| STANDARD/TOPIC |
INCORRECT |
CORRECT |
|
Segregation of duties
|
One person in a department performs all of the administrative duties, such as opens the mail, prepares deposits, reviews receipts, etc.
|
To ensure strong internal controls, administrative duties must be shared among more than one department member
|
|
ProCards
|
Card-splitting or paying a large expense by having the transaction charged to a ProCard until the expense is paid off
|
For all purchases totaling more than the pre-set limit on ProCards, a purchase order must be submitted online to Procurement Services
|
|
Travel & entertainment reimbursements
|
- If all receipts are included and the Travel & Entertainment Reimbursements form is filled out completely, a supervisor's authorized designee can review and approve his or her supervisor's reimbursement form
- Employees assume it is acceptable to book business-related travel without first seeking approval
|
- The appropriate supervisor's signature is required for all reimbursements to be approved and processed. The business purpose is clearly stated, and all participants' names and titles are listed
- SNL's Personnel and Professional Development Committee (PPDC) reviews and approves all faculty travel
|
|
Hourly employees
|
Hourly employees are not paid if they choose to do work during their lunch hour
|
All hours that a non-exempt employee works must be recorded in the time reporting system
|
|
Political/government contacts
|
A member of the department does some lobbying and frequently contacts government officials
|
All contact with government officials must be cleared or made through the Office of Community, Government & International Affairs
|
|
FERPA
|
- Student information is regularly given out over the phone if the caller has a legitimate reason for needing the information
- Assume employees know every rule or stipulation governed under FERPA laws
|
- Only publicly accessible information about DePaul courses may be relayed to callers
- SNL posts a notice in its reception area reminding employees of FERPA-protected information that may not be revealed on telephone calls
|
|
I-9 Forms
|
A newly-hired employee hands in an I-9 form at his or her convenience
|
The I-9 form must be received by Human Resources prior to or on an employee's first day of work, whether they are part-time or full-time employees
|
|
Recruitment
|
Assume HR is doing all of the work in recruiting potential new employees
|
SNL assigns a few members of the department to share the responsibilities of making reference checks for potential job candidates
|
|
Account reconciliation and oversight
|
Budget manager has a disorganized process of recordkeeping, making the monthly reconciliation process difficult and increasing the chance for errors
|
The OGC developed a detailed Excel spreadsheet with separate pages for specific areas of expenses, such as computer equipment, software, printing fees, reimbursements, travel, etc. The spreadsheet helps organize the reconciliation process
|
|
Account reconciliation and oversight
|
Budget manager doesn’t keep any formal records of department’s finances and fails to regularly monitor and sign off on required documentation
|
Budget manager downloads Mobius report from Campus Connection and formats the report (Accounts Payable and general ledger worksheets only). The report is reconciled, the appropriate footnotes or a color key is added, along with a line to sign and date
|
|
Segregation of duties
|
One person in the department is assigned to handle all of the administrative tasks
|
Budget manager charts the segregation of duties with an Excel chart that lists duties and the responsible employee
|
|
Compliance responsibilities
|
Presume that the department is in compliance with DePaul standards and policies without pro-actively participating in the university’s compliance program
|
The Office of the EVP maintains a quarterly review binder used to hold all departmental documentation related to compliance issues. Included is the department’s organizational chart, segregation of duties chart, MCSA checklist and worksheet, job descriptions, etc.
|
|
ProCards
|
ProCard receipts are kept haphazardly in a pile with no formal way of keeping track of purchases or reimbursements
|
The Theatre School gives a large envelope to all of its ProCard holders to keep a one-line entry log system for transactions and store the receipts
|
|
Account reconciliation and oversight
|
Budget manager doesn’t keep any formal records of department’s finances and does not regularly monitor or sign off on required documentation
|
A deposit log and documentation is maintained by one person in the Athletic Department. The deposit log includes the date, amount, chart fields and if the deposits have been reconciled. The director maintains the logs and prepares the deposits. The assistant director makes the deposits
|
|
Account reconciliation and oversight
|
Budget manager doesn’t keep any formal records of department’s gifts
|
A gift report list is printed each month and reconciled to Mobius. It’s then given to the director of Athletics for review
|
|
Segregation of duties
|
One person in the department is assigned to handle all of the administrative tasks
|
Departmental procedures created to utilize different Athletic Department members to maintain proper segregation of duties for budgetary and administrative tasks
|
|
Account reconciliation and oversight
|
Budget manager doesn’t keep any formal records of department’s salary costs or payroll finances
|
Salary costs status report used for monthly payroll reconciliation in OSPR. Report is then filed and maintained with the reconciled Mobius report
|
|
Electronic information kept private and backed up
|
Assume that all electronic files are automatically backed up and kept private
|
On-going assessment of information security and protection of private information so it can’t be accessed by unauthorized users. Member of Diversity staff partnered with IS to ensure compliance
|
|
Records retention
|
No order or system is in place for keeping departmental records
|
Office of Diversity practices on-going risk assessment around confidential records storage and disposal to ensure compliance
|
|
Compliance responsibilities
|
Presume that the department is in compliance with DePaul standards and policies without pro-actively participating in the university’s compliance program
|
OSPR practices on-going risk assessment of grants administration to ensure compliance with laws. Regular meetings with grants compliance group and monitoring plan review
|
|
Emergency procedures
|
There is no departmental discussion of emergency procedures
|
Every new employee in the Career Center is given a two-sided card that addresses what to do in case of an emergency, including contact information and designated meeting place
|
|
Recruitment
|
There is no consistent way of interviewing or selecting a candidate for any open positions
|
OIPR developed a list of guidelines for its staff for interviews and the selection process, for use in combination with HR’s procedures
|
|
Information security
|
Department assumes electronic information is secure and takes no measures to ensure this
|
OIPR uses Campus Connect for user authentication on its Web site, maintains a list of valid users, whether internal or external, and assigns levels of access to its content
|
