Internal Controls encompass a wide range of activities, processes, and procedures all designed to bring some level of assurance that an organization’s operations are effective and efficient, its financial information is accurate, and its component areas are complying with laws and regulations. Internal Controls are in place and managed throughout the University, often within a school or unit where a particular process is owned and controlled.
Risk and Controls Services offers Internal Control owners with assistance in identifying, classifying, and documenting control details. Risk and Controls can also provide tracking, reporting, and review services, preferably in conjunction with the University’s Internal Control Office, located in the Financial Operations Unit.
Risk and Controls Services also works in conjunction with the Internal Control Office to jointly manage a comprehensive GRC ("Governance, Risk, and Control") software tool, which is used to store and report on the aggregate list of the University’s process, risk, control and audit information. Risk and Controls can also assist University Offices and Departments in designing, executing, and evaluating customized risk assessment activities. Acting as a partner to facilitate open and transparent risk evaluation, risk issues can be quantified and ranked without specific audit testing or reporting requirements and mitigated on a schedule which meets the needs and decisions made by the local department, school, or administrative area's management.