Frequently Asked Questions (FAQs)
- What are internal controls?
- Why should I call Internal Audits?
- What is the difference between an audit and consultation?
- If I become aware of fraud, do I need to contact Internal Audits?
- What is the Developed Solutions Status (DSS) form?
- What happens if the action plans are not completed by the target date provided by management?
- Can I ask Internal Audits to educate my department about internal controls without having an audit?
- Who is responsible for internal controls?
1. What are internal controls?
Internal controls are methods and policies designed to prevent fraud, minimize errors, promote operating efficiency, and achieve compliance with established policies. Internal controls also help to detect fraud, errors, and inefficiencies.
Examples of internal controls include:
- written policies and procedures,
- cost center reconciliations,
- locking offices to prevent unauthorized access,
- depositing within one day, and
- ensuring that one person does not have complete responsibility for a financial transaction [Back to top]
- your area is undergoing a reorganization, restructuring, or implementing a new system,
- you need advice on cash handling, account reconciliations or procedural issues,
- you suspect a theft or other types of fraud, waste or abuse, (refer to question 4)
- you want an objective review of your operation and internal controls,
- you are developing new systems and/or procedures and need advice on the proper controls required to manage your area, or
- you want to know if the resources in your department are properly protected. [Back to top]
3. What is the difference between an audit and a consultation?
Audits are initiated by Internal Audits with input from the University President and senior management of the University. Audit results are reported to the auditee, the Management Audit and Compliance Committee, the University President and the Audit Committee of the Board of Trustees. Consultations can be requested by any University administrator. The results are reported only to the administrator requesting the consultation. View our Types of Audits and Services section for more information. [Back to top]
4. If I become aware of fraud, do I need to contact Internal Audits?
Yes, contact Dale Venturini, Associate Vice President and Chief Audit Officer of Internal Audits at (215) 926-2080 or use the Anonymous Reporting Form. Also note that Internal Audits may contact Campus Safety/University Counsel, if necessary. [Back to top]
5. What is the Developed Solutions Status (DSS) form?
Internal Audits uses the DSS form as a tool to perform follow up audits. The form includes any outstanding issues and related corrective actions that were identified during the course of the audit. Internal Audits reviews the outstanding issues to ensure that corrective actions/solutions have been implemented. The DSS form is distributed to the appropriate department head and/or dean to complete and return to Internal Audits. [Back to top]
6. What happens if the action plans are not completed by the target date provided by management?
Internal Audits performs the initial follow-up reviews approximately 30 days to five months after the completion of an audit. Internal Audits is required to advise the President and Audit Committee of the Board of Trustees, via our semi-annual follow-up reports, of any areas that have not implemented the agreed upon corrective actions/solutions. [Back to top]
7. Can I ask Internal Audits to educate my department about internal controls without having an audit?
Yes, Internal Audits does educational presentations at staff meetings as requested. We design the content and duration of these presentations in collaboration with the requestor. [Back to top]
8. Who is responsible for internal controls?
Management is responsible to establish and follow internal controls to ensure compliance with University and regulatory policies, prevent and detect fraud, and provide accurate and reliable information. [Back to top]