Hotel Internal Audit Checklist: 11 Controls Every GM Should Review
DB
Hotel leaders face increasing pressure to maintain financial accuracy, prevent fraud, and protect owner trust. Yet many properties still operate with inconsistent or outdated internal controls—creating gaps that quietly grow into losses. This guide outlines the 11 most important hotel internal audit controls every GM should review to strengthen financial discipline and reduce risk across the property.
1. Front Desk Cash Controls
Cash handling remains one of the highest‑risk areas in hospitality. Review:
Cash drops and safe logs
Over/short documentation
Voids and refunds
Night audit reconciliation
Segregation of duties
Unexplained over/shorts or inconsistent documentation are early indicators of risk.
2. Accounts Receivable & Direct Billing
AR errors often go unnoticed for months. Validate:
Credit approvals
Aging reports
Group master folios
City ledger reconciliations
Write‑off authorization
Look for aging spikes, slow‑paying accounts, or repeat offenders.
3. Accounts Payable & Vendor Management
AP is a common source of fraud and operational leakage. Audit:
Invoice approval workflow
Duplicate invoice detection
Vendor setup controls
Purchase order matching
Timeliness of posting
Weak AP processes increase the risk of overbilling and duplicate payments.
4. Payroll & Timekeeping
Labor is the largest controllable expense in a hotel. Review:
Timeclock edits
Overtime approvals
Terminated employee access
Payroll variance reports
Bonus/commission documentation
Unauthorized edits or missing approvals are red flags.
5. Inventory & Cost Controls
Inventory shrinkage adds up quickly across breakfast, housekeeping, and F&B. Check:
Receiving logs
Par levels
Waste tracking
Monthly inventory counts
Variance explanations
Unexplained variances often signal deeper process issues.
6. Purchasing & Procurement
Weak purchasing discipline leads to overspending. Audit:
Approved vendor lists
Purchase order usage
Competitive bidding
Contract compliance
Capital expenditure documentation
Unapproved vendors or missing quotes are common findings.
7. IT & System Access Controls
System access is a major risk area that hotels often overlook. Validate:
User access lists
Termination procedures
Password policies
POS/PMS permissions
Segregation of access rights
Inactive users with active access are a serious vulnerability.
8. Revenue Management & Rate Integrity
Rate leakage directly impacts profitability. Review:
Rate plans
Discount approvals
OTA parity
Corporate rate compliance
Package inclusions
Unauthorized discounts or inconsistent rate loading can cost thousands.
9. Food & Beverage Controls
F&B is one of the most common sources of operational loss. Audit:
Comp/void logs
Transfers between outlets
Inventory variance
Cash handling
Recipe costing
High void percentages or unexplained comps require investigation.
10. Housekeeping & Lost‑and‑Found Controls
Operational integrity matters for guest trust and financial accuracy. Review:
Room status accuracy
Lost‑and‑found logs
Key control
Linen inventory
Deep‑clean schedules
Inaccurate room statuses often reveal deeper process issues.
11. Safety, Security & Compliance
Hotels must maintain strict compliance standards. Validate:
Incident reports
OSHA logs
Safety training
Keycard access
Camera coverage
Missing documentation is a common audit finding and a liability risk.
Recommended Audit Schedule
A strong internal audit program doesn’t need to be complicated. A practical cadence is:
Daily: Cash, room status, F&B voids
Weekly: AP, AR, payroll edits
Monthly: Inventory, reconciliations, operational checklists
Quarterly: Full internal audit
Annually: Comprehensive risk assessment
This structure keeps the hotel aligned with best practices and reduces surprises.
Conclusion
Hotels that implement a consistent internal audit program reduce financial risk, improve operational discipline, and build stronger owner trust. This checklist gives any GM or owner a clear starting point to strengthen controls and protect profitability.