Internal Audit Services

Internal Controls

Internal controls are practices that protect or make more efficient use of the University's assets. Some types of controls are listed in the following .

•	Segregation/Separation of Duties: Duties are divided, or segregated, among different people to reduce the risk of error or inappropriate actions. For instance, responsibilities for authorizing transactions, recording them and handling the related asset are divided.
•	Physical Controls: Equipment, inventories, cash and other assets are secured physically, and periodically counted and compared with amounts shown on control records. Access is restricted to those with authority to handle them.
•	Reconciliations: Comparisons are made between similar records maintained by different persons to verify transaction details.
•	Policies and Procedures: Established policies, procedures and job descriptions provide guidance and training to ensure consistent performance at a required level of quality.

The Segregation/Separation of Duties control type is described below in more detail.

Separation of Duties

No one person will perform more than one of the following seven types of duties:

• Receiving and depositing remittances
   
• Authorizing disbursements
   
• Preparing checks
   
• Operating a check signing machine*
   
• Comparing machine-signed checks with authorizations and supporting documents (or signing checks manually after personally comparing them with authorizations and supporting documents).*  (See below for instructions as to which position is to be assigned this duty.)
   
• Reconciling bank accounts and posting the General Ledger or any subsidiary ledger affected by cash transactions
• Initiating, or preparing invoices

Symptoms of Control Deficiencies

 The existence of one or more of the following signals will usually be indicative of a poorly maintained or vulnerable control system.  These symptoms may apply to the organization as a whole or to individual units or activities 

• Policy and procedural or operational manuals are either not currently maintained or are nonexistent.
   
• Lines of organizational authority and responsibility are not clearly articulated or are nonexistent.
   
• Financial and operational reporting is not timely and is not used as an effective management tool.
   
• Line supervisors ignore or do not adequately monitor control compliance.
   
• No procedures are established to assure that controls in all areas of operation are evaluated on a reasonable and timely basis.
   
• Internal control weaknesses detected are not acted upon in a timely fashion.
   
• Controls and/or control evaluations bear little relationship to organizational exposure to risk of loss or resources.

Reference : State Administrative Manual (SAM) [Section 8080]

 

 

 

SONOMA STATE UNIVERSITY • INTERNAL AUDIT SERVICES
(707) 664-3087• 1801 East Cotati Ave • Rohnert Park, CA 94928

Contact | Website Problems | Text Only | XHTML | CSS | 508 | Download Acrobat | last updated: 2007-06-25