Control Self-Assessment

To enhance the university's corporate governance, during 2008, the University's Risk Management Unit intends to pilot a new program to ensure that administrative functions performed by departments are being properly controlled.

In order to achieve this objective in a cost-effective manner, control questionnaires will be developed for joint completion by Heads of Divisions, Faculties, Directors, Associate Directors, Heads of School and/or managers of departments. The despatch and responses to these questionnaires will be facilitated using the University's new Enterprise Risk Management System.

It is envisaged that the implementation of these questionnaires will significantly reduce the time required to inspect the department's activities thereby minimising the amount of disruption caused by an audit.

What is control self-assessment?

CSA is a process of examining internal control effectiveness and identifying opportunities for improvement through assessment of the risks and controls within the area by staff within the area. The process can assist management to identify the areas of risk, assess the effectiveness of existing controls and if necessary implement additional or improved controls to overcome any identified deficiencies.

An advantage of Control Self Assessments is that risk assessments and internal control evaluations are performed by employees working in the area being evaluated rather than by internal audit.

Internal Audit resources are limited and not all areas can be reviewed every year. CSA's help management and Internal Audit gain assurance that there is a robust system of internal controls which minimise the likelihood and severity of risks within the particular area. They can also assist Audit to understand the operations, risks and controls within particular areas and to focus auditing resources based on risk.

The effectiveness and benefits of CSAs can only be achieved through commitment to and engagement in the process from faculties and divisions of the University.