《utsouthwestern风险与内部控制》由会员分享,可在线阅读,更多相关《utsouthwestern风险与内部控制(60页珍藏版)》请在金锄头文库上搜索。
1、P,he,raining,ost,An Educational Computer Based Training Program,T,T,C B T,Effectively Controlling Risk,UT Southwestern General Compliance Training,Effectively Controlling Risk,In order to achieve the goals of providing the highest levels of medical education, biomedical research and patient care, UT
2、 Southwestern must have effective internal controls. There needs to be an appropriate balance between controls and risks is necessary to provide reasonable assurance that the medical centers operations will be effective,efficient and in compliance with laws and regulations.,Effectively Controlling R
3、isk,What is the purpose of this training? Why is it necessary? What is internal control? What are the components of internal control? Where can I learn more?,Effectively Controlling Risk What is the purpose of this training?,Provide employees with the training and tools to evaluate internal control
4、at the activity, process and department levels. Two tools available to achieve this goal are the: Risk and Control Self-Assessment Guideline Risk Assessment and Control Activities Worksheet,Effectively Controlling Risk Why is it necessary?,Highly publicized frauds at other public institutions have c
5、aused concerns among UT System and component administrators. What was determined to be the problem?WEAK INTERNAL CONTROLS,Effectively Controlling Risk What is internal control?,:,Internal control is a process, effected by UT Southwesterns governing board, administration, faculty, and staff, designed
6、 to provide reasonable assurance regarding the achievement of objectives in the following categories:Effectiveness and efficiency of operations, Reliability of financial reporting, and Compliance with applicable laws and regulations.,Effectively Controlling Risk Internal Control Process,5 Components
7、 Establish Control Environment Perform Risk Assessment Implement Control Activities Communicate Information Monitor Performance,Internal Control Process Establish Control Environment,The control environment is the control consciousness of an organization. The control environment includes the integri
8、ty and ethical values of its people, their competence, and the way they do business.,Internal Control Process Elements of the Control Environment,Standards of Conduct Guide Regents Rules, Business Procedures Memorandums, etc. Department standards of conduct Human resources policies and procedures De
9、partment policies and procedures Conflicts of interest-disclosure forms Ethics Guide Honesty Zero tolerance,Internal Control Process Perform Risk Assessment,Risk assessment is the identification and analysis of risks associated with achieving your objectives. Risk assessment helps to form a basis fo
10、r determining how to manage identified risks.,Internal Control Process What is our risk?,With internal controls, RISK is . . . The possibility that the organization will NOT: Achieve its goals Operate effectively and efficiently Protect itself from loss Provide reliable financial data (reports) Comp
11、ly with applicable laws, regulations, policies, and procedures,RISK,Internal Control Process Perform Risk Assessment,Components and Departments must define their goals and objectives in relation to their: Mission, Operations, Financial reporting, Compliance, and Significant activities or processes.,
12、Then, they must identify and analyze potential risks by asking certain questions: What could go wrong? What must go right? What is the significance of our risks? What is the likelihood of occurrence?,Internal Control Process Perform Risk Assessment,Questions employees should consider: What business
13、are you in? Who are your customers? What do they need and want? What does that say about what you are trying to accomplish? How will you know you have been successful?,Internal Control Process Perform Risk Assessment,A risk is ANYTHING that could jeopardize the achievement of a goal or objective. Fo
14、r each goal or objective, identify your risks. Be comprehensive, by considering external and internal factors.,Internal Control Process Perform Risk Assessment,For each identified risk, estimate the potential significance (cost, safety, institutional image) and likelihood of occurrence. Focus on the
15、 major risks, and determine how those risks should be managed and minimized to acceptable levels.,Internal Control Process Implement Control Activities,Control activities are the policies and procedures that help ensure that actions identified as necessary to manage risks are carried out properly an
16、d in a timely manner. Control activities should be proactive, value-added, and cost effective.,Internal Control Process Implement Control Activities,Properly balancing risks and controls makes good business sense!,Internal Control Process Implement Control Activities,Examples of Control Activities at UT Southwestern: Approvals, authorizations, and verifications Having written policies and procedures and limits to authority Reconciliations Explanations of the difference between two sets of data AND taking corrective action,
