The Controller is responsible for providing leadership in designing and implementing programs to ensure effective financial accountability, acceptable risk mitigation, and a healthy control environment. Information on the UC Berkeley control process, tools for risk assessment and mitigation, and a listing of selected risks and their related controls can be found on the Office of the Controller's web site. The Office of the Controller can be contacted at controller@berkeley.edu.
Audit and Advisory Services assists administrative officials in their oversight and operating responsibilities through independent audits designed to assess the adequacy and effectiveness of department controls.
Administrative officials are responsible for evaluating operations and applying appropriate values, policies, procedures and practices to mitigate risks in their department's day-to-day activities. They are responsible for nurturing a control environment where all employees are expected to be responsible, accountable, and ethical when conducting University business.
Administrative officials have oversight responsibility for developing and maintaining a system of controls that identifies and manages risks so that department or project objectives can be achieved.
Risk is the threat that an event or action will adversely affect an organization's ability to achieve its objectives and/or execute its strategies successfully.
Internal control is any process or action designed to reduce risk and give reasonable assurance that:
- Operations are effective and efficient,
- Financial and operational reports are reliable, and
- Compliance with applicable laws, regulations and UC policies and procedures has been achieved.
Inadequate segregation of duties, missing documentation, inappropriate access to assets, inadequate knowledge of UC Berkeley policies and procedures, and/or management override of procedures can jeopardize internal control. Too many controls, or controls mitigating the wrong risks (or no risks) lead to inefficiencies.