Control Environment

Self Assessment of Internal Control Questionnaire

**Documents are supplied in PDF format and require the free Acrobat Reader for viewing or printing. If you need an alternate format, please contact us via email or phone (207-626-8420).

Objectives and Risks
Objectives Risks
Management attitude recognizes the importance of and commitment to the establishment and maintenance of a strong system of internal control as communicated to employees through actions and words. Employees unaware of internal control.

Lack of approved policies and procedures to be followed by personnel.
Organizational structure units are clearly defined to perform the necessary functions and determine that appropriate reporting relationships have been established. Organization chart will not be current.

Employees unaware of reporting relationship in the organizational structure.

Duplication of functions by units.
Personnel are qualified and properly trained for the functions in order for control and procedures to operate in the manner intended.Personnel not qualified to perform tasks assigned.

Personnel not qualified to perform tasks assigned.

Personnel not adequately trained.

Lack of continuing education for personnel.

Job descriptions not coordinated with actual job performances.
Delegation of authority or limitation of authority exists to provide assurances that responsibilities are effectively discharged. One employee controls all phases of a transaction.

Management goals are not communicated to staff employees.

Duplication of functions by employees.
Policies and procedures that are documented provide a basis for reviews, follow-up evaluations and audits. Functions are not performed uniformly among units.

Statutory requirements not being met.

Lack of support for functions and transactions performed.
Budgetary and reporting practices provide benchmarks by which management can measure accomplishments. Management does not have guidelines to measure performance.

Management can not communicate expectations to the organizational units.

Unusual transactions or events will not be detected.

Management can not determine if goals are being achieved.
Organizational checks and balances provide authority for certain functions that minimize the potential for waste, loss or misuse of assets. These functions will not perform their responsibilities; therefore the potential for waste, fraud and abuse is present.