Internal control is defined as a process effected by an organisation's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organisation's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organisational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organisation's payments to third parties are for valid services rendered.) Internal control procedures reduce process variation, leading to more predictable outcomes.

A company may require an internal control review on their business processes
or the organisation as a whole, for gaining the benefits or fulfiling the objectives
as mentioned above.