Title: OACR audit focus
Full Citation
Permanent Link: http://ufdc.ufl.edu/UF00087344/00033
 Material Information
Title: OACR audit focus
Physical Description: Serial
Language: English
Creator: Office of Audit & Compliance Review, University of Florida
Publisher: Office of Audit & Compliance Review
Place of Publication: Gainesville, Fla.
Publication Date: December 2010
 Record Information
Bibliographic ID: UF00087344
Volume ID: VID00033
Source Institution: University of Florida
Holding Location: University of Florida
Rights Management: All rights reserved by the source institution and holding location.

Full Text

(A/R Audit Focus

quarterly newsletter from the Office of Audit & Compliance Review

Brian D. Mikell, Chief Audit Executive December 2010

The Office of Audit and Compliance Review periodically distributes a Control Self Assess-
ment (CSA) questionnaire to university units. The purpose of the questionnaire is to help
units understand and evaluate their internal control environment and risks. A good inter-
nal control system helps ensure that:
Resources are safeguarded against waste, loss, and misuse
Resources are used in accordance with laws, regulations, and policies
Reliable data is obtained, maintained, and accurately presented in reports
This questionnaire serves as a guide to help departments manage important controls
within their units. The responses from the questionnaire will allow our office to evaluate
the effectiveness of internal controls for the entire university. The CSA questionnaire will
be distributed to units in January. If you would like to learn more about the CSA or to
review a sample of questions please visit our website at http://oacr.ufl.edu/CSA.html.

Does your unit accept credit card payments? If so, it must comply with the Payment Card
Industry (PCI) Data Security Standards (DSS). The PCI DSS, a set of comprehensive re-
quirements for enhancing payment account data security, was developed by the credit
card industry to assure consumers that their transactions were reliable and secure.
Credit card merchants at the University of Florida are required to follow strict procedures
to protect customers' credit card data and must prove compliance by completing an an-
nual self-assessment questionnaire as well as a training session or workshop. These direc-
tives apply to all types of credit card activity (storage, processing and transmission of card
information), including transactions processed face-to-face, over the phone, via fax, mail
or the Internet. Security breaches can result in serious consequences for the university,
including release of confidential information, damage to reputation, added compliance
costs, the assessment of substantial fines and possible legal liabilities.

Approval from the University Controller's Office is required before a credit/debit card mer-
chant account can be established. Treasury Management coordinates all applications to
create merchant accounts or to make changes to an existing account. Contact the Credit
Card Coordinator at (352) 392-9057 for more information, or you may review the
University of Florida Merchant Credit Card Policy (PDF).

Aurymar Rodrig uez-Delancey joined OACR on October 1 as a staff
auditor. Aurymar previously worked as an accountant in an adver-
tising firm in Puerto Rico. She is a graduate of UF's College of
Health and Human Performance, where she received her bachelor's
degree from the Department of Tourism, Recreation, and Sports
Management. She received an M.B.A. degree, specializing in ac-
counting, from Universidad Metropolitana in Puerto Rico. Aurymar
assists in planning audits and internal control reviews. Please join
us in welcoming Aurymar to our staff.

us in welcoming Aurymar to our staff.

University of Florida Home Page
© 2004 - 2010 University of Florida George A. Smathers Libraries.
All rights reserved.

Acceptable Use, Copyright, and Disclaimer Statement
Last updated October 10, 2010 - Version 2.9.9 - mvs