Often auditors use the term internal control or internal control environment.
Internal control is broadly defined as a process, affected by the University's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
- Effectiveness and efficiency of operations.
- Reliability of financial reporting.
- Compliance with applicable laws and regulations.
The internal control environment is basically the people, processes, technology, and culture that enable us to get our work done.
Controls and the control environment concepts apply equally to the University as a whole or a specific department or unit within the broader community. In fact the internal control environment found in any one organizational unit of the University (campus, department, etc.) can influence the internal control environment of related units; and collectively all the units may impact the internal control environment of the University as a whole.
The strength or health of the internal control environment plays a part in determining the University’s risk exposures and our ability to respond to and manage those risks. In addition, the health of the internal control environment influences audit planning.