2007 Activities Reviewing and Compiling control points for Site AART Presented to : Process Owners By Grace Huang, Project Manager OMB Circular A-123 (Appendix.

Slides:



Advertisements
Similar presentations
Auditing the Purchasing Process
Advertisements

MONITORING OF SUBGRANTEES
AICPA SAS 112: Case studies and Intermediate Reporting Issues Presented by Frank Crawford, CPA Crawford & Associates, P.C.
Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated.
The Department of Energy Enterprise Risk Management Model
Managing Risk: A Framework and Reporting Cycle 2014.
G L O B A L S E R V I C E / I N D U S T R Y A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S SAS 112 Presentation California State University.
Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011.
Massachusetts Department of Elementary & Secondary Education
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
C. Conger 6/7/2011 Financial Management Assurance & OMB Circular A-123 Integration with Contractor Assurance at Fermilab OMB Circular A-123: Management's.
Auditing Concepts.
Internal Control.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
New Audit Risk Standards Are You Ready? John P. Langan, CPA Principal in Charge Public Service Group Metro, DC Office LarsonAllen LLP.
SAS 112 – The Year After Presented by Chris Ray Partner - KPMG LLP KPMG LLP.
SAS 112 Update Chapter 9 Presented by Chris Ray, Partner KPMG LLP KPMG LLP.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
Auditing A Risk-Based Approach To Conducting A Quality Audit
Internal Control in a Financial Statement Audit
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.
Implications of SAS 112 NCURA Regional Meeting Park City, Utah April 22-27, 2006.
SPAWAR HQ (General Fund) Navy ERP Implementation Lessons Learned – Comptroller View.
Information Technology Audit
Office of Field Services Fiscal Review Process Becky Pennington Susan Szymas February 7, 2013.
Auditing Internal Control over Financial Reporting
An Accountant’s Look at the Changing Horizons within SOX 404 Presented to Colorado Bar Association’s Securities Law Group Presented by Bill Evert Hein.
1 INTERNAL CONTROLS Matthew Pakos School Improvement Grant Programs May 23, 2011.
AICPA SAS 112 on Internal Controls: Implications and Impacts on State Agencies and Auditors Presented by Frank Crawford, CPA Crawford & Associates, P.C.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 5 Internal Control over Financial Reporting
Internal Control in a Financial Statement Audit
EEC Internal Control Plan (ICP) FY2013. Direction from Secretary Malone Acting EEC Commissioner Thomas Weber shall initiate a top-to-bottom review of.
Internal Control in a Financial Statement Audit
FISCAL RESPONSIBILITY IN TITLE III AND OTHER SPONSORED PROGRAMS AND GRANTS ADMINISTRATION Presented by Sharon S. Crews, M.Ac., CPA Vice President for Administrative.
1 The Impact of SAS 112 on Governmental Financial Statement Audits GAQC Member Conference Call January 4, 2007 Presented by Chuck Landes, CPA.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
CD FY10 Budget and Tactical Plan Review FY10 Tactical Plans for Financial Management Valena Sibley October 8, 2009 Tactical plan nameDocDB# FY10 Tactical.
Evaluation of Internal Control System
New NSF Awardee Checklist Requirements: WHY? November 19, 2014 joyce y. JOHNSON POST-AWARDS COORDINATOR OFFICE OF SPONSORED PROGRAMS.
1 HOW TO WRITE A CORRECTIVE ACTION PLAN (CAP) Presented by Nancy Gates Chief, Financial Policy and Compliance Division April 29, 2008.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Audit Planning and Types of Audit Tests Chapter Five.
The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.
Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.
Casualty Loss Reserve Seminar General Session II September 9, 2003 Section 302/404 of Sarbanes-Oxley Act What Actuaries Need to Know Jan A. Lommele, FCAS,
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Internal Controls FMC September Introduction Internal Controls and the BCR/CAFR Green Book Current State Vision for the Future Agenda.
Governmentwide Accounting Presenter: Jim Sturgill May 8, 2007.
University of Minnesota Internal\External Sales “The Internal Sales Review Process” An Overview of What Happens During the Review.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Implementation Status Presented to: Berkeley Site Office Implementer : Minh Huebner January 4, 2007 Office of Management and Budget Circular A-123 (Appendix.
August 21 th, 2007 Board of Directors Meeting Semi-Annual Audit, Compliance, and Enterprise Risk Management Update Steve Byone Chief Financial Officer.
Assessing Financial Statement Risks and Internal Controls
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
County of Riverside ■ Office of the Auditor-Controller FY 2008 CAFR/Audit Highlights Robert E. Byrd, CGFM County Auditor-Controller.
Purchasing Forum – May The integration of the activities, plans, attitudes, policies, and efforts of the people of an organization working together.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
1 CHAPTER 5 - b INTERNAL CONTROL OVER FINANCIAL REPORTING.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
SUNY Maritime College Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal.
Auditing Concepts.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Capital Assets Through the Eyes of an Auditor
Presentation transcript:

2007 Activities Reviewing and Compiling control points for Site AART Presented to : Process Owners By Grace Huang, Project Manager OMB Circular A-123 (Appendix A) Implementation

What is OMB Circular A-123? Provides Federal managers guidance on improving the accountability and effectiveness of Federal programs and operations by establishing, assessing, correcting, and reporting on management controls* Appendix A was added late 2005 with a focus of the management process for assessing internal control over financial reporting * From “Purpose and Authority” of Circular No. A-123

Assurance reporting at different levels DOE Headquarters Assurance Statement Chicago Field Office Roll up Site A-123 Assessment and Reporting Tool (AARTs) Assurance Statement LBNLSite AART

Material accounts  Balance sheet Other Liabilities Accounts Payables Other Non- intragovernmental assets General Property, Plant, and Equipment  Stmt of Net Costs World Class Scientific Research Capacity Reimbursable Programs  Stmt of Financing Depreciation and Amortization Major processes  Entity Controls  Process Controls Budget to Close Procure to Pay Enterprise Resource Management Project to Asset Quote to Cash

FY07 Timelines MilestonesDue Dates Internal Control training 10/1/2006 through 12/15/2006 Revised Site AART toolkit Mid December Review of Site AART data (including Financial Statement Assertion linkage) 12/15/2006 through 2/15/2007 OMBA-123 Webpage development 11/1/2006 through 12/31/2006 1st Quarterly reporting 1/5/2007 (tentative) Realignment of FY 2006 Data for new Site AART features 2/15/07 through 5/15/2007 Testing 2/15/2007 through 7/31/2007 2nd Quarterly reporting 4/6/2007 (tentative) Remediation of controls 2/15/2007 through 6/15/2007 3rd Quarterly reporting 7/6/2007 (tentative)

FY07 Timelines (Continued) MilestonesDue Dates Preliminary assurance reporting 8/10/2007 (tentative) Final assurance reporting 8/27/2007 (tentative) Periodic assessment team meeting Ongoing Quarterly Steering Committee meeting Ongoing Periodic status report to CFO Ongoing

New/Changed process? Note any significant process change that may have been prompted by or resulted in any of the following  New regulations requiring additional controls to ensure compliance  Organizational changes in which new leadership has implemented new procedures or directives  Existing automated processes changed to manual ones Process owners are required to discuss any of the above with the implementation team

Why Hours required for testing activities in FY2006 Agreed controls required clarification or revisions Required resources to track the revised controls

How to Review the controls under the sub-processes rated “Moderate” and “Low” risks Based on the way the control is worded, conclude the following:  What does the control accomplish (its objective)?  Is the control objective preventive, detective, or both in nature (Control Set Mode)?  Mark the key control(s) with two asterisks at the end of the sentence and list the key control(s) first  Re-rate the Control Set Design Effectiveness based on the new definition of the rating

Key Controls/Controls Set Key Controls are: Controls that have the greatest and most critical impact in mitigating risk occurrence A control Set is A logical grouping of controls designed to mitigate a common risk statement

Control Set Design Effectiveness Rating FY 2007 (New)FY 2006 (Old) 3 Significant Design Deficiency High probability of the risk occurring Material Weakness More than a remote likelihood of material misstatement of Financial Statement 4 Design Deficiency More than a remote possibility of the risk occurring Reportable Condition More than a remote likelihood and more than inconsequential misstatement of Financial Statement 5 Minor Design Deficiency Only a remote possibility of the risk occurring Control Deficiency The control will prevent or detect a misstatement of Financial Statements 6 Designed Effectively Less than a remote possibility of the risk occurring Designed Effectively The control will prevent or detect a misstatement of Financial Statements

Control Set Design Considerations Design Effectiveness Rating Decisions should consider:  Degree of automation of the control set  Type and mode of control set  Frequency of execution of the control set  Existence of compensating controls  Risk Assessment rating  Relative exposure  Potential for risk occurrence

How to Design Effectiveness Rationale (An example) for a rating of 6 (control set designed effectively): Control set contains both manual and automated controls directly linked to key risks. The control set provides for preventive and detective controls to mitigate the risk and provides for identification of issues should the risk occur. The number of controls also appears adequate based on the level of risk.

How to Project team will determine the following for review:  The direct impact on the DOE entity-wide financial statements if the control is not able to mitigate the risk(s) involved DOE entity-wide statements –Balance Sheet –Statement of Net Costs –Statement of Financing  In the event that the impact on the entity- wide financial statement is indirect, reference “Indirect impact”

How to The five financial statement assertions (project team will complete this for review): P resentation and disclosure Is it recorded in the right place? E xistence or occurrence Did it happen and when? R ights and obligations Do we own or owe what we think we do? C ompleteness and accuracy Is anything missing? V aluation or allocation Are the numbers right?

How to Revising controls  When? It is not possible to form a clear, concise control objective which addresses how the risk involved may be averted or detected Lack of specificity in the Risk/Control set Underlying business processes have changed prompting the controls to be changed or eliminated Controls as worded are inaccurate depiction of the actual business processes and procedures The Control Set Type (Auto vs. Manual) and Frequency have changed

How to A risk/control set – before and after Example (before): Risk: Improper orders can occur Control: Procurement supervisors review the purchase requisitions for any unallowable items and assign transactions to buyers. Buyers review transactions then source requisitions into purchase orders and place orders with vendors.

How to A risk/control set – before and after Example (After): Risk: Prohibited items may be ordered via LBNL Procurement systems Controls: Procurement supervisors review the purchase requisitions for any unallowable items. The DPU Supervisor signs off on monthly statement and reviews the backup documentation. Buyers review and approve those purchase orders within their delegated signature authority. SAS approvers review for any prohibited items and approve the requisitions.

How to How is after different from before?  A more clear control objective – prevents unallowable costs from incurring by preventing and/or detecting the requisition of prohibited items  Specific reference to multiple processes in which the control objective is achieved

Our goals To address the feedback from DOE HQ OMB A-123 Project Management Team (PMT) :  Most risk statements are detailed and well formed, but some lack specificity  While the control activities are defined, it is difficult to discern the control objectives. To streamline effort for FY07 implementation activities by striving for more clear and concise control objectives

Optional/Recommended Efficiency Opportunities Identifier While the control set design may be effective, A-123 evaluations should also assess efficiency where possible. If during the course of the evaluation opportunities to improve the efficiency of controls are identified, record a “Yes” in the Efficiency Opportunities Column (Col. V). The nature of the potential efficiency should be recorded in the detailed A-123 Documentation.

Design Efficiency Opportunities Automation of manual controls Elimination of duplicative controls Consolidation of multiple controls into a more effective control Alteration of control frequency Transition from detective to preventive controls Alignment of numbers and complexity of controls with level of risk

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.