Internal Controls

Best Practices

  • Internal Control and Management Involvement - GFOA recommends that financial managers obtain the information and training needed to meaningfully take responsibility for internal control. In particular, they should obtain a sound understanding of the essential components of a comprehensive framework of internal control as set forth by the Council of Sponsoring Organizations (COSO) of the Treadway Commission on Fraudulent Financial Reporting in the publication Internal Controls —Integrated Framework. They also should ensure that all employees responsible in any way for internal control receive the information and training they need to fulfill their particular responsibilities.
  • Internal Control Framework- The GFOA recommends that state and local governments adopt the COSO’sInternal Control—Integrated Framework (2013) as the conceptual basis for designing, implementing, operating, and evaluating internal control so as to provide reasonable assurance that they are achieving their operational, reporting, and compliance objectives.
  • Internal Control Environment - GFOA recommends that governments establish a strong internal control environment.
  • Internal Control for Grants
  • Internal Control Deficiencies in Audits - GFOA recommends that governments take into account the following considerations in crafting a strategy for minimizing any potential negative effect resulting from the communication of internal control related matters identified in an audit.
  • Whistleblowing - GFOA recommends that every government establish policies and procedures to encourage and facilitate the reporting of fraud or abuse and questionable accounting or auditing practices.