Donna Davis Defense Finance and Accounting Service June 2010

Slides:



Advertisements
Similar presentations
Internal Control Integrated Framework
Advertisements

Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.
Internal Controls 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.
Chapter 10 Accounting Information Systems and Internal Controls
Control and Accounting Information Systems
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Integrity - Service - Innovation Enterprise Risk Management for the Federal Government – Where’s the Value? Donna Davis Defense Finance and Accounting.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Eliot M. Stenzel, CPA,CIA IIA Instructor for many years Risk Based Auditing.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Chapter 4 Internal Control Bus 319 Accounting Information Systems.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Information Systems Controls for System Reliability -Information Security-
Control environment and control activities. Day II Session III and IV.
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 3.2 -Internal Control & Audit.
Chapter 4 Internal Controls McGraw-Hill/Irwin
Information Technology Audit
Internal Auditing and Outsourcing
Internal Control and Control Self-Assessment
An Educational Computer Based Training Program CBTCBT.
Chapter 9: Introduction to Internal Control Systems
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Introduction to Internal Control Systems
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 5 Internal Control over Financial Reporting
CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.
Internal Control in a Financial Statement Audit
Internal Control in a Financial Statement Audit
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks.
The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,
Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.
Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.
Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
Chapter 9: Introduction to Internal Control Systems
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
12-CRS-0106 REVISED 8 FEB 2013 APO (Align, Plan and Organise)
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 4.3: Internal Control & Audit.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
Dolly Dhamodiwala CEO, Business Beacon Management Consultants
INTERNAL AUDIT PROCESS PRE-AUDIT PRESENTATION. OBJECTIVES OF PRESENTATION  PROVIDE A BASIC UNDERSTANDING OF INTERNAL AUDIT  PROVIDE A BASIC AWARENESS.
Company LOGO Chapter4 Internal control systems. Internal control  It is any action taken by management to enhance the likelihood that established objectives.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
SUNY Maritime College Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal.
JMFIP Financial Management Conference
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
An Overview on Risk Management
Internal Control Principles
Internal Control.
Chapter 4 Enterprise Systems
Chapter 4 Internal Controls McGraw-Hill/Irwin
Errors, Fraud, Risk Management, and Internal Controls
Internal control - the IA perspective
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT
Adding Value Across the Board
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Donna Davis Defense Finance and Accounting Service June 2010 Enterprise Risk Management for the Federal Government – Where’s the Value? Donna Davis Defense Finance and Accounting Service June 2010 Integrity - Service - Innovation

Integrity - Service - Innovation Agenda ERM - Where’s the Value? Putting the COSO Framework to Work in the Federal Sector Event Identification Risk Assessment Risk Response Control Activities Information and Communication Monitoring Some Pitfalls to be Wary of A Gallery of Tools and Techniques 9/16/2018 Integrity - Service - Innovation

ERM in the Federal Government – Where’s the Value Three Parts of Business Objective Risk Controls Objective Control Risk 9/16/2018 Integrity - Service - Innovation

ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish For Profit To maximize shareholder wealth or, in the case of a corporation, to maximize the value of the firm as measured by stock price. Realize a benefit from resources expended. Focus on efficiency. Not For Profit To achieve a mission or objective while protecting assets. Achieve goals and objectives for resources expended. Focus on effectiveness. 9/16/2018 Integrity - Service - Innovation

ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish Risk – the barrier that will stop you from accomplishing the objective For Profit Seek Risk as a means for expanding market value. Measure Value at Risk. Not For Profit Avoid Risk seeking safest path to mission achievement. Measure Impact of Risk on Goals and Objectives. 9/16/2018 Integrity - Service - Innovation

ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish Risk – the barrier that will stop you from accomplishing the objective Controls – the action that will remove or diminish the risk For Profit Affect controls for the purpose of minimizing loss. Not For Profit Affect controls to assure compliance, accountability, effectiveness/efficiency, reliability of reported data and safeguarding assets. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value What Do We Want From the “Business” of Government? To be Affordable and Efficient To be Effective To provide Quality Service To be Dependable The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value What Do We Want From the Business of Government? To be Affordable and Efficient To be Effective To provide Quality Service To be Dependable So – We need to be able to achieve the established mission in order to retain the confidence of our funders. We need to provide value for our services. Bottom Line – We need to meet our objectives and protect our assets, including intangible ones such as reputation. The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value What Value does ERM Provide? Supports Government’s Governance Responsibilities Improves Results Strengthens Accountability Enhances Stewardship The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value How does ERM support Government’s Governance Responsibilities? By ensuring that significant risk areas associated with polices, plans, programs and operations are identified and assessed. By ensuring that appropriate measures are in place to address unfavorable impacts and to benefit from opportunities. The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value How does ERM Improve Results ? Through more informed decision-making and by ensuring that values, competencies, tools, and a supportive environment form the foundation for innovation and responsible risk-taking. By encouraging learning from experience while respecting parliamentary controls. The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value How does ERM Strengthen Accountability? By demonstrating that levels of risk associated with policies, plans, programs and operations are explicitly understood. By facilitating the optimum balance in risk management measures and stakeholder interests. The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation ERM in the Federal Government – Where’s the Value How does ERM Enhance Stewardship? By strengthening public service capability to safeguard people, government property and interests through increased insight to the potential impact of abnormal events. The faster pace and need for innovation, combined with significant risk-based events from computer failures to natural disasters, has focused attention on risk management as an essential factor in sound decision-making and accountability. 9/16/2018 Integrity - Service - Innovation

Putting the COSO Framework to Work in the Federal Sector DFAS-ization of COSO 9/16/2018 Integrity - Service - Innovation

Putting the COSO Framework to Work in the Federal Sector DFAS ‘ ERM Philosophy and Methodology Risk Taxonomy Risk Polices and Standards Internal Environment DFAS Mission Strategic Objectives Operational Objectives Objective Setting Potential Events affecting Objective Achievement Positive/Negative Impact External/Internal Factors Event Identification Likelihood and Impact Category of Impact Risk Assessment Response Options: Accept, Avoid, Mitigate, Share, etc. Response Cost versus Benefit Risk Response Policies and Procedures Control Activities: Approvals, Authorizations, Verifications, Reconciliations, Reviews, etc. Controls Activities Timely ERM Communication Flow Up, Down and Across the Agency Integration of Risk Information Across the Agency (Audit Findings, SITREPS, Self-Identified Deficiencies) Internal and External Training Information & Communication Assessment of Presence and Functioning of ERM Components Regular Control Testing and Reviews Monitoring DFAS alignment to the Risk Components ensures a robust program and strengthens compliance with the GAO Standards for Internal Control. 9/16/2018 Integrity - Service - Innovation

Putting the COSO Framework to Work in the Federal Sector With Federal Regulations and Laws With DFAS Regulations and Polices With Operational Policies and Procedures Compliance For Achievement of Strategic Objectives and desired outcomes For Achievement of Operational Objectives and desired outcomes For use of public resources Accountability (Strategic) Provide reliable, useful and timely information Accurate and timely recoding of transactions and events Reliability (Reporting) Carryout public functions legally, effectively, efficiently, economically, ethically, and equitably Effective and Efficient (Operations) Access restrictions to and accountability for resources and records Segregation of duties Safeguard Assets DFAS expanded the Risk Management Objectives to address data security concerns and general auditing standards. 9/16/2018 Integrity - Service - Innovation

Putting the COSO Framework to Work in the Federal Sector DFAS Agency Business Enabling Governance Cycle Payroll Disbursements Personnel Customer Relation Mngt Other Disbursements Procurement Mgt of Processes & Programs Revenue & Receipts Provide IT Support Strategic Planning & Execution Assets & Liabilities Infrastructure Financial Reporting Finance & Budget 63 Programs - Business Functions (Mil Pay, Accounts Payable, Budget, ERM, etc.) Program A group of related actions (Payroll Record Maintenance, Process Payroll, Certify Payroll, etc.) Functions A series of tasks or operations conducing to an end ( Input data, edit data, validate entry, save data, etc.) Processes Detailed steps for accomplishing a task Level 3 Maps Stratification across business units and at every level of the organization was applied to enable accurate reflection of the interrelationships of risks and create a common taxonomy for business activities. 9/16/2018 Integrity - Service - Innovation

Putting the COSO Framework to Work in the Federal Sector We are actually finding this layer adds little value as we evolve the program. DFAS Agency Business Enabling Governance Cycle Payroll Disbursements Personnel Customer Relation Mngt Other Disbursements Procurement Mgt of Processes & Programs Revenue & Receipts Provide IT Support Strategic Planning & Execution Assets & Liabilities Infrastructure Financial Reporting Finance & Budget 63 Programs - Business Functions (Mil Pay, Accounts Payable, Budget, ERM, etc.) Program A group of related actions (Payroll Record Maintenance, Process Payroll, Certify Payroll, etc.) Functions A series of tasks or operations conducing to an end ( Input data, edit data, validate entry, save data, etc.) Processes Detailed steps for accomplishing a task Level 3 Maps Stratification across business units and at every level of the organization was applied to enable accurate reflection of the interrelationships of risks and create a common taxonomy for business activities. 9/16/2018 Integrity - Service - Innovation

Some Pitfalls to be Wary of Trying to risk manage EVERYthing Just focusing on financial risks An obsession with internal controls – an inward looking limitation 9/16/2018 Integrity - Service - Innovation

A Gallery of Tools and Techniques Agency Mission and Functions Manual Provides the business objectives COSO Framework Identifies a comprehensive view of the elements of a robust ERM A Catchy Logo CARES – covers the five Risk Management Objectives DFAS assesses Compliant Accountable Reliable & Accurate Effective & Efficient Safeguarded Auditor’s Lenses 9/16/2018 Integrity - Service - Innovation

A Gallery of Tools and Techniques SIPOC Model Guides process mapping through a complete end to end review of the factors impacting the business activity 9/16/2018 Integrity - Service - Innovation

A Gallery of Tools and Techniques IDEF Model Denotes the role of compliance/regulations/controls in the business activity Denotes the role of the supporting mechanisms for the business activity Integration DEFinition Model 9/16/2018 Integrity - Service - Innovation

A Gallery of Tools and Techniques Risk Identification Questionnaire Facilitates comprehensive and consistent assessment of potential risks Courtesy of Brian Williams 9/16/2018 Integrity - Service - Innovation

A Gallery of Tools and Techniques Process Map & Narrative For business processes For Information Systems data flow 9/16/2018 Integrity - Service - Innovation

Integrity - Service - Innovation End Questions? 9/16/2018 Integrity - Service - Innovation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.