4.1.070 Board of Governors Policy Statement on Internal Controls

It has been the longstanding policy of the UCM’s Board of Governors that University administration has the responsibility to maintain an adequate system of internal controls and to furnish the Board with reliable information related to this topic on a timely and regular basis.  As such, internal control efforts have persisted at the University and have been effective at reducing or eliminating waste, loss or misuse of resources.  This new policy reinforces the Board’s commitment to the application of effective internal controls in all facets of the University’s operations and the continuous improvement of these efforts. 

Effective internal controls help ensure that the University’s resources and assets are not exposed to unauthorized access and use; help reduce or eliminate waste, loss or misuse of resources; and help ensure that accurate and reliable financial information is available to the Board, as well as the external parties that rely on this information to make decisions relating to appropriations, loans and other debt, gifts and grants, and other contractual relationships impacting the University.  The safeguarding of University assets and the reliability in which the University and others can place upon its financial records are dependent upon the effectiveness of the internal control process.

The Board expects the University administration to effect an internal control environment by developing and adhering to policies and procedures necessary to provide reasonable assurance that practices cause effective and efficient operations, reliable financial reporting, and compliance with applicable laws and regulations.  Internal controls should include policies and procedures in three key areas:  (1) administrative operations and effectiveness, (2) employee responsibilities, and (3) financial accounting.  This system of internal control is intended to minimize surprises, keep the University’s focus on its mission, and promote efficiency.  For that reason, this system should yield regular annual reporting to the Board in all three key areas.

It is the Board’s longstanding expectation that University administration engage in ongoing and sustained monitoring and evaluation of the University’s institutional assets, financial condition, and the effectiveness of its business units.  Internal control principles should be embedded in all facets of the University’s operations.

Internal control is meant to keep the University focused on achieving its mission while avoiding surprises.  There is a balance between effective controls and mission accomplishment.  Costs associated with internal controls should not exceed their benefit, nor should controls be allowed to stifle mission effectiveness and timely action.  All levels of management must assess the costs, benefits, and risks when designing controls to develop a positive control environment and compensate for the risks of non-compliance, loss of assets, or unreliable reporting while accomplishing the University mission.

The Executive Vice President and Chief Operating Officer is the highest ranking University employee in the UCM Finance and Administration Unit.

The Board is responsible for setting the institutional expectations for internal controls and ensuring University administration is aware of those expectations.  The Board is further responsible for evaluating the administration’s effectiveness in monitoring the control environment, implementing sound control policies and procedures, and ensuring open communications channels through all levels of the administration.

The Associate Vice President for Finance has primary responsibility for internal control over financial reporting and compliance with applicable laws and regulations.  The Office of Finance and Administration is the University source for information and assistance to faculty and staff leadership on this topic and will make resources available to any business unit to assist in administering this policy.

The Associate Vice President of Human Resources has primary responsibility for internal controls over employee recruitment, hiring, separation, promotion, job classification, employee rights, employee benefits, employee relations, and salary administration.  The Office of Human Resources is the University source for information and assistance to faculty and staff leadership on this topic and will make resources available to any business unit to assist in administering this policy. 

Individuals with delegated approval authority, (e.g. vice presidents, vice provosts, deans, chief communications officer, athletic director, and department chairs), are responsible for establishing, maintaining, and supporting a system of internal controls within their areas of responsibility or business unit, and for creating the control environment that encourages compliance with University policies and procedures.  Business units are expected to determine and implement the appropriate internal control procedures relating to their areas.  Policies and procedures that support effective internal controls should be identified and mapped to this policy, and any gaps should be identified and addressed through new procedures.

All employees, including faculty and staff, are expected to follow internal control procedures and direct questions or concerns to their immediate supervisor or the Associate Vice President for Finance.  Any employee who deliberately and willfully circumvents an internal control may be dismissed.

All levels of management and supervision are responsible for strengthening internal controls when weaknesses are detected.  Department managers should periodically review departmental procedures to ensure that the general principles of internal control are being followed.