Skip to main content
University Policies and Procedures

7.1.43 Internal Control and Internal Auditing

Policy

On October 31, 1989, House Bill 2031 was enacted into law as the Fiscal Control and Internal Auditing Act (FCIAA). The Act requires the establishment of procedures for State Agencies to evaluate their systems of internal and fiscal controls and provides a framework for improving those systems. Per the State of Illinois Statewide Accounting Management System (SAMS) manual, “…internal controls are all the means employed by an ACEO in managing his or her agency. That is, internal controls are all the means used by the ACEO in getting agency personnel to achieve agency objectives”.

The Act places the responsibility for the establishment, maintenance, and evaluation of agency internal controls “squarely on ACEO’s” (Agency Chief Executive Officers). At Illinois State University, this is the University President. FCIAA guidelines “require the chief executive officers of all State agencies to annually certify to the Auditor General whether or not the systems of internal fiscal and administrative control fully comply with the FCIAA.”

Guidelines

The Act requires the establishment and maintenance of a system, or systems, of internal fiscal and administrative controls, which shall provide assurance that:

  1. Resources are utilized efficiently, effectively, and in compliance with applicable law;
  2. Obligations and costs are in compliance with applicable law;
  3. Funds, property, and other assets and resources are safeguarded against waste, loss, unauthorized use, and misappropriation;
  4. Revenues, expenditures, and transfers of assets, resources, or funds applicable to operations are properly recorded and accounted for to permit the preparation of accounts and reliable financial and statistical reports and to maintain accountability over the State's resources; and
  5. Funds held outside the State Treasury are managed, used, and obtained in strict accordance with the terms of their enabling authorities and that no unauthorized funds exist.

Fiscal and administrative controls are most effective when:

  1. Key control duties and responsibilities are separated among different employees,
  2. Responsibilities of all personnel are assigned and clearly communicated,
  3. There exists checks and balances on clerical activities, with a minimum duplication of effort, and
  4. Feedback mechanisms such as special reports, internal audits, etc. are monitored to assure conformance over time.

Internal Auditing Policy

The Department of Internal Auditing is responsible for performing internal audits and for assessing the adequacy of established internal controls at the University. The following is provided by Internal Auditing as an introduction to the department.

What is Internal Auditing?

The Institute of Internal Auditors defines internal auditing as "an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization." Audits at Illinois State are conducted in accordance with the Institute's Standards for the Professional Practice of Internal Auditing by a staff of three professionals reporting to the President.

Why was I selected to be audited?

The University conducts regular reviews of its systems of internal controls. The audit plan is approved by the President on an annual basis. Audits may also be initiated by special request from a Staff Administrator or department head.

What can an audit do for me?

An internal audit can help you determine whether there are appropriate internal controls in the areas for which you are accountable. This is especially important if you have recently assumed supervisory responsibility, if major computer systems have recently been installed, or if the duties of your area have changed significantly. Internal audits can point to ways to improve the efficiency and effectiveness of your operation.

What should I expect when an audit is scheduled for my area?

A professional internal auditor will contact you to schedule an initial interview to obtain general information and to explain the audit's scope. At this meeting, you should discuss any questions or concerns. Financial records will normally be reviewed on a test basis. Beyond this, the Standards require checking compliance with policies, plans, procedures, laws, and regulations; reviewing the safeguarding of assets; determining if resources were used economically and efficiently; and determining if established goals and objectives were accomplished.

How will audit results be reported?

You will be kept apprised of the auditor's findings throughout the course of the audit. At the conclusion of the audit, you will be asked to review a draft of the audit report. Your written responses to each recommendation will be requested and included in the final report. Final audit reports are addressed to the President, with copies to all others in your reporting line. Copies are also sent to the Vice President for Finance and Planning and the Comptroller when there are financial findings.

What if I have questions?

Please contact the auditor in charge of your review or the Director of Internal Auditing at any time.

Policy Owner: Vice President for Finance and Planning

Contact: Comptroller's Office
(309) 438-7280

Revised on: 04/2004