facebook twitter  youtube
corner graphic
Audit and Risk

Risk and Control Information

What do you think about when someone says risk? Risk management? Internal control? Governance? Assurance?

Historically, these terms have meant different things to different people. It is part of our mission to continuously raise awareness and understanding of these terms, suggest a common language, and provide clear direction and guidance related to these concepts.

The basis for our discussion of risk management and internal control is the guidance provided by the Committee of Sponsoring Organizations of the Treadway Commission, or COSO. COSO has published two studies that have established principles-based frameworks that provide standards against which institutions can assess and improve. COSO’s groundbreaking study Internal Control - Integrated Framework established a methodology for evaluating the effectiveness of internal controls and has been adopted by the global financial community, including regulatory bodies, the public accounting profession and internal auditing profession. Expanding on the original Internal Control framework, COSO published Enterprise Risk Management—Integrated Framework in September 2004.

In simple terms, the objective in Enterprise Risk Management, or ERM, is to help institutions get where they want to go while avoid pitfalls and surprises along the way.


The ERM framework. . .

. . .breaks entity objectives into four categories:

  • Strategic
  • Operations
  • Reporting
  • Compliance

. . .considers activities at all levels:

  • Enterprise-level (System)
  • Division or subsidiary (College)
  • Business unit or process

. . .and includes eight interrelated components:

  • Internal Environment
  • Objective Setting
  • Event Identification
  • Risk Assessment
  • Risk Response
  • Control Activities
  • Information and Communication
  • Monitoring

We ultimately hope to help TSTC move toward a fuller risk management process. We plan to take a leading role in helping TSTC understand ERM, getting ERM on the agenda, and instill the concepts within TSTC’s culture.

Audits of Financial Statements and Compliance and Controls of Federal Awards

The Texas State Technical College System is audited as part of the Single Audit of the State of Texas. This audit complies with the requirements of OMB Circular A-133 "Audits of States, Local Governments, and Non-Profit Organizations." There is not a separate audit for the individual Texas State Technical Colleges or the Texas State Technical College System. Statewide Single Audit is an annual audit for the State of Texas. It is conducted so the State complies with the Single Audit Amendments of 1996 and Office of Management and Budget (OMB) Circular A-133.

TSTC home page information request form Request Information Spanish translation