Internal Control Task Force
Tools & Resources
Articles and Information
- Standards for Internal
Control in NYS Government
In accordance with the Internal Control Act, the NYS Standards provide guidance to State agencies on the definition and purpose of internal control. These standards provide the overall framework for establishing and maintaining internal control and for identifying and addressing major performance challenges and areas at greatest risk for fraud, waste, abuse, and mismanagement.
- Internal Control - Integrated Framework (COSO)
This landmark document of the Treadway Commission defines the fundamental components and purposes of internal control. COSO is the source document for the federal and NYS standards for Internal Control.
- International Standards for the Professional Practice of Internal Auditing
Provide guidance for the conduct of internal auditing at both the organizational and individual auditor levels. The Standards describe the nature of internal audit activities, key components of a charter and an annual plan of activities, ways of conducting an engagements and communicating results, and criteria for evaluating the performance of the services.
- GAO Standards for Internal Control in the Federal Government
Provides a framework that incorporates the increasing use of information technology to carry out critical government operations, recognizes the importance of human capital, and incorporates, as appropriate, the relevant updated internal control guidance developed in the private sector (COSO).
- Control Objectives for Information and Related Technology (COBIT)
Developed as a generally applicable and accepted standard for good Information Technology (IT) security and control practices, providing a reference framework for management, users, and IS audit, control and security practitioners.
- Cadbury - The Financial Aspects of Corporate Governance
Focuses on the control and reporting functions of boards and on the role auditors play in ensuring good corporate governance as a whole.
- King Report on Corporate Governance (King II)
King II expands the scope of good governance by advocating an integrated approach to corporate governance in the interest of a wide range of stakeholders – embracing the social, environmental and economic aspects of a company's activities.
- Relevant Laws, Guidelines, Regulations and Technology Policies for Cyber Security
A list of various sources of laws, regulations, technology policies and guidelines intended to assist State agencies.
- Turnbull - Internal Control: Guidance for Directors on the Combined Code
Published by The Institute of Chartered Accountants in England & Wales, Turnbull provides guidance on what makes an effective internal control system.
- Larry Hubbard's Presentation on Enterprise Risk Managment from the 2005 Leadership and Accountability Conference
COSO's new Enterprise Risk Management framework provides entities with key principles and concepts, a common language, and clear direction and guidance to effectively identify, assess and manage risk.
- GAO Internal Control Management and Evaluation Tool
This Management and Evaluation Tool is based upon GAO's Standards for Internal Control in the Federal Government. Its purpose is to assist agencies in maintaining or implementing effective internal control and to help determine what, where, and how improvements can be implemented.
- DOB Manager's Guide - Testing Compliance with Internal Control Requirements
The Manager's Guide describes a suggested testing process. It assumes that the manager has already executed the evaluation portion of the internal control review (i.e. evaluating the adequacy of procedure design) and is now ready to determine the degree to which procedures are actually being followed.
- Accounting Bulletins (A)
(A) Bulletins are issued to state agencies to provide updates to OSC policies and procedures for accounting related issues.
- Contract and Expenditure Bulletins (G)
(G) Bulletins are issued to state agencies to provide updates to OSC policies and procedures for contract and expenditure related issues.
- Institute of Internal Auditors (IIA)
- Association of Government Accountants (AGA)
- European Corporate Governance Institute (ECGI)
- Information Systems Audit and Control Association (ISACA)
- New York State Internal Control Association (NYSICA)
- NYS Office of Cyber Security & Critical Infrastructure Coordination (CSCIC)
- The Canadian Institute of Chartered Accountants (CICA)