Guidelines Financial Management
Guidelines Financial Management
Guidelines Financial Management
for
Financial Management
(Revised 2/02)
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Table of Contents
Part V: Index
Index........................................................................................................................78
Table of Contents
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Accountability
Each department has the responsibility and is accountable for managing the
resources it administers on behalf of the University.
The department head may delegate the overall financial management responsibility
to the Business Officer. Delegating authority does not relieve the department head
of accountability for activities under his/her direction. The Business Officer is
responsible for developing an appropriate structure for handling the department’s
financial resources. This will involve delegating a variety of tasks to employees
within the unit.
I. Principles
Accountability I-1
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
II. Responsibilities
Accountability I-2
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
REFERENCES
Accounting Services and Controls
(805) 893-8593
http://www.accounting.ucsb.edu
Audit Services
(805) 893-2829
http://www.audit.ucsb.edu
Accountability I-3
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Accountability I-4
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Conflict of Interest
The University’s overall policy on conflict of interest specifies that none of its faculty,
staff, managers, and officials shall engage in any activities which place them in a
conflict of interest between their official activities and any other interest or obligation.
It requires that all University employees disqualify themselves from participating in a
University decision when a financial conflict of interest is present.
University officials are responsible for ensuring the University’s teaching, research,
and service is conducted with integrity in an open, uncompromised environment.
I. Principles
D. The reporting of financial interests and the withdrawal from decision making
shall be consistent with the University’s Conflict of Interest Code and the
State of California’s Political Reform Act of 1974. (See UCOP Information
Practices and Conflict of Interest and the Political Reform Act
Disqualification Requirements brochure published by UCOP, July 1, 1999.)
II. Responsibilities
B. All employees should not purchase, lease, and/or contract for goods and
services from any University employee or near relatives unless the
Purchasing department has determined that goods or services are not
available from any other readily available sources.
Please note:
Conflict of Interest as it relates to Sponsored Projects and research is not included in
the above material. For research related Conflict of Interest, please contact the
Coordinator for Academic Conflict of Interest in the Office of Research.
REFERENCES
Administrative Services, Coordinator for general Conflict of Interest
(805) 893-2770
UCOP Information Practices and Conflict of Interest and the Political Reform Act
Disqualification Requirements brochure published by UCOP, 7/1/99
http://www.ucop.edu/ogc/coi/econinterest.html
Data Integrity
Each department head shall be responsible for developing a system that adheres to
the following Principles and Responsibilities.
I. Principles
C. Each unit must ensure that recorded assets match actual existing assets.
A mechanism must be in place to spot discrepancies and to ensure that
corrective actions are taken.
D. Each unit must ensure that all financial transactions are recorded
correctly. Correct transactions must:
4. be stored securely,
E. All systems that affect or are used to report financial data must be secure,
reliable, and accessible. These systems must be designed, documented,
and maintained according to accepted development and implementation
standards. They should be built upon sound data models and employ
technology that allows data to be shared appropriately.
Data Integrity I-7
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
F. All financial systems should meet the users’ needs. In addition, all
interfaces affecting any financial system must contain controls to ensure
the data is synchronized and reconciled.
II. Responsibilities
A system of integrity:
b. authorizing transactions,
If insufficient personnel within the unit requires that one person perform
all of these functions, the unit must assign a second person to review
the work for accuracy, timeliness, and honesty.
2) account classification,
3) description, and
4) proper accounting period.
d. all unit assets are properly described and accounted for in the
Financial System or other ‘official books of record,’ and
a. Project Initiation
1) gaining appropriate administrative approval
2) defining the nature, scope, benefits, risks, priorities, timing, and
most likely development and implementation method for the
project
3) identifying areas and individuals affected by the project
4) anticipating staffing, equipment, and other requirements
5) determining funding requirements and funding sources for the
project
d. Implementation
1) developing a detailed project plan that identifies all tasks that
need to be completed, who will do them and when they will be
done
2) ensuring that all aspects of the project will adhere to central
data administrative standards
3) testing to ensure the new system interfaces smoothly with other
systems, and that audits, controls, and checkpoints function
properly
4) naming a project coordinator, if the complexity of the project
warrants it
e. Post Audit
Once operational, the unit responsible for the new system must
ensure the level of service provided to the users is satisfactory and
that proper maintenance, backup and recovery systems are in
place.
Data Integrity I - 10
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Data Integrity I - 11
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
REFERENCES
Information Systems and Computing
(805) 893-2261
http://www.isc.ucsb.edu/
Data Integrity I - 12
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Financial Management
Each department on campus requires financial resources in order to perform its role
in the University’s mission of research, teaching, and public service.
Each department head shall adopt the following Principles and Responsibilities to
ensure sound financial management.
I. Principles
Financial Management I - 13
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
G. All expenditures must comply with all relevant policies, rules and
regulations, and contract and grant terms.
H. Each unit must evaluate the financial consequences before a new activity
is started or a current activity is changed or eliminated.
I. Each unit must ensure that the anticipated benefits are commensurate
with the costs for any planned or ongoing activities.
J. Each unit must provide adequate safeguards to protect against the loss or
unauthorized use of University assets.
II. Responsibilities
a. a mission statement with goals and objectives for each unit. This
statement should be simple, attainable, and include measurable
goals. It must be specific enough to be integrated into the overall
planning and budgeting process.
All systems for monitoring and evaluating financial data must include:
Financial Management I - 15
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
c. transaction errors, or
d. misuse of authority.
Financial Management I - 16
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
7. potential problems,
REFERENCES
Accounting Services & Controls
(805) 893-8593
http://www.accounting.ucsb.edu
Audit Services
(805) 893-2829
http://www.audit.ucsb.edu
UC Business and Finance Bulletin BUS - 49, Policy for Handling Cash and Cash
Equivalents
http://www.ucop.edu/ucophome/policies/bfb/bus49toc.html
Financial Management I - 18
Guidelines for Financial Management Principles and Responsibilities
Office of the Controller rev. 2/02
Every employee who conducts transactions affecting University funds must comply
with all applicable laws, regulations, and special restrictions.
I. Principles
II. Responsibilities
A. Financial Reporting
B. Records Retention
1. Administrative records are the property of the Regents and may not be
permanently removed from the University or destroyed except in
accordance with disposition schedules established by the Records
Management Committee.
D. Expenditures
2. the use of vendors which are small businesses and businesses owned
by women, minorities, and disabled veterans is encouraged.
5. When purchasing goods and services for the University, the following
additional requirements apply:
a. units that conduct sales activities must charge sales tax and
properly account for sales tax collected by coding related deposits
against sales tax payable account numbers designated by
Accounting Services and Controls, and
4. Any person who suspects that fraud or illegal activities are taking place
in their unit must report that suspicion immediately to their supervisor.
If the employee believes that this supervisor is involved, or is otherwise
uncomfortable reporting in this manner, they must immediately notify
Audit Services. Supervisors to whom such reports are made must
review them, and if they have merit, report them to the next level of
management or to Audit Services. Please refer to UCSB Policy 5700,
Procedure for Reporting and Reviewing Defalcations.
REFERENCES
Accounting Services and Controls
(805) 893-8593
http://www.accounting.ucsb.edu
Audit Services
(805) 893-2829
http://www.audit.ucsb.edu
Managers and leaders at all levels of the University are responsible for ensuring that
an appropriate and effective control environment is in place in their areas of
responsibility. Although management is responsible for establishing specific internal
control policies and procedures, everyone at the University shares responsibility
for internal control.
All employees play an important role in the achievement of the University’s goals
and objectives. Everyone is responsible for implementing and maintaining control
practices to ensure achievement of these goals. It is impossible to eliminate all
negative consequences, which are an inherent part of setting and meeting
objectives. It is, however, possible and necessary to reduce the negative
consequences to an acceptable level by implementing control practices.
Other groups play important roles. Audit Services evaluates control systems for
effectiveness and efficiency. The Office of the Controller provides leadership in
designing and implementing systems to ensure an effective financial accountability
and control environment.
External auditors review control systems for the impact on financial reporting and
compliance with requirements of external agencies.
Fundamental Concepts
Control Principles
Physical Security
Equipment, inventories, cash, and other property are secured physically, counted
periodically, and compared with amounts shown on control records.
Separation of Duties
Financial responsibilities are divided between different people to assure a single
person does not perform every aspect of a financial transaction. Segregating
responsibilities can reduce errors and prevent or detect inappropriate transactions.
Control Principles II - 28
Guidelines for Financial Management Internal Control and COSO
Office of the Controller rev. 2/02
Control Environment
The control environment, as established by the organization’s administration, sets
the tone of an institution and influences the “control consciousness” of its people.
Likewise, leaders of each department establish a local control environment. This is
the foundation for all other components of internal control. Control environment
factors include: integrity and ethical values, competence, leadership philosophy and
operating style, and the way management assigns authority and responsibility.
Risk Assessment
The UC campuses must be aware of and address the risks they face. They must
establish objectives. Risk assessment is the identification and analysis of relevant
risks to achievement of the objectives. This forms the basis for determining how the
risks should be managed.
Control Activities
Control activities are the policies and procedures that help ensure management
directives are carried out. Control activities occur throughout the institution, at all
levels and in all functions. They include such activities as approvals, reconciliations
of budget to actual, segregation of duties, and security of assets.
Monitoring
Monitoring is a process that assesses the quality of the system’s performance over
time. It is accomplished through ongoing activities such as review of operating and
financial reports, comparison of data to physical assets, separation of duties, and
authorization procedures. Monitoring can also be accomplished through separate
evaluations such as internal and external audits.
• Lack of separation of duties. One staff employee is responsible for all aspects of
specific types of financial activity such as payroll, purchasing, cash receiving, and
recording.
• Cash receipts from revenue generating activities or gifts not promptly endorsed,
recorded, safeguarded, deposited, and reconciled.
• Cash receipts not deposited. Used to fund petty cash type purchases.
• Recharge billings for on campus services not reviewed for validity and
correctness.
• Federally unallowable charges not properly object coded to exclude from campus
overhead rate calculation.
• Cost transfers involving a federal fund are not properly explained, approved, and
processed on a timely basis.
• Computer databases and data files not backed up on a regular basis. Electronic
backup media not stored in a safe location remote from the original data.
REFERENCES
Audit Services
(805) 893-2829
http://www.audit.ucsb.edu
Accounts Payable
1. Separation of Duties
Standard
• Accounts payable duties and responsibilities are adequately segregated.
Potential Consequences
• Erroneous or fraudulent payments may occur.
• Payments may be made to unauthorized or non-existent vendors.
Recommended Practices
• To the extent possible, different individuals should be assigned responsibility
for:
1. approving purchase requisitions and orders,
2. receiving ordered materials,
3. approving invoices for payment, and
4. reviewing and reconciling the monthly general ledger.
Standard
• Departments should avoid requesting that checks be held by Accounting for
pick up by the department, vendor, or employee.
Potential Consequences
• Erroneous or fraudulent payments may occur.
• Checks could be altered.
Recommended Practices
• Checks should be mailed directly to payee (i.e. vendor, employee, or
student).
Standard
• Vendor invoices are reviewed for accuracy and matched to purchase orders,
contract terms, and receiving documents prior to approving payment.
Potential Consequences
• Purchases may occur which are unauthorized, fraudulent, or unnecessary.
• Vendors may make claims for payment of unauthorized work performed.
• Erroneous payments may be made.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
• Prior to approving payment, vendor’s invoice, receipt information, and
purchase order are reviewed for: receipt of materials/services and accuracy of
price, prior payment, quantity, and account/fund information. Absence or
discrepancies of any of the above is resolved before payment is made.
• Purchases, invoices, and Check Requests should be approved only by
persons with delegated authority.
• Signature Authorization forms should be up to date and on file in Accounting
Services & Controls, Extramural Funds unit.
Standard
• Payments to consultants and for personal services shall be made only when a
signed agreement exists which has been reviewed and authorized by
Business Services. (See Business and Finance Bulletin BUS - 34, Securing
the Services of Independent Consultants.)
Potential Consequences
• Payments may be made which are unauthorized, fraudulent or unnecessary.
• An employer-employee relationship may exist, which would require following
the normal employment process.
• A conflict of interest may exist.
• Goods or services may be available from the University’s own facilities.
• The University may be subjected to undue insurance liability.
Recommended Practices
• Prior to obtaining the services of a consultant, or entering into a personal
service agreement, the agreement must be reviewed and authorized by
Business Services.
• Authorization for payments shall be a copy of the properly executed
agreement.
• Payment may not be made for services rendered prior to the contract period
unless proper approval has been obtained from Business Services and the
invoice(s) meets contract terms.
Standard
• Aged invoices, purchase orders, and receiving transactions are reviewed,
investigated and resolved.
Potential Consequences
• Payment may not be made for goods already ordered and received.
• Late payment may result in loss of supplier discount.
Recommended Practices
• Invoices sent for approval are monitored for payment.
• Ledgers are reconciled and reviewed monthly for accuracy and timeliness of
expenses.
REFERENCES
Business Services
(805) 893-4440
http://www.busserv.ucsb.edu/
UC Business and Finance Bulletin BUS - 34, Securing the Services of Independent
Consultants
http://www.ucop.edu/ucophome/policies/bfb/bus34.html
1. Segregation of Duties
Standard
• Individuals with delegated approval authority for travel expenses shall not
approve their own travel.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Reimbursement could be made for personal or non-business related travel
Recommended Practices
• All reimbursements for travel expenses must be in accordance with BUS
G–28.
• Individuals with delegated approval authority must obtain approval for their
own travel from their supervisor or other higher level individual.
Standard
• Responsibility for preparing and approving/releasing a Travel Expense
Voucher is assigned to separate individuals. Adequate internal controls are
maintained in approval and payment process.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
Recommended Practices
• All relevant documentation should be attached to the payment request.
• The approver/releaser of a Travel Expense Voucher should be someone
other than the preparer.
• Reimbursement of travel expenses shall be delivered directly to the payee.
• Payments shall not be delivered to any of the individuals involved in the
approval or payment preparation process.
Standard
• All official University travel must be authorized by persons delegated such
authority. (Please contact your control point or Department Head to identify
who has such authority.)
Potential Consequences
• Reimbursement could be made for personal or non-business related travel.
• Damaged public image.
• Loss of future funding.
• Excessive costs may be incurred due to inappropriate practices or fraud.
Recommended Practices
• A Travel Expense Voucher must be approved for payment by the traveler’s
department head or by a person delegated such authority.
• Approval from the delegated authority must be in writing.
• Current signature authorization forms must be on file with Accounting
Services & Controls, Extramural Funds unit.
• A Travel Expense Voucher should not be approved by a person who reports
directly to the traveler unless prior approval has been obtained.
• Travel expenditures should be cost effective and in accordance with the best
use of public funds.
Standard
• All travel expense reimbursements must be allowable, reasonable, and
substantiated in accordance with BUS G-28.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Business Travel & Moving Expenses III - 38
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Recommended Practices
• Individuals must be eligible for travel expense reimbursement. Foreign
visitors must have a proper Visa (J1, B1-B2, WB-WT, F1, or H1). Please
contact the Accounting Services & Controls, Travel unit for further
information.
• A Travel Expense Voucher must be submitted to Accounting Services and
Controls within 21 days of the completion of the trip.
• All transportation expenses must be reimbursed based on the most
economical mode of transportation and the most usually traveled route.
• Coach class or any discounted class shall be used.
• Only U.S. carriers shall be used for travel reimbursed from Federal grants and
contracts.
• The use of University-owned automobiles shall be in accordance with
Business and Finance Bulletin BUS - 46, Use of University Vehicles.
• Allowable meal and incidental expense rates must be used. (Please see BUS
G – 28.)
• For meals and incidentals, reimbursement should be made for actual costs
only.
Standard
• A Travel Expense Voucher shall be used to account for all travel expenses
incurred in connection with official University travel.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Appropriate and necessary approval may not be obtained.
Recommended Practices
• The Travel Expense Voucher must be completed in accordance with BUS G -
28.
• Original receipts must be attached.
• When receipts are lost or cannot be obtained, a statement describing the
reason for the unavailability must be included as part of the documentation
submitted with the Travel Expense Voucher.
• The Travel Expense Voucher must be signed by the traveler certifying that
the amounts are true. If the traveler cannot sign, a reason must be indicated.
• The Travel Expense Voucher must be approved by the department head or
equivalent authority.
• The Travel Expense Voucher should be reviewed to ensure all expenses are
reasonable, allowable, and properly supported.
Business Travel & Moving Expenses III - 39
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Travel expenses incurred by non-University personnel shall not be
reimbursed unless the travel has been approved in advance by the delegated
authority.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommendations
• Individual with delegated approval authority must authorize the
reimbursement of travel for prospective appointees before any commitment
for reimbursement is made.
• A Travel Expense Voucher must be completed in accordance with BUS G -
28.
Standard
• Travel to conventions, conferences, or business meetings must be
reimbursed in accordance with BUS G - 28.
Potential Consequences
• Travel reimbursements may occur which are unauthorized, fraudulent, or
unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
• Travel expenses incurred for attending conventions, conferences, or business
meetings are allowed when approved by a department head or equivalent
authority.
• Expenses which can be reimbursed include registration fees, transportation,
subsistence, and some miscellaneous expenses.
• Reimbursement for any portion of the registration fee related to optional
entertainment is not allowed.
Standard
• Departments should exercise minimal use of travel advances.
Potential Consequences
• Unused advances may not be reimbursed promptly and collection may
become a problem.
• Loss of STIP for the University.
• Accounting for expenses becomes more difficult and requires additional
processes.
• Amount requested on the Travel Advance Request Form could exceed
estimated expenses.
• Trip could be cancelled or postponed.
• Failure by the employee to return unused travel advances within 120 days
requires the University to consider the advance amount as income to the
employee under IRS regulations.
Recommended Practices
• Eligible travelers should request a corporate card.
• Travel advances may only be issued under the following circumstances:
1. the traveler is not eligible to participate in the corporate travel card
program,
2. the traveler has incurred credit card expenses which must be paid before
the trip is completed, or
3. the travel requires special handling, such as group travel.
• Cash advances should not be authorized for any person who is 30 days
delinquent in submitting a Travel Expense Voucher for a prior trip.
• The traveler must account for the total amount of all expenses and advances
pertaining to a trip by submitting a Travel Expense Voucher within 21 days of
the completion of the trip. Original receipts must be retained for submission
with the Travel Expense Voucher.
• Advances must be refunded immediately if an authorized trip is cancelled or
indefinitely postponed.
Moving Expenses
Standard
• Reimbursement of moving expenses must be authorized by persons
delegated such authority. (Please contact your control point or Department
Director to identify who has such authority).
Potential Consequences
• The employee or new appointee may not have met the eligibility requirements
for reimbursement of his/her moving expenses.
• The employee or new appointee’s taxable income may be miscalculated.
• Excessive costs may be incurred due to inappropriate practices or fraud.
• Damaged public image.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
Business Travel & Moving Expenses III - 41
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Periodic reviews are performed to ensure travel expenditures are accurate
and appropriate.
Potential Consequences
• Expenses may be charged to the wrong account/fund.
• Financial reports could be misstated.
• Loss of future funding.
Recommended Practices
• Departments should review the general ledger on a monthly basis to ensure
travel expenses are properly classified, recorded, and accurate.
• Departments should review contract and grant terms and other fund
restrictions to ensure expense is allowable and appropriate.
REFERENCES
Accounting Services and Controls, Travel
Manager, Dale Pearson
(805) 893-7226
http://www.accounting.ucsb.edu/travel/
UC Business and Finance Bulletin G-13: Policy and Regulations Governing Moving
and Relocation
http://www.ucop.edu/ucophome/policies/bfb/g13toc.html
UC Business and Finance Bulletin G-28: Policy and Regulations Governing Travel
http://www.ucop.edu/ucophome/policies/bfb/g28toc.html
Cash Receipts
The term “cash” includes currency, coin, checks, money orders, and credit card
receipts. Receipts and deposits involve collecting, safeguarding, and depositing
funds received.
1. Separation of Duties
Standard
• Responsibilities for receiving and depositing cash/checks are assigned to
separate individuals whose duties are adequately segregated from other
activities.
Potential Consequences
• Cash receipts may be lost, stolen, or misappropriated.
• Cash received may be lost or inaccurately applied to accounts.
Recommended Practices
• To the extent possible, different individuals should be assigned responsibility
for:
1. receiving and depositing cash,
2. recording cash payments to receivable records,
3. reconciling cash receipts to deposits and the general ledger,
4. billing for goods and services,
5. following up on collection of returned checks, and
6. distributing payroll or other checks
• Incoming cash is handled by the least possible number of people, and
designated individuals are responsible for safeguarding funds until deposited.
Standard
• Individual accountability for all cash, including cash receipts, change funds
and petty cash funds should be maintained at all times.
Potential Consequences
• Cash receipts may be lost, stolen or misappropriated.
Recommended Practices
• An accounting record for cash should be established immediately upon
receipt.
• Access to cash should be restricted at all times to the person (the custodian)
accountable for the funds. This person should be provided a locked, secure
storage facility to which only he/she has access. This could be a lockable
cash drawer, safe, safe compartment, or filing cabinet. The degree of
security facility should be commensurate with the amounts being stored.
(See Business and Finance Bulletin, BUS-49, for safe requirements.)
• All transfers of cash accountability should be documented. Documentation
should include amount transferred, date, and signatures of both persons
involved in the transfer. The documentation should be kept in a location
separate from the cash funds.
• A supervisor should verify cash deposits, cash overages and shortages.
• A supervisor should sign and approve any voids or refunds.
Standard
• Receipts are recorded accurately, completely, and on a timely basis.
Potential Consequences
• Financial records and financial statements may be misstated.
• Cash and other cash-related accounts may be misstated.
• Cash received may be lost or inaccurately applied to department accounts.
• Cash receipts may be recorded in the wrong accounting period.
• Cash flow may not be maximized.
Recommended Practices
• All cash should be immediately recorded upon receipt. The recordings may
be made on a cash register, a computer system data entry terminal, by
means of pre-numbered receipt forms, or on a hand written log. Each
individual cash receipt should be identified and controlled by a unique
transaction number, such as a cash register ring number or cash receipt
number. The cash receipt records should provide the following information:
• Name of department receiving cash.
• Name of person or organization cash was received from.
• Amount received and cash, check, or credit card indicator.
• Check amount and check number.
• Date.
• Identification of person receiving cash. When receipt forms are used, they
should include signature of the person receiving cash. An equivalent
identification should be provided for when receipts are recorded on a cash
register, computer terminal or hand written log.
• Transaction number, cash register ring number, or receipt form number.
• Checks should be made payable to UC Regents and should be
restrictively endorsed to the UC Regents immediately upon receipt.
Cash Receipts III - 44
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Undeposited cash receipts should be kept locked at all times.
Potential Consequences
• Cash receipts may be lost or stolen.
Recommended Practices
• Funds held overnight should be minimized. Cash should be kept in a locked
safe or other secure storage facility. The degree of security provided should
be commensurate with the amounts stored. (See Business and Finance
Bulletin, BUS-49, for safe requirements.)
• Combinations or keys to safes and other cash storage facilities should be
restricted to the custodian of the cash and a designated backup.
• Combinations or locks must be changed annually and whenever a person
with the combination or key leaves the department. A log must be maintained
of these changes.
• Combinations should be kept in a sealed, signed envelope, in a secure
location in the event access to the safe is needed and the custodian is
unavailable.
• Persons responsible for cash should be instructed to maintain confidentiality
of safe combinations.
• Appropriate precautions should be taken when transporting cash from
departments to the Cashiers Office. Cash should not be sent through the
campus mail. When large amounts are involved, or when cash must be
transported after dark, a campus police escort is advised.
Standard
• Receipts, deposits, and bank account balances are reconciled monthly.
Potential Consequences
• Lost, incorrectly recorded, or misappropriated cash receipts may not be
identified and corrected.
Recommended Practices
• The following reconciliation procedures should be performed or reviewed by a
supervisor not directly involved in receiving and recording cash:
• Cash receipts should be counted and balanced to the cash recorded at
the end of each business day.
• A receipt for each cash deposit should be obtained from the Cashier’s
Office and compared with the department’s record of the deposit amount.
• The cash deposits listed in monthly general ledger reports should be
reconciled to the department’s records of cash receipts. Any differences
should be investigated and explained.
• A dated and signed record of the reconciliations should be prepared and
retained.
• Cash receipts are recorded on the day received.
REFERENCES
Accounting Services & Controls
(805) 893-8953
http://www.accounting.ucsb.edu
UC Business and Finance Bulletin - 49, Policy for Handling Cash and Cash
Equivalents
http://www.ucop.edu/ucophome/policies/bfb/bus49toc.html
Entertainment
Departments organizing and managing sponsored events should consider risks and
exposure. Early planning should include consultation with control points, Business
Services, Purchasing and/or Accounting Services & Controls, whichever is
appropriate in obtaining approvals, services and supplies.
1. Segregation of Duties
Standard
• Individuals with delegated approval authority for entertainment expenses shall
not approve their own entertainment.
Potential Consequences
• Entertainment reimbursements may occur which are unauthorized, fraudulent,
or unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Reimbursement could be made for personal or non-business related
entertainment.
Recommended Practices
• All reimbursements for entertainment expenses must adhere to Business and
Finance Bulletin, BUS-79, Entertainment.
• Individuals with delegated approval authority must obtain approval for their
own entertainment from their supervisor or other higher level individual.
Standard
• Adequate internal controls are maintained in the approval and payment
process.
Entertainment III - 47
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Potential Consequences
• Entertainment reimbursements may occur which are unauthorized, fraudulent,
or unnecessary.
• Excessive costs may be incurred.
• Damaged public image.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Loss of future funding.
Recommended Practices
• Reimbursement of entertainment expenses shall be delivered directly to the
payee.
• Payments shall not be delivered to any of the individuals involved in the
approval or payment preparation process.
• All relevant documentation should be attached to the payment request.
Standard
• Expenses for entertainment must be directly related to, or associated with
official University business.
Potential Consequences
• Reimbursement could be made for personal or non-business related
entertainment.
• Damaged public image.
• Loss of funding.
• Excessive costs may be incurred due to inappropriate practices or fraud.
Recommended Practices
• When a University employee acts as an official host, the occasion must serve
a clear University business purpose, with no personal benefit derived by the
official host or other University employees.
• Entertainment expenditures should be cost effective and in accordance with
the best use of public funds.
Standard
• All entertainment expenses must be approved by a department head or
equivalent authority.
Potential Consequences
• Entertainment reimbursements may occur which are unauthorized, fraudulent,
or unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Entertainment III - 48
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Recommended Practices
• Department heads or equivalent authority must ensure entertainment
conforms to the requirements of BUS - 79.
• Department heads must ensure certification by official host.
• All claims submitted for payment or reimbursement must include appropriate
supporting documentation.
• All requests for reimbursements must be submitted on Form U5-8E,
“Payment Request: Business Meeting & Entertainment.”
• Department heads or equivalent authority must verify that expenses incurred
are appropriate to the fund source. Please refer to “Instructions for Business
Meeting and Entertainment Expense Reimbursement Using Forms U5-8E,
U5-8EA, and U5-EW; Appendix A” and/or BUS - 79 for a list of current fund
restrictions governing business meeting and entertainment expenses.
• Individuals with delegated approval authority shall not approve the
entertainment of a person to whom they directly report.
• Individuals with delegated approval authority shall not approve their own
entertainment.
• A signature authorization form must be on file in Accounting Services and
Controls, Extramural Funds unit for each individual to whom approval
authority has been delegated.
Standard
• Approval of exceptional entertainment expenses must be obtained at the
appropriate level.
Potential Consequences
• Entertainment reimbursements may occur which are unauthorized, fraudulent,
or unnecessary.
• Excessive costs may be incurred.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
• Approval of exceptional expenses must be obtained at the appropriate level.
• Request for reimbursement must include a written justification as to why the
higher costs were unavoidable and necessary to achieve a University
business purpose.
• Reimbursements of exceptional entertainment expenses shall be limited to
the actual costs incurred.
• Reimbursements of exceptional entertainment expenses must be completed
on Form U5-8EW, “Prior and Exceptional Approval Worksheet for
Entertainment.”
Entertainment III - 49
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Periodic reviews are performed to ensure entertainment expenditures are
accurate and appropriate.
Potential Consequences
• Expenses may be charged to the wrong account/fund.
• Financial reports could be misstated.
• Loss of future funding.
Recommended Practices
• Departments should review the general ledger on a monthly basis to ensure
expenses are properly classified, recorded, and accurate.
• Departments should review contract and grant terms, and other fund
restrictions to ensure expense is allowable and appropriate.
REFERENCES
UCSB Instructions for Business Meeting and Entertainment Expense
Reimbursement Using Forms U5-8E, U5-8EA, and U5-EW
http://www.accounting.ucsb.edu/forms/entertainment.shtml
Entertainment III - 50
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Equipment Management
Equipment Management, as defined under Business and Finance Bulletin BUS - 29,
Management and Control of University Equipment, involves the management and
control of inventorial equipment (non-expendable – i.e., with a life expectancy of
more than 1 year, free-standing, and with an acquisition value of $1,500 or more)
owned by or in the custody of the University. Management and control includes the
approval of acquisitions, maintenance of records, and disposal of equipment.
1. Separation of Duties
Standard
• Key duties and responsibilities are segregated.
Potential Consequences
• Financial statements and equipment records could be misstated.
• Substantiation of account balances and verification of the related assets may
not be possible.
• Equipment location may be incorrect.
• Equipment may be lost, stolen or destroyed.
Recommended Practices
• An employee assigned to perform a physical inventory should not be the
person responsible for maintaining custody of the items.
• Equipment Inventory Modification Request (EIMR) forms should be approved
by someone not directly responsible for custody or disposal of equipment,
preferably department management.
A. Acquisition
Standard
• Asset acquisitions are authorized and approved.
Potential Consequences
• Unsuitable or unauthorized assets may be acquired.
• Required approval may be circumvented resulting in unauthorized
expenditures.
Recommended Practices
• Purchase requisitions should be approved by a person delegated approval
authority.
• A person delegated approval authority should approve either the invoice
for the purchase or the purchase requisition, but not both.
• Items should be inspected for condition prior to approving invoice
payment.
• Adjustments to inventorial records for returned, missing, damaged and
changed items should be approved by departmental management, and
processed via a change order request which advises Purchasing,
Equipment Management, and Accounting Services & Controls.
Standard
• The transfer or disposal of assets is authorized and approved.
Potential Consequences
• Assets may be sold, scrapped, retired, stolen, revalued, or converted to
personal use without management’s knowledge.
• Equipment records could be inaccurate due to transfers, losses and
disposals made without management’s knowledge.
Recommended Practices
• Departmental and Materiel (Equipment) Management approval should be
obtained prior to the physical removal, sale, scrapping, loan, or transfer of
any assets. (See UCSB Policies 5360 and 5363.)
• Adjustments to inventory records for sold, scrapped, loaned, transferred,
missing or stolen assets should be processed and recorded by means of
an Equipment Inventory Modification Request (EIMR) and, in the case of
stolen assets, completion of a Police Department theft report.
A. Custodial Arrangements
Standard
• Off-campus business use of University equipment should be permitted
only according to University policy.
Potential Consequences
• University equipment could be lost, stolen or misappropriated.
• Financial statements and equipment records may be misstated.
• The University could be liable for accidents at off-site locations.
Recommended Practices
• Off-campus use of University equipment should be allowed for University
business purposes only and should be approved by the department head.
• An EIMR should be approved by the department and submitted to
Equipment Management to record the relocation of the equipment to an
off-campus location.
• Concerns about insurance requirements should be directed to Business
Services.
B. Security Arrangements
Standard
• Standard University security procedures should be followed regarding key
control and theft prevention.
Potential Consequences
• University equipment could be lost or stolen.
• Financial statements and equipment records may be misstated.
• University could be liable for accidents.
• Decrease in departmental productivity.
• Damaged public image.
Recommended Practices
• The number of employees having access to equipment and inventories
should be held to a minimum.
• Locks should be rekeyed or changed whenever significant personnel
turnover or theft of keys occurs.
• If in doubt, departments should obtain assistance from the campus Police
Department regarding the establishment and maintenance of proper
security procedures.
Standard
• Assets are accurately and promptly classified, recorded, and valued.
Potential Consequences
• Financial statements and equipment records may be misstated.
• Acquisitions may be incorrectly capitalized or expensed.
• Assets may be incorrectly valued.
Recommended Practices
• Acquisition documents such as purchase orders should be routed by the
Purchasing Department through Equipment Management for classification
as inventorial or non-inventorial.
• All inventorial equipment should be identified, promptly recorded upon
receipt, and affixed with the correct property tag.
• All University equipment should be adequately insured. (Please see
Business and Finance Bulletin BUS - 28, Property Self - Insurance
Program.)
Standard
• Detailed equipment records are established to maintain accounting control
and physical accountability of assets.
Potential Consequences
• Substantiation of account balances and verification of the related assets
may not be possible.
• Assets may be lost, stolen, destroyed, or temporarily diverted.
• Asset location may be incorrect.
Recommended Practices
• Detailed equipment records should be maintained.
• Assets should be tagged for ease of identification and accountability.
• The movement of assets (e.g. between departments) should be
documented, and the detailed property records accordingly updated, by
means of an EIMR which should be approved and submitted to Equipment
Management.
• Periodic reviews should be performed to identify assets that are surplus or
idle. Obsolete, inactive or damaged items should be removed from
inventory, by means of an EIMR which should be approved and submitted
to Equipment Management.
• Departments should adequately insure equipment and consider
applicability of “buy-down” insurance.
Standard
• Periodic reviews are performed to ensure the accuracy of equipment
records and recorded asset balances.
Potential Consequences
• Financial statements and equipment records may be misstated.
• Lost, stolen, scrapped, transferred, or sold assets may not be correctly
identified and the detailed equipment records may not be updated.
• Assets may be incorrectly valued.
Equipment Management III - 54
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Recommended Practices
• Physical counts of equipment should be taken annually as part of the
Physical Inventory Report (EQ920) process. Equipment inventory results
should be compared to the detailed property records with discrepancies
resolved in a timely manner.
• Properly annotated and signed Physical Inventories should be returned to
Equipment Management by departments. Changes are recorded in the
central campus inventory database.
REFERENCES
Business Services
(805) 893-4440
http://www.busserv.ucsb.edu
Equipment Management
(805) 893-2389
http://www.busserv.ucsb.edu/equipmentmanagement/index.htm
Purchasing
(805) 893 – 2555
http://www.busserv.ucsb.edu/contractsprocurement/purchasing.htm
UC Business and Finance Bulletin BUS - 28, Property Self -Insurance Program
http://www.ucop.edu/ucophome/policies/bfb/bus28.html
UC Business and Finance Bulletin BUS - 29, Management and Control of University
Equipment Section A – General
http://www.ucop.edu/ucophome/policies/bfb/bus29a.html
Honoraria
1. Method of Payment
Standard
• Depending upon the individual’s status, (i.e. employee, non-employee,
nonresident alien) the correct method of payment must be used.
Potential Consequences
• Individual may not be eligible for honoraria payment.
• Potential tax liability may exist for both the University and the individual.
• Excessive costs may be incurred.
• Payments may occur which are unauthorized or unnecessary.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Loss of future funding.
Recommended Practices
• Non-University employees are paid through Accounts Payable via a Form 5
(Request for Issuance of Check). Please contact Accounting Services &
Controls, Accounts Payable unit for further information.
• University employees are not eligible for honoraria payment. Payment is
made via the payroll process. Per diem and travel expenses are reimbursed
with a Travel Expense Voucher. Appropriate receipts must be attached to the
Travel Expense Voucher.
• Nonresident aliens who are holders of B-1/B-2 visas are not eligible for
honoraria payment. For further information, please contact the Immigration
Counselor in International Students & Scholars Office.
Standard
• Requests for honoraria payments are appropriately approved.
Honoraria III - 57
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Potential Consequences
• Payments may occur which are unauthorized or unnecessary.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
• Loss of future funding.
• Excessive costs may occur.
Recommended Practices
• Honoraria of $500 or less must be approved by the department chairperson
or principal investigator.
• Honoraria of $501 to $2,000 must be approved by the appropriate Provost,
Dean or Vice Chancellor.
• Honoraria exceeding $2,000 must be approved by the Chancellor or the Vice
Chancellor and the supporting documentation should include a curriculum vita
and a statement of purpose.
Standard
• Periodic reviews are performed to ensure honoraria payments are accurate
and appropriate.
Potential Consequences
• Expenses may be charged to the wrong account/fund.
• Financial reports could be misstated.
• Loss of future funding.
Recommended Practices
• Departments should review the general ledger on a monthly basis to ensure
honoraria payments are properly classified, recorded, and accurate.
• Departments should review contract and grant terms, and other fund
restrictions to ensure the expense is allowable and appropriate.
REFERENCES
Accounting Services and Controls, Accounts Payable
Manager, Asger Pedersen
(805) 893-3919
http://www.accounting.ucsb.edu/disbursement/
Honoraria III - 58
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
REFERENCES (cont’d)
Honoraria III - 59
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Honoraria III - 60
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Payroll
Payroll involves preparing and approving personnel actions including those for
hiring, changes in employment and separation; accounting for payroll costs,
deductions, benefits, sick leave, and vacation accrual; distributing checks to
employees; and ensuring the confidentiality and security of payroll information.
The control standards below are presented in terms of the most desirable operating
conditions. There may be situations when optimum conditions are not attainable or
when existing conditions may provide adequate control within the intent of the
standards. In such situations, variance from these control standards, and the
reasoning, must be documented and have the written approval of the Department
Head.
1. Separation of Duties
Standard
• Key payroll duties and responsibilities are segregated.
Potential Consequences
• Payroll distributions may be made to unauthorized employees and remain
undetected.
• Improper changes may be made to payroll files or personnel documents
resulting in misappropriation of funds.
• Incorrect hours may be submitted for payment.
• Unauthorized issuance of payroll checks may occur.
Recommended Practices
• To properly control payroll activities, different employees should be
responsible for updating the on-line Payroll/Personnel System (PPS),
reviewing PPS actions (PAN notices), and reviewing the monthly Distribution
of Payroll Expense Reports.
• Payroll checks and Surepay statements should be distributed by an employee
not involved in updating the PPS, or preparing or approving payroll
documents.
Payroll III - 61
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Entries and adjustments to the payroll system are made by authorized
individuals.
Potential Consequences
• Employees may be erroneously or fraudulently paid for hours not worked, or
may not be paid for hours actually worked.
• Employees may be paid for unauthorized overtime.
Recommended Practices
• Payroll documents should be approved only by persons with delegated
authority.
• Current Signature Authorization forms should be on file in the Accounting
Services and Controls, Extramural Funds unit.
• Employees should not approve actions affecting their own pay.
• Attendance records are approved each month.
• Time recording and reporting modifications are approved each month.
Standard
• Payroll checks and Surepay statements are kept secure.
Potential Consequences
• Misappropriation of unclaimed checks, loss of checks, or misdirected deposits
may occur.
Recommended Practices
• Departments may request proof of identity prior to distribution of payroll
checks or Surepay statements.
• An attempt should be made to notify payees of unclaimed checks or Surepay
statements.
• Payroll checks or Surepay statements are returned to the Payroll unit after 2
weeks if unclaimed.
Standard
• Payroll charges in the General Ledger should be reviewed.
Potential Consequences
• Financial statements may be misstated.
• Inaccurate payroll information maybe recorded in the general ledger and may
not be detected.
• Detailed withholdings and payments may not agree to the recorded
withholdings and payments.
Payroll III - 62
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Recommended Practices
• Departments should review and reconcile the Distribution of Payroll Expense
reports to the General Ledger on a monthly basis.
• Any questionable or irregular entries should be immediately investigated and
resolved.
• The reviewer should sign and date reports to signify that the review has been
satisfactorily completed.
• Actual payroll costs are compared to budgeted costs for reasonableness.
REFERENCES
Accounting Services & Controls, Payroll
Manager, Sona Baboolal
(805) 893-3259
http://www.accounting.ucsb.edu/payroll/
Payroll III - 63
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Payroll III - 64
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Purchasing
Purchasing involves the procurement of all goods and services used by all
departments at the University. Consideration may include price, quality, service,
delivery, and technology.
Definitions
Commodity Agreements: University wide agreements that are used to realize the
greatest economic advantage to the entire UC system. A list of the agreements may
be obtained from the Purchasing Department or at the following web site:
www.ucop.edu/matmgt.
Low-Value Items: Supplies, repairs and services which do not exceed the
authorized limit granted a department. (A limit of $500.00, including sales or use
tax, but excluding transportation, is automatically given to all departments. Upon
request to the Director of Materiel Management, and after completion of mandatory
training, a department may be granted an authorized limit of $2,500.00, including
sales and use tax but excluding transportation.)
Vendor Blanket: A purchase order to a specific vendor for a specified period of time
that is used to facilitate the issue of repetitive orders by departments and is confined
to non-inventorial materials.
Purchasing III - 65
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
1. Separation of Duties
Standard
• Separation of purchasing related duties are established so that no one
employee has control over every aspect of a purchase transaction.
Potential Consequences
• Unauthorized or unnecessary purchases may occur.
• Purchases of goods and services for personal use could be made.
• Excessive costs may occur.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
• To the extent possible, different individuals should be assigned responsibility
for:
1. approving purchase requisitions and orders,
2. receiving ordered materials,
3. approving invoices for payment, and
4. reviewing and reconciling the monthly general ledger.
Standard
• All purchase requests are documented in sufficient detail and approved by the
appropriate level of management before the purchase is made.
Potential Consequences
• Purchases may occur which are unauthorized, fraudulent or unnecessary.
• Vendors may make claims for payment of unauthorized work performed.
• Excessive costs may occur due to inefficient practices or fraud.
• Improper charges may be made to account/funds resulting in
misappropriation of funds.
Recommended Practices
• Purchases, invoices, and Check Requests should be approved only by
persons with delegated authority.
• Signature Authorization forms should be up to date and on file in Accounting
Services & Controls, Extramural Funds unit.
• The receipt of goods and services should be verified prior to approving
invoices for payment.
• Verification should be made that invoiced amounts and all account coding is
accurate.
• Verification should be made that payment has not already occurred.
• Low-value purchasing policy requirements should be observed. (See UCSB
Policy 5342, Policy on Low-Value Purchases.)
Purchasing III - 66
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
• Orders for controlled substances are not to be placed directly with the vendor.
(See UCSB Policy 5333, Purchasing Materials and Services for UCSB.)
• Purchasing policy requirements including the use of Commodity Agreements,
pool purchases, conflict of interest and vendor blankets should be observed.
(See UCSB Policy 5333, Purchasing Materials and Services for UCSB, and
UCSB Policy 5005, Conflict of Interest.)
• Departments should review all invoices for clerical accuracy and
appropriateness of purchase prior to payment.
REFERENCES
Purchasing
(805) 893-2555
http://www.busserv.ucsb.edu/contractsprocurement/purchasing.htm
Purchasing III - 67
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Purchasing III - 68
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Systems
1. Managing Systems
Standard
• Each department has identified individual(s) responsible for approving system
or application design changes, ensuring adequate testing, assigning security
classifications, authorizing access to system data files, and handling all other
related management considerations.
Potential Consequences
• The University may be liable for misstatement of information.
• Systems may not be fully tested prior to running in production, resulting in
data integrity issues and poor management decisions.
• Access and/or changes to systems may not be properly authorized.
• Data loss, modification or theft may occur.
Recommended Practices
• A current list of system and application owners is maintained, updated, and
reviewed by a Department Security Administrator (DSA).
• New systems should be developed or acquired consistent with UC and
Campus policies, guidelines, and procedures. (See Business & Finance
Bulletins, Information Systems (IS) series.)
• Adequate testing is conducted for system changes to verify that requested
changes perform properly.
• Acceptance of new systems and system changes are properly authorized and
documented.
• Adherence to record retention requirements are maintained. (See UC
Records Management Disposition Schedules).
• Backup information is maintained at a secure, off-site location.
• Disaster recovery requirements are defined and developed.
Systems III - 69
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Departments adhere to policy, procedures, and standards governing the
development of new application systems, modifications or conversions to
existing systems, and acquisition of third-party software.
Potential Consequences
• Inconsistent methods may be applied or specific procedures bypassed, which
may compromise system integrity and reliability.
• Excessive costs may be incurred.
• System changes may not be implemented correctly.
• Problems uncovered during testing may not be adequately resolved.
• Data may be lost or altered.
• End users may not be adequately trained prior to implementation.
Recommended Practices
• New systems should be developed or acquired consistent with UC and
Campus policies, guidelines, and procedures. (See Business & Finance
Bulletins, Information Systems (IS) series.)
• New systems should be completely tested prior to putting them into operation.
• Systems should be fully documented to include operations, program, and
user instructions.
• Systems should include audit trails and edit routines.
• Contact the Office of the Controller to ensure adequate internal controls.
3. Security
Standard
• Employees should receive appropriate information on managing and
protecting confidentiality of passwords.
Potential Consequences
• Inappropriate information may be shared between employees, departments or
business units.
• Data loss, modification, or theft may occur.
• Erroneous management decisions may be made based on inaccurate data.
Recommended Practices
• Passwords are not displayed or stored in areas visible to others.
• All security features that are built into the system and software are utilized.
• Security awareness training is provided to employees, which includes defining
acceptable practices.
• User access is authorized, periodically reviewed, and removed when no
longer required.
Systems III - 70
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
Standard
• Equipment, software, and data files should be properly safeguarded against
theft, damage, natural disasters or application viruses.
Potential Consequences
• Equipment could be lost, stolen or damaged.
• Data loss, modification or theft may occur.
• Critical business activities may be suspended or discontinued resulting in
substantial financial, productivity, or data loss.
• Confidential information may be disclosed.
• The University may be subject to financial liability.
Recommended Practices
• Unauthorized individuals should not have access to University equipment or
applications.
• Physical security measures are taken to prevent theft of equipment.
• Procedures are in place to prevent virus replication and software from being
copied or implemented illegally.
• Security awareness training is provided to employees.
• Software installed on UC equipment should be authorized and used for UC
business purposes. Software use shall conform to copyright laws and
licenses.
• Systems, programs, databases, and data files should have logical access
security and be physically secure.
4. Disaster Recovery
Standard
• Departments should have backup and recovery processes to ensure
continuity of operations.
Potential Consequences
• Systems may not be recoverable.
• Excessive time may be required for recovery.
• Critical business activities may be suspended or discontinued resulting in
substantial financial or productivity loss.
• Loss of data.
• Loss of data integrity or accuracy may occur.
Recommended Practices
• Back-up media should be stored in a secure off-site location, remote from the
production files.
Systems III - 71
Guidelines for Financial Management Guidelines for Financial Processes
Office of the Controller rev. 2/02
REFERENCES
Information Systems and Computing
(805) 893-2261
http://www.isc.ucsb.edu/
Systems III - 72
Guidelines for Financial Management References
Office of the Controller rev. 2/02
References
Departments
Audit Services
(805) 893-2829
http://www.audit.ucsb.edu
Business Services
(805) 893-4440
http://www.busserv.ucsb.edu
Human Resources
(805) 893-3166
http://hr.ucsb.edu/
References IV - 73
Guidelines for Financial Management References
Office of the Controller rev. 2/02
Office of Research
(805) 893-4188
http://research.ucsb.edu/
References IV - 74
Guidelines for Financial Management References
Office of the Controller rev. 2/02
Policies
References IV - 75
Guidelines for Financial Management References
Office of the Controller rev. 2/02
UC Business and Finance Bulletin BUS - 29, Management and Control of University
Equipment
http://www.ucop.edu/ucophome/policies/bfb/bus29.html
UC Business and Finance Bulletin BUS - 34, Securing the Services of Independent
Consultants
http://www.ucop.edu/ucophome/policies/bfb/bus34.html
UC Business and Finance Bulletin BUS - 49, Policy for Handling Cash and Cash
Equivalents
http://www.ucop.edu/ucophome/policies/bfb/bus49toc.html
UC Business and Finance Bulletin G - 28, Policy and Regulations Governing Travel
http://www.ucop.edu/ucophome/policies/bfb/g28toc.html
UC Information Practices and Conflict of Interest and the Political Reform Act
Disqualification Requirements brochure published by UCOP, 7/1/99
http://www.ucop.edu/ogc/coi/econinterest.html
References IV - 77
Guidelines for Financial Management Index
Office of the Controller rev. 2/02
Index
A H
accountability 1 hardware 10, 11
accounts payable 31, 33, 61 Honoraria 60, 61
analysis 10
asset 17, 57
audit 25
I
implementation 10
B income tax 23
insurance 35, 57
benefits 17 Internal Control 27, 29
budget 13, 18, 31 inventory 18, 23, 31, 55, 57, 58
budgeting See budget
Business Services 35, 49
Business Travel & Moving Expenses 38
L
low value authorization 22, 69
C
cash 17, 28, 31, 45, 46, 47, 48
M
cash equivalents See cash mission 13
cash management 15, 21 monitoring 8, 15, 30
cash receipts 31, 45, 46, 47, 48 moving expenses 42
checks See cash
commodity agreement 22
Common Audit Findings 31 O
Computing Environment 9 Office of Management and Budget (OMB) 20
Conflict of Interest 5, 6
connectivity 11
contractors 22 P
control environment 27, 29
payroll 31, 60, 64, 65, 66, 67
Control Principles 28
post-authorization review 8
COSO 29
preparer 1, 2
project initiation 10
D purchase order 69
purchasing 6, 22, 49, 57, 69, 71
Data Integrity 7, 8
Department Security Administrator (DSA) 1
disallowances 19, 26 R
disbursements 33
reconciliation 8, 28, 33, 35, 43, 45, 47, 49, 53, 54,
documentation 28
56, 60, 61, 64, 66
record retention 21
E regulatory compliance 19
revenue 15, 20
EIMR 54, 55, 56, 57 reviewer 2
entertainment 41, 49, 51, 52, 53 risk assessment 29
equipment 23, 28, 31, 55, 56, 57, 58, 75 risks 17
expenses 20
S
F
safeguard 14
Fair Political Practices Commission Form 700 - sales tax 24
Statement of Economic Interest 5 sampling 16
financial management 7, 13 security 11, 28, 45, 46, 54, 55, 56, 64, 66, 73, 74,
financial reporting 19 75, 76
financial system 8 separation of duties 2, 28, 30, 31, 33, 45, 54, 64,
fraud 25, 27 69, 70
fraudulent See fraud signature authorization 32
software 10, 11
Statement of Economic Interest 5
Index V -78
Guidelines for Financial Management Index
Office of the Controller rev. 2/02
Index V -79