This book contains hundreds of very specific controls over the basic processes of a business—order entry, shipping, billing, purchasing, and the like. These controls are presented in layers, beginning with those needed for a very basic paper‐based system. The increased emphasis on controls that is mandated by the Sarbanes‐Oxley Act makes it necessary to determine carefully what risks must be guarded against throughout a company's systems and to construct a set of controls to mitigate those risks. This control point is necessary only in a relatively disorganized purchasing environment where many people can authorize purchases. However, a company should not be ruled by a vast array of multilayered controls, unless it wants to see its operating efficiencies vanish. A better approach is to review the need for controls to ensure that only the correct controls are used in precisely measured amounts. This book is designed for such an approach, since it describes different sets of controls, depending on what best practices are being used.