Organizational controls are processes and procedures that define how people within the organization should perform their duties. Control techniques provide the managers of the organization with the amount and type of information they require to monitor and measure performance. The information from the different controls should be tailored to a particular management unit, level, department or operation (Freeman, 2010). The main control efforts are financial controls, budget controls, marketing controls, human resource controls, and computers and information controls.
Financial controls – After an organization has identified strategies to attain its goals, money is set aside for the necessary labor and resources. As funds are used up, statements are updated in order to reflect how it was spent, how much was spent and what it obtained (Freeman, 2010). Financial statements, for instance balance sheets or income statements are often used by managers to monitor the progress of plans and programs. In general, financial statements provide the company’s managers with information that is used in monitoring financial resources and activities. An income statement helps in showing the results or outcome of the company’s operations over a period of time such as expenses, revenues, and loss or profit. Financial audits are often conducted to make sure that financial management practices are in line with the generally accepted laws, policies, procedures and ethical guidelines (Flamholtz, 2006).
Budget controls – Normally, a budget represents how much the company expects to spend and earn over a given period of time. The amounts are grouped in accordance to the business account or activity for instance sales of catalogs or telephone costs. Budget controls are vital since they help managers to plan their finances and keep track of their overall spending (Sitkin, Cardinal & Frankema, 2010). Marketing controls – These help in monitoring progress toward goals for customer satisfaction with services or products, delivery and prices. Controls used in evaluating the organization’s marketing functions include: Market research, which gathers information to assess the needs of the customer, and the information is critical to the success of the company. A continuing market research reflects how well the company is meeting the expectations of its customers and helps to anticipate the needs of the customer. In addition, it helps in identifying competitors (Sitkin, Cardinal & Frankema, 2010). The second marketing control is test marketing, which is a small scale product marketing used to assess customer acceptance. Using focus groups and surveys, test marketing goes further than identifying the general requirements and looks at who or what really influences buying decisions. The last marketing control is marketing statistics, which measures performance through compiling data and analyzing results. Managers often look at marketing ratios, which measure activity, market shares and profitability. They also look at sales quotas, which measure the progress toward sales goals and aid with inventory controls.
Human resource controls – These help managers in regulating the quality of newly/recently employed workers, as well as monitor the developments and daily performance of the current employees (Flamholtz, 2006). Everyday, the company manager plays essential roles in helping to control employees’ behaviors within the organization. For instance, she helps in directing the employees’ performances toward goals by ensuring that goals are set clearly and are understood. The manager also institutes procedures and policies to help in guiding the actions of the employees. Finally, she considers past experiences when developing future objectives, procedures, policies and strategies. The common control types are disciplinary programs, observations, performance appraisals, and training and development assessments. Since the quality of the company’s workers, to a large extent, determines the company’s overall effectiveness, controlling this area is imperative Sitkin, Cardinal & Frankema, 2010).
Computers and information controls – This involves preventive, detection and management controls. The Company has sensitive and confidential information that it does not want to become general knowledge. Thus, controlling access to the company’s computer databases is the key to this area. Preventive controls – include setting clear roles and responsibilities (Flamholtz, 2006). These are clearly defined and developed to enable the management and personnel to properly understand who is in charge for ensuring that an appropriate degree of security is implemented/applied for the most important IT assets. Another preventive control is separation of duties and least privileges. When this is implemented effectively, it ensures that staff members have only sufficient access to IT systems to properly carry out their job duties and no more. In addition, another preventive control involves processes and systems for provisioning and de-provisioning users. These control measures are essential so that new employees are able to become productive much quicker, whilst those leaving lose access immediately upon leaving (Flamholtz, 2006).
Detection controls – This involves performing ongoing risk management programs in order to assess and control risks to the company’s key assets. It also involves performing recurrent reviews of controls in order to verify the efficacy of the controls. In addition, it also involves undertaking system audits periodically to make sure that systems have not been misconfigured or compromised. Lastly, it involves implementing a rotation of duties since this is an effective way of uncovering nefarious activities by employees within the IT team or users who have access to sensitive data. There are also management controls – this involves incident response planning that provides the company with the ability to rapidly react to and recover from a security violations, whilst reducing their impact and preventing the spread of that incident to other systems. Moreover, it also involves business continuity planning, and this enables the company to recover from disastrous events, which influence a big fraction of the IT infrastructure.
In conclusion, there are five major control efforts implemented by the company and they are financial, budget, marketing, human resources, and computers and information controls. Financial controls include such things as financial statements and financial audits. Controls used in evaluation marketing functions include market research, test marketing and marketing statistics. Computers and information controls include prevention, detection and management controls.
Flamholtz, E. (2006). Effective Management Control: Theory and Practice. Boston, MA: Cengage Learning
Freeman, R. (2010). Strategic Management: A Stakeholder Approach. Cambridge: Cambridge University Press
Sitkin, S., Cardinal, L., & Frankema, K. (2010). Organizational Control. Cambridge: Cambridge University Press.