Internal Control TrainingCOLUMBIA UNIVERSITY Office of Internal AuditMary DaleckiMarch 20, 2009WelcomeIntroductionSchedule– 9:30 to 11:30Breaks– 10 minute break at 10:30Format– Interactive– Questions encouragedAugust 25, 2008 Page 2Agenda Welcome- IntroductionWhat are Internal Controls? Why Do We Need Controls? • COSO• COBITApplying Controls in Your WorkplaceQ&AAugust 25, 2008 Page 3Internal Controls What are they anyway?August 25, 2008 Page 4Internal ControlsInternal control is defined as a process or activity designed to provide the achievement of objectives in the following: – Effective and efficient operations – Reliable financial reporting– Compliance with laws and regulationsAugust 25, 2008 Page 5Who is responsible for Internal Controls ?Board of TrusteesManagementAll EmployeesInternal Auditors? – Internal Auditors evaluate the effectiveness of Internal Controls focusing on finance, operations, systems and complianceExternal Auditors?– Provide independent assessment on the reasonableness of Columbia’s financial reportsAugust 25, 2008 Page 6Key ConceptsInternal control depends on people - People at every level are accountable and responsible for their own processes and transactions. Managers are responsible for implementing policies & procedures. They monitor how well policies and procedures are adhered to.Sometimes managers have to design their own controls to accommodate specific business processes. August 25, ...
Internal control is defined as a process or activity designed to provide the achievement of objectives in the following:
Effective and efficient operations
Reliable financial reporting
Compliance with laws and regulations
August 25, 2008
Page 5
Who is responsible for Internal Controls ?
Board of Trustees
Management
All Employees
Internal Auditors? Internal Auditors evaluate the effectiveness of Internal Controls focusing on finance, operations, systems and compliance
External Auditors? Provide independent assessment on the reasonableness of Columbia’s financial reports
August 25, 2008
Page 6
Key Concepts
Internal control depends onpeople -People at every level are accountable and responsible for their own processes and transactions.
Managers are responsible for implementing policies & procedures. They monitor how well policies and procedures are adhered to.
Sometimes managers have to design their own controls to accommodate specific business processes.
August 25, 2008
Page 7
COSO
The Committee of Sponsoring Organization (COSO) of the Treadway Commission is a private sector commission established in 1985 by five financial professional associations.
COSO studied reasons that led to fraudulent financial reporting and developed recommendations for public, private and government entities.
August 25, 2008
Page 8
“COSO ERM Cube
Aug
ust 25, 2008
Pag
e 9
COSO Components
Administration
• Control Activities
• Information and Communication
• Monitoring
Middle & Senior Level Management
•
•
•
•
•
Internal Environment
Objective Setting
Risk Assessment
Event Identification
Risk Response
August 25, 2008
Page 10
Control Activities
Control activities occur throughout the organization at all levels and in all functions. They can be defined or driven by policies and implemented through procedures.