Back to Top
Business and Financial Policies and Procedures

9.1 Comply with Unit Head Responsibilities for Internal Control

Policy Statement

Unit heads must develop and implement internal control systems that provide reasonable assurance that:

  • Information is reliable, accurate, and timely
  • Policies, plans, procedures, laws, regulations, and contracts are followed
  • Assets (including people) are safeguarded
  • Resources are used in an economical/efficient manner
  • Established objectives and goals are met

Internal controls are intended to prevent errors or irregularities, identify problems, and ensure that corrective action is taken.

All internal control procedures are subject to the review of the Office of University Audits and the Office of Business and Financial Services, as well as external auditors such as those commissioned by the Illinois Auditor General and other state and federal agencies.


To comply with unit head responsibilities for internal control:

  1. Acquaint yourself with the general guidelines in the Fiscal Control and Internal Auditing Act (FCIAA).
  2. Identify and analyze risks that could impact the achievement of University, campus, and unit objectives. Use this information to manage and control these risks as outlined in Steps #3 and 4.
  3. Develop and implement an internal control system that conforms to these guidelines:
    • Responsibilities are divided among different employees, especially those tasks related to authorization, record keeping, and asset custody. Where segregation in small units is not possible, units should implement mitigating controls such as a review of activity by an independent person. This review could be pre or post transaction as long as it is timely, such as monthly.
    • Authorization and record-keeping procedures provide reasonable accounting control over assets, liabilities, revenues, expenses, and other changes in the balance of funds.
    • Office practices and routines comply with approved authorization and record-keeping procedures.
    • Employees have the knowledge and skills needed to execute their prescribed responsibilities.
  4. Review your internal control system on a regular basis to determine whether or not:
    • University policies are being interpreted properly and are being followed
    • Procedures that are cumbersome or inadequate because of changes in operating conditions have been updated
    • The cost of protection outweighs potential losses, or a method would cause gross inefficiency. In this case, a given control may not be feasible and other alternatives may be more advisable.
    • Corrective measures are taken promptly when an internal control system fails
  5. Complete the annual Fiscal Control and Internal Auditing Act (FCIAA) Questionnaire.

Office of University Audits

If you have questions about your internal control procedures or need information about available resources, contact the Office of University Audits or consult their Internal Control Tools.

1.6.2 Reporting Fraud or Misconduct, Whistleblower Protection, and Investigations

Fiscal Control and Internal Auditing Act (FCIAA)
Internal Control Tools
Office of University Audits

Last Updated: December 8, 2014 | Approved: Senior Associate Vice President for Business and Finance | Effective: December 2014

Give us feedback about this page Submit Feedback