As a public institution, WSU has a responsibility to maintain strong internal controls to prevent and detect fraud and safeguard university resources. The transition to Workday with electronic business processes and approvals has allowed the university to adapt to the hybrid work environment. Transactions can now be seamlessly initiated, reviewed, and approved whether an employee is working on campus or remotely. Even with these capabilities, internal controls must still be considered and continuously evaluated.
A few reminders:
- Segregation of Duties (SoD) – custody, record keeping, reconciliation, and authorization for functions such as receipting, disbursements, procurement and payroll should be segregated as much as possible.
- Workday Security Roles – assignment of security roles within your area should allow for adequate SoD. Periodically review key Workday roles to ensure they are adequate, and none are left unassigned due to employee turnover.
- Business Asset security – university assets, especially small and attractive assets such as laptops, should be tagged and assigned. All employees, regardless of work location, are responsible to account for all equipment assigned to them.
- Data and Records – university data and records are university property and must be safeguarded and maintained in accordance with university Executive Policy #8.
For internal control help, contact Office of Internal Audit @ ia.central@wsu.edu or 509‑335‑5336.
