INTERNAL CONTROLS DEFINED

Internal controls are safeguards for university processes designed to provide reasonable assurance as to the achievement of objectives for:

  • Reliability and integrity of financial and non-financial information

  • Efficiency and effectiveness of processes and programs

  • Safeguarding of assets

  • Compliance with university governance, state governance, and federal law

BEST PRACTICES

1. Written rules, policies, and procedures should be used in all departments

2. Departments should be familiar with University policies and procedures

3. Staff should be adequately trained for their current position

4. Departments should have an operating plan and goals to be met

5. Goals should be prioritized

6. Never sign anything you do not understand

7. Never give anyone else signing authority on your behalf

1. Is there a formal written policy for cash handling and collections?

2. Receipts should always be given

3. Ensure checks are properly payable to the University entity which is collecting the money

4. Ensure the collection of funds and the deposit are performed

5. Is a safe or lock-box used?

6. Safe access should be limited

7. Deposits should be made in a timely manner

8. If a cash register is used, ensure the drawer is reconciled regularly

9. Segregation of duties is necessary for keeping one employee from having complete control over a process

1. Petty cash should be kept in a secure location

2. Access should be limited

3. The custodian of the funds should not be the one to count the fund

4. Should be used for University business only

5. Supporting receipts should be maintained

Please refer to University Rule 3359-11-17

Conflict of Interest forms can be obtained by visiting the ORA Website

1. The department should have a written policy on expense approval

2. Procurement card users should be aware of the policies in the manual

3. Segregation of duties for authorization and reconciliation

4. Are there procedures in place to prevent the creation of new vendors or detection of duplicate vendors?

5. Does the invoice match the authorization and receiving document?

1. Ensure computer equipment is secure to prevent theft

2. Access to computers is limited to authorized users

3. Do not share passwords

4. Ensure computer back-up is performed regularly

5. Files should be saved on secured network drives

6. All software should have appropriate licenses

7. Anti-Virus software should be used

8. Access to all networks and resources should be cut off upon employee termination