1. What are internal controls?
Internal control comprises the plan of organization and all of the coordinated methods adopted within a business to safeguard its assets, check the accuracy and reliability of its accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies. This definition recognizes that a system of internal control extends beyond those matters which relate directly to the functions of the accounting and financial departments.
2. So, what are internal controls?
The above definition in question #1 really is the textbook definition; however, we think this definition is much more complicated than it has to be. Simply put, we believe internal controls are anything we do to help us achieve our objectives. We believe everyone uses internal controls in their typical daily activities such as the following:
- Did you lock your doors at home before leaving for work? Probably so because you wanted to protect the assets in your home from theft.
- Do you write your PIN number on your debit card? Probably not because you know if you lose your card, you would also most likely lose your money.
- Do you balance your bank statement each month? Hopefully, because it ensures you know the correct balance in your account, ensures no one has inappropriately accessed your funds, and ensures that the bank hasn’t made mistakes in their records.
These items noted above, among other things, make up what we refer to as your personal internal control system. These are things you do to achieve your objectives in your own business and life. Many of these are simply logical, common-sense things you do every day. Just as we apply these things to our personal internal control system, we want to apply relevant controls to the University’s business and operational processes.
3. What is the purpose of internal control?
As noted above, the primary purpose is to help us achieve our objectives. Typically internal controls are noted for having four primary purposes:
- to protect the University’s assets,
- to ensure records are accurate,
- to promote operational efficiency, and
- to encourage adherence to policies and procedures.
4. Are there different types of internal controls?
Yes, generally speaking there are two types: preventative and detective controls.
Preventative Controls are designed to discourage errors or irregularities from occurring. (Example: processing vouchers only after approval signatures have been obtained.)
Detective Controls are designed to find errors or irregularities after they have occurred. (Example: reconciling monthly account statements.)
5. Aren’t the internal auditors responsible for internal controls?
No. We play a role in our system of internal controls by performing evaluations and making recommendations for improved controls. However, the system of internal control is the responsibility of management. We believe every employee plays a role in either strengthening or weakening our institution’s internal control system.
6. How can I be sure my unit has appropriate controls?
Perform a self-assessment of your controls. Contact Internal Audit for some consultation on this.
Request an internal audit.