Internal Controls
What are Internal Controls?
Internal controls are operating practices that are established to provide reasonable assurance that specific objectives will be achieved. Internal controls, which help assure that departments operate according to plan, are tools used everyday by managers, from the unit levels to the President of the University. The internal control structure of the University includes such things as written policies and procedures, organizational design, and physical security of assets. Simply put, internal controls are good basic business practices. The following are examples of internal controls used within the University:
- Implementing procedures to encourage compliance
- Using passwords to restrict computer access
- Locking your office or filing cabinets to discourage theft
- Reviewing monthly general ledger to verify transactions
Benefits of an effective internal control system include the ability to:
- Safeguard assets from waste, fraud, and inefficient use
- Promote accurate and reliable accounting records
- Encourage and measure compliance with policies, procedures, and applicable laws and regulations
- Evaluate the effciency of operations
Internal controls can generally be classified as either preventive or detective controls.
Preventive controls are designed to discourage errors, irregularities, or other undesired events before they occur. For example, expenditures of a department are reviewed by the authorized account signers prior to payment, to ensure propriety and validity of the expenditure.
Detective controls are those designed to identify errors or irregularities that have already occurred. For example, prompt review of monthly general ledger account detail will detect expenditures posted to an erroneous general ledger account. The internal audit function is an internal control itself, in that it evaluates and appraises other University controls. The Internal Audit department reviews the effectiveness of internal controls and makes specific recommendations for improvements. Our findings, comments, and recommendations for improvement are reported to applicable University administration at the conclusion of each of our audits.
