New York State Comptroller


Home > ICTF Home
About DiNapoli Newsroom Unclaimed Funds Retirement Members Retirees Employers Planning Contact Us FAQ Publications Forms Change of Address About Us Site Map Consultation Sites Related Links Pension Fund Disclosure of Investments & Transactions Pension Reforms Fiduciary Responsibilities of Comptroller Comprehensive Annual Financial Reports Pension Fund Overview Investments Overview Audits & Publications Audits Reports NYC Financial Reports Retirement Publications State Finances Local Government Legal Opinions State Finances Debt Management Cash Management State Agencies State Payroll Services FOCAS Project Vendor Responsibility Travel Information Agency Financial Reporting Outreach Program Public Authorities What is a Public Authority Reports on Public Authorities View Data on Individual Public Authorities Public Authority Regulations Public Authorities Reporting Information System - PARIS Local Government Audits Cost-Saving Ideas Financial Data Local Government Leadership Institute Publications Required Reporting Research Reports Training NYC Oversight Vendors ePayments FOCAS Project Payment Information Query Procurement Protests Vendor Responsibility OSC Procurements Open Procurements Single/Sole Source Procurements M/WBE Information Personal Service Reporting Investigations Legal Opinions Oil Spill Fund College Savings Working Here Contact Us	Internal Control Task Force
	Tools & Resources Articles and Information Standards for Internal Control in NYS Government In accordance with the Internal Control Act, the NYS Standards provide guidance to State agencies on the definition and purpose of internal control. These standards provide the overall framework for establishing and maintaining internal control and for identifying and addressing major performance challenges and areas at greatest risk for fraud, waste, abuse, and mismanagement. Internal Control - Integrated Framework (COSO) This landmark document of the Treadway Commission defines the fundamental components and purposes of internal control. COSO is the source document for the federal and NYS standards for Internal Control. International Standards for the Professional Practice of Internal Auditing Provide guidance for the conduct of internal auditing at both the organizational and individual auditor levels. The Standards describe the nature of internal audit activities, key components of a charter and an annual plan of activities, ways of conducting an engagements and communicating results, and criteria for evaluating the performance of the services. GAO Standards for Internal Control in the Federal Government Provides a framework that incorporates the increasing use of information technology to carry out critical government operations, recognizes the importance of human capital, and incorporates, as appropriate, the relevant updated internal control guidance developed in the private sector (COSO). Control Objectives for Information and Related Technology (COBIT) Developed as a generally applicable and accepted standard for good Information Technology (IT) security and control practices, providing a reference framework for management, users, and IS audit, control and security practitioners. Cadbury - The Financial Aspects of Corporate Governance Focuses on the control and reporting functions of boards and on the role auditors play in ensuring good corporate governance as a whole. King Report on Corporate Governance (King II) King II expands the scope of good governance by advocating an integrated approach to corporate governance in the interest of a wide range of stakeholders – embracing the social, environmental and economic aspects of a company's activities. Relevant Laws, Guidelines, Regulations and Technology Policies for Cyber Security A list of various sources of laws, regulations, technology policies and guidelines intended to assist State agencies. Turnbull - Internal Control: Guidance for Directors on the Combined Code Published by The Institute of Chartered Accountants in England & Wales, Turnbull provides guidance on what makes an effective internal control system. Larry Hubbard's Presentation on Enterprise Risk Managment from the 2005 Leadership and Accountability Conference COSO's new Enterprise Risk Management framework provides entities with key principles and concepts, a common language, and clear direction and guidance to effectively identify, assess and manage risk. Evaluation Tools GAO Internal Control Management and Evaluation Tool This Management and Evaluation Tool is based upon GAO's Standards for Internal Control in the Federal Government. Its purpose is to assist agencies in maintaining or implementing effective internal control and to help determine what, where, and how improvements can be implemented. DOB Manager's Guide - Testing Compliance with Internal Control Requirements The Manager's Guide describes a suggested testing process. It assumes that the manager has already executed the evaluation portion of the internal control review (i.e. evaluating the adequacy of procedure design) and is now ready to determine the degree to which procedures are actually being followed. OSC Bulletins Accounting Bulletins (A) (A) Bulletins are issued to state agencies to provide updates to OSC policies and procedures for accounting related issues. Contract and Expenditure Bulletins (G) (G) Bulletins are issued to state agencies to provide updates to OSC policies and procedures for contract and expenditure related issues. Federal Bulletins OMB A-123 Management's Responsibility for Internal Control Professional Organizations Institute of Internal Auditors (IIA) Association of Government Accountants (AGA) European Corporate Governance Institute (ECGI) Information Systems Audit and Control Association (ISACA) New York State Internal Control Association (NYSICA) NYS Office of Cyber Security & Critical Infrastructure Coordination (CSCIC) The Canadian Institute of Chartered Accountants (CICA) State Agencies NYS Division of Budget (DOB) NYS Office of the State Comptroller (OSC) Federal Agencies Government Accountability Office	Laws, Rules & Regulations Tools & Resources Work Groups Email ICTF