College Policy 5.06.05
Internal Controls Procedure
Part 1. Purpose
For Minneapolis Community and Technical College to provide reasonable assurance that business processes are controlled based on risk and accounting functions are adequately restricted and periodically monitored.
Part 2. Definitions
Internal Controls - Practices that protect or make more efficient use of the college's assets.
Risk - Risk is inherent in business process. Risk assessment is a determination of the degree of risk - probability, frequency, and impact.
Control Activities - Specific policies and procedures that help ensure management directives are implemented. Examples include segregation of duties, reconciliations, documented policies and procedures, and transaction and activity review.
Part 3. Types of Controls
Mitigating Controls - A type of control used to discover and prevent mistakes that may lead to uncorrected and/or unrecorded misstatements related to potential control deficiencies due to identified higher risk areas of the operation. The college is to provide evidence to substantiate that the college has reviewed and documented detective controls on incompatible financial duties among staff to monitor risk and the integrity of the college and MnSCU accounting system.
Preventative Controls - Controls designed to discourage or pre-empt errors or irregularities from occurring. They are more cost effective than detective controls. Required authorized signatures, data entry checks, and physical control over assets to prevent their improper use are examples of preventative controls.
Detective Controls - Controls designed to search for and identify errors after they have occurred. They are more expensive than preventative controls, but still essential since they measure the effectiveness of preventative controls and are the only way to effectively control certain types of errors. Account reviews and reconciliations, physical inventory counts, and transaction edits are all examples of detective controls.
Corrective Controls - Controls designed to prevent the recurrence of errors. They begin then improper outcomes occur and are detected and keep the spotlight on the problem until management can solve the problem or correct the defect. Budget variance reports are examples of corrective controls.
Part 4. Responsibilities
The college is responsible for providing evidence to substantiate that it has reviewed and documented detective controls. The Director of Finance has responsibility for implementing control activities and for providing and documenting all components of internal controls The documented evidence will include the identified area of risk, the specific control in place to mitigate or eliminate the risk, as well as the frequency of the review. The Director of Finance will periodically report to the President's cabinet the results of internal control reviews.
Any irregularities will be immediately reported to the Vice President of Finance and Operations, Chief Financial Officer.
Date effective: 9/22/2008
Date last amended: 9/22/2008