Internal Control TrainingCOLUMBIA UNIVERSITY Office of Internal AuditMary DaleckiOctober 22, 2007Agenda Welcome- IntroductionWhat are Internal Controls? Why Do We Need Controls? •COSO•COBITApplying Controls in Your WorkplaceQ&AOctober 22, 2007 Page 2WelcomeIntroductionSchedule– 2:30 to 4:30Breaks– 10 minute break at 3:30Format•Interactive•Questions encouragedOctober 22, 2007 Page 3Internal Controls What are they anyway?October 22, 2007 Page 4Internal ControlsInternal control is defined as a process or activity designed to provide the achievement of objectives in the following: – Effective and efficient operations. – Reliable financial reporting. – Compliance with laws and regulations. October 22, 2007 Page 5Who is responsible for Internal Controls ?Board of TrusteesManagementAll EmployeesInternal Auditors? – Internal Auditors evaluate the effectiveness of Internal ControlsExternal Auditors?– Provide independent assessment on the reasonableness of Columbia’s financial reportsOctober 22, 2007 Page 6Key ConceptsInternal control depends on people - People at every level are accountable and responsible for their own processes and transactions. Managers are responsible for implementing policies & procedures. They monitor how well policies and procedures are adhered to.Sometimes managers have to design their own controls. October 22, 2007 Page 7COSOThe Committee of Sponsoring Organization (COSO) of the Treadway Commission is ...
Internal control is defined as a process or activity designed to provide the achievement of objectives in the following:
Effective and efficient operations.
Reliable financial reporting.
Compliance with laws and regulations.
October 22, 2007
Page 5
Who is responsible for Internal Controls ?
Board of Trustees
Management
All Employees
Internal Auditors? Internal Auditors evaluate the effectiveness of Internal Controls
External Auditors? Provide independent assessment on the reasonableness of Columbia’s financial reports
October 22, 2007
Page 6
Key Concepts
Internal control depends onpeople -People at every level are accountable and responsible for their own processes and transactions.
Managers are responsible for implementing policies & procedures. They monitor how well policies and procedures are adhered to.
Sometimes managers have to design their own controls.
October 22, 2007
Page 7
COSO
The Committee of Sponsoring Organization (COSO) of the Treadway Commission is a private sector commission established in 1985 by five financial professional associations.
COSO studied reasons that led to fraudulent financial reporting and developed recommendations for public, private and government entities.
October 22, 2007
Page 8
“COSO ERM Cube
October 22, 2007
Page 9
COSO Components
Administration
• Control Activities
• Information and Communication
• Monitoring
Middle & Senior Level Management
•
•
•
•
•
Internal Environment
Objective Setting
Risk Assessment
Event Identification
Risk Response
October 22, 2007
Page 10
Control Activities
Control activities occur throughout the organization at all levels and in all functions. They can be defined by policies and implemented through procedures.