utsouthwestern风险与内部控制(编辑修改稿)

utsouthwestern风险与内部控制(编辑修改稿)内容摘要：

Examples of Control Activities at UT Southwestern, continued . . . Segregation of Duties – Make sure no one person can initiate, approve, record and reconcile transactions Controls over Information Systems – General controls over access and development, as well as specific controls within applications 来自 中国最大的资料库下载 Internal Control Process Communicate Information Reliable and relevant information, from both internal and external sources, must be identified and municated to employees. Information should be processed and municated in a timely manner and in a form that is usable. 来自 中国最大的资料库下载 Internal Control Process Communicate Information What information is relevant and reliable? Job responsibilities Goals and objectives Information to assess risks Policies and procedures Laws and regulations Performance indicators Customer feedback Performance evaluations 来自 中国最大的资料库下载 Internal Control Process Communicate Information How should we municate? Methods include oneonone, staff meetings, telephone calls, , memos, and reports ONLY municate information to those who need it – Communicate up, down, and across the organization 来自 中国最大的资料库下载 Internal Control Process Monitor Performance Monitoring involves evaluating internal control performance over time to determine whether controls are:  adequately designed,  properly executed, and  effective. How do we know? 来自 中国最大的资料库下载 Internal Control Process Monitor Performance Internal controls are adequately designed and properly executed if all five internal control ponents are present and functioning as designed:  Control environment  Risk assessment  Control activities  Information and munication  Monitoring 来自 中国最大的资料库下载 Internal Control Process Monitor Performance Internal controls are effective if administrators believe:  They understand the extent to which the objectives of their operations are being achieved,  Financial statements are reliable, and  Laws and regulations are plied with. 来自 中国最大的资料库下载 Internal Control Process Monitor Performance Monitoring Activities Include: Managerial and supervisory monitoring Selfassessments Internal audits 来自 中国最大的资料库下载 Effectively Controlling Risk SelfAssessment What is a selfassessment? A selfassessment is a “selfaudit” of a department’s internal control ponents performed on a periodic basis. 来自 中国最大的资料库下载 Effectively Controlling Risk Performing a SelfAssessment Steps in performing a selfassessment include: Evaluating your strengths and deficiencies Testing the strengths Documenting tests Disclosing weaknesses Developing an action plan to correct problems Summarizing and documenting results 来自 中国最大的资料库下载 Effectively Controlling Risk Performing a SelfAssessment What is a weakness? A material weakness is an internal control shorting which increases the risk of – irregularities, illegal acts, errors, wast。