Background. Alfred University has adopted this internal control plan to safeguard the assets of the Alfred University. The University’s assets include cash, supplies and materials, inventories, capital assets, and enterprise resource planning systems and related electronic databases. Capital assets are comprised of tangible items such as moveable equipment, infrastructure, buildings, and facilities and intangible assets including patents, royalties, copyrights, and discoveries.
Other assets include dedicated and talented faculty to carry out the instruction, research and extension programs. Administrative and support staff manage the financial and logistical services necessary to maintain a motivated and trained workforce and to manage finances and the physical facilities.
The University’s reputation is depended on its integrity and the image projected by its employees. A viable internal control plan can contribute toward the protection of its reputation and assets.
What are internal controls? Internal controls are an integrated system to assess risks, determine how to mitigate those risks, and protect resources. An internal control plan is a system of checks and balances and includes established ways to prevent and detect intentional and unintentional errors. Controls can be designed to be preventive or detective. Everyone at the University is responsible to conduct University business according to the provisions of its internal controls.
An internal control system, no matter how well conceived and operated, can provide only reasonable – not absolute – assurance to management and the Board regarding achievement of an entity’s objectives. The likelihood of achievement is affected by limitations inherent in all internal control systems. These include the realities that judgements in decision-making can be faulty and that breakdowns can occur because of simple errors or mistakes. Additionally, controls can be circumvented by the collusion of two or more people, and management has the ability to override the system. Another limiting factor is that the design of an internal control system must reflect the fact that there are resource constraints and the benefits of controls must be considered relative to their costs.
An internal control plan can be viewed as an effort to ensure employees, including management, conduct business in an effective and efficient manner to safeguard the University’s assets and interest, to avoid waste, abuse, and fraud, to maintain an ongoing and viable entity, to maintain records and a general ledger that support accurate financial reporting and to prevent illegal activity.
Why have internal controls? Internal controls are a factor in assuring the continuation of the University as an on-going concern. By following an internal control plan, the University community can prevent waste, abuse, and fraud and ensure resources are available to carry out the University’s mission. Internal Controls contribute to good business practices that protect economic resources and enhance the University’s reputation and good will.
Financial reporting. An internal control plan includes transaction controls to ensure personnel and financial activity is properly recorded in the general ledger. An accurate general ledger supports the preparation of the University’s financial statements. Complete and accurate financial statements prepared in accordance with U.S. generally accepted accounting principles convey the University’s financial health to federal awarding agencies, banks and the general public. Procedures and responsibilities are established and maintained to facilitate a timely review of external financial statements prior to audit. Any required adjustments are made promptly to ensure the auditor can issue an unmodified opinion on the statements.
Compliance. The University receives awards which support its research program and is part of the financial aid to the students. Awards have requirements which must be met to fulfill the terms of the awarding agencies and individual award documents. An internal control plan includes practices and procedures to ensure the University meets the conditions stipulated by the awarding agencies.
The Board of Trustees is responsible for setting the institutional expectations for internal control, ensuring management is aware of those expectations, requiring the upward communication channels are open through all levels of management, and evaluating management’s effectiveness toward monitoring the control environment and implementing sound control policies and procedures.
Individuals with delegated approval authority, e.g. vice presidents, deans, directors and department chairs, are responsible for establishing, maintaining, and supporting a system of internal controls within their areas of responsibility and for creating the control environment that encourages compliance with university policies and procedures.
The Controller’s Office has the primary responsibility for internal control over financial reporting and compliance with applicable laws, rules and regulations. The Controller is the University source for information and assistance to faculty and staff leadership on this topic and will make resources available to any business function on campus to assist in administering this policy.
The Department of Human Resources is responsible for internal controls over employee recruitment, hiring, separation, promotion, job classification, employee rights, and salary administration. The Director of Human Resources is the University source for information and assistance to faculty and staff leadership on this topic and will make resources available to any business function on campus to assist in administering this policy.
Department managers are responsible for prompt corrective action on all internal control findings and recommendations made by internal and external auditors. The audit process is completed only after managers receive the audit results and take action to correct internal control weaknesses, improve systems, or demonstrate the management action is not warranted.
The University administration will establish and maintain a system of internal controls that satisfies the University’s objectives in the following categories:
All campus systems, processes, operations, functions and activities are subject to evaluations of internal control systems. The results of these evaluations provide information regarding the University’s overall system of control.
Information and communication – Information must be timely and communicated in a manner that enables people to carry out their responsibilities
All levels of internal control are subject to examination by external auditors who are required to report on the adequacy of internal controls over finance and compliance.
1 This policy is subject to revision as deemed necessary, without prior notice. The University shall give notice of any
revisions using the approved method for communication.