1 Internal Control Guidelines The four basic functions of management are usually described as planning, organizing, directing, and controlling. Internal control is what we mean when we discuss the fourth function, controlling. Adequate internal controls allow managers to delegate responsibilities to subordinate staff and contractors with reasonable assurance that what they expect to happen, actually does. Managers should develop internal controls for each activity for which they are responsible. The internal controls exercised over individual activities, when taken collectively, become the internal controls of the program or administrative function of which they are a part. No system of internal control functions properly without the knowledge and support of management at all levels. Because departments in state government vary in size, complexity, and degree of centralization, no single method of internal controls is universally applicable. Managers should use this guide as a framework for developing their internal control systems, consistent with their department's operations and agency mission. Benefits for each internal control should exceed the cost. Under each category one or two risks are listed that may exist if the internal controls are not followed. Cash and Revenue Risk: Cash Receipts lost or stolen. There is always a high risk of theft when handling cash and strong controls are essential to safeguard cash receipts. These controls help ensure that cash is brought under control immediately upon receipt and that procedures are in place at each step in the process to ensure the cash is properly secured and accounted for. Risk: Cash receipts recorded incorrectly in the accounting system. It is important to maintain the integrity of the accounting system involved in recording cash receipts. Poor accounting controls provide the opportunity for someone to misappropriate cash receipts without the risk of detection. If feasible, two people should be responsible to open the mail, one to open the mail and the second to create a remittance/receipts list. A remittance list is a list of checks or cash received by the agency. Checks received in the mail should immediately be restrictively endorsed For Deposit Only, (Name of Agency). A reconciliation of receipts/remittance list to posted deposits should be completed by someone who does not have access to cash. One person should maintain custody of remittances until deposited. A reconciliation should be done of federal funds deposited in PeopleSoft to the amount shown by the federal government as paid to the agency. This reconciliation should be done by someone independent of the individual responsible for drawing down federal funds. If an agency issues permits or licenses, they should be pre-numbered. If pre-numbered permits, licenses, or receipts are used they should be tracked to ensure they are properly accounted for. Deposits should be made on a daily basis if more than $500 is collected. Deposits should be made every Friday regardless of the amount collected. Proper safeguards should be maintained for protecting undeposited collections. If sales are made with a credit card, a reconciliation of the daily summary from the credit card machine to receipts from till tape should be done by a person independent of operating the credit card machine.
2 A reconciliation of money deposited in agency s credit card account at BND to the daily summary from the credit card machine should be completed by a person independent of operating the credit card machine. An original bill should be present when issuing a refund to a credit card. A refund to a credit card should be processed by an individual independent of processing the credit card transactions. Each agency should maintain a log of refunds to a credit card and review it for unusual patters or transactions periodically. Petty cash funds should be properly authorized. (NDCC ) Adequate physical safeguards should be maintained for all petty cash funds. Outside bank accounts should be properly authorized. (NDCC ) Interest earned on outside bank accounts should be deposited into the general fund unless there are other statutory provisions that direct otherwise. (see NDCC subsection 16 for further clarification) Period ending cutoff procedures should ensure recognition in correct period. Procedures should exist to ensure that all deposited receipts are recognized in the accounting system information. Receivables Risk: Invoice errors (incorrect charges) result in excess/loss of revenue and inaccurate accounting. These controls will help ensure that invoices are prepared accurately which will result in revenue being collected and reported properly. A proper segregation of duties will ensure the individual responsible for billing does not have access to cash. A proper segregation of duties should ensure individuals with access to cash are not responsible for updating accounts receivable records or approving write-offs or adjustments. Output from PeopleSoft should be reviewed by appropriate personnel to ensure accuracy. Accounts should be aged at least monthly. Aged account reports should be reviewed by a responsible official. All delinquent accounts should be followed up for collection. Procedures should be established to ensure that individuals with delinquent accounts are precluded from receiving additional credit. All disputed receivables should be handled by an individual independent from those receiving payment. Payroll Risk: Fictitious employees, overpayment, and excess leave uses. Payroll preparation, timekeeping, and personnel record-keeping duties should be segregated. Payroll processing (including access) should be segregated from payroll register approval. Payroll register should be approved by appropriate personnel.
3 Individual time and attendance records should be reviewed and approved by supervisory personnel. All leave (other than emergency or sick leave) should be approved in advance. Vacation, sick leave, and overtime records should be checked by the employee s supervisor for overdrawn balances prior to submission of the employee time and attendance report. If payroll checks are physically distributed they should be done so by someone who is not responsible for hiring or firing, nor who approves time cards, nor takes any part in payroll preparation. One-time adjustments should be properly supported. The one-time payment query should be printed out monthly, by someone who has inquiry rights only. This report should then be approved by someone who is authorized to approve payroll. The preparation of Personnel Actions Forms (PAFs) should be completed by someone independent from payroll preparation. Changes to PAFs should be approved at the appropriate level of management and maintained on file. No individual employee should be able to adjust their own salary. Confidentiality of information should be properly maintained by restricting access to HR records to authorized personnel only. Procedures should be in place to ensure that operating departments promptly notify the payroll office of employee terminations. At this time terminated employee s user access to computer applications should be deleted. Investments Risk: Unrecorded or unauthorized transactions; transactions at inappropriate prices or at unfavorable terms; payment of fictitious or inflated prices. Responsibilities for initiating, evaluation, and approving investment transactions should be segregated from those for detail accounting, and other related functions. Responsibilities for initiating a transaction should be segregated from those for final approvals that commit client resources. Custodial responsibilities for securities or other documents evidencing ownership or other rights should be assigned to someone who has no accounting duties. Adequate physical safeguards and custodial procedures should exist over investments. All securities should be registered in the name of the government unit. Securities should be periodically inspected or confirmed by a person independent of the investment activity. Detailed accounting records need to be maintained for investments. Investment earnings should be credited to the fund from which the resources were provided for the investment.
4 A periodic comparison should be made between income received and the amount specified by the terms of the security of publicly available investment information. Procedures should exist for reconciling the detail accounting records with the trustee statements. Inventory Risk: Inventory items lost, damaged or stolen as a result of poor physical security. Strong physical security will help reduce the state s exposure to lost, stolen, or damage inventory. Perpetual records or manual records should be kept by someone who does not have the following responsibilities: custody of stock, authority to requisition withdrawals or other movement of inventory. A year-end physical count of inventory should be taken by someone who does not have physical custody of inventory nor maintains detailed inventory records. Pricing, extensions, and summarization of the physical counts for proprietary funds should be done by someone independent of the person responsible for physical custody of inventory and the detailed inventory record keeping. All transfers of inventory should be accompanied by a pre-numbered transfer document. Inventories should be stored where loss from fire, theft, temperature, humidity or other elements is minimized. Access to inventory should be restricted to only authorized personnel. Perpetual records should be adjusted to periodic physical inventories taken annually or on a cyclical basis at least once a year. Unusual differences between physical counts and detailed inventory records should be investigated. Fixed Assets Risk: Fixed asset, betterment, improvement, repair/maintenance/construction-in-progress, intangible, capital lease or operating lease is misidentified and errors are made in the determination of cost basis, useful life, salvage value and depreciation method. Identifying the proper expenditure type and depreciation components will ensure the state s financial statement will be accurate with respect to fixed asset accounting. Risk: Inadequate physical security of assets. Physically securing the state s assets will prevent them from being lost, stolen or damaged. Responsibilities for initiating, evaluating, and approving capital expenditures, leases, and maintenance or repair projects should be segregated from those for project accounting (ex. Tracking construction in progress) and property records functions. An annual physical inventory of fixed assets should be taken by an individual who has no custodial or record keeping responsibilities. Authorizations of deletions should be segregated from detailed record keeping, custody of assets, and access of records.
5 An appropriate person should evaluate capital assets for impairment if prominent events or changes in circumstances indicate the possibility of impairment, and the carrying amounts of impaired capital assets should be properly adjusted. All acquisition and disposal of fixed assets should be properly authorized by the agency director or the agency director s designee. All capital assets, except for infrastructure assets and intangible assets, must be tagged or otherwise identified as State property. The assigned property identification number must be recorded on the fixed asset listing. All agencies should maintain a fixed asset listing of capital assets recording, at a minimum, the property identification number, description and location of the asset, as well as the method of acquisition, funding source, date of acquisition, date of disposal, and cost. Differences between records and physical counts should be investigated. Records should be adjusted with the proper approval to reflect any shortages. Fixed assets should be protected from unauthorized access or use and properly safeguarded from loss through theft. Fixed assets should have adequate insurance. Expenditures and Payables Risk: State resources lost or stolen through unauthorized/improper expenditures. Adequate controls over the expenditure process are essential in preventing and detecting fraud and other improprieties involving State resources. All purchases should be approved by the appropriate level of management. Responsibilities for the approval of vouchers and IDB s should be segregated from those for preparation. Responsibilities for the approval of JV s and correcting entries should be segregated from preparation. An agency should develop budgets of actual anticipated expenditures and revenues on at least a quarterly basis and compare that budget with actual expenditures and revenues on the accrual basis to budgeted expenditures and revenues. State procurement procedures should be followed as required at All invoices and claim forms should be reviewed and approved, by authorized signature, prior to payment. This includes meeting the public benefit threshold and consideration of appropriation, cash, statutory and other applicable requirements. Receiving clerks should be independent of the purchasing function. Receiving reports should be used to post quantities to detailed inventory records. Invoices should be compared to purchase orders and the receiving report. Receiving clerks should compare items to the purchase order. All paid invoices must be canceled to prevent duplicate payment.
6 Each state agency should maintain adequate records of unmatched purchase orders and receiving reports along with unvouchered vendor s invoices. These should be periodically reviewed, investigated, and resolved. Monthly statements from vendors should be regularly reconciled with open purchase orders and paid claims. All supporting documentation (i.e., claim, purchase order, invoice, etc.) must be maintained in accordance with the Records Retention and Disposition schedule as delegated by ITD Records Management Division. (http://www.nd.gov/itd/records/retention/998/998001_descriptions.pdf) Each state agency should have procedures in effect to ensure proper cut-off at year-end. (OMB policy 200) P-cards Each agency should assign a specific individual the responsibility of administering purchase cards. The agency purchasing card administrator or authorized signer may not be a cardholder. Monthly reconciliations of receipts to the monthly individual purchase card statement should be performed and signed off by card holders and their supervisors. Individual purchase card statements should be reconciled to the Transaction Detail report or the cardholder/company statement. This reconciliation should be done by a non-card holder. Purchase cards should be assigned to one individual and not a group of people. Procedures should be in place to disable purchase cards immediately upon termination of a cardholder. For a full list of policies and procedures regarding p-cards see Closing Packages/Financial Reporting Risk: Accruals, deferrals and adjustments are not identified for financial reporting purposes. Identifying the proper accruals, deferrals and adjustments will help ensure financial statement accuracy. Agencies should keep working papers to support each amount they enter on each closing package form. The agency s Finance Director should be responsible for keeping all working papers until the audit of the statewide financial statement is complete. Closing packages should be queried and developed by staff knowledgeable of requirements. Each closing package should bear the name or initials of the preparer and the preparation date. The final review and approval of closing packages should be segregated from the responsibility for preparation. Each closing package submitted should be approved by the agency s Finance Director or Executive Director.
State of Tennessee Department of Education Office of Local Finance Effective July 2011 Tennessee Internal School Uniform Accounting Policy ANUAL Table of Contents Preface... ii-1 Section 1: Introduction
By Cindy Cumfer NOTE: These policies and procedures are designed for small nonprofits that do not have an administrator with financial expertise. They are set up to divide the fiscal control roles between
Manual for Change-over Arrangements (Version 2.5) September 2013 [Version 1 compiled by CCIF CPA Limited] Project commissioned by Education Bureau Note 1. This Manual for Change-over Arrangements is written
Insider s Guide to School Business and Internal Accounts Letter from the CFO... i Introduction...ii Guiding Principles...ii Contact Information...vi 1. Administration... 1-1 A. Roles and Responsibilities...
REPORT OF THE AUDIT OF THE JACKSON COUNTY SHERIFF For The Year Ended December 31, 2011 ADAM H. EDELEN AUDITOR OF PUBLIC ACCOUNTS www.auditor.ky.gov 209 ST. CLAIR STREET FRANKFORT, KY 40601-1817 TELEPHONE
Internal Controls for Small Businesses to Reduce the Risk of Fraud Copyright Copyright 2009 Intuit, Inc. All rights reserved. Intuit, Inc. 5601 Headquarters Drive Plano, TX 75024 Trademarks Intuit, the
KENTUCKY DEPARTMENT OF EDUCATION Accounting Procedures for Kentucky School Activity Funds Redbook Incorporated by Reference 702 KAR 3:130 Effective July 1, 2013 Table of Contents INTRODUCTION...4 BUDGETS...5
E. AUDIT EVIDENCE 1. The Use of Assertions by Auditor 2. Audit Procedures 3. The Audit of Specific Items 4. Audit Sampling and Other means of Testing 5. Computer-Assisted Audit Techniques 6. Not-for-Profit
BLOOMFIELD HEALTHCARE AND REHABILITATION CENTER FINANCIAL STATEMENTS INCLUDING INDEPENDENT AUDITOR S REPORT DECEMBER 31, 2013 AND 2012 Johnson Block & Company, Inc. Certified Public Accountants 2500 Business
Thomas A. Schweich Missouri State Auditor FOLLOW-UP REPORT ON AUDIT FINDINGS City of Brentwood October 2013 Report No. 2013-109 http://auditor.mo.gov Follow-Up Report on Audit Findings Table of Contents
INTERNAL Audit Manual PART 4 DETAILED GUIDANCE ON SPECIFIC AUDIT AREAS Contents 1. INTRODUCTION 2. AUDIT OF THE BUDGET CYCLE 3. REVIEW OF HUMAN RESOURCES MANAGEMENT 4. REVIEW OF CASH COLLECTION AND BANK
Finance Manual for Victorian Government Schools Financial Services Division Published by the Communications Division for Financial Services Division Department of Education and Early Childhood Development
Wheaton College Corporate Credit Card User Guide Updated November 2012 For General Information Contact: For Accounting/Reconciliation Info Contact: Business Services Office Accounts Payable Office Park
Audit Manual PART TWO SYSTEM BASED AUDIT Table of content 1. Introduction...3 2. Systems based audit...4 2.1. Preparing for & planning the audit assignment...5 2.2. Ascertaining and recording the system...7
REPORT OF THE AUDIT OF THE LETCHER COUNTY SHERIFF For The Year Ended December 31, 2013 ADAM H. EDELEN AUDITOR OF PUBLIC ACCOUNTS www.auditor.ky.gov 209 ST. CLAIR STREET FRANKFORT, KY 40601-1817 TELEPHONE
BOARD DEVELOPMENT Financial Responsibilities of Not-for-Profit Boards Board Development Financial Responsibilities of Not-for-Profit Boards A Self-Guided Workbook The Right to Copy this Workbook Permission
Standards for Internal Control in New York State Government October 2007 Thomas P. DiNapoli State Comptroller A MESSAGE FROM STATE COMPTROLLER THOMAS P. DINAPOLI My Fellow Public Servants: For over twenty
Accounting Manual for Parents and Citizens Associations Version 3.2 August 2013 P&C Accounting Manual Version 3.1 Page 1 of 98 Table of Contents Introduction... 4 A Message from the P&Cs Qld... 4 The P&C
Training Material on Internal Auditing 1 Session 1 External Audit...5 1.1 Definition and Objective...5 1.2 Responsibilities of External Audit...5 1.3 Scope of the Audit...6 1.4 Auditor s Report Basic Elements...6
EdmundG.BrownJr. AtorneyGeneral StateofCalifornia INTRODUCTION The California Attorney General has primary responsibility for regulating, enforcing and supervising organizations and individuals that administer
UPDATE: AUDITOR OF PUBLIC ACCOUNTS RECOMMENDATIONS FOR Agenda Item J-3 PUBLIC AND NONPROFIT BOARDS September 17, 2010 In May 2009, the Auditor of Public Accounts issued a report entitled Recommendations
General Terms and Conditions for IMLS Discretionary Awards IMLS Native American Library Services Basic Awards IMLS Native American Library Services Basic Awards with Education/Assessment Option Organizations
Manual of Business Methods in Church Affairs In accordance with Title I, Canon 7, Of Business Methods in Church Affairs, and Resolution D-147 (1979 GC): Accounting Principles and Practices for Dioceses,
Government of Western Australia Department of Commerce Consumer Protection Settlement Agents Trust account handbook November 2013 Table of Contents Introduction....3 Using this publication....3 Further
130 S. Main Street Fond du Lac, WI 54935 920.921.7700 Personal Interest Bearing Checking Account-Related Disclosures VARIABLE RATE INFORMATION Please see our online rate information for current interest
BUSINESS MANAGEMENT Internal controls for small business 2008 UPDATE CPA Slate Blue 5405(CMYK) A4P RIM CPA Australia Ltd ( CPA Australia ) is the largest professional organisation in Australia with more