the
process ignored for simplification. There are four necessary conditions that
must be satisfied for any process that could be called consciously controlled:
1) there should be a goal for the controlled process – without
objective control has no sense, 2) the output must be measured by the measures
that are defined by the goal and objectives, 3) there must be a perfect,
‘ideal’ model of the controlled process, in order to compare the
actual process with the desired one, 4) there should be a possibility for
the corrective action so that deviation could be eliminated.
However, availability of organizational system
components does not automatically mean a process to be controlled. There four
necessary conditions must exist for any process to be controlled:
·
Objectives/aim/purpose
for control;
·
The output of the
process must be measurable in terms of the dimensions defined by the
objectives;
·
A predictive model
of the process being controlled is required so that causes for the
non-attainment of objectives can be determined and proposed corrective actions
evaluated;
·
There must be a
capability of taking action so that deviations of attainment from objectives
can be reduced.
Also, there
exists some confusion of notions ‘control’
and ‘controls’, which
needs clarification. Totally, we’ve studied more than two dozen
English-language sources (books, scientific articles, sites of professional
organizations), to find out how to understand the term ‘controls’.
Hayes
et al. [9, p. 654] define controls
as all the organizational activities aimed at having organizational members
cooperate to reach the organizational goals. Wilkinson and Cerullo [18,
p. 32] emphasize on the subsidiary nature of controls for the entity
regulation. They enable a system such as a firm to monitor operations and
processes, so as to identify and correct deviations from plans. Drucker defines ‘controls’
as the instruments that lead towards the objective of overall
‘control’ [3]. Moreover, ‘control’ is not just a matter
of generating ‘controls’, but a process of continual monitoring of the
position of the enterprise as a whole.
Conclusions
are the following: in spite of the wide use, this term is quite ambiguous.
Interestingly, in some guides (even on the information systems auditing), the
definition of ‘controls’ is not available at all, e.g. [2],
although the term itself is widely used. Then, actually in English the letter
‘s’ in the end of the word often refers to the plural form. But the
corresponding term in singular form, namely ‘control’ means
something different (see above). That’s why the on-line business
dictionary uses a singular term ‘control procedure’ defining
‘controls’ where others use just ‘controls’. Thus, in
the article by scientists from the
Some sources
don’t explain the definition of ‘controls’ at all [2], while
others tell us about ‘internal controls’. This term is often
interpreted as the ‘control activities’, but more frequently as
‘control procedures’. However, in this regard, the authors of the
essential American textbook on the internal control assessment state that as
the management and reporting system of an enterprise includes policies,
procedures, and tools of monitoring compliance, then collectively, the policies
and procedures are to be defined as internal controls, because they operate
within the enterprise as means of reducing its vulnerability to business,
financial and accounting risks [3, p. 2].
On the basis of stated
definitions, we can infer that control
procedures are the specific actions, policies, principles, rules, and
guidelines implemented by the entity’s management in order to reach the
organization’s short- and long-term goals.
Obviously,
at some stage the term ‘controls’ had became wider then just
‘control procedures’ and now covers the whole set of control
measures in the business operations (procedures, regulations, and policies of
the company, and fragments of the software algorithms, and physical equipment
– safes, locks, etc.). Thus, the most appropriate interpretation could be
enough general ‘methods and tools of control’.
In our
opinion, the main characteristics of the control procedure is its clear formal
description, which enables its understanding by the various categories of professionals
who play different roles in the control process: 1) precise quantitative
characteristics: either true (T) / false (F) or specific number,
2) clearly written description of the sequence of actions, which provides
clear understanding of procedure by the person who regulate it, by the person
who establishes it, and by the auditor.
Control
procedures need to be distinguished from the accounting system. A company needs
accounting system, for example, for the shipment of goods to customers and
billing, recording of individual transactions, and their summation for
recording in the general ledger. Control procedures are added to ensure that
the accounting system produces accurate and reliable data. For example, control
procedures can be added to the billing system to ensure that all the shipments
are billed, and that all bills have correct amounts.
Controls
must always be considered in terms of benefits against costs, as well as within
the requirements to safeguard the assets. The concept of reasonable assurance
demands that the costs of internal controls should not exceed the benefits
derived from them. Expected benefits are to reduce losses from the corporate
and business risks. Expected costs are related to resources for the
establishing and maintaining the control system. The actual calculation of
these costs and benefits, however, is largely subjective because of the limited
opportunity to measure the specific costs and benefits [6, p.109].
Conclusions. Control is a complex subject because the benefits and
costs of controls depend on how people react to those controls, and predicting
human behavior is a far from exact science. The study and evaluation of control
systems is also complicated by the probabilistic nature of controls.
To achieve its objectives, no matter what type
of internal control system is chosen, management has to implement certain
control procedures (control activities). Though implementation of controls
requires additional financial resources, the benefits it can bring can be considerable.
It can prevent the misuse of organization's resources, promote reliable and
accurate accounting records, resolve issues arising as a result of reporting
errors and protect not only employer’s interests but also interests of
employees by segregating worker’s duties and safeguarding them from
against being accused of irregularities or misappropriations. In sum, internal
control can lead an entity to the needed targets with the minimum losses along
the way.
To reach the established objectives the entity
has to maintain a favorable control environment, assess its risks timely and
correctly, implement the appropriate control activities, supply these issues
with a proper information and communication and monitor the control process
since the first day of its application. Satisfying these conditions can be the
only way to reach a truly efficient and strong control system.
1. Harry, Mike. Business
Information: A Systems Approach. –
2. Hunton, James E. / Bryant, Stephanie M. /
Bagranoff, Nancy A. Core Concepts of
Information Technology Auditing. – John Wiley & Sons Inc. 2004.
– 282 p.
3.
Johnson, Kenneth
P., and Jaenicke, Henry R. Evaluating
Internal Control: Concepts, Guidelines, Procedures, Documentation. –
4.
Schoderbeck, P.P.,
Schoderbeck, C.G. and Kefalas, A.G. Management
Systems. –
5.
The
6. Vasarhelyi, Miklos A.; Lin, Thomas W. Advanced Auditing: Fundamentals of EDP and
Statistical Auditing Technology. – Addison-Wesley, 1988. –
600 p.