Fixed Assets Audit Internal Controls Checklist

Internal controls over assets are essential mechanisms, policies, and procedures designed to safeguard an organization’s resources, ensure accurate financial reporting, prevent fraud, and promote operational efficiency. Assets, particularly fixed assets like property, plant, and equipment (PPE), represent significant investments for most organizations. An assets audit involves verifying the existence, condition, ownership, and valuation of these assets while evaluating the effectiveness of internal controls.

The primary objectives of internal controls in asset management include:

• Protecting assets from unauthorized acquisition, use, or disposal.
• Ensuring accurate recording of transactions and maintenance of reliable records.
• Preventing and detecting errors or fraud.
• Complying with laws, regulations, and accounting standards (e.g., GAAP or IFRS).

A widely recognized foundation for these controls is the COSO Internal Control—Integrated Framework (2013), which outlines five components: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities. These apply directly to asset management by emphasizing safeguarding assets as a key operational objective.

Key Components of Internal Controls for Assets (Based on COSO Framework)

1. Control Environment: Sets the tone at the top. Leadership must demonstrate integrity and commitment to strong controls, such as through policies on asset management and ethical standards.
2. Risk Assessment: Identify risks like theft, misplacement, obsolescence, or improper valuation. For assets, common risks include unauthorized disposals or inaccurate depreciation.
3. Control Activities: The core actions to mitigate risks, including preventive (e.g., segregation of duties) and detective (e.g., reconciliations) controls.
4. Information and Communication: Ensure accurate asset records are maintained and communicated, using systems like asset registers.
5. Monitoring Activities: Ongoing evaluations, such as periodic audits, to ensure controls are functioning.

Best Practices for Internal Controls Over Assets

Effective controls focus on the asset lifecycle: acquisition, custody, usage, maintenance, and disposal.

• Segregation of Duties: No single person should handle all aspects of an asset transaction. For example:
  • One person authorizes purchases.
  • Another receives and records the asset.
  • A third performs physical verification.
• Physical Safeguards:
  • Secure storage (locks, restricted access).
  • Asset tagging (barcodes, RFID) for tracking.
  • Insurance coverage for high-value items.
  • Tracking devices for portable assets (e.g., laptops, vehicles).
• Authorization and Approval:
  • Require approvals for acquisitions exceeding thresholds.
  • Documented procedures for disposals or transfers.
• Record-Keeping:
  • Maintain a detailed fixed asset register including description, cost, location, serial number, acquisition date, depreciation method, and useful life.
  • Use centralized systems (e.g., ERP or asset management software) for accuracy.
• Periodic Physical Inventory:
  • Conduct annual or biennial physical counts by independent personnel.
  • Use “blind counts” (without providing expected quantities) to avoid bias.
  • Reconcile differences promptly and investigate variances.
• Depreciation and Valuation:
  • Apply consistent, approved depreciation policies.
  • Review for impairment regularly.
• Disposal Controls:
  • Require approvals and documentation for sales, scrapping, or donations.
  • Record gains/losses accurately.

For small and attractive assets (e.g., laptops, tools), maintain separate inventories even if below capitalization thresholds.

Audit Procedures for Assets

An assets audit typically includes:

1. Planning: Define scope, review prior audits, and assess risks.
2. Understanding Controls: Evaluate design and operating effectiveness of internal controls.
3. Testing:
   • Vouch acquisitions to invoices and approvals.
   • Verify existence through physical observation.
   • Reperform depreciation calculations.
   • Test disposals for authorization.
4. Reconciliation: Compare physical assets to the register.
5. Reporting: Document findings, weaknesses, and recommendations.

Internal audits focus on ongoing improvement, while external audits (e.g., under SOX or PCAOB standards) emphasize financial statement assertions like existence, completeness, and valuation.

Common Challenges and Risks

• Inaccurate records due to poor tracking.
• Theft or loss of portable assets.
• Overstated/understated values from improper depreciation.
• Non-compliance with tax or regulatory requirements.

Real-world examples highlight failures: Cases like Toshiba (2015) involved manipulated asset values due to weak controls, leading to overstated profits.

Benefits of Strong Internal Controls

• Reduced fraud and loss.
• Accurate financial statements.
• Improved operational efficiency.
• Enhanced compliance and stakeholder trust.
• Extended asset lifecycle through better maintenance.

Implementing robust controls, aligned with frameworks like COSO, ensures assets are protected and contribute effectively to organizational goals. Regular training, monitoring, and technology adoption (e.g., asset tracking software) further strengthen these practices.