Agency Risk Management & Internal Controls Standards
Definition of Terms
Common terms found in ARMICS:
Assessments: Templates created by the Department of Accounts utilized to determine the University’s internal control standards. These assessments will include references to documented policies and procedures.
Best Practice: a way or method of accomplishing a business function or process that is considered to be superior to all other known methods.
Internal Control: Ongoing process led by an agency head to design and provide reasonable assurance that these types of objectives will be achieved:
- Effective and efficient operations
- Reliable financial reporting
- Compliance with applicable laws and regulations
- Safeguarding of assets
- Control Environment ~ the agency’s “corporate culture,” showing how much the agency’s leaders value ethical behavior and internal control.
- Risk Assessment ~ the process of analyzing potential events determining what impact they may have on achieving agency objectives.
- Control Activities ~ policies and procedures established and implemented to help ensure that risk responses are effectively completed.
- Information and Communication ~ identifying, capturing and communicating relevant information in a form and timeframe that enables people to carry out their responsibilities.
- Monitoring ~ the process of assessing the presence and functioning of internal control components and making continuous improvements.
- Consume a proportionally large share of agency resources;
- Have a high-degree of public visibility;
- Represent areas of concern and high risk to mission-critical business processes for agency managers and stakeholders, or;
- Have a significant affect on general ledger account balances.
Please email any questions regarding the ARMICS implementation to .