Skip to main content
11609

Internal Audit

Control Activities

Control activities provide reasonable assurances to management that processes and procedures are adequate to achieve the area’s goals and ultimately the goals of the University. Here are just a few examples of control activities:

  • Adequately documented transactions (both paper and electronic) and a periodic review process in place to sample transactions for accuracy
  • Reliable management reports providing accurate financial and operational data
  • Physical assets secured and periodically inventoried
  • Segregation of duties: ensure one person does not have the responsibility for all aspects of financial or sensitive transactions (e.g., ability to authorize, ownership of data, or documentation responsibilities)
  • Well-documented and published disaster recovery and business continuation plans in place for all areas
  • A completed risk assessment and control analysis
  • Proper separation of duties regarding the preparation, approval, and recording of disbursements
  • Positive tone at the top: management sets a good example for the area regarding the control environment and adherence to policies