University Policies, George Mason University

Administrative Policies

University Policy Number 2103

Subject: Iternal Controls

Responsible Parties: All Heads of Departments and Activities

Procedures: Comptroller’s Directive No. 1-07 and Agency Risk Management and Internal Control Standards http://www.doa.virginia.gov/AICCO/ARMICS/ARMICS_Main.cfm

Commonwealth Accounting Policies and Procedures http://www.doa.virginia.gov/Admin_Services/CAPP/CAPP_Main.cfm

Related University Policies: Cash Handling
http://www.gmu.edu/facstaff/policy/newpolicy/2105adm.html

Inventory Control of Office and Educational Equipment and Furniture http://www.gmu.edu/facstaff/policy/newpolicy/2104adm.html

Credit and Debit Card Security http://www.gmu.edu/facstaff/policy/newpolicy/2110adm.html

I. SCOPE

This policy applies to all George Mason University faculty, staff, and students who have authorized use of University financial resources, including all University locations, owned and leased.

II. POLICY STATEMENT

The Commonwealth of Virginia’s Comptroller’s Directive No. 1-07 and Agency Risk Management and Internal Control Standards require the University to annually certify that it has established, maintained and evaluated its internal control framework in order to effectively manage risk and maintain accountability.

In addition, the Comptroller requires the University to have written internal control policies and procedures and to conduct an annual review of controls in place (see Commonwealth Accounting Policies and Procedures, http://www.doa.state.va.us/procedures/AdminServices/CAPP/capp1.htm). The University must then certify in a cover letter to its annual financial statements that such a review has been conducted.

The Controller is the principal accounting officer of the University and has authority over accounting employees and principal accounting records at all locations.

III. RESPONSIBILITIES

A. Heads of Departments and Activities

All heads of departments and activities are responsible for assessing risk and designing and operating the controls in the area for which they are responsible. Controls should be designed to foster the following traditional objectives: safeguard assets; mitigate risk, ensure the proper recording of financial transactions; generate accurate and timely financial information; and promote operational efficiency. The policies and procedures adopted to satisfy these requirements will be in writing.

B. Controller

The Controller will conduct an annual assessment of the functionality and cost-effectiveness of internal control systems, providing reasonable assurance of the integrity of all fiscal processes related to the submission of transactions to the Commonwealth’s general ledger, submission of financial statement directive materials, compliance with laws and regulations, and stewardship over the Commonwealth’s assets.

In order to maintain the accuracy and completeness of the University’s accounting records, the Controller has the authority to:

Require accounting or financial records be submitted by all employees within a reasonable time frame.
Review departmental financial policies and procedures and require that they be revised.
Review, test and revise departmental internal control activities.

C. General Accounting Department

General Accounting will periodically conduct surveys and review internal control policies and procedures using the organizational structure approach. Segmenting along organizational lines involves delegating internal control responsibilities to managers in accordance with the formal organizational line and may involve conducting more than one survey within an organizational unit depending on the nature of activities being conducted by that unit.

The results of the surveys and review of controls will be evaluated by General Accounting and the respective unit head(s). The potential impact of any weakness discovered will be determined and corrective action developed, if necessary. A re-evaluation will be conducted to ensure action has been taken. A summary of the results of the review of controls and status of corrective action will be provided to the Controller annually.

IV. EFFECTIVE DATE AND APPROVAL

The policies herein are effective August 1, 2007. This Administrative Policy shall be reviewed and revised, if necessary, annually to become effective at the beginning of the University's fiscal year, unless otherwise noted.

Approved:

_______________________
Maurice W. Scherrens
Senior Vice President

________________________
Peter N. Stearns
Provost

Date approved: August 9, 2007