FFMIA Systems Requirements Integrity - Service - Innovation

Slides:



Advertisements
Similar presentations
INTERNAL CONTROLS.
Advertisements

Configuration Management
“The Honeywell Web-based Corrective Action Solution”
STRATEGIC PLANNING FOR Post-Clearance Audit (PCA)
General Ledger and Reporting System
QUT Payroll Services Sessional eForm Presented by Christine Delaney, QUT Payroll Manager with Technical Support from Edward Eacock, QUT Financial Systems.
Software Quality Assurance Inspection by Ross Simmerman Software developers follow a method of software quality assurance and try to eliminate bugs prior.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
1 © Copyright Doug Hillman 2000 Internal Control and Cash.
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 15-1 Accounting Information Systems 9 th Edition Marshall.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
The Islamic University of Gaza
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
The University of California UC Financial Management Jim Corkill Controller, Accounting Services & Controls University of California, Santa Barbara November,
IT Service Delivery And Support Week Eleven – Auditing Application Control IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA.
New Form Approval Process. Background New Process is effective April 1, 2014 Changes Chapter 4 in the Library Manual (the reissued 2014 manual will be.
Copyright © 2007 Pearson Education Canada 1 Chapter 20: Audit of the Capital Acquisition and Repayment Cycle.
Information Systems Security Operational Control for Information Security.
Auditing Information Systems (AIS)
Automated Statement of Accounts Project and Operational Guideline March 2011.
Chapter 10 THE ACQUISITION CYCLE— PURCHASE INVOICES AND PAYMENTS.
Auditing the Revenue Cycle. Learning Objectives After studying this chapter, you should: Understand the operational tasks associated with the revenue.
Zulhizam Bin Ebrahim Mohd Shamir Bin Abd Azia Muhammad Salehin Bin Suhaimi
1 Standard Student Identification Method Jeanne Saunders Session 16.
USDA webTA Configuration Process United States Department of Agriculture Office of the Chief Financial Officer National Finance Center.
AUDIT IN COMPUTERIZED ENVIRONMENT
Fraud and corruption prevention on-line tools and techniques Dr Robert Lang Chief Executive Officer.
Derek Huhta Micah McKee Natalia Meza Shaun Ripplinger.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Hall, Accounting Information Systems, 7e ©2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly.
2013 Army Financial Management & Defense Finance and Accounting Service Customer Workshop Defense Access Control System (DACS) Defense Finance Accounting.
Chapter 8 Auditing in an E-commerce Environment
GLENCOE / McGraw-Hill. Internal Control and the Voucher System.
Chapter 9.3 Accounting Controls for Cash. Internal Controls Where possible, two different people should be processing and preparing accounting documents.

OFFICE OF FINANCIAL MANAGEMENT 0 Office of Financial Management Office of Financial Management TALS Draft Conceptual Solution February 24, 2004.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
Accounting Information Systems: An Overview
Configuration Management
Software Configuration Management
Problem 9-3, Page 473 Key Control, Control Test Evaluation
Reconciliation Best Practices
Auditing Information Technology
Chapter 15 Auditing the Financing/Investing Process: Long-Term Liabilities, Stockholders′ Equity, and Income Statement Accounts McGraw-Hill/Irwin Copyright.
Controlling Computer-Based Information Systems, Part II
Configuration Management
TRANSACTION PROCESSING
Database Management Systems
Managing the IT Function
The Impact of Information Technology on the Audit Process
You are a key to financial success at TCS!!!
FFMIA Systems Requirements Integrity - Service - Innovation
Auditing Application Controls
Certified General Accountants
The Impact of Information Technology on the Audit Process
Financial Management and Accountability
Data Quality By Suparna Kansakar.
Purchases and Cash Disbursements Procedures
Internal controls 01-Nov-2017.
SAP GRC EOH GRC Solutions Divisional divider Option 1.
Management Application for all segments
CHAPTER 6 ELECTRONIC DATA PROCESSING SYSTEMS
Security Policies and Implementation Issues
James Baranello MIS 5121:Business Process, ERP Systems & Controls Week 8: Security 2 – Roles Financial Processes and Controls.
Performance improvement observations
SPOT CHECKS 2016.
Financial Control Measures
Presentation transcript:

FFMIA Systems Requirements Integrity - Service - Innovation Purpose To provide an update on the Project of Correlating the FFMIA Financial Management Systems Requirements to the FISCAM Hyper Critical Controls. FFMIA Systems Requirements 9/18/2018 Integrity - Service - Innovation

Why a Correlation of FFMIA and FISCAM Controls? Duplication of efforts during testing and assessments exist FFMIA Requirements and FISCAM Controls testing is independent of one another however, both are systems related Many FFMIA Requirements supports FISCAM Controls System Managers and Customers may not recognize the FFMIA/FISCAM relationship Changing Environment Management changes Legacy and ERP’s system changes Volume of both the FFMIA Requirements and the FISCAM Controls to be tested and assessed Provide a useful tool to improve the efficiency and effectiveness for each effort Identify the correlation for customers 9/18/2018 Integrity - Service - Innovation

Benefits of the Linkage of FFMIA and FISCAM Controls FFMIA Assessments and FISCAM Controls testing can be completed simultaneously Identify Linked FISCAM Controls to FFMIA Requirements and test and assess at the same time Leverage existing documentation to support the testing and assessment process Key Supporting Documentation (KSD) Deficiency Reports Corrective Action Plans Increase Operational Excellence 9/18/2018 Integrity - Service - Innovation

Example of FFMIA Requirements to FISCAM Controls Identified FFMIA Requirement Linked Hyper Critical FISCAM Controls AS-2.2: Control Activity: Application users are appropriately identified and authenticated. Control Technique: Identification and authentication is unique to each user. All approved users should enter their user ID (unique) and password (or other authentication) to gain access to the application. DRRT DFAS Owned System BB# 02.02.016 The system shall provide the capability for an authorized user to identify if an adjustment is required to change official accounting records or to correct errors made during the preparation of a cash report. AS-2.4.3: Control Activity: Access to the application is restricted to authorized users. Control Technique: Access is limited to individuals with a valid business purpose (least privilege). Linked Hyper Critical FISCAM Controls FFMIA-FISCAM Identified FFMIA Requirement BB# 14.01.001 The system must generate an audit trail of transactions recorded as a document moves from its source through all document statuses. IN-2.5.3: Control Activity: Rejected interface data is isolated, analyzed and corrected in a timely manner. Control Technique: Audit trails are used to identify and follow-up on interface errors. The corrections to interface errors are included in the audit trail. CAPS-W DFAS Owned System AS-3.7.1: Control Activity: Movement of programs and data among libraries is controlled. Control Technique: A group independent of the user and programmers control movement of programs and data among libraries. Before and after images of program code are maintained and compared to ensure that only approved changes are made. Identified FFMIA Requirement CDS DFAS Owned System Linked Hyper Critical FISCAM Controls BB# 17.14.034 The system must have edits preventing a user from making a payment generated internally within the system / Disbursing Office if it has not been certified in the system. AS-4.2.1: Control Activity: Application controls prevent users from performing incompatible duties. Control Technique: Users are prevented by the application from executing incompatible transactions, as authorized by the business owners. 9/18/2018 Integrity - Service - Innovation

Integrity - Service - Innovation Questions? Email Us at: dfas.indianapolis-in.zpr.mbx.ffmiarequirementsmailbox@mail.mil 9/18/2018 Integrity - Service - Innovation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.