A strong internal control system will have controls in place to defend the organization against risks:
Control Environment: Determines whether the organization is committed to high levels of integrity and demonstrates those values.
Risk Assessment: Determines whether a non-federal entity is a safe bet to complete the objectives of a federal award. Ensures that the organization has plans in place to identify, analyze and respond to a variety of risks.
Control Activities: Where actual tasks that can minimize waste, fraud and abuse are put into place. This mechanism will prevent and detect bad things from happening.
Information and Communication: Quality communication and improving the reliability of financial information. Reducing or eliminating spreadsheets and using a common software platform.
Monitoring: Ensures that your organization is following the requirements of a sound internal control system.