Internal Controls

FIN-ACC-470

The IU Seal: Indianensis Universitatis Sigillum MDCCCXX

Scope
Policy Statement
Reason for Policy
Procedures
Definitions
History
Related Information

About This Policy

Effective Date:: 12-01-2004
See current policy

Date of Last Review/Update:: 12-01-2004

Responsible University Office:: Financial Management Services

Responsible University Administrator:: Vice President and Chief Financial Officer

Policy Contact:: Joan Hagen
Associate Vice President
and University Controller,
Office of the Controller
jhagen@iu.edu

Policy Feedback:: If you have comments or questions about this policy, let us know with the policy feedback form.

Scope

All Indiana University units and employees.

Policy Statement

The Board of Trustees and the President of Indiana University are committed to a solid structure of internal controls. The University considers internal controls to be crucial in providing reasonable assurance regarding the safeguarding of University assets and the achievement of operational, financial reporting and compliance objectives.

The Trustees, President, university and campus administrators, deans, department chairs, and directors are responsible for setting a tone of accountability, high ethical standards and business conduct expectations.

The Office of the Vice President and Chief Financial Officer (VPCFO) is responsible for insuring that an adequate internal control structure is in place. In this role the VPCFO’s office will insure that appropriate documentation and guidance exist in the form of Financial Policies and Standard Operating Procedures, that appropriate business rules and controls have been incorporated into financial systems, and that a tone of ethical behavior and compliance is maintained by senior financial administrators.

It is the responsibility of the vice-presidents, campus administration, deans, department chairs, directors, and the fiscal officers of the university to build and maintain an internal control environment at the responsibility center and department level. This responsibility includes requiring that staff are well trained, educated on university financial policies, and that a tone of ethical behavior and compliance is maintained by leadership of the responsibility center or department.

The Internal Audit Department is responsible for the independent review and assessment of the adequacy and effectiveness of internal controls at all levels of the University.

Reason for Policy

To establish responsibility for internal controls and convey the importance of internal controls for an organization.

Procedures

Unit’s soliciting advice on financial and control procedures should contact Financial Management Services (FMS), their Responsibility Center Fiscal Officer, or their campus Vice Chancellor of Finance. Since the Internal Audit Department must remain independent and objective, they will not have any responsibility for establishing or maintaining the University internal control systems.

Definitions

Internal Controls: A system consisting of specific policies and procedures designed to provide management with reasonable assurance that the goals and objectives it believes important to the entity will be met.

Internal controls exist in order to promote operational efficiency and effectiveness, provide reliable financial information, safeguard assets and records, encourage adherence to prescribed policies and comply with regulatory agencies.

The basic concepts of internal controls would indicate that:

Management, not auditors, must establish and maintain the entity’s controls.
The internal control structure should provide reasonable assurance that financial reports are correctly stated.
No system can be regarded as completely effective.
Controls should be applied to manual and computerized systems.

The detailed objectives of internal controls are to insure that at the transaction level, the transactions are valid, properly authorized, recorded, properly valued, properly classified, recorded at the proper time, are in subsidiary records and are correctly summarized.

An internal control environment consists of management’s philosophy and operating style which includes the tone at the top that is set by the board and senior executives of an entity. It should also include:

The integrity and ethical values of the University’s employees.
An organizational structure that promotes separation of duties and decreases conflicts of interest.
The assignment of authority and responsibility so people understand their roles and responsibilities.
Competent, knowledgeable personnel who are informed of policies and procedures and have the proper training and ongoing development.
Communication of pertinent issues.
Information systems that have built-in business rules and controls.
An Internal Audit function.
External influences that include external auditors and an adherence to compliance guidelines and standards.

History

This policy was established on December 1, 2004.

Please note: This is an archived version of the policy. View the current version.