1 / 32

Internal Controls

2. Learning Objectives. At the end of this presentation, you should have an understanding aboutwhat is a Risk and a Risk Assessmentwhat is meant by Internal Controls"specific examples of internal controls that can protect you and your department. . 3. . Risk Awareness. . Internal Control. .

zorina
Download Presentation

Internal Controls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. 1 Internal Controls What Are They and Why Should I Care? or Isn’t That Someone Else’s Job? Presented to RARA October 2008

    2. 2 Learning Objectives At the end of this presentation, you should have an understanding about what is a Risk and a Risk Assessment what is meant by “Internal Controls” specific examples of internal controls that can protect you and your department

    3. 3

    4. 4 Risk Awareness

    5. 5

    6. 6 Risk Assessment

    7. 7

    8. 8

    9. 9

    10. 10

    11. 11 Internal Controls

    12. 12

    13. 13

    14. 14

    15. 15

    16. 16

    17. 17

    18. 18 Control Characteristics / Activities Controls can be preventive (preferable) or detective: Preventive: Control mechanism that prevents problems from occurring Authorization / Approvals Segregation of duties Management oversight System access controls (passwords) Physical access controls Cash safes Safety clothing Detective: Control mechanism that uncovers a problem Account reconciliation and review Budget vs actual analyses Effective monitoring Exception reports Complaints / tips / hot-line calls Job rotations Smoke alarms Motion detectors

    19. 19 Control Characteristics / Activities

    20. 20

    21. 21 What Should Research Administrators Expect from the Office of University Audit? Presented to RARA October 2008

    22. 22 Learning Objectives At the end of this presentation, you should have an understanding about the purview of the Office of University Audit (OUA) how OUA conducts audits, both horizontal and department-specific how OUA responds to consultative requests

    24. 24 Office of University Audit Mission Statement “Our mission is to provide audit and advisory services to the University Community by assessing risks, analyzing controls, and ensuring that business practices are effective, efficient, and compliant with University and regulatory policies.”

    25. Office of University Audit Organizational Chart

    26. 26 Elements of an ideal relationship An audit function with a modern perspective OUA understands the complex nature of research administration in a university Audit staff are highly knowledgeable about current applicable government rules and UR policies Audit staff are highly knowledgeable about internal controls OUA is focused on customer service and “let’s get it right”

    27. 27 What to expect from the Office of University Audit Horizontal Audits: Advance e-mail notification to the department chair (no surprise visits) Maximum use of existing data for transaction testing Adequate time will be given to your department to respond to our request Face to face meeting to discuss your processes and procedures Immediate feedback of findings, to ensure they are accurate and to initiate immediate corrective action Feasible improvement recommendations Follow up until control weaknesses are addressed

    28. 28 What to expect from the Office of University Audit Sponsored Research Audits: Structured risk assessment approach to identify the major risks to the sponsored research endeavor Collaborative audit planning to ensure high risk areas are identified Formal audit plans and schedules with no surprises and no unnecessary interference during critical time periods Maximum use of existing data for transaction testing Immediate feedback of findings, to ensure they are accurate and to initiate immediate corrective action Feasible improvement recommendations Follow up until control weaknesses are addressed

    29. 29 Questions to Ask When Selected for Audit What is the audit objective? What are the highest risk areas in which you will focus? What might you do to address these risks? Who will perform the audit, and when? Who from our Dept will be required to assist you in the audit and what will be our roles? What information will you need from us, and are there less obtrusive, alternative sources? When will I know if you think you have identified a problem? Who else will know? How will you develop recommendations? How will you know that recommendations have been implemented? When are your final conclusions reported and what is your reporting model? Expect high performance and good customer service from your auditor!

    30. 30 What can you do? Open your staff training opportunities and information networks to your auditors. Compare your understanding of the auditor’s role with her/his understanding…work together to close gaps If you still have concerns, discuss them with the OUA…openly and non-defensively

    31. 31 What to expect from the Office of University Audit Sponsored Research Consultation: Timely response to your questions and requests “Customer service” oriented approach when responding to calls / e-mails for advice Will facilitate collaboration with other university departments when responding to complex questions Able to respond immediately to concerns of questionable or fraudulent behavior

    32. 32

    33. 33 Questions? Contact Salim Alani - salim.m.alani@rochester.edu Chris Butler - chris.w.butler@rochester.edu OUA Webpage http://www.rochester.edu/adminfinance/audit/

More Related