Internal Audits
Audit Charter
Organizational Chart
Internal Audit Committee
Services
Audit Process
Internal Controls
Reports
Resources
Staff
Contact Us
Feedback
UTB Home Page

 

Internal Controls

Importance of Internal Controls

Internal controls are designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

  • Effectiveness and efficiency of operations.
  • Reliability of financial reporting.
  • Compliance with applicable laws and regulations.

Internal Controls Defined

Internal controls consist of five interrelated components. These are derived from the way management runs an operation or function, and are integrated with the management process. Although the components apply to the entire University, small and mid-size departments may implement them differently than large ones. Its controls may be less formal and less structured, yet a small department can still have effective internal control. The internal controls components are:

Control Environment

The control environment sets the tone of an organization, influencing the control consciousness of its people. Control environment factors include the integrity, ethical values and competence of the entity's people; management's philosophy and operating style; the way management assigns authority and responsibility, and organizes and develops its people; and the attention and direction provided by the University.

Risk Assessment

Risk assessment is the identification and analysis of relevant risks to achievement of the objectives, forming a basis for determining how the risks should be managed.

Control Activities

Control activities are the policies and procedures that help ensure management directives are carried out. They include a range of activities as diverse as approvals, authorizations, verifications, reconciliations, reviews of operating performance, security of assets, and segregation of duties.

Information and Communication

Pertinent information must be identified, captured and communicated in a form and timeframe that enables people to carry out their responsibilities. Information systems produce reports containing operational, financial and compliance-related information that make it possible to run and control the organization. Effective communication also must occur in a broader sense, flowing down, across and up the organization.

Monitoring

Internal control systems need to be monitored - a process that assesses the quality of the system's performance over time. This is accomplished through ongoing monitoring activities, separate evaluations or a combination of the two. Ongoing monitoring occurs in the course of operations. Internal control deficiencies should be reported upstream, with serious matters reported to top management and the Regents.

The internal control definition - with its underlying fundamental concepts of process, effected by people, providing reasonable assurance - together with the categorization of objectives and the components and criteria for effectiveness, and the associated discussions, constitute this internal control framework.

Internal Controls Are Everyone's Responsibility

Internal controls encompass high ethical standards and values that are communicated throughout the institution. Implementation for UTB’s internal controls is the prime responsibility of the University's administrators and supervisors. There is a perception that monitoring internal controls is the responsibility of others, such Internal Audit or Financial Administration. But everyone at the university has some responsibility for internal control.

Virtually all employees play some role in effecting control in how business functions operate, in the use of university resources, and in the way they accomplish their work. They may produce information used in the internal control system or take other actions needed to effect control. All personnel must take responsibility to communicate problems in operations, unwarranted deviations from established standards, and violations of policy or law. Appropriate channels for such communication exist at UTB, and include supervisors, the Compliance office, Internal Audits, and the Ethics line program.

Of course, UTB’s senior management and supervisors must assume the leadership in managing internal controls for their areas of responsibility. But other groups also play important roles. The Regents, the Office of the President, Financial officers, and other governing boards at UTB are often involved in developing institution-wide controls and procedures. Internal Audits contributes to the effectiveness of the controls, but they are not responsible to establish or maintain them. It is the responsibility of managers and department chairs to provide oversight. Adequate internal controls are everyone's responsibility.

Fundamental Concepts

While Internal Audit takes a look at an organization's processes and procedures for a given slice in time, maintaining internal controls is a continuing process. It is effected by people. It's not just policy manuals and forms, but people functioning at every level of the institution. Internal controls are a way to provide reasonable assurance to an institution's leaders against risk in operation, financial reporting, and compliance. Internal controls are tools used by employees to mitigate risk for the institution.

What can my department do?

Control activities include, but are not limited to, the following:

  • Implement segregation of duties where duties are divided, or segregated, among different people to reduce risk of error or inappropriate actions. No one person has control over all aspects of any financial transaction.
  • Make sure transactions are authorized by a person delegated approval authority when the transactions are consistent with policy and funds are available.
  • Ensure records are routinely reviewed and reconciled, by someone other than the preparer or transactor, to determine that transactions have been properly processed.
  • Make certain that equipment, inventories, cash and other property are secured physically, counted periodically, and compared with item descriptions shown on control records.
  • Provide employees with appropriate training and guidance to ensure they have the knowledge necessary to carry out their job duties, are provided with an appropriate level of direction and supervision, and are aware of the proper channels for reporting suspected improprieties.
  • Make sure University and departmental level policies and operating procedures are formalized and communicated to employees. Documenting policies and procedures and making them accessible to employees helps provide day-to-day guidance to staff and will promote continuity of activities in the event of prolonged employee absences or turnover.

Remember, everyone in the department has responsibility for internal controls.

Contact Information
80 Fort Brown
Oliveira Library 234
Brownsville, Texas  78520
Phone: (956) 882-7023
Fax: (956) 882-3816
Email: Norma.Ramos@utb.edu