Download presentation
Presentation is loading. Please wait.
Published byBeryl Bond Modified over 9 years ago
1
An Educational Computer Based Training Program CBTCBT
2
Effectively Controlling Risk The University of Texas at Tyler General Compliance Training
3
U.T. Compliance Program u The U.T. Tyler Compliance Program is intended to demonstrate the absolute commitment of the University to the highest standards of ethics and compliance with all applicable laws, policies, rules, and regulations. Ethical conduct and compliance are personal responsibilities, and each employee will be held accountable for his or her conduct.
4
Effectively Controlling Risk u What is the purpose of this training? u Why is it necessary? u What is internal control? u What are the components of internal control? u Where can I learn more?
5
Effectively Controlling Risk What is the purpose of this training? u Provide administrative officials with the training and tools to evaluate internal control at the department level. Risk and Control Self-Assessment Guideline u Provide department employees with the training and tools to evaluate internal control at the activity or process level. Risk Assessment and Control Activities Worksheet
6
Effectively Controlling Risk Why is it necessary? u Highly publicized fraud in both the public and private sector have caused concerns among U.T. System and campus administrators. u What was the most common problem? è WEAK INTERNAL CONTROLS
7
Effectively Controlling Risk What is internal control? : Internal control is a PROCESS, effected by the university’s governing board, administration, faculty, and staff, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: –Effectiveness and efficiency of operations, –Reliability of financial reporting, and –Compliance with applicable laws and regulations.
8
Effectively Controlling Risk Internal Control Process 5 Components ¬Establish Control Environment Perform Risk Assessment ®Implement Control Activities ¯Communicate Information °Monitor Performance
9
Internal Control Process Establish Control Environment u The control environment is the control consciousness of an organization. u The control environment includes the integrity and ethical values of its people, their competence, and the way they do business.
10
Internal Control Process Elements of the Control Environment u Standards of Conduct Digest u Regents’ Rules, Business Procedures Memorandums, etc. u Department standards of conduct u Human resources policies and procedures u Department policies and procedures u Conflicts of interest--disclosure forms u Ethics Guide u Honesty u Zero tolerance
11
Internal Control Process Perform Risk Assessment u Risk assessment is the identification and analysis of risks associated with achieving your objectives. u Risk assessment helps to form a basis for determining how to manage identified risks.
12
Internal Control Process What is our risk? With internal controls, RISK is... The possibility that the organization will NOT: –Achieve its goals –Operate effectively and efficiently –Protect itself from loss –Provide reliable financial data (reports) –Comply with applicable laws, regulations, policies, and procedures
13
Internal Control Process Perform Risk Assessment u Institutions and Departments must define their goals and objectives in relation to their: –Mission, –Operations, –Financial reporting, –Compliance, and –Significant activities or processes. u Then, they must identify and analyze potential risks by asking certain questions: –What could go wrong? –What must go right? –What is the significance of our risks? –What is the likelihood of occurrence?
14
Internal Control Process Perform Risk Assessment Questions employees should consider: u What business are you in? u Who are your customers? u What do they need and want? u What does that say about what you are trying to accomplish? u How will you know you have been successful?
15
Internal Control Process Perform Risk Assessment u A risk is ANYTHING that could jeopardize the achievement of a goal or objective. u For each goal or objective, identify your risks. u Be comprehensive, by considering external and internal factors.
16
Internal Control Process Perform Risk Assessment u For each identified risk, estimate the potential significance (cost) and likelihood of occurrence. u Focus on the major risks, and determine how those risks should be managed and minimized to acceptable levels.
17
Internal Control Process Implement Control Activities u Control activities are the policies and procedures that help ensure that actions identified as necessary to manage risks are carried out properly and in a timely manner. u Control activities should be proactive, value-added, and cost effective.
18
Internal Control Process Implement Control Activities Risks Controls Properly balancing risks and controls makes good business sense!
19
Internal Control Process Implement Control Activities Examples of Control Activities at U.T. Tyler: u Approvals, authorizations, and verifications – Having written policies and procedures and limits to authority u Reconciliations – Explanations of the difference between two sets of data AND taking corrective action
20
Internal Control Process Implement Control Activities Examples of Control Activities at U.T. Tyler, continued... u Reviews of performance –For components, departments, and individual employees u Security of Assets –Limiting access, keeping records, and making periodic counts to compare to our records
21
Internal Control Process Implement Control Activities Examples of Control Activities at U.T. Tyler, continued... u Segregation of Duties –Make sure no one person can initiate, approve, and record one transaction u Controls over Information Systems –General controls over access and development, as well as specific controls within applications
22
Internal Control Process Communicate Information u Reliable and relevant information, from both internal and external sources, must be identified and communicated to employees. u Information should be processed and communicated in a timely manner and in a form that is usable.
23
Internal Control Process Communicate Information What information is relevant and reliable? u Job responsibilities u Goals and objectives u Information to assess risks u Policies and procedures u Laws and regulations u Performance indicators u Customer feedback u Performance evaluations
24
Internal Control Process Communicate Information How should we communicate? u Methods include one-on-one, staff meetings, telephone calls, e-mail, memos, and reports u ONLY communicate information to those who need it –Communicate up, down, and across the organization
25
Internal Control Process Monitor Performance u Monitoring involves evaluating internal control performance over time to determine whether controls are: éadequately designed, éproperly executed, and éeffective. u How do we know?
26
Internal Control Process Monitor Performance u Internal controls are adequately designed and properly executed if all five internal control components are present and functioning as designed: ¬ Control environment Risk assessment ® Control activities ¯ Information and communication ° Monitoring
27
Internal Control Process Monitor Performance u Internal controls are effective if administrators believe: They understand the extent to which the objectives of their operations are being achieved, Financial statements are reliable, and Laws and regulations are complied with.
28
Internal Control Process Monitor Performance Monitoring Activities Include: u Managerial and supervisory monitoring u Self-Assessment (Annual Subcertification letters) u Internal audits
29
Effectively Controlling Risk Self-Assessment What is a self-assessment? u A self-assessment is a “self- audit” of a department’s internal control components at year-end that results in a subcertification letter on internal control, submitted to component management.
30
Effectively Controlling Risk Performing a Self-Assessment Steps in performing a self-assessment include: ¬ Evaluating your strengths and deficiencies Testing the strengths ® Documenting tests ¯ Developing an action plan to correct problems ° Writing the letter to management ± Disclosing weaknesses ² Making your letter available to the U.T. Tyler Audit Office
31
Effectively Controlling Risk Performing a Self-Assessment What is a weakness? u A material weakness is an internal control shortcoming which does NOT reduce the risk of –irregularities, illegal acts, errors, waste, ineffectiveness, or conflicts of interest to a REASONABLE level.
32
Effectively Controlling Risk Summary What does all this have to do with me? u Internal control effectiveness is primarily determined by the knowledge and commitment of ALL U.T. employees. u By knowing U.T. Tyler’s internal control policies and procedures and complying with all laws and regulations, YOU can help the University achieve its goals. u This training is an internal control activity!!
33
Effectively Controlling Risk Where can I learn more? U.T. Tyler’s internal audit contact: Lou Ann Viergever at ext. 5644. U.T. Tyler’s policies regarding internal controls and controlling risk. (consult the Management Responsibilities Handbook) Ask your supervisor or U. T. Tyler’s designated compliance director: Mary Barr at ext. 7151.
34
Test Your Knowledge Following are several questions to test your knowledge of the information presented. Answer all questions correctly to receive credit for the training.
35
Question #1 The most common problem which caused recent frauds in both the public and private sector was weak internal controls. TRUE FALSE
36
REVIEW
37
Question #2 Which of the following are components of the internal control process? ESTABLISHING A CONTROL ESTABLISHING A CONTROL ENVIRONMENT PERFORMING A RISK PERFORMING A RISK ASSESSMENT BOTH OF THE ABOVE BOTH OF THE ABOVE
38
REVIEW
39
Question #3 With internal controls, RISK includes the possibility that our organization will NOT achieve its goals and protect itself from loss. TRUE FALSE
40
REVIEW
41
Question #4 Control Activities should be... RESTRICTIONS ON AN RESTRICTIONS ON AN EMPLOYEE’S AUTHORITY EMPLOYEE’S AUTHORITY PROACTIVE, VALUE-ADDED, PROACTIVE, VALUE-ADDED, AND COST-EFFECTIVE AND COST-EFFECTIVE BOTH OF THE ABOVE BOTH OF THE ABOVE NEITHER OF THE ABOVE NEITHER OF THE ABOVE
42
REVIEW
43
Question #5 Some examples of control activities at U.T. Tyler include reconciliations and having written policies and procedures. TRUE FALSE
44
REVIEW
45
Question #6 Which of the following is relevant information for U.T. Tyler employees? JOB RESPONSIBILITIES JOB RESPONSIBILITIES POLICIES AND PROCEDURES POLICIES AND PROCEDURES CUSTOMER FEEDBACK CUSTOMER FEEDBACK ALL OF THE ABOVE ALL OF THE ABOVE
46
REVIEW
47
Question #7 Monitoring activities include: MANAGERIAL AND MANAGERIAL AND SUPERVISORY MONITORING SUPERVISORY MONITORING SELF-ASSESSMENTS INTERNAL AUDITS INTERNAL AUDITS ALL OF THE ABOVE ALL OF THE ABOVE
48
REVIEW
49
Question #8 A material weakness in internal controls reduces the risk of illegal acts, errors, waste, and conflicts of interest. TRUE FALSE
50
REVIEW
51
Question #9 During this training, references were provided on where to find and who to contact for information on the internal control process and the effectiveness of internal controls. TRUE FALSE
52
REVIEW
53
Congratulations… you have completed your training over Effectively Controlling Risk The University of Texas at Tyler General Compliance Training
54
The Training Post An Educational Computer Based Training Program CBTCBT
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.