CAIIB Paper 3 (ABFM) Module A Unit 6: Controlling

Controlling
• Within an organisation, “Controlling Process” refers to a method that can be
implemented to check whether or not certain criteria are being met. It entails
gathering information about a system, process, person, or group of people in a
thoughtful manner, in order to arrive at decisions that are necessary regarding each
of these entities.

• The controlling function determines the degree to which actual performance

varies from predetermined benchmarks. It investigates the factors that led to
such deviations and makes an effort to make adjustments in accordance with those
findings.

Characteristics Of Controlling
• Controlling is beneficial to the accomplishment of organisational goals.
• The procedure makes the most efficient use of the available resources.
• Controlling judges ensuring the correct application of the standard.
• Discipline and order are also established as a result of the process.
• The process of controlling the employees motivates the employees and boosts
employee morale, which, in turn, leads to increased effort and labour from the
employees within the organisation.
• Controlling ensures accurate planning for the future by reevaluating the previously
established standards.
• The results of an organisation as a whole will improve as a result of control.
• The exercise of control reduces the number of errors that occur.

Advantages Of Controlling
• Assists in accomplishing Organisational Goals
• Helps in minimising errors
• Making Efficient and effective use of resources
• Validates accuracy of standards
• Improves order and disciple and motivates staff
• Results in better coordination within the organization
• Simplifies supervision and helps in delegation and decentralization • Provides
feedback for data improvement for future planning.
Limitations Of Controlling
• It may be costly to implement, especially in smaller firms.
• It is difficult to compare the actual performance with the accepted standards,
specially in case of standards not expressed in quantitative terms.
• There is little or no control on external factors like government policies, changes in
consumer behaviour, technological changes, competition, etc.
• There may be resistance from employees as they may consider it as restricting their
freedom.
• Over-dependence on controls may lead to laxity in supervision.
• The operations of the organisation may slow down if the rules are implemented
rigidly.
• The organisation may be exposed more errors and frauds if wrong controls are
executed.

Types Of Control Management

Broadly, the control management can be of 3 types, based on the timing of the
control:

• Feedback control: These controls are based on the feedback received after the
activity has taken place. So, the corrective action can be taken only for carrying out
similar activity in future.
• Proactive control: These are future-directed controls which anticipate problems
well in advance and the corrective action is taken accordingly.
• Concurrent control: These controls are based on the real-time engagement of the
controller as the activity is being carried out. So, the corrective action can be taken
simultaneously with carrying out the activity, to take care of any deficiencies
observed.
Basic Elements and Steps of the Control Process The process

of establishing goals and standards:

• Although the process of establishing goals and standards is part of the planning
process, it also plays a significant part in the controlling process. This is due to the
fact that the primary objective of control is to steer the activities of a company in the
direction of those goals.

• It is very important for managers to communicate their organization’s goals,

standards, and objectives as clearly as possible.

• In this regard, there should never be any room for employees’ interpretations to
vary. Managers are required to set goals and take action based on those goals, and
those goals can either be tangible and specific or intangible and abstract.
Comparing the actual performance to the predetermined goals and criteria:

• Once managers have a clear understanding of their objectives, they should measure
and evaluate their actual performance before making comparisons. This step
basically helps them know if their plans are working as intended.
• Once a plan has been put into action, managers are required to continuously
monitor and assess its effectiveness. If things are not functioning as they should,
then they should always be prepared to take the necessary corrective actions. In
order to accomplish this, they must continually assess their current performance in
relation to the goals they have set for themselves.

• First, managers need to measure actual performance before they can compare it to
past performance. They can do this by measuring results in a monetary context,
seeking feedback from customers, and so on.
Taking steps to make necessary corrections:

• Managers are obligated to take immediate corrective action whenever there are
gaps between actual performance and the goals that they have set for their teams.
When taken promptly, corrective action can not only mitigate the existing damage
but also prevent it from occurring again in the future.
Continuing to monitor the effects of corrective actions:

• It is not enough for managers to simply implement corrective measures; they must
also bring these measures to their inevitable and logical conclusion. Even this step
requires thorough evaluation and comparison. Managers have an obligation to work
on finding a solution to the problem until they do.

Relation Between Planning And Control

The processes of planning and controlling are inextricably linked to one another. The
objectives of the organisation are determined through the planning process, and the
controlling process ensures that they are met. The relationship between planning and
control may be explained as under:

• The Planning Stage is the Originator of Control: During the planning phase,
objectives and targets are established. A control process is required in order to
successfully meet these objectives. Therefore, planning comes before controlling.
• Controls help Planning Sustain for Long-Term: The path that planning takes can
be influenced by controlling. The act of controlling draws attention to the parts of
the process that require planning.
• The control process supplies information that can be used for planning:
During the controlling process, the actual performance is compared to the
standards that were established, and any deviations that are found are recorded.
 The data gathered for the purpose of exercising control are also utilised in the
planning process.
• Planning and controlling are interconnected in the following ways: The first
function that management is responsible for is planning. In order to enhance the
performance going forward, the appropriate corrective actions have been taken. The
first step in any process should be planning, and the last step should be control.
Both must have the other in order to function properly.
• Planning and control involve looking into the future: Both planning and control
are concerned with the activities that will take place in the future within
the business. Planning is always done with an eye toward the future, and control
also looks ahead. The accomplishment of a company’s objectives is the primary
focus of both planning and controlling. Through their combined efforts, they hope
to achieve the highest possible output at the lowest possible cost.

Control Techniques
Controlling techniques are the tools that are used to establish control over business
activities, monitor those activities, and take any necessary corrective actions. Controlling
a business effectively can be accomplished using any number of methods, both
traditional and modern.
The selection of the methods absolutely needs to be done in a strategic manner. When
deciding on the approach that will be most effective, the organisation needs to take into
consideration:

• The Character of the Company or the type of business

• Specific Clientele or Users to Aim For
• The challenges that the Organizations are currently facing
Traditional Techniques Of Control

Personal Observation
• The manager does this by personally observing the employees or workers at the
location of the business. It is also known as On-the-Spot Observation or Direct
Observation.

• The employees are pressured and motivated to perform at their highest level of
productivity when they are directly observed. A significant amount of time is
required for supervision when utilising this method.

• Managers acquire genuine and first-hand information for the analysis. In the event
that the operations are not performing as expected, the managers have the ability to
make adjustments there and then. It allows employees to discuss issues or problems
 simultaneously. Additionally, it improves the employees’ overall sense of well-being
and morale.

Break-even Analysis
• This control method illustrates the relationship between cost and volume at varying
levels of production output. The Cost, Volume, and Profit analysis is another
name for this approach. It forecasts the profits and losses that will result from
changes in the amount of output that is produced.

• The break-even point refers to the point at which the purchase price and the selling
price are equal to one another.
Break Even Point = Fixed Cost / (Price - Variable Cost). Under the Break-Even
Analysis technique, the evaluation is based on:

Break-even Point
Angle of Incidence Contribution Margin
Margin of Safety.

Statistical Reports
Information is gathered by the manager so that performance can be evaluated across
functional areas. The information that is gathered is then utilised for the purpose of
comparison. Involved in this process is the examination of numerical information in the
form of:

Averages
Percentages
Coefficient of determination Ratios, etc.

• The aforementioned information is presented by the organisation in the form of

charts, graphs, tables, and so on. The data can be more easily visualised with the
help of these reports, and the areas that require attention can be located. As a
result, it is the method for data analysis that is utilised the most and provides the
most benefit.
Budgetary Control:
Comparing and analysing the actual performance with the planned performance is an
integral part of the budgeting process. In general, the following are included among the
steps in budgeting:

• Establishing criteria by subdividing the overarching goals of the company into those
of individual departments.
 • A comparison of the actual performance to the budget and standards that were
previously defined.
• Determine the logical deviations from the plan and take corrective actions after you
have calculated them.

• Having control over one’s budget makes it easier to have control over one’s dayto-
day activities. Consideration must also be given to the amount of resources and
labour that will be required to accomplish the goals.

• There is a possibility that the final budget that was formulated will turn out to be
inaccurate and costly.
The following is a list of the various types of budgets that are typically prepared by
organisations:

Cash Budget
Sales Budget
Production Budget
Capital Budget
Material Budget
Modern Techniques Of Control Return on

Investment:
Calculating the rate of return on investment (ROI) allows us to measure the return that was
generated. Using this rate, one can better evaluate the company’s current financial
situation.
ROI Formula: Return on Investment = Net Income / Total Investment. There are two
ways in which we can increase our return on investment:

• By increasing the volume of sales in a manner that is proportionally greater than

the overall investment.
• By lowering the total investment while maintaining the same level of sales
volume. It is useful for:

Examining the differences and similarities in terms of wealth between the two eras
and companies.
Finding areas that have a negative impact on return on investment Attracting
investors and enhance the company’s reputation.
Comparison among departments
Financial Statement and Ratio Analysis
Calculating a variety of Ratios is made easier, which in turn contributes to better financial
management of the organisation. In order to accomplish this goal, data is compiled from
the financial statements of the companies.
The following ratios are used the most frequently:

Profitability Ratios
Liquidity Ratios
Solvency Ratios
Turnover Ratios
Responsibility Accounting:

• It is a method of accounting in which the amount of responsibility placed on the

individual employee is taken into consideration. Therefore, businesses will
conduct an assessment to determine whether or not the employee is capable of
carrying out the responsibility in accordance with the criteria that have been
established.
• This method of command and control works well for large organisations that have a
number of different departments.
In general, there are four distinct categories of responsibility centres:

Revenue Centre

Cost Centre
Profit Centre

Investment Centre

PERT And CPM

• Project Evaluation and Review Technique (PERT) is a procedure through which
activities of a project are represented in its appropriate sequence and timing. It is a
scheduling technique used to schedule, organize and integrate tasks within a
project.

• The critical path method (CPM) is a technique where you identify tasks that are
necessary for project completion and determine scheduling flexibilities. A critical
path in project management is the longest sequence of activities that must be
finished on time in order for the entire project to be complete.

• It is in the managers’ best interest to reduce the total amount of time and money
required to complete the activity.
Management Information System
• MIS, is essentially responsible for providing information that facilitates the
making of sound decisions. Managers are able to retrieve any data whenever it is
required. It is one of the techniques for cost-effectively controlling that managers
have at their disposal.

• In addition to this, it helps manage a massive quantity of data and delivers

information at precisely the right moment. The information that is obtained from
MIS is reliable and aids in the process of making decisions.
MIS is comprised of two primary parts:

The Collection of Data

The Management of Data

Management Audit
• It is the process of examining how a company uses its resources. It is started by the
top level of management in order to guarantee that the management will
perform effectively.

• While internal audit may be a continuous affair and periodicity may depend on the
size of the organisation, management audit may be conducted at intervals decided
by the Board of the Company which may be more than a year, say every two or three
years.

• After the conclusion of the financial audit, the next step is the management audit.
During the course of the audit, the overall management process will be subjected to
close scrutiny.

Control Technique And Information Technology

The objectives of IT control relate to the confidentiality, integrity, and availability of data,
as well as the general management of the enterprise’s IT function as a whole. The
techniques of control are listed below:
Organisational Control Techniques:

• When a company installs significant amounts of hardware and software and also
appoints human resources, the company must first establish the co-ordination
between the newly installed information system and the newly appointed human
resources.

• Fixing the responsibilities of the manager, senior managers, and every

employee in the team who handles information systems is how this
organisational control is implemented.
 Management Control Techniques:

• Appointing an expert committee comprising experts from all fields, Everyone will
apply their specialised knowledge and experiences to examine the IT system of the
organisation and report back if they find any errors or fraudulent activity in it.
Financial Control Techniques:
The following methods can be utilised for various forms of financial control:

• Delegation of financial powers

• Authorization to access the system
• Budgetary Control
• A unique sign indicating the cancellation of these documents
• Dual control over asset and entry
• Input and output verification
• Safekeeping the login passwords for servers and IT systems
• Segregation of Duties

Data Processing Environment Controls Techniques

• The company ought to appoint some specialists for the control of the data
processing environment. The environment in which data is processed today is
composed of electronic and electrical components. Therefore, a specialised
supervisor who checks it at regular intervals is required for it.

Physical Access Controls techniques

• The term “physical access” refers to an unauthorised third party reaching into your
database. You need to create security layers so that you can thwart any attempts of
gaining unauthorised access in the data centre.

Logical Access Controls Techniques

• The malicious hacking and virus will be used to gain unauthorised access to the
logical system. Therefore, you should use malicious hacking and antivirus software
to put a stop to it at any cost.

SDLA Controls Techniques

• SDLA means system development life cycle. It is also essential that it be
controlled. The standardisation of the system development life cycle is one way that
this can be accomplished.
BCP Controls Techniques
• “BCP” refers to the “business continuity process.” Maintaining control of it would
be possible if you have a sufficient number of backups and a solid recovery strategy
in place in case the system is destroyed.

Application Controls Techniques

• It is necessary to block unauthorised access to the recorded database in every
computer-based system so that changes cannot be made and data cannot be
removed. The two widely used application systems that an auditor needs to keep an
eye on are SAP and Quick-book.
Categories of IT Control

IT General Controls (ITGC)

• Controls over the IT environment, computer operations, access to programmes and
data, as well as programme development and programme changes, are all included
in ITGC.

• The IT Governance Council serves as the structure’s primary pillar. They support the
assertion that systems operate as intended and that output is reliable, in addition to
helping to ensure the accuracy of the data that is produced by information
technology systems.

IT Application Controls
• Transaction processing controls, also known as “input-processing-output”
controls, are what are meant when someone talks about IT application controls.

• The controls of an IT application or programme are fully automated, which

means that they are performed automatically by the systems. This is done to ensure
that the data are processed correctly and completely from the time they are input
until they are output.

• These controls are different for each application because each one serves a unique
business purpose. These controls might also be able to assist in protecting the
privacy and safety of data that is transferred between applications.

IT Control and the CIO/CISO

• Usually, the Chief Information Officer (CIO) or the Chief Information Security
Officer (CISO) of an organisation is the one who is accountable for the safety,
accuracy, and dependability of the systems that manage and report the company’s
data, including its financial data.
Internal Control Framework
• The COBIT Framework, also known as the Control Objectives for
Information Technology Framework, is a framework that has seen widespread
adoption and was developed by the IT Governance Institute.

• COBIT is a framework that is widely used that contains best practices for the
governance and management of information and technology, and it is directed
toward the organisation as a whole.

COSO
• The Committee of Sponsoring Organizations of the Treadway Commission
(COSO) identifies five components of internal control: a) control environment, b)
risk assessment, c) control activities, d) information and communication e)
monitoring.

• In order to accomplish the goals of financial reporting and disclosure, it is necessary

to have these components in place. COBIT offers comparable and detailed guidance
for information technology, while the interrelated Val IT focuses on higher-level IT
governance and value-for-money concerns.
The four COBIT major domains are:

Planning and organising

Acquiring and implementing Delivering and supporting
Monitoring and evaluating.