University Policy 3010

Code of Virginia Section 23.1-1301, as amended, grants authority to the Board of Visitors to make rules and policies concerning the institution. Section 7.01(a)(6) of the Board of Visitors Bylaws grants authority to the President to implement the policies and procedures of the Board relating to University operations.

Commonwealth Accounting Policies and Procedures (CAPP), Section 10305

Agency Risk Management and Internal Control Standards (ARMICS), a directive issued by the State Comptroller, mandates the use of internal control standards and "best practices" that directly support the Commonwealth's vision and long-term objectives. This directive requires the implementation and annual assessment of agency internal control systems in order to provide reasonable assurance of the integrity of fiscal processes related to the submission of the transactions to the Commonwealth's general ledger, submission of financial statement directive materials, compliance with laws and regulations, and stewardship over the Commonwealth's assets.

Accounting Controls - The controls surrounding the activities concerned with authorizing, processing, recording, and reporting transactions.

Administrative Controls - The broad controls surrounding all activities carried out by University employees to accomplish their objectives (e.g., planning, organizing, monitoring productivity, and maintaining quality control).

Internal Controls - A process, affected by an entity's Board of Visitors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance.

This policy applies to all employees of the University. Employees include all staff, administrators, faculty, full- or part-time, and classified or non-classified persons who are paid by the University.

Old Dominion University is committed to maintaining a strong system of internal controls and will have adequate administrative controls and accounting controls in place for all operations and transactions. An effective internal control system helps the University achieve the following:

• Promote orderly, economical, efficient, and effective operations.
• Produce quality products and services consistent with the University's mission.
• Safeguard resources against loss due to waste, abuse, mismanagement, errors, and fraud.
• Promote adherence to statutes, regulations, bulletins, and procedures.
• Develop and maintain reliable financial and management data and accurately report that data in a timely manner.

The President has the ultimate responsibility for ensuring that internal control deficiencies are addressed.

Vice Presidents are responsible for ensuring that adequate internal controls are maintained in their respective divisions.

Internal controls are the responsibility of all employees of the University; generally, an employee's position will determine the extent of his or her involvement.

Employees are responsible for complying with internal controls by:

The Assistant Vice President for Finance/University Controller recommends internal control policy for accounting controls, develops, and publishes procedures, evaluates internal controls annually to determine operating effectiveness, and issues a statement concerning internal controls to accompany the University's submission of its financial statements to the Department of Accounts. The Assistant Vice President for Finance/University Controller also documents the agency's assessment of internal controls in compliance with ARMICS and the related Comptroller's directive.

Academic unit heads and administrative department heads are responsible for establishing, implementing, documenting, and monitoring internal controls for their respective units to ensure that they exist and are operating effectively. Administrative Internal Controls can be found in various documents, including but not limited to, Board of Visitors policies, University policies and procedures, faculty, and staff handbooks, and the University Undergraduate and Graduate Catalogs. Policies and procedures that establish the accounting internal control framework can be found on the Office of Finance website and in the Commonwealth of Virginia Accounting Policies and Procedures (CAPP) Manual.

When accounting internal controls are identified as not being adequate, appropriate action will be undertaken by the administration to address these deficiencies. Any observed weaknesses in internal control must be brought to the attention of the Office of Finance/University Controller immediately.

The University Audit Department will independently evaluate the internal control environment and periodically verify management's actions with relation to establishing, documenting, and monitoring of these internal controls.

• adhering to applicable policies and procedures;
• performing the duties and responsibilities included in their position descriptions;
• monitoring their work to confirm it is performed accurately and that errors are promptly identified and corrected;
• achieving performance standards;
• taking steps to safeguard assets under their purview; and
• reporting internal controls concerns to their supervisor/manager

Applicable records must be retained for three years and then destroyed in accordance with the Commonwealth's Records Retention Schedule 102, Series 012103 (Financial Account Reports).

Assistant Vice President for Finance/University Controller

• Virginia Department of Accounts Commonwealth Accounting Policies and Procedures (CAPP) Manual
• University Policy 1002 - Code of Ethics
• University Policy 1003 - University Responsibility for Compliance
• University Policy 3002 - Authority of Internal Audit Department