Internal Control Program

As a SUNY Oneonta employee, your dedication to excellence is the key to achieving the mission of our institution. Your continuing commitment to high standards of integrity and performance makes it possible for our students to live and learn in a safe, attractive and supportive environment.

Your familiarity and cooperation with SUNY Oneonta's Internal Control Program are vitally important to our success.

Definition & History

Internal controls can be defined as operating practices and procedures that an organization adopts to achieve its goals and objectives and avoid or prevent the loss or misuse of resources. Internal controls reduce the risk of errors or irregularities that compromise the organization’s success.

In 1987, the Legislature enacted a law entitled “The New York State Governmental Accountability, Audit and Internal Control Act” to formalize a system of productivity and accountability in all state agencies. The Act was updated and made permanent in Chapter 510 of the Laws of 1999. The Division of Budget (DOB) subsequently issued the Budget Policy and Reporting Manual Item B-350, “Governmental Internal Control and Internal Audit Requirements”, which requires all state agencies to perform certain internal control activities and annually certify to DOB they are in compliance with those requirements.

Consistent with the above, SUNY promulgated its current “Internal Program Guidelines” in January 1999. As required by law, each campus must annually certify that its internal control program is in compliance with the Internal Control Act and SUNY’s Guidelines.

SUNY Oneonta's Internal Control Program is one facet of a broader institutional commitment to continuous improvement, planning, and assessment. We interpret internal control broadly to include a broad spectrum of institutional measures and management techniques. SUNY Oneonta is committed to sound fiscal practices, effective administrative policies and procedures, client-centered personnel procedures, information security and privacy, and related measures.

Purposes & Principles

The purposes of internal control are to:

1. Promote orderly, economical, efficient and effective operations, and produce quality services and outcomes consistent with the agency’s mission.
2. Safeguard resources against loss due to waste, abuse, errors, and fraud.
3. Promote adherence to laws, regulations, policies, procedures, and contracts.
4. Develop and maintain reliable financial and management data and accurately present that data in timely reports to decision makers.

SUNY Oneonta’s Internal Control Program is intended to protect our students and employees, physical assets, enhance the integrity of our operations and ensure that our resources are used effectively and efficiently to further SUNY Oneonta’s mission. Every employee of the organization has a responsibility and a role in achieving this mission.

Essential Program Elements

The following essential elements guide the SUNY Oneonta’s Internal Control Program.

1. SUNY Oneonta’s Internal Control Program establishes processes for the identification of weaknesses, areas needing improvement, corresponding corrective action plans and status reporting of those corrective action plans.
2. SUNY Oneonta’s Internal Control Advisory Committee will periodically lead risk/vulnerability self-assessment activities.
3. Each Vice President or Divisional leader will actively engage in internal control activities for the areas and functions for which they are responsible.
4. SUNY Oneonta will regularly communicate the importance of internal controls to its employees and encourage employee participation in the identification of internal control weaknesses and development of corrective actions.
5. Internal control activities will be based on in-depth assessments of each area or function, including the identification of inherent risks and needed internal controls for each function.
6. SUNY Oneonta’s Internal Control Officer will establish a schedule for university-wide risk/vulnerability assessments, internal control reviews and other internal control activities or opportunities.
7. Each Vice President or Divisional leader is responsible for the internal control activity, corrective action development, documentation and status reporting in their respective Division. SUNY Oneonta’s Annual Internal Control Report and Divisional Annual Reports, if appropriate, will contain status reports on each Division’s internal control activities and accomplishments for the prior year.
8. SUNY Oneonta’s Internal Control Officer and the President will review each Division’s internal control activities and accomplishments annually prior to certifying the University’s Internal Control Program.