- Risk Management Reviews are comprehensive - encompassing all fiscal transactions and CTR business areas. The program has two components - Departmental Risk Management Review and Issue-Specific Review.
Under Chapter 647 of the Acts of 1989, the Comptroller is responsible for developing internal control guidelines for Commonwealth departments.
The Risk Management Team's audit coordination responsibilities include tracking the activities of various auditing entities, monitoring potential auditor independence issues and following up on findings. The most significant of these outside reviews is the Commonwealth's Statewide Single Audit (SSA). The SSA is an annual comprehensive review, by fiscal year, of the Commonwealth's strengths and weaknesses in the areas of internal controls and compliance with federal grant regulations. The Office of the Comptroller procures audit services for, and directs the operation of, the SSA. As part of its coordination responsibilities, the Risk Management Team represents the Comptroller at Single Audit entrance and exit conference meetings with departments. Departments that receive notice of a program or other department-specific audit, other than the SSA, should in turn notify the Risk Management Team of same.
Comptroller Internal AuditThe Risk Management Team reviews the internal operations of the Comptroller business areas. These reviews check the effectiveness of the policies and procedures under which the business areas operate in their capacity as oversight agents (CTR) for the activities of other Commonwealth departments. RMT recommends clarifications to policies and procedures when necessary. RMT will also conduct periodic reviews of the Comptroller's day-to-day activity as a Commonwealth department (OSC).