Internal controls are a common topic each month in Case-in-Point. I would make the argument that internal controls have been around for just about as long as society. You can see elements of internal control being practiced in many ancient societies (e.g., tally sticks) and even see its use in some biblical texts (e.g., Book of Ezra). Since 1992, the most common framework for discussing internal control has been what auditors and accountants call the ''COSO Model.'' According to their web site, ''The Committee of Sponsoring Organizations' (COSO) mission is to provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance and to reduce the extent of fraud in organizations.'' Earlier thcis month COSO released a revision to their internal control framework and if you are interested you can read about that at this link: www.coso.org. While the COSO model is a useful tool, it is important not to lose sight of the fact that controls are really risk management tools we use to help ensure we achieve our objectives. Controls are really about each individual doing the right things, paying attention, evaluating risks, and making compliant decisions. As you evaluate the most recent news articles in higher education, think about where internal controls might need some improvement in your area of influence. Ultimately, well-educated, pro-active employees are any institution's best internal control.
|
||||||||||
Latest IT Security News
Last Updated: June 3, 2013
