Faculty Handbook

SUNY College of Optometry

Faculty Handbook 2022-23

INTERNAL CONTROL AND ENTERPRISE RISK MANAGEMENT Reviewed May 2019

Purpose: The New York State Governmental Accountability, Audit and Internal Control Act, [Act] Chapter 510 of the Laws of 1999, requires that all state agencies institute a formal internal control program. This system of internal controls is designed to assure that the University and its campuses meet their mission, promote performance leading to effective accomplishment of objectives and goals, safeguard assets, check the accuracy and reliability of financial and other key data, promote operational efficiency and economy, and achieve adherence to applicable laws, regulations, guidelines, and prescribed managerial policies, procedures, and practices. Further, on June 16, 2015, SUNY’s Enterprise Risk Management Program took effect. This program recognizes that SUNY (and its campuses) is subject to a number of risks including strategic, financial, operational, compliance and reputational and is committed to implementing and utilizing an ERM Program for identifying, assessing and managing risks and opportunities to effectuate the achievement of the University’s goals and objectives. Reporting link: The Committee reports to the Vice President for Administration and Finance, who is the campus Internal Control Officer and an ex officio member. An Assistant Internal Control Officer and the Chair of the IC & ERM Committee are appointed by the Vice President for Administration and Finance. Membership: • Members are appointed by the Vice President for Administration and Finance, upon being nominated by the Internal Control Officer, should that be a different individual. • Members represent all major areas of the College. • Because of the nature of the Committee's work and the value of experience in implementing internal control procedures, the term of appointment is ongoing Specific Functions: As outlined in the Division of the Budget, Budget Policy and Reporting Manual Item B-350, the University is required, among other things, to maintain a program of internal control review. The IC & ERM Committee's purpose is to: • Maintain a structured, continuing and well documented system to identify internal control weaknesses. • Identify actions needed to correct weaknesses, monitor implementation of necessary corrective actions. • Periodically assess the adequacy of campus internal controls. The President of the College is expected to certify to the SUNY Chancellor (who certifies to the NYS Division of the Budget) each year that the campus is in compliance with the Act and, if not, offer detailed plans for compliance. In addition, annual certification is required under the Office of the State Controller Accounts Payable Advisory 28 as to the adequacy of internal controls over the payment process and one additional area of risk selected annually. Further, in June of 2014, the SUNY Board of Trustees revised the SUNY Internal Control Program to include the standards of the Committee on Sponsoring Organizations of the Treadway Commission (COSO). COSO standards embody 5 components and 17 principles that provide a framework for an organization’s compliance and internal control activities.

Decision-making: Decisions regarding recommendations are made by a majority vote of the members present.

113