300 likes | 841 Views
Internal Control. A presentation by Internal Audit Don Holland University Director of Internal Audit. Anytime you suffer a setback or disappointment, put your head down and plow ahead. Les Brown . Presentation Agenda. Introduction to Internal Controls Including a Video
E N D
Internal Control A presentation by Internal Audit Don Holland University Director of Internal Audit
Anytime you suffer a setback or disappointment, put your head down and plow ahead. Les Brown
Presentation Agenda • Introduction to Internal Controls Including a Video • Key Internal Control Assessment Areas • Assessment ‘How To’ • Overview of Key Internal Control Processes • Practical Guidance and Helpful Tips • Presentation Wrap-up Including Next Steps
Internal Control • Internal control is the system of accounting and administrative processes established by management to ensure that management’s objectives will be achieved. • Management is also responsible for knowing the exposures to fraud for their areas and for detecting suspected wrongdoing. • Management is further responsible for maintaining appropriate internal control in their areas based on the COSO model below.
ACUA Video … It is the PLOT that counts…
“…The University Fraud and Theft Prevention Policy is just one element of KU's commitment to the highest standards of principled and ethical behavior to the students, employees, administrators, faculty, and taxpayers of the State of Kansas…” KU Chancellor Bernadette Gray-Little - Sent: Tuesday, January 12, 2010 9:32 AM
KU High Risk Area’s of Concern • 6 key areas to Focus on • Reconciliation of account balances • Information Management • Cash on hand, receipting and handling • Procurement card & Expenditure approval • Time & Leave reporting • Equipment & Inventory management
Internal Control Assessment - a process… IA Website: http://www2.ku.edu/~audit/ • Questionnaires • Flash Controls • SAAS Detailed • Audit
Reconciliation of Account Balances Are expenditures and commitments of funds tracked and compared to budgets on a timely basis? • This is one, if not the most, important control features that needs to be embracedand it is often the most neglected. • Proper reconciliation and review of financial reports by the appropriate persons is one of the most effective controls Management has over their fiscal integrity. • The reconciliation reviewer should initial and date the reconciliation report to document their review.
Information Management Is confidential information - Hard and Elec - properly secured at all times? • Hard copy confidential information should always be stored in locked drawers or cabinets and access to the keys should be restricted. One of the University’s highest exposures and it is often the most complacent • Electronic confidential information should be password protected, with password access restricted. • Minimize retention of confidential information • Policies • KUL • The Policy Library provides guidance on information security: http://www.policy.ku.edu/infoaccess.shtml • The Comptroller’s Office provides guidance on archiving guidelines: http://www.comptroller.ku.edu/records_retention/ • KUMC • The Policies and Procedures Library provides guidance on information security and archiving guidelines: http://www2.kumc.edu/ir/policy/ http://www.kumc.edu/Pulse/policy/recordretention.html
6 Key Areas to Focus On • Reconciliation of account balances • Information Management
The End is the Beginning… The amount of benefit your unit receives from a control self assessment is in direct proportion to the effort you put into the assessment process.
Internal Control Manual A presentation by Internal Audit Angela York
Internal Control Manual This manual, by design, is imperfect – but it is a terrific tool for fiscal officers to review and incorporate in their individual unit control processes.
What can you expect to see? • Description of Risk • Criteria • Auditor’s Overview • Best Practices • Process • Related Issues • Related Links
Leave Reporting • Internal Leave Reporting Practices • Designated Timekeepers (& back-ups) • Update records bi-weekly • Maintain leave balance documentation • Monitor timekeeping
NEXT STEP… • My “Onion” • Attendance • Questionnaire - EMAIL • CPE • Handouts
ID Current Controls Acceptable? Document Risk Acceptance Decision Mission and Organizational Objectives Identify and Assess potential RISKs by asking: • What could go WRONG? • How likely is it that “it” will happen? (Probability) • What will be the impact if “it” happens? (Exposure: $ and/or Reputation) • What must go RIGHT? ID & Assess Risks ID & Assess Leftover Risks Action No Yes
Internal Audit: A Resource, not a Threat! “We are Key University Partners in Trust – Working together with KU leadership to promote student success and University excellence through management accountability and fiscal responsibility.” Add Footer information here