Internal Controls

 

WHAT ARE INTERNAL CONTROLS?

Internal controls are the mechanisms, rules, and procedures implemented by a company to ensure the integrity of financial and accounting information, promote accountability, and prevent fraud.

 

 

WHO IS RESPONSIBLE FOR INTERNAL CONTROLS?

We all play some part in ensuring the internal controls of operations are effective and efficient in reaching the University's goals and objectives. Faculty and staff have responsibility for ensuring that financial and operational controls are in place and functioning for a variety of areas. They are also responsible for reporting any breakdown in controls that may come to their attention. All university managers are responsible for planning, directing, staffing, implementing, and monitoring internal controls to ensure efficient and effective operations, reliable financial and operational reporting, and compliance with requirements.

 

 

The COSO Framework

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) Framework is a structured model designed to help organizations establish, implement, and assess internal controls to manage risk, ensure compliance, and improve financial reporting reliability. It consists of five interconnected components: Control Environment, Risk Assessment, Control Activities, Information & Communication, and Monitoring Activities, supported by 17 principles. 

The 5 Components of the COSO Framework:
  • Control Environment: The foundation of the organization, setting the tone from the top regarding ethical values, governance, and control culture.
  • Risk Assessment: The process of identifying, analyzing, and managing risks that could hinder the achievement of objectives.
  • Control Activities: Policies and procedures designed to mitigate risks, including preventative and detective controls, to ensure management directives are followed.
  • Information and Communication: The flow of information (internal and external) necessary to support the functioning of internal controls and ensure roles are understood.
  • Monitoring Activities: Ongoing evaluations or separate assessments to ensure all five components of internal control are present and functioning effectively.

For more information see here or

 

 

The Following Information on Internal Controls is Available Upon Request:

  • BOT Internal Controls and ERM Policy
  • Internal Controls Assessment Checklist
  • Internal Control Examples
  • Internal Control Assessment Tool & Instructions