About This Policy
- Effective Date:
- Date of Last Review/Update:
- Responsible University Office:
- Financial Management Services
- Responsible University Administrator:
Vice President and Chief Financial Officer
- Policy Contact:
Associate Vice President and University Controller
Office of Financial Management Services
- Policy Feedback:
- If you have comments or questions about this policy, let us know with the policy feedback form.
- Print or view a PDF of this policy
- Many policies are quite lengthy. Please check the page count before deciding whether to print.
It is the policy of Indiana University that university financial resources are used in a responsible and appropriate manner in support of the university’s mission and consistent with applicable laws, regulations and ethical practice.
- An effective financial control environment supports the following:
- Management accountability for unit-level activities
- Economical and efficient stewardship of university resources
- Compliance with university policy and procedures and with applicable external laws and regulations
- Procedures to resolve discrepancies and to escalate issues or concerns
- Safeguarding of university assets and protection of university resources against loss and unauthorized use
- Segregation of duties such that no one individual has complete control over more than one key financial function or activity, for example, authorizing, approving, disbursing, receiving, or reconciling
- Approval of transactions by individuals with the business knowledge and authority to determine the appropriateness of the transactions
- Reconciliation of financial data in a timely manner
- Financial Sub-Certification
Financial Management Services coordinates the annual Organization Financial Sub-Certification requirement. Unit leaders and fiscal officers attest to certain statements regarding financial activity of their unit. Financial sub-certification focuses on accountability and on compliance with internal controls. The sub-certification process helps to provide reasonable assurance as to sufficiency and effectiveness of a unit’s internal control structure.
Unit leader for the purpose of annual sub-certification, unit leaders are deans, directors reporting to auxiliary units, vice presidents, provost and chancellors.
- Internal control is a process, effected by an entity’s management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, financial reporting, and compliance. Each employee is responsible for internal controls relevant to that individual’s role within the university and that support the following objectives:
- Operations Objectives – pertain to effectiveness and efficiency of the university’s operations, including operational and financial performance goals. These objectives promote orderly, economical operations and assist in achieving outcomes consistent with the university’s mission. Operations should safeguard resources against loss due to waste, mismanagement, errors, and fraud.
- Reporting Objectives – pertain to internal and external financial and nonfinancial reporting. These objectives encompass reliability, transparency, and other terms as set forth by regulators, recognized standard setters, and university policies.
- Compliance Objectives – pertain to adherence to laws and regulations to which the university is subject.
- Financial Controls and Accountability
- Each employee of the university has a role in the system of internal control. Financial responsibilities are distributed throughout the university’s decentralized environment. Each university employee with an oversight role for the use of university funds and for financial operations and budgets is accountable for upholding control principles and is responsible for ensuring that internal controls are established, documented, and functioning to achieve the university’s and the unit’s mission and objectives. This responsibility includes requiring that staff are educated and well-trained on university financial policies.
- The Internal Audit department is responsible for the independent review and assessment of the adequacy and effectiveness of internal controls at all levels of the university. Since Internal Audit must remain independent and objective, that unit will not have responsibility for establishing or maintaining the university’s internal control systems.
- Components of Internal Control The system of internal control must be designed, implemented and functioning to support the following components:
- Control Environment – the set of standards, processes, and structures that provide the basis for carrying out internal controls across the university. The control environment comprises the commitment to integrity and ethical values that establish oversight responsibility and enforce accountability.
- Risk Assessment – the process to identify, analyze and assess risks to the achievement of objectives.
- Control Activities – the actions established through policies and procedures to mitigate risks to the achievement of institutional objectives.
- Information and Communication – the use of relevant information to disseminate clear messages. Sound internal controls establish expectations and procedures to support the reliability and integrity of financial information and reporting.
- Monitoring Activities – the use of evaluations to ascertain whether internal controls are present and functioning.