Admin

Internal Controls

What are internal controls?

Internal controls are the plan of organization and all of the methods (processes and procedures) adopted in an organization to safeguard its assets, check the accuracy and reliability of its accounting and reporting data, promote operational efficiency, and encourage adherence to policies. This definition recognizes that a system of internal control extends beyond the accounting and finance departments to all functions of the organization.

A strong internal control program promotes:

  • Continuous improvement
  • Efficiency of operations
  • Effective communication
  • Accountability
  • Risk awareness and planning
  • Reliable reporting

Internal controls are everyone’s responsibility! At OCPS the internal control environment reflects management’s integrity and its commitment to ethical values. It begins with the School Board and is exemplified by the tone at the top as established by our superintendent and communicated to all employees.

The objectives of our internal controls program are:

  • Successful achievement of the District’s mission
  • Accurate collection, maintenance and reporting of district data
  • Safeguarding of assets
  • Effective, efficient and economical programs and operations
  • Compliance with laws, regulations and policies

What are the two types of internal controls?

Preventive controls are designed to reduce the chance that errors or irregularities may occur. For example, reading and understanding policies and procedures or approving payments before they are processed.

Detective controls are designed to detect errors or irregularities after they have occurred so they can be corrected. Examples include reconciling the bank statement and performing periodic inventories of equipment.

Everyone plays a part in the district’s internal control system. Management ensures that controls are in place and every employee makes sure the internal control system functions by following the controls and reporting any breakdowns in them. Internal Audit examines the adequacy and effectiveness of the district’s internal controls and makes recommendations where control improvements are needed.

What do good internal controls involve?

  • Risk assessment

  • Managers should identify and analyze relevant risks to the achievement of business unit goals and objectives by determining what could go wrong, what areas have more risk, what assets are at risk, and who is in positions of risk. Risks may include:
  • Damage to reputation and public image
  • Revenues not received
  • Assets not used efficiently
  • Assets not used properly
  • Assets diverted to outside or personal use
  • Unreliable, untimely or unavailable information needed for decision making
  • Reasonable assurance

  • Internal controls should provide reasonable assurance that the objectives of the systems will be accomplished.
  • Supportive attitude

  • Managers and employees should maintain and demonstrate a positive and supportive attitude towards internal controls at all times.
  • Competent personnel

  • Managers and employees should have personal and professional integrity and maintain a level of competence that allows them to accomplish their assigned duties. They should also understand the importance of establishing and implementing good internal controls.
  • Personal and professional integrity is demonstrated when you:
  • Commit to honesty and fairness
  • Respect the organization and authority
  • Adhere to laws and policies
  • Respect the rights of all employees
  • Commit to excellence
  • Control objectives
  • Internal control systems should help assure compliance with laws and that the district is meeting its goals and objectives based on risk assessments
  • Control techniques

  • These are the means by which we accomplish the objectives of internal control systems.
  • Our specific standards of internal control involve the following techniques:
  • Documentation – adequate records of all internal control systems and all transactions and events should be maintained.
  • Records – all transactions and events should be recorded promptly and accurately.
  • Authorization – all transactions and events should be authorized and executed by persons within the scope of their authority.
  • Structure – key duties and responsibilities in authorizing, processing, recording and reviewing transactions should be separated.
  • Supervision – adequate supervision should be provided to ensure that internal control objectives are achieved.
  • Security – access and accountability for assets and records should be limited to authorized individuals.

What can jeopardize internal controls?

  • Where there is an inadequate segregation of duties
  • Where there is inappropriate access to assets
  • Where there is inadequate knowledge of district policies and procedures
  • Where control procedures are performed in a perfunctory manner (as when a reviewing manager signs a document without adequate review and evaluation)
  • Where controls are overridden
  • Where inherent limitations cannot be overcome by compensating controls

Do internal controls deter and detect fraud?

The Association of Certified Fraud Examiners’ (ACFE) Report to the Nations, 2018 Global Study on Occupational Fraud and Abuse noted that internal control weaknesses were responsible for nearly half of frauds and that tips are by far the most common initial detection method. More than half of the tips were provided by employees with 46% of those coming from organizations with hotlines. Fraud losses were also 50% smaller at organizations with hotlines than those without.

The report noted that, aside from a lack of internal controls in the first place, the largest percentage (37%) of frauds attributed to internal control weaknesses were due to overrides of existing controls and lack of management review. This is where the district’s internal control program becomes critically important. Employees and managers should ensure that controls are not overridden and managers should never take shortcuts in their review responsibilities.

Reporting concerns and fraud:

If you are unsure what to do, ask questions. If you see something you think is not right, raise your concerns with your supervisor and/or one of the following:

  • Hotline 407-317-3976
  • OCPS Internal Audit 407-317-3200, 2002897
  • OCPS Legal Services 407-317-3411
  • OCPS Police 407-317-3325

OCPS Internal Control Program Brochure