Internal Controls

Overview
Coverage
Policy
- Objective of Internal Controls
- General Department Internal Controls
References
Internal Controls / Responsibilities
Monitoring of Internal Controls
Related Topics

Overview

Internal controls of a department are methods adopted to: safeguard assets, comply with laws and regulations, ensure the completeness and correctness of accounting data, promote effectiveness and efficiency, and encourage adherence to management policies.

Coverage

This policy applies to all staff within the department. This policy focuses on high level generic internal controls. Specific controls can be found under each finance and procurement policy category.

Policy

The characteristics of a satisfactory system of internal control are to include:

proper segregation of functional responsibilities;
a system of authorisation, recording and procedures adequate to provide accounting control over assets, liabilities, revenues and expenses;
sound practices in performance of duties and functions by each departmental unit; and
documented procedures to ensure that persons have capabilities matching with their responsibilities.

Objectives of Internal Control

Department policies are to be established in relation to internal controls addressing the objectives of:

Reliability and integrity of information.
Compliance with policies, plans, procedures, laws and regulations.
Safeguarding of assets.
Effectiveness and efficiency of operation.
Accomplishment of organisational goals and objectives.
Preventing error and fraud in the financial transactions.
Ensuring that all revenue due to the Department is collected promptly.
Ensuring that expenditure by the Department is authorised and bona fide.
Preventing corruption in the procurement process.

General Department Internal Controls

Sound Ethical Culture

The Department and its Business Units are to ensure that they have a healthy and sustainable ethical culture. The Department is to promote its ethical values through the State Service Principles and Code of Conduct, contained in the State Service Act 2000.

Responsibility and Accountability

The responsibilities of each person involved in the administration of financial procedures are to be well defined. Position descriptions and organisation charts should define and allocate responsibilities of staff relative to those of others within the department.

Authorisation and Approval

Transactions should be authorised or approved by a responsible person occupying a position with the appropriate delegated authority, who is familiar with the requirements of the area that is the subject of that transaction. Limits to amounts of authorisation are to be set and observed. The Department’s delegation framework governs the authorisation amount limits.

Segregation of Duties

A person is not to be in a position to both commit and conceal errors or fraud in the normal course of their duties. Different people should be assigned the responsibilities of recording transactions, authorising transactions and maintaining custody of assets. Where adequate segregation of duties is not possible due to the limited size of a Business Unit, the Business Unit is to ensure that its other internal controls exist and are being adhered to.

Safeguarding of Assets

Adequate safeguarding controls are to include:

Physical protection i.e. locked storerooms for inventory, and safes for cash and securities;
Restricting access to assets and accounting records to assigned staff;
Segregation of duties; and
Locked and secure rooms for computer servers with appropriate system back-up procedures in place.

Tracing Transactions

All financial transactions should be traceable from the original documentation to the accounting records and vice versa. For example, it should be possible to trace a cheque/electronic payment to the expenditure in the accounts, to the invoice and to the copy order.

Arithmetical and Accounting Controls

There are to be controls within the record-keeping function that ensure no transactions have been omitted, no fictitious transactions exist and all transactions are accurately shown. They include, in a financial management information system, automated control totals which cross-check financial and record totals, and validation checks which allow only valid transactions to be input.

Personnel

As administrative staff are key personnel, it is important that they are appropriately qualified and receive professional development; this ensures that they are able to assume greater responsibility in the event that a senior officer is absent or leaves. Managers/Principals have a constant training responsibility to ensure that all staff are aware of their responsibilities, and comply with internal control requirements.

Internal Audit

Internal Audit contributes to the quality of management, by the provision of an independent, objective and ongoing review of management procedures. The main objectives of Internal Audit are to:

review the efficiency and effectiveness of programs;
assist the development and maintenance of financial and administrative processes;
prevent and detect fraud; and
conduct audit examinations on financial information in an independent, contemporary and professional manner to express an objective opinion on the quality and integrity of that information.

Internal Audit acts as a managerial control by independently reviewing and forming a professional opinion on the statutory and organisational compliance, financial regularity, and efficiency and effectiveness of the accounting, service and management systems.

The Internal Audit section accepts and adheres to the Australian Auditing Standards.

External Audit

The Department is required to have an external auditor periodically perform compliance audits to measure its adherence to legislative, regulatory and organisational policy.

External auditors also conduct performance audits which, assess the performance of the Department against various criteria, and identify opportunities and makes recommendations for improvement in the way the Department manages its financial resources.

References

State Services Act 2000
Treasurer’s Instruction 302
Australian Auditing Standards
Financial, Procurement and Facilities Management Delegations and Administrative Authorities

Internal Controls / Responsibilities

Officers

Responsibilities

Principals / Business Unit Managers

Ensure a healthy ethical culture exists.
Ensure the responsibilities of staff are well defined.
Ensure all transactions are authorised by a person in a position with appropriate delegated authority.
Make sure appropriate segregation of duties exist.
Provide adequate safeguards over assets.
Ensure all financial transactions are traceable.
Ensure adequate arithmetical and accounting controls are in place.
Ensure all staff are adequately trained and qualified.

Monitoring of Internal Controls

As part of continuous improvement and development, business units should periodically review the internal controls they have operating, to ensure they are effectively capturing risks and fraud. Internal audit will also conduct a review of business units’ adherence to internal controls.