Internal Control Best Practices for Small to Medium Sized Entities and Not-For-Profit's

Author: Lynn Fountain

CPE Credit:  2 hours for CPAs

The concepts of internal controls are simply and straightforward. However, they can present challenges for businesses with fewer resources or less structured processes. This course is designed to speak to the concepts of how ICs can present a challenge to the SME and NFP and introduce some best practices for addressing these challenges.

Internal Control is generally defined as: “…a process effected by those charged with governance, management, and other personnel – designed to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations…”

This definition makes sense for larger entities to manage and effectuate. However, smaller entities have a multitude of unique characteristics that can impact the design and operating effectiveness of internal controls.

This course will examine the unique characteristics of small to medium sized entities as well as not-for-profit (NFP) entities and the complexities they may face when attempting to instill proper internal control processes. We will review the purpose of internal control in these entities and methods for identifying control deficiencies. We will also discuss the concept of how a poor internal control environment can open the door to potentially fraudulent activity.

Publication Date: March 2019

Designed For
Accountants and Finance professionals, Business Owners, CFOs, CEOs, Legal and Compliance professionals, Board members and Audit Committee members, Internal auditors/Professionals considering the role of internal audit.

Topics Covered

  • Characteristics of small to medium sized entities entities as well as not-for-profit entities
  • Internal Control and Defining Deficiencies
  • COSO Internal Control Framework
  • Control Environment
  • Risk Assessment
  • Control Activities
  • Information & Communication
  • Limitations of Internal Control
  • Documentation

Learning Objectives

  • Evaluate how the COSO principles can be applied to SME and NFP entities
  • Identify purpose and requirements for IC and how to identify IC deficiencies
  • Identify COSO concepts and their importance to SME/ NFP
  • Evaluate how each of the COSO principles can be applied to SME and NFP entities
  • Describe limitations of internal control
  • Recognize and apply documentation needs for SME and NFP entities
  • Identify characteristics of an NFP
  • Identify principles with respect to the risk assessment component of internal control
  • Recognize control activitity action for SME and NFP entities


Instructional Method

NASBA Field of Study
Auditing (2 hours)

Program Prerequisites

Advance Preparation

Registration Options
Regular Fee $55

 Chat — Books Support