Risk Assessment and Internal Control Plan

President's Message

May 15, 2013

To the Salem State University Community,

In accordance with Chapter 647 of the Acts of 1989, we present Salem State University’s Risk Assessment and Internal Control Plan.

Chapter 647 of the Acts of 1989, An Act Relative to Improving Internal Controls within State Agencies, establishes the minimum level of quality acceptable for the Internal Control System in operation throughout State departments, agencies and colleges. The Office of the State Auditor and the Office of the State Comptroller are legislatively mandated to enforce this State law. The internal control process has five components; control environment, risk assessment, control activities, information and communication, and monitoring. Managers must develop internal controls for each activity for which they are responsible. The internal controls exercised over individual activities, when taken collectively, become the internal controls of the program or administrative function of which they are a part. The internal controls for each of a department’s programs and administrative functions, when combined with overall department controls, comprise the university’s internal control documentation. This documentation or a high level overview describing, referencing and summarizing the documentation is the Risk Assessment and Internal Control Plan.

Management’s role is to provide the leadership that the university needs to achieve its goals and objectives.  Internal controls are the structure, policies, and procedures used to ensure that management accomplishes its objectives and meets its responsibilities effectively and efficiently, and, in compliance with applicable rules, regulations, and laws. Thus, it is imperative that the Risk Assessment & Internal Control Plan be updated. Therefore, at least on an annual basis, each manager is responsible for reviewing and updating his/her section of the Risk Assessment and Internal Control Plan.

If there are any comments, questions or suggestions regarding this plan, please contact Paul Rigby, director, quality assurance and audit/internal control officer, at 978.542.6128.


Patricia Maguire Meservey


(The original signed document can be viewed in Financial Services)

Risk Assessment and Internal Control Plan for 2013