Return to CHAPTER 20


state seal 20.20
Control Environment

20.20.10

July 1, 2017

Control environment overview
 

The control environment is the set of standards, processes, and structures that provide the foundation for carrying out internal control across the agency. The agency head together with those charged with governance and agency management set the tone at the top regarding the importance of internal control and expected standards of conduct.

Management reinforces expectations at all levels of the agency. The control environment has a pervasive impact on the overall system of internal control.

20.20.20

July 1, 2017

Control environment principles
 

There are five principles relating to the control environment.

  1. The agency head together with those charged with governance and agency management demonstrate commitment to integrity and ethical values.
  1. Those charged with governance oversee the development and performance of internal control.
  1. Management establishes structures, reporting lines, and appropriate authorities and responsibilities in pursuit of objectives.
  1. Management demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives.
  1. Management holds individuals accountable for their internal control responsibilities in the pursuit of objectives.

20.20.30

July 1, 2017

Management’s role in the control environment
 

Management is very influential in determining the control environment and influencing the control consciousness of agency employees. A system of internal control is likely to function well if management believes that controls are important and communicates that view to employees at all levels. Conversely, a system of internal control is likely to be ineffective if management does not believe the controls are important or if management communicates a negative view of controls to employees.

Management influences the control environment through their integrity and ethical values, commitment to competence, philosophy and operating style, design of the organizational structure, assignment of authority and responsibilities, and human resource policies and practices.

Management also influences the control environment through communication of the agency’s values and behavioral standards to employees. This can be done by setting a good example, showing a positive attitude toward internal control, displaying and following a formal code of conduct, communicating other agency policies and procedures, taking swift and appropriate disciplinary action in response to policy departure, and maintaining clear and updated job descriptions.

20.20.40

July 1, 2017

Principle 1 – Demonstrates commitment to integrity and ethical values
 

The agency head together with those charged with governance and agency management demonstrate commitment to integrity and ethical values. The following points of focus highlight important characteristics relating to this principle:

  • Set the tone at the top and throughout the agency – The agency head together with those charged with governance and agency management at all levels of the agency demonstrate through their directives, actions, and behavior the importance of integrity and ethical values to support the functioning of the system of internal control.
  • Establish standards of conduct – The expectations of the agency head together with those charged with governance and senior management concerning integrity and ethical values are defined in the agency’s standards of conduct and understood at all levels of the agency.
  • Evaluate adherence to standards of conduct – Processes are in place to evaluate the performance of individuals and teams against the agency’s expected standards of conduct.
  • Address deviations in a timely manner – Deviations of the agency’s expected standards of conduct are identified and remedied in a timely and consistent manner.

20.20.50

July 1, 2017

Principle 2 – Exercises oversight responsibility
 

Those charged with governance oversee the development and performance of internal control. The following points of focus highlight important characteristics relating to this principle:

  • Determine an oversight structure – Those charged with governance determine an oversight structure to fulfill responsibilities set forth by applicable laws and regulations, relevant government guidance, and feedback from key stakeholders.
  • Provide oversight – Those charged with governance oversee management's design, implementation, and operation of the agency’s internal control system.
  • Provide input for remediation – Those charged with governance give input to management's plans for remediation of deficiencies in the internal control system as appropriate.

20.20.60

July 1, 2017

Principle 3 – Establishes structures, reporting lines, authorities, and responsibilities
 

Management establishes structures, reporting lines, and appropriate authorities and responsibilities in pursuit of objectives. The following points of focus highlight important characteristics relating to this principle.

  • Establishes the organizational structure – Management establishes the organizational structure that enables the agency to achieve its objectives and address related risks.
  • Establishes reporting lines – Management designs and evaluates lines of reporting to enable execution of authorities and responsibilities and flow of information to manage the activities of the agency.
  • Assigns responsibility and delegates authority – To achieve the agency’s objectives, the agency head assigns responsibility and delegates authority to key roles throughout the agency. A key role is a position in the organizational structure that is assigned an overall responsibility of the agency. Generally, key roles relate to senior management positions within an agency.

20.20.70

July 1, 2017

Principle 4 – Demonstrates commitment to competence
 

Management demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives. The following points of focus highlight important characteristics relating to this principle:

  • Establishes policies and practices – Management develops policies and practices that reflect expectations of competence necessary to support the achievement of objectives.
  • Evaluates competence and addresses shortcomings – Management evaluates competence of agency employees and of outsourced service providers in relation to established policies and practices, and acts as necessary to address shortcomings. Those charged with governance evaluate competence of management.
  • Attracts, develops, and retains individuals – Management provides the mentoring and training needed to attract, develop, and retain employees to support achievement of objectives.
  • Plans and prepares for succession – Management develops contingency plans for assignments of responsibility important for internal control.

20.20.80

July 1, 2017

Principle 5 – Enforces accountability
 

Management holds individuals accountable for their internal control responsibilities in the pursuit of objectives. The following points of focus highlight important characteristics relating to this principle:

  • Enforces accountability through structures, authorities, and responsibilities – Management establishes the mechanisms to communicate and hold individuals accountable for performance of internal control responsibilities across the agency.
  • Establishes expectations and evaluates performance – Management establishes expectations appropriate for and evaluates performance related to internal control responsibilities.
  • Considers excessive pressures – Management evaluates and manages pressures associated with the achievement of objectives when assigning responsibilities, developing expectations, and evaluating performance.

Click here if you would like to print a PDF Version of this document.
Return to CHAPTER 20