Hotline

If you are aware of fraudulent activity related to the Institute or simply want to suggest an improvement to ongoing operations, we want to know about it!   Use our online reporting tool or call us at:
1-866-294-5565

Internal Control Guide

Internal Control Guide Cover

There are two primary schools of thought in developing an audit approach:

  • One viewpoint is to assume that everyone is looking for ways to “beat the system”; therefore, the auditors devise audit steps that focus on finding evidence of wrongdoing.
  • The other approach is to assume that most people take pride in their work and want to do the right thing—they just need to know what is expected of them and have the information and tools available to allow them to successfully carry out their responsibilities. In this case, the auditor’s approach is to examine areas of high risk and focus on ways these risks can be most effectively and efficiently mitigated.

I’m pleased to say that the latter is the vision, philosophy, and progressive approach we have adopted in the Department of Internal Auditing at Georgia Institute of Technology.

As we have canvassed the campus conducting audits and collaborated with colleagues throughout higher education, we have compiled perspectives and observations of “best practices” in handling many of the areas of risk that most units (departments, schools, etc.) encounter. This is not a policies and procedures manual – there are already many valuable policies and procedures which outline business rules. Our goal with this document, instead, was to compile our observations and recommendations on best practices in managing business risks and creating effective and efficient systems of internal control.

In establishing solid risk mitigation procedures and strong systems of internal control, faculty and staff are then free to advance their units’ missions towards achieving their strategic goals.

This will be a living document and will be updated frequently so we encourage visits to our web site to check for updates and revisions. We welcome questions and feedback regarding the information contained herein, particularly comments regarding how this may be more useful.

We express our appreciation for the support from the Office of the President, the Executive Staff, and the many subject matter experts around campus who have provided input and feedback on this document. This collaborative approach with senior management demonstrates the Institute’s commitment to ensuring its administrative processes are on par with the high standards of excellence Georgia Tech is known for in its academic and research initiatives.

Rob Clark
Director, Department of Internal Auditing

AttachmentSize
Full ICG Document with all sections29.38 MB
Section 1: Areas of Financial Risk9.43 MB
Section 2: Areas of Human Resources Risk8.57 MB
Section 3: Areas of Legal & Regulatory Risk1.65 MB
Section 4: Areas of Health & Safety Risk1.66 MB
Section 5: Areas of Information Systems Risk5.33 MB
Section 6: Areas of Public Relations Risk1.65 MB
Section 7: Areas of Risk Dealing with Students2.28 MB
Section 8: Areas of General Risk1.63 MB