Integrity - Service - Innovation Enterprise Risk Management for the Federal Government – Where’s the Value? Donna Davis Defense Finance and Accounting.

Slides:



Advertisements
Similar presentations
Internal Control Integrated Framework
Advertisements

Chapter 10 Accounting Information Systems and Internal Controls
Control and Accounting Information Systems
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Eliot M. Stenzel, CPA,CIA IIA Instructor for many years Risk Based Auditing.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Chapter 4 Internal Control Bus 319 Accounting Information Systems.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Information Systems Controls for System Reliability -Information Security-
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Control environment and control activities. Day II Session III and IV.
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 3.2 -Internal Control & Audit.
Chapter 4 Internal Controls McGraw-Hill/Irwin
Information Technology Audit
Internal Auditing and Outsourcing
Internal Control and Control Self-Assessment
An Educational Computer Based Training Program CBTCBT.
Chapter 9: Introduction to Internal Control Systems
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Introduction to Internal Control Systems
INTERNAL CONTROL OVER FINANCIAL REPORTING
Enterprise Risk Management
Chapter 5 Internal Control over Financial Reporting
CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
Internal Control in a Financial Statement Audit
Internal Control in a Financial Statement Audit
1 Chapter Three IT Risks and Controls. 2 The Risk Management Process Identify IT Risks Assess IT Risks Identify IT Controls Document IT Controls Monitor.
Agency Risk Management & Internal Control Standards (ARMICS)
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks.
The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,
The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.
Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.
FACILITATOR Prof. Dr. Mohammad Majid Mahmood Art of Leadership & Motivation HRM – 760 Lecture - 25.
Chapter 9: Introduction to Internal Control Systems
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Presented to Managers. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an organization.
Purchasing Forum – May The integration of the activities, plans, attitudes, policies, and efforts of the people of an organization working together.
12-CRS-0106 REVISED 8 FEB 2013 APO (Align, Plan and Organise)
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 4.3: Internal Control & Audit.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
INTERNAL AUDIT PROCESS PRE-AUDIT PRESENTATION. OBJECTIVES OF PRESENTATION  PROVIDE A BASIC UNDERSTANDING OF INTERNAL AUDIT  PROVIDE A BASIC AWARENESS.
Company LOGO Chapter4 Internal control systems. Internal control  It is any action taken by management to enhance the likelihood that established objectives.
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.
#127 – Risk Management Basics Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
SUNY Maritime College Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal.
JMFIP Financial Management Conference
Internal Control Principles
Chapter 4 Internal Controls McGraw-Hill/Irwin
Donna Davis Defense Finance and Accounting Service June 2010
Internal control - the IA perspective
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Integrity - Service - Innovation Enterprise Risk Management for the Federal Government – Where’s the Value? Donna Davis Defense Finance and Accounting Service June 2010

5/15/2015 Integrity - Service - Innovation 2 Agenda ERM - Where’s the Value? Putting the COSO Framework to Work in the Federal Sector  Event Identification  Risk Assessment  Risk Response  Control Activities  Information and Communication  Monitoring Some Pitfalls to be Wary of A Gallery of Tools and Techniques

5/15/2015 Integrity - Service - Innovation 3 ERM in the Federal Government – Where’s the Value Three Parts of Business Objective Risk Controls Objective ControlRisk

5/15/2015 Integrity - Service - Innovation 4 ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish For Profit To maximize shareholder wealth or, in the case of a corporation, to maximize the value of the firm as measured by stock price. Realize a benefit from resources expended. Focus on efficiency. Not For Profit To achieve a mission or objective while protecting assets. Achieve goals and objectives for resources expended. Focus on effectiveness.

5/15/2015 Integrity - Service - Innovation 5 ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish Risk – the barrier that will stop you from accomplishing the objective For Profit Seek Risk as a means for expanding market value. Measure Value at Risk. Not For Profit Avoid Risk seeking safest path to mission achievement. Measure Impact of Risk on Goals and Objectives.

5/15/2015 Integrity - Service - Innovation 6 ERM in the Federal Government – Where’s the Value Three Parts of Business Objective – what you are trying to accomplish Risk – the barrier that will stop you from accomplishing the objective Controls – the action that will remove or diminish the risk For Profit Affect controls for the purpose of minimizing loss. Not For Profit Affect controls to assure compliance, accountability, effectiveness/efficiency, reliability of reported data and safeguarding assets.

5/15/2015 Integrity - Service - Innovation 7 What Do We Want From the “Business” of Government?  To be Affordable and Efficient  To be Effective  To provide Quality Service  To be Dependable ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 8 What Do We Want From the Business of Government?  To be Affordable and Efficient  To be Effective  To provide Quality Service  To be Dependable So – We need to be able to achieve the established mission in order to retain the confidence of our funders. We need to provide value for our services. Bottom Line – We need to meet our objectives and protect our assets, including intangible ones such as reputation. ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 9 What Value does ERM Provide?  Supports Government’s Governance Responsibilities  Improves Results  Strengthens Accountability  Enhances Stewardship ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 10 How does ERM support Government’s Governance Responsibilities? By ensuring that significant risk areas associated with polices, plans, programs and operations are identified and assessed. By ensuring that appropriate measures are in place to address unfavorable impacts and to benefit from opportunities. ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 11 How does ERM Improve Results ? Through more informed decision-making and by ensuring that values, competencies, tools, and a supportive environment form the foundation for innovation and responsible risk-taking. By encouraging learning from experience while respecting parliamentary controls. ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 12 How does ERM Strengthen Accountability? By demonstrating that levels of risk associated with policies, plans, programs and operations are explicitly understood. By facilitating the optimum balance in risk management measures and stakeholder interests. ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 13 How does ERM Enhance Stewardship? By strengthening public service capability to safeguard people, government property and interests through increased insight to the potential impact of abnormal events. ERM in the Federal Government – Where’s the Value

5/15/2015 Integrity - Service - Innovation 14 Putting the COSO Framework to Work in the Federal Sector DFAS-ization of COSO

5/15/2015 Integrity - Service - Innovation 15 Putting the COSO Framework to Work in the Federal Sector DFAS ‘ ERM Philosophy and Methodology Risk Taxonomy Risk Polices and Standards Internal Environment DFAS Mission Strategic Objectives Operational Objectives Objective Setting Potential Events affecting Objective Achievement Positive/Negative Impact External/Internal Factors Event Identification Likelihood and Impact Category of Impact Risk Assessment Response Options: Accept, Avoid, Mitigate, Share, etc. Response Cost versus Benefit Risk Response Policies and Procedures Control Activities: Approvals, Authorizations, Verifications, Reconciliations, Review s, etc. Controls Activities Timely ERM Communication Flow Up, Down and Across the Agency Integration of Risk Information Across the Agency (Audit Findings, SITREPS, Self-Identified Deficiencies) Internal and External Training Information & Communication Assessment of Presence and Functioning of ERM Components Regular Control Testing and Reviews Monitoring DFAS alignment to the Risk Components ensures a robust program and strengthens compliance with the GAO Standards for Internal Control.

5/15/2015 Integrity - Service - Innovation 16 Putting the COSO Framework to Work in the Federal Sector With Federal Regulations and Laws With DFAS Regulations and Polices With Operational Policies and Procedures Compliance For Achievement of Strategic Objectives and desired outcomes For Achievement of Operational Objectives and desired outcomes For use of public resources Accountability (Strategic) Provide reliable, useful and timely information Accurate and timely recoding of transactions and events Reliability (Reporting) Carryout public functions legally, effectively, efficiently, economically, ethically, and equitably Effective and Efficient (Operations) Access restrictions to and accountability for resources and records Segregation of duties Safeguard Assets DFAS expanded the Risk Management Objectives to address data security concerns and general auditing standards.

5/15/2015 Integrity - Service - Innovation 17 Putting the COSO Framework to Work in the Federal Sector DFAS Agency Business Enabling Governance Cycle Payroll Disbursements Personnel Customer Relation Mngt Other Disbursements Procurement Mgt of Processes & Programs Revenue & Receipts Provide IT Support Strategic Planning & Execution Assets & Liabilities Infrastructure Financial Reporting Finance & Budget Cycle 63 Programs - Business Functions (Mil Pay, Accounts Payable, Budget, ERM, etc.) Program A group of related actions (Payroll Record Maintenance, Process Payroll, Certify Payroll, etc.) Functions A series of tasks or operations conducing to an end ( Input data, edit data, validate entry, save data, etc.) Processes Detailed steps for accomplishing a task Level 3 Maps Stratification across business units and at every level of the organization was applied to enable accurate reflection of the interrelationships of risks and create a common taxonomy for business activities.

5/15/2015 Integrity - Service - Innovation 18 Putting the COSO Framework to Work in the Federal Sector DFAS Agency Business Enabling Governance Cycle Payroll Disbursements Personnel Customer Relation Mngt Other Disbursements Procurement Mgt of Processes & Programs Revenue & Receipts Provide IT Support Strategic Planning & Execution Assets & Liabilities Infrastructure Financial Reporting Finance & Budget Cycle 63 Programs - Business Functions (Mil Pay, Accounts Payable, Budget, ERM, etc.) Program A group of related actions (Payroll Record Maintenance, Process Payroll, Certify Payroll, etc.) Functions A series of tasks or operations conducing to an end ( Input data, edit data, validate entry, save data, etc.) Processes Detailed steps for accomplishing a task Level 3 Maps Stratification across business units and at every level of the organization was applied to enable accurate reflection of the interrelationships of risks and create a common taxonomy for business activities. We are actually finding this layer adds little value as we evolve the program.

5/15/2015 Integrity - Service - Innovation 19 Some Pitfalls to be Wary of Just focusing on financial risks Trying to risk manage EVERYthing An obsession with internal controls – an inward looking limitation

5/15/2015 Integrity - Service - Innovation 20 A Gallery of Tools and Techniques Agency Mission and Functions Manual  Provides the business objectives COSO Framework  Identifies a comprehensive view of the elements of a robust ERM A Catchy Logo  CARES – covers the five Risk Management Objectives DFAS assesses Compliant Accountable Reliable & Accurate Effective & Efficient Safeguarded Auditor’s Lenses

5/15/2015 Integrity - Service - Innovation 21 A Gallery of Tools and Techniques SIPOC Model  Guides process mapping through a complete end to end review of the factors impacting the business activity

5/15/2015 Integrity - Service - Innovation 22 A Gallery of Tools and Techniques IDEF Model  Denotes the role of compliance/regulations/controls in the business activity  Denotes the role of the supporting mechanisms for the business activity Integration DEFinition Model

5/15/2015 Integrity - Service - Innovation 23 A Gallery of Tools and Techniques Risk Identification Questionnaire  Facilitates comprehensive and consistent assessment of potential risks Courtesy of Brian Williams

5/15/2015 Integrity - Service - Innovation 24 A Gallery of Tools and Techniques Process Map & Narrative  For business processes  For Information Systems data flow

5/15/2015 Integrity - Service - Innovation 25 End Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.