University Audit

Purchases and Payroll

Examples of controls to reduce the risk of fraud or inappropriate purchases:

  • Management reviews the PeopleSoft transaction details report for the vendors paid and reasonableness of amounts at least monthly. Actual PeopleSoft reports, rather than spreadsheets should be reviewed since someone could purposefully omit data from a spreadsheet.
  • PeopleSoft passwords are not shared.
  • Duties are separated so that at least two persons are involved in any purchase.
  • Purchase contracts are approved by General Counsel. The unit monitors contract performance to make sure agreed-upon goods and services are received.
  • Persons approving invoices have personally verified that the items or services were received.
  • PCards are secured and not shared.
  • PCard purchase receipts are signed by both the cardholder and an approver.
  • Employees do not purchase from their own or family member's business.
  • Background checks are performed by Human Resources.
  • The unit timely submits Personnel Action Forms when employees leave.

Click on the links below for examples of controls to mitigate risk:

Back to Risks & Controls