Which component of internal control focuses on the compliance with policies and procedures?

The component of internal control that focuses on compliance with policies and procedures is monitoring. Monitoring involves the ongoing evaluation of internal control systems to ensure that they are operating effectively and that policies and procedures are being followed. This process can include regular audits, checks, and assessments to identify any discrepancies or failures in adherence to established guidelines.

By actively monitoring compliance, organizations can identify weaknesses in their controls and take corrective actions as needed, thereby promoting a culture of accountability and adherence to internal policies. This ensures that the organization not only implements controls but also effectively oversees and reinforces them to mitigate risks of non-compliance.

In contrast, the other components—risk assessment, control activities, and control environment—play different roles in the internal control framework. Risk assessment involves identifying and analyzing risks that could prevent the organization from achieving its goals. Control activities refer to the actual policies and procedures that help ensure management directives are carried out. The control environment encompasses the overall attitude, awareness, and actions of the organization’s management and board concerning internal control, setting the tone for compliance and ethical behavior.