A NASBA-approved course to help organizations meet their objectives, assess risks, prevent fraud, and safeguard financial assets.


Format: Online

Hours: 12

Credits: 1.2 CEUs / 14 CPEs

When: Start anytime

Cost: $299 - $339

Every organization, whether a public entity (governmental) or a private sector entity, should establish and maintain an effective system of internal control. An internal control framework helps an entity to run its operations effectively, report reliable information, and comply with applicable laws and regulations.

Non-federal organizations, both public and private, that receive federal awards are required by the Code of Federal Regulations (CFR) to choose between two models as their framework for an internal control system.

The Internal Control course fully explains both models, which are nicknamed the “Green Book” model and the “COSO” model. Many examples and scenarios will help you see how to apply the concepts you are learning.


The 5 components of an internal control system.
In the course, you’ll learn the five components of an effective internal control system:

  • Control Environment is the foundation of internal control. It includes the culture of the organization, tone at the top, employees with the right knowledge and skills to do their jobs, integrity and accountability.
  • Risk Assessment occurs after the organization has defined their strategic and operating objectives. Once these objectives are defined, risks to achieving those objectives are assessed. Risks are then evaluated to determine how to respond to the identified risk. This could be to accept, avoid, reduce or share the risk.
  • Control Activities are those actions management takes to respond to identified risk they want to reduce. Control activities are often implemented in the form or policies and procedures.
  • Information and Communication involves determining what information is required, assuring data is relevant and from a reliable source, and is properly communicated up, down, and across the organization as well as externally.
  • Monitoring Activities involves performing reviews of the internal control structure to ensure it is continuing to operate as intended.

These components, which apply to both models, work together to support an entity's mission, strategies, and related objectives.

Each component consists of required principles.
The course reviews 17 principles that are associated with the five components. The components and the principles constitute the mandatory elements needed for effective internal control. You’ll gain understanding of how these elements work together, and the potential implications if they are no operating together.

Characteristics add depth to each principle.
While the five components and 17 principles are mostly common to both models, there are also key differences.

  • For the Green Book model, you’ll review the attributes of each principle. Attributes are characteristics that explain principles in greater detail.
  • For the COSO model, you’ll review important characteristics, called points of focus, which underlie each principle.

By completing Internal Control, you will gain knowledge and skills that will help you understand the concepts of an effective internal control system.

You will learn:

  • The definition of “internal control” and the five components of an effective internal control system
  • The seventeen principles that support the five components
  • The Green Book attributes that provide additional information regarding the principles
  • The COSO points of focus that provide additional information regarding the principles
  • The importance of the five components and relevant principles to be present and functioning
  • The importance of the five components operating together

This dynamic, NASBA-approved course consists of 13 lessons and Course Review:

Lesson 1 - Internal Control introduction

  • Define internal control.
  • Define the concept of a control framework or integrated system.
  • Identify the structural elements of the Green Book and the COSO integrated models of internal control.
  • Recall why nonfederal entities are required to establish an integrated system of internal control over federal awards

Lesson 2 - Control Environment (the Green Book)

    Define the control environment.
  • Recall why the control environment is important to an integrated system of internal control.
  • Identify the five principles related to the control environment.
  • Link each attribute to the appropriate control environment principle

Lesson 3 - Risk Assessment (the Green Book)

  • Define risk assessment.
  • Recall types of fraud and other forms of misconduct.
  • Recognize the four ways management responds to identified risks.
  • Identify the three points of the fraud triangle.

Lesson 4 - Control Activities (the Green Book)

  • Define control activities.
  • Differentiate between types of controls: preventive and detective controls, entity-wide and transaction controls, general and application controls.
  • Recognize examples of common control activities.

Lesson 5 - Information and Communication (the Green Book)

  • Define information and communication.
  • Identify characteristics of quality information.
  • Recall what constitutes an information system.
  • Recognize established communication flow within an entity.

Lesson 6 - Monitoring (the Green Book)

  • Define monitoring.
  • Recognize how a baseline is used in evaluating and changing a system of internal control.
  • Identify the two types of monitoring.
  • Recall the lines of reporting that should be used when internal control deficiencies are discovered by other personnel.

Lesson 7 - Review of COSO Model of Internal Control

  • Define internal control as presented by COSO.
  • Recognize the COSO Structure of Internal Control.
  • Identify the COSO requirements for an effective internal control system.
  • Recall COSO’s documentation requirements of the internal control system

Lesson 8 - Control Environment (COSO)

  • Define the control environment according to COSO.
  • Identify the five principles related to the control environment.
  • Recall why the control environment is difficult to evaluate.

Lesson 9 - Risk Assessment (COSO)

  • Define risk assessment, according to COSO.
  • Determine the COSO method of estimating the significance of identified risks.
  • Recall COSO methods of responding to risks.

Lesson 10 - Control Activities (COSO)

  • Define control activities according to COSO.
  • Recall the difference between preventive and detective controls.
  • Identify what management should do if proper segregation of duties cannot be maintained.

Lesson 11 - Information and Communication (COSO)

  • Identify and define attributes of quality information.
  • Illustrate how information and communication are related to other internal control components.
  • List the criteria management considers in choosing the method of communication.

Lesson 12 - Monitoring Activities (COSO)

  • Recall the purpose of monitoring activities.
  • Distinguish between control activities and monitoring activities.
  • Identify the different types of monitoring activities and provide examples of each type.

Lesson 13 - Operating Together in an Integrated Manner

  • Define “operating together” for both Green Book and COSO.
  • Define internal control deficiency and major deficiency.
  • Recall the definition of a deficiency, as provided by COSO.

Who Should Attend?

  • Local government employees who seek to meet requirements of the Local Government Finance Officer Certification Program offered through the University of Georgia's Carl Vinson Institute of Government.
  • Employees of non-federal entities (states, local governments, non-for-profits and private sector) who require knowledge of internal control in order to receive federal awards. For example, the course is highly relevant to financial management for libraries and charter schools.
  • Professionals with private sector experience who want to gain knowledge of internal control.
  • Accounting professionals preparing for the CPA exam or seeking NASBA-approved continuing professional education courses.

Course Information

Course Number: 


Course Date Info: 
  • Enroll at any time.
  • Complete the course's required online quizzes and exercises within 30 days of receiving the "Welcome" email with course URL, username and password information.
  • To complete this course, you will read the lessons and complete each lesson's exercises and quizzes. At the conclusion of the final lesson, you must also successfully complete an online final examination with a score of 70% or better.
  • View Frequently Asked Questions for more details about the course

Field of Study: Auditing (Governmental)
Delivery Method: QAS Self Study
Advance Preparation: None
Program Level: Basic
Prerequisites: None

Course Fee(s): 

$299 (US Funds) — Residents of Georgia
$339 (US Funds) — Non-residents of Georgia
$50 (US Funds) — One-Month Extension (Only one extension is granted per participant.)

Prepayment is required to be registered. Prices listed are per person. Prices are subject to change.

Cancellation/Refund Policy:
The Georgia Center will gladly issue full refunds for cancellations received in writing prior to the release of course access information. You may cancel your enrollment at any time during the course and receive a refund less a $50 administrative fee, provided that you have not accessed the online course material at all. During the first 10 days of your course, if you have not completed any course work, you may opt for a one-time transfer of your enrollment to another student for a fee of $50; the new student (i.e., substitute) would have up to thirty days from the transfer date to complete the course. A course may be transferred only once for a fee of $50. Written requests should be sent to student@georgiacenter.uga.edu