GEORGIA DEPARTMENT OF AUDITS AND ACCOUNTS Roger Boyd, Director IT Services October 1, 2017
Agenda Organization Continuous improvement efforts Changing landscape Questions Professional People with Purpose
Organization Financial Audit Division Performance Audits IT Services Educational Audits State Government Audits Performance Audits IT Services Non-profit and Local Government Sales Ratio Administration Professional Standards and Practices Professional People with Purpose
Organization Benefits Promotes sustainability Builds organizational capacity Increases knowledge across practice areas Offers different audit experiences Provides ability to smooth out engagement timing Ensures right resources at the right time Increases responsiveness to client needs Professional People with Purpose
Continuous Improvement Efforts What is an effective audit? Delivers the right audit opinion Yields confidence Addresses entity risk Is based on an understanding of the environment Culture that continuously delivers increased quality Professional People with Purpose
Continuous Improvement Efforts Our leaders are committed to successful audit outcomes Engagement Leadership Provides leadership and oversight to engagement teams Promotes ownership Commits appropriate time to: Communicate directly with management Communicate with and guides staff Our teams are knowledgeable and experienced Engagement Teams Possesses a thorough understanding of the environment Demonstrates professional integrity and objectivity Communicates clearly and concisely Provides insights and recommendations for improvements where applicable Professional People with Purpose
Continuous Improvement Efforts Our teams strive to perform efficient quality engagements Engagement Fieldwork Conducts entrance and exit meetings timely Communicates audit purpose, scope, and timelines Performs and completes fieldwork timely Holds regular status updates Presents issues clearly and timely to allow appropriate action by management Interacts with the auditee throughout the entirety of the engagement Our teams produce relevant and timely audit reports Wrap-up and Reporting Communications are specific and relevant Draft reports are circulated timely for comment Final reports are issued within the communicated timeframe Professional People with Purpose
Continuous Improvement Efforts Planning Set appropriate tone at the top Be responsive to request for information and meetings Prepare an adequate work area for auditors to use Provide auditors with access to IT systems and other information as requested Fieldwork Attend entrance and exit conferences Encourage your staff to keep you informed of audit issues as they arise Maintain interaction with auditors throughout the engagement Attend regularly scheduled status meetings Seek clarification when needed from our auditors Reporting Be responsive to issues throughout the engagement Consider strengthening internal controls and develop new processes or procedures where needed Consider revising your risk assessment process if audits reveal issues not yet addressed Avoid repeat findings by addressing issues as quickly as possible Interact with auditors to ensure complete and accurate understanding of issues We need your help Professional People with Purpose
Continuous Improvement Efforts Client focus High number of manual journal entries Financial statement and note disclosure errors Ensure quality of information reported to SAO Strengthen internal controls over financial reporting Understand your obligations for GASB 74 Audits will occur in Spring 2018 75 in effect for fiscal years beginning after June 15, 2017 GASB 74/75 – OPEB Subrecipient monitoring Subrecipient risk assessments Ensure correct rates are used by subrecipients Uniform Guidance (UG) Professional People with Purpose
Continuous Improvement Efforts Reporting requirement changes Requires level 2 detail for BoA payments Vendor name MCC description Purchase date Amount Transaction number TIGA Reporting Requirements Professional People with Purpose
Continuous Improvement Efforts Internal application changes Improved graphical user interface Simplified data entry Increased export features More reporting options Enhanced program views and filtering capability Schedule of Expenditures for Federal Awards (SEFA) Professional People with Purpose
Changing Landscape Third-party monitoring and risk assessments Assess internal control impact Understand and document your risk related to use of third party service providers Understand your contractual and legal obligations Understand the nature of the service provided Understand the impact to your financial, compliance and operational reporting requirements Evaluate service organization control reports (SOC) Understand management’s description of its systems of internal controls Understand and assess the relevance of the use of sub-service organizations Understand controls in place at the service organization Understand controls you should have in place related to third party services (Complimentary User Entity Control) Assess operating effectiveness of internal controls Understand and document controls in place to address risks Conduct reviews to ensure effectiveness of controls Complete evaluation of SOC reports and control assessments annually Professional People with Purpose
Changing Landscape Cybersecurity Increased focus on risk assessments related to cybersecurity Understand cybersecurity risks Establish governance Develop policies, procedures and oversight processes Protect networks and infrastructure Address risks associated with: Remote access Fund transfers Third-parties Develop processes to detect and respond Professional People with Purpose
Changing Landscape Cybersecurity New for FY 2018 Federal compliance supplement requires a review of protection of student information in accordance with the Gramm-Leach-Bliley Act (GLBA) Impacts University and Technical College entities Requires entities to have demonstrated capabilities in order to comply with GLBA DOAA’s IT Audit group will begin cybersecurity reviews at select agencies Communication with agency management Efforts coordinated with GTA to avoid duplicative efforts Professional People with Purpose
Changing Landscape Data Act Digital Accountability and Transparency Act (DATA Act) signed into law on May 9, 2014 (Public Law No. 113-101) Creates a government-wide data standard Increases the availability, accuracy and usefulness of federal spending information Requires electronic reporting of 57 defined data elements Promotes use of analytics to spotlight indicators of fraud and waste Effective for the 2019 reporting year Professional People with Purpose
Changing Landscape Data Act Preparation Review and understand the 57 DATA Act elements required for reporting Perform an inventory of agency data and associated business process and systems Establish an agency work group and begin determination of potential impact. Professional People with Purpose
Changing Landscape Data Act Resources Whitehouse.gov: https://www.whitehouse.gov/blog/2015/05/08/better-data-better-decisions-better-government Data Coalition: http://www.datacoalition.org/what-is-data-transparency/data-act/ GITHUB: https://fedspendingtransparency.github.io/ USASpending: https://www.usaspending.gov/Pages/data-act.aspx Professional People with Purpose
Who Audits the Auditor? Annual internal quality review program DOAA is audited annually by and independent IPA Address deficiencies like other agencies External peer review conducted every three years Federal, financial, and performance audits Received “pass” on our latest review Professional People with Purpose
Questions? Professional People with Purpose