Common audit observations

Lack of Reconciliation Procedures

The monthly accounting reports represent the official records of the University.  All transactions recorded in the accounting reports should be reviewed and verified on a monthly basis by the Department Chair, Director or Office Manager.  This review represents the final detective control in the accounting system.

Inadequate Segregation of Duties

A fundamental element of internal control is the separation of duties so that one individual cannot perpetuate and conceal errors and irregularities in the normal course of his/her duties.  Strong internal controls require the segregation of responsibilities for authorizing transactions, physical custody of assets and the related record keeping.  For example:

  • One individual should not have the ability to order, receive, approve for payment, and verify charges to the monthly accounting report.

  • One individual should not have the ability to receive payments through the mail, prepare the deposits, reconcile the bank statements, and post payments to the receivable system.

Lack of Written Departmental Procedures

All aspects of a department's operations should be clearly documented in an up-to-date procedures manual.  The lack of complete written procedures increases the risk of loss of funds, theft of University assets, and disruption of the operation.  Written procedures are also beneficial for the training of current and new employees, and are a valuable resource in the event that an employee leaves the department.  The procedures should include sufficient information to permit an individual who is unfamiliar with the operations to perform the necessary financial activities.

Absence of Adequate Supporting Documentation

All transactions should be supported by adequate documentation.  This documentation should include proper authorization and enough detail to provide a trail for future reviews/audits.

Noncompliance with State, System, University, or Departmental Policies and Procedures

All employees should be familiar with applicable policies, procedures and laws, etc., and should strive to conduct University business in accordance with them.