Division of Financial Services
University Controller
In the context of internal controls, paper or electronic documentation that supports completing the transaction lifecycle is satisfactory documentation. For these purposes, adequate documentation is anything that provides sufficient and appropriate evidence of (1) a transaction, (2) who performed each action pertaining to a transaction, and (3) the individuals in the process had proper authority to perform such activities. Proper documentation provides evidence of what has transpired and information for researching discrepancies. The office responsible for each financial system of record or exchange will establish and communicate minimum documentation and system change-management standards.
Documentation provides a record of each event or activity and helps ensure that transactions are accurate and complete. Transaction types can include expenses, revenues, inventories, personnel records, and others. Supporting documentation may come in paper or electronic form. In some instances, electronic processing and approval data are the source documents for transactions.
Well-designed documents help ensure the proper recording of transactions. Whenever possible, consider using standard forms or templates consistently.
Control Example: Advances in online applications affords fast and efficient ways to access supporting documentation in a standardized format. In other areas, wherever possible, using templates provides the same benefits. Consider creating templates for activities such as:
Documents that are used to support university business transactions are university property, not the personal property of employees.
Control Example: Whenever possible, do not allow employees to take university-owned records home. If business needs require university records to be taken home, communicate to employees their responsibilities for keeping documents secure, particularly those containing personal information. This is particularly important to communicate to employees that have telecommuting agreements.
Changes made after a document is approved should be clear and concise.
Control Example: Use attachments or notes to document the reasons for corrections or adjustments to any records. Make the time and date and the approval of these changes clear and evident. In many cases, systems will leave an audit trail of any changes and approvals.
Establish a method to avoid duplicate processing, especially for transactions that result in payments to individuals, such as payroll, petty cash, and travel reimbursements.
Control Example: Develop a way to check for duplicate payments during the course of processing and approving transactions, including payroll, petty cash and travel reimbursements. Create an environment in which payroll, petty cash reimbursements, and travel reimbursements are processed in a timely manner. Lengthy processing delays create opportunities for duplicate payments that go undiscovered. Look closely at all late entries and watch for double payment submissions. Some examples of likely duplicates include late timecards, extremely late petty cash requests, and travel expenses submitted for reimbursement at a later time separate from the rest of the trip.
Retention policies exist for all types of supporting documentation. Always keep documents for the appropriate retention period and no longer.
Control Example: Establish a process for purging documents that have reached the end of their retention period. Document who is responsible for purging documents and when and how each record type should be purged. Be aware of record retention responsibilities. For information on required retention periods and responsibilities, see University Policy 4.7, Retention of University Records.
