• Control Activities


    Control activities provide reasonable assurances to management that processes and procedures are adequate to achieve the area’s goals and ultimately the goals of the University. Here are just a few examples of control activities:

    • Adequately documented transactions (both paper and electronic) and a periodic review process in place to sample transactions for accuracy
    • Reliable management reports providing accurate financial and operational data
    • Physical assets secured and periodically inventoried
    • Segregation of duties: ensure one person does not have the responsibility for all aspects of financial or sensitive transactions (e.g., ability to authorize, ownership of data, or documentation responsibilities)
    • Well-documented and published disaster recovery and business continuation plans in place for all areas
    • A completed risk assessment and control analysis
    • Proper separation of duties regarding the preparation, approval, and recording of disbursements
    • Positive tone at the top: management sets a good example for the area regarding the control environment and adherence to policies