Key controls prevent financial error
A key control is an action your department takes to detect or prevent errors and fraud in its financial statements. Your department should already have key financial review and follow-up activities in place.

Documenting key controls is critical
Departments are required to provide documented evidence that internal control activities are being performed on a regular basis as prescribed by SAS 112.

Your department’s key controls must be documented to demonstrate that review and follow-up activities were actually performed. If your department can’t provide documentation to auditors, it's as if key controls haven’t been done.

For example, a department may in fact review its operating ledger activity — but may not retain any documentation noting that this has occurred. Documentation provides evidence that your department is enacting proper controls.

Use this tool to document your department's key controls
Below is a tool endorsed by the Controller’s office and Audit and Advisory Services. It charts monthly, quarterly, and annual key control activities, and its checklist provides “evidence of review.” Use the tool to document that your department's key controls have been completed:

• UCSD Department Key Controls Documentation (PDF) (Word file)

Who’s responsible for key controls and their documentation?

• Business officers and department heads: You must certify that key control functions are properly and regularly performed.
• Department Managers (or delegated staff): You are required to review the key controls for your unit to ensure they are completed on a monthly basis or as specified in the checklist. Then initial and date the checklist to document completion of individual steps.

Questions? Contact Debbie Rico, (858) 822-2797.