According to SAS 55 (AU 319), Consideration of Internal Control in a Financial Statement Audit, an entity’s internal control structure (ICS) consists of the policies and procedures established to provide reasonable assurance that specific entity objectives will be achieved. Only some of these objectives, policies, and procedures are relevant to a financial statement audit. Which one of the following would most likely be considered in such an audit?