U of T Home Internal Audit U of T Home Office of the President Login

 > Internal Audit > FAQ

FAQ

Do I need to obtain quotes for an expense of $5,000 or more if it's for a hotel or restaurant?
Yes and a purchase order is also required. The Procurement Policy requirements for quotes and purchase orders apply regardless of what the purchase is for (e.g. functions at hotels, restaurants, conference centres, golf courses, etc.).

Quotes are essential to obtain competitive pricing and ensure the University receives the best value for money. In cases where a vendor is the only source for a required specialized product or service valued at $25,000 or more, the purchaser should complete a Sole Source Form (PDF) and submit it to the Procurement Services Department for approval in advance of placing an order.

In addition, purchase orders should be generated for all purchases of $5,000 or more. We recommend that a signed, written agreement be generated in addition to the PO where additional details, terms and/or indemnifications are appropriate. PO's are valuable for many reasons including encumbrance of funds in FIS and creation of records in the purchasing system database for management reporting purposes.

If further clarification is required for this or any other purchasing issue, please contact the Procurement Services Department.


Is it okay for the department head to delegate approval responsibility to me?
A department head may delegate signing authority to an appropriate level subject to the following provisions:

Delegation of signing authority should be documented in writing and include details limiting the transaction types and dollar amounts. Delegation details should be reviewed by the unit head at least annually.

Signing authority may not be delegated to an individual where it undermines the underlying review process and/or segregation of incompatible duties (e.g. authorizing one’s own petty cash reimbursements).

The authorization for some transactions may not be delegated (e.g. expense reimbursements, accountable advances, travel expenses (regardless of how they are paid) and any items restricted by sponsors).

In addition, the department head may not delegate the responsibility for reviewing the AMS Statement of Accounts and/or Management Reports and the Payroll Distribution Report each month.


What are (internal) controls?
See the Controls page.

How do I know when I may pay someone as a contractor instead of an employee?
Determination of the employment versus nonemployment relationship can be complex. In cases where an employment relationship exists, payments to the individual must be processed through payroll. Failure to do so exposes the University to the risk of liabilities to the Canada Revenue Agency for withholding taxes, statutory deductions, fines and penalties. For guidance in determining the appropriate payment method, please see the University Income Tax Guide (PDF). Further assistance is available by contacting Human Resources.

What is 'segregation of incompatible duties'?
Segregation of incompatible duties is a control element designed to prevent errors and irregularities. At a minimum, individuals should not have responsibility for all three components of a transaction cycle: initiation, processing and reconciliation/review. Where staffing levels permit, it is preferable to segregate all three components.

What's wrong with a locally maintained accounting system?
There is a risk that information from a locally maintained accounting system (which may be based on an accounting software package, an Excel spreadsheet, an Access database, or a manual ledger/journal/register) may not be properly entered in the University’s systems (AMS, HRIS, ROSI, etc.) and could, therefore, lack the appropriate disclosure, approval, review and reconciliation. In addition, where information is entered in both systems there is a duplication of effort.

Before establishing a locally maintained accounting system, the Financial Advisory Services & Training (FAST) Team should be contacted for advice. Where a locally maintained accounting system is determined to be necessary, it should be reconciled at least monthly to the appropriate University system by someone independent of local system maintenance. In addition, the unit head should be aware of the details of the local system and the justifications for its use.


Are there any restrictions on personal use of air miles earned from the Amex Travel Card?
Although there is currently no specific policy statement to address the disposition of Air Miles reward miles earned through the use of University Travel Cards, the policies and procedures guiding travel expenditures are applicable.

Air Miles reward miles earned through the use of a University Travel Card are preferably remitted towards future University business-related travel; however, presently they may also be remitted for personal use at the cardmember's discretion.

The decision to use a University Travel Card as the method of payment should never be based on earning Air Miles reward miles for personal benefit. The University Travel Card is issued for the purpose of financing the cardmember's own travel expenses for University-approved business only and, as such, should be selected as the preferred payment method based on the principles of cost-effectiveness and efficiency for the University. Payment method decisions based on generating a personal benefit represent a conflict of interest and are therefore not permitted.


How often do you audit departments?
There is no hard and fast answer to this question because the Department uses a risk-based approach to develop the Annual Audit Plan. The result is that some departments are audited more frequently than others. This risk-based approach includes an annual, University-wide risk assessment that considers such factors as the time since the last audit and significance of findings that resulted, size of the annual budget and revenue streams, complexity of operations, emphasis on internal controls, external compliance requirements (e.g. from funding sources) and level of exposure to public opinion. In general, the higher the degree of identified risks, the more often a department will be audited. Occasionally, departments may also be selected for an audit by special request of the department head or a senior University official.

In general, large departments that manage significant risks can expect to be audited approximately every four to five years.


How far back do you look during audits?
The general scope period for departmental reviews includes account activity during the most recent six to twelve months. The scope period is determined with the objective of providing results that are relevant and timely. However, it is often necessary to extend the scope period for specific accounts or transactions to facilitate a reasonable and objective examination of activities and provide results that are informed and accurate. This is done where appropriate to review infrequent but recurring transactions, assess annual budgeting practices, identify patterns, etc.

The scope period for special reviews is flexible and depends on the objectives of a given review and the depth of examination required to satisfy these objectives.


May we keep miscellaneous cash income in our own bank account as long as we open it in the name of the University of Toronto?
All revenues should be deposited in whole with the University cashiers and recorded appropriately in FIS. In those cases where a department is unable to safely deposit funds with central cashiers, Financial Services should be contacted for assistance with establishing an armoured car pickup service or a transit account for deposit only with a local branch of the University's bank.

Any bank account that is opened in a name that includes the University's name must be pre-authorized by the Chief Financial Officer (see Policy on the Use of the University of Toronto Name).


Last updated: April 25, 2007