The purpose of this policy is to provide guidelines for the implementation of internal controls, in accordance with state requirements, at Longwood University.
The state comptroller provides guidelines for state agencies and institutions to assist with the implementation and review of internal control programs. The University is required to evaluate internal controls; to provide documentation to substantiate the evaluation; to identify control weaknesses, if any, and provide corrective action to strengthen those weaknesses; to provide the president with a periodic, comprehensive internal control program report; and to include a general statement regarding internal accounting controls with the university's annual financial report.
Internal controls are sets of policies and procedures designed to provide reasonable, but not absolute, assurance in the following areas:
- Effectiveness and efficiency of operations
- Reliability and completeness of financial reporting and information
- Compliance with applicable state, university and departmental laws, regulations and policies
- Protection of assets
Internal control procedures include:
- Appropriate authorization and approval
- Documented review of data for accuracy, completeness, validity and reasonableness
- Appropriate supervision
- Physical security of assets
- Written policies and procedures
- Documentation of processes
- Appropriate segregation of duties
- Information security, including approval of access to information
Appropriate assignment of duties, responsibilities, and authorities
Internal control procedures apply to all critical processes at the University and to all employees of the university.
The University will design internal controls to comply with the letter and the spirit of the state comptroller's guidelines and to provide reasonable assurance that the goals and objectives of the University will be achieved.
- Internal audits: The Internal Auditor periodically conducts internal audits as part of the audit plan approved by the Audit Committee of the Board of Visitors. As part of the internal audits, the Auditor evaluates the adequacy and effectiveness of internal controls for the activities reviewed.
- Board review: At each Board Meeting, the Internal Auditor reviews with the Audit Committee of the Board of Visitors, the internal audit reports, the external auditors' management comments, and the progress reports to resolve deficiencies noted by each.
- Department review: The Internal Auditor and the Senior Accounting Officer can advise department heads on how to incorporate internal controls into new and revised processes and systems.
- Monitoring: The Senior Accounting Officer ensures that all financial systems for which he is responsible have been reviewed by external auditors, internal auditors, or by management at least every four (4) years.
Responsibility: Department heads are responsible for implementing and maintaining internal controls for their areas, and for seeking the assistance of the Internal Auditor and the Senior Accounting Officer when needed.
Failure to follow internal control policies and procedures will result in sanctions that are commensurate with the severity and/or frequency of the offense and may include termination of employment.
The authority to interpret this policy rests with the President, and may be delegated to the Internal Auditor, the Vice President for Administration and Finance and the Senior Accounting Officer.
Approved by the Board of Visitors, September 10, 2005.