Suite of Services
Internal Controls & COSO
KU Internal Audit assesses internal control in the context of the COSO model pictured below.
COSO (Committee of Sponsoring Organizations) defines internal control as processes enacted by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations
The KU model includes the additional categories of the safeguarding of assets, and the security of confidential data.
In performing our reviews, we consider the five components of internal control:
- Control Environment
- Risk Assessment
- Information and Communication
- Control Activities
- Monitoring
Our process focuses on the control activities of the units and how they contribute to, or hinder, University resource and financial management. Control activities include approvals, authorizations, verifications, reconciliations, reviews of performance, security of assets, segregation of duties, and controls over information systems including general and application controls.
Important Links
Fall 2011 - COSO Training PowerPoint - Internal Control and Fraud Reporting Process
Spring 2010 - COSO Training PowerPoint - Reconciliation
Spring 2010 - COSO Training PowerPoint - Deans, Directors & Chairs
Spring 2010 - COSO Training PowerPoint - Internal Control Manual
Related
- KU Links:
- Chancellor's Office
- Comptroller's Office
- Policy Library
- Privacy Office
- IT Security Office
- General Counsel
Connect
top