OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

Slides:



Advertisements
Similar presentations
An Internal Control Overview
Advertisements

Internal Controls 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Auditing Concepts.
Internal Control.
Auditing Computer Systems
The Islamic University of Gaza
CHAPTER 10 UNDERSTANDING INTERNAL CONTROLS Fall 2007
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
CHAPTER 9 UNDERSTANDING INTERNAL CONTROLS Winter 2004
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Chapter 9 The Study of Internal Control and Assessment of Control Risk
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Section 404 Audits of Internal Control and Control Risk
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Chapter 10 Cash and Financial Investments McGraw-Hill/Irwin
DAS: State Controller's Division1January 2010 Department of Administrative Services State Controller’s Division Updated January, 2010.
1 Designing Substantive Procedures The auditor “must plan and perform the audit to reduce the audit risk to an acceptably low level that is consistent.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Chapter 5 Internal Control over Financial Reporting
Considering Internal Control
Internal Control in a Financial Statement Audit
BusinessAllstars.com 1 BusinessAllstars.com Presents Copyright © 2004 by Gainbridge Associates All right reserved This material may not be used or reproduced.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette.
Internal Control in a Financial Statement Audit
9 - 1 ©2003 Prentice Hall Business Publishing, Essentials of Auditing 1/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 9.
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.
Chapter 8: Client Risk Profile and Documentation
Evaluation of Internal Control System
Ensuring the Integrity of Financial Information Ensuring the Integrity of Financial Information C H A P T E R 5.
Evaluation of Internal Control System. Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.
CHAPTER 5 INTERNAL CONTROL OVER FINANCIAL REPORTING.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Auditing Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
Chapter 5 Evaluating the Integrity and Effectiveness of the Client’s Control Systems.
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
F8: Audit and Assurance. 2 Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B: Internal audit Section.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Internal Control. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition A process...designed.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
8 INTERNAL CONTROL. Definition Duty  mgt (CEO)  Board  Internal auditor  Employee  External person.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
Internal Control and Managing Cash
Auditing Cash
Auditing Concepts.
Internal and Governmental Financial Auditing and Operational Auditing
Defining Internal Control
Internal controls 01-Nov-2017.
Internal Controls The comments made by the presenter represent the presenter’s opinions only; these comments and opinions do not necessarily represent.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Financial Control Measures
Financial Control Measures
Presentation transcript:

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting Tools Presented By: Anda Coiner, Accounting – Program Support Branch (304) ;

Policy Management is responsible for establishing and maintaining internal control to achieve the objectives of effective and efficient operations, reliable financial reporting, and compliance with applicable laws and regulations.

Policy (Continued) Management shall consistently apply internal control standards to meet each of the internal control objectives and to assess internal control effectiveness.

Applicability 24 CFO Act Agencies

Sources of Information The assessment of Internal Control can be performed using a variety of information sources. Management has primary responsibility for assessing and monitoring controls and should use other sources as a supplement to its own judgment

Sources of Information - Examples Audits of Financial Statements Reviews of Financial Systems Annual Evaluations and reports pursuant to FISMA and OMB Circular No. A-130 Knowledge Gained from Daily Operations and Systems Management Reviews IG and GAO Reports (Audits, Inspections, Reviews, Investigations) Program Evaluations

Assessment, Documentation and Reporting Tools Appendix A of OMB Circular No. A-123 GAO G – Internal Control Management and Evaluation Tool Treasury’s Catalog of Transactions Treasury’s Test Plan Template

Assessment, Documentation and Reporting Tools (Continued) Provides a methodology for agency management to assess, document, and report on the internal controls over financial reporting

Assessment, Documentation and Reporting Tools (Continued) 1.Establish a Senior Assessment Team –Provides oversight of the assessment process –Ensures objectives are clearly communicated –Ensures that the assessment is carried out in a through, effective, and timely manner –Identifies staff to perform assessment –Determines scope of the assessment (financial reports) –Determines assessment design and methodology

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control at the Entity Level (5 Components of Internal Control) –Control Environment Obtain sufficient knowledge to understand management’s attitude awareness, and actions concerning the control environment

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control at the Entity Level (Continue) –Control Environment (Continued) Integrity and Ethical Standards. Commitment to Competence, management philosophy and operating style, Organizational structure, Assignment of authority and responsibility, Human Resource Policies and Practices

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control at the Entity Level (Continued) –Risk Assessment Complexity or Magnitude of Programs, Operations, Transactions, etc., Accounting Estimates, Related Party Transactions, Extent of Manual Processes, Changes in Operating Environment

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control at the Entity Level (Continued) –Control Activities Policies and Procedures, Management Objectives, Planning and Reporting Systems, Analytical Review and Analysis, Segregation of Duties, Safeguarding of Records, and Physical and Access Controls

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control and the Entity Level (Continued) –Information and Communication Type and Sufficiency of Reports Produced, Manner in which Information Systems Development is Managed, Disaster Recovery, Communication of Employees’ Control related Duties and Responsibilities, how incoming communication is handled

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control and the Entity Level (Continued) –Monitoring Self Assessments by Management, Evaluations by the IG or External Auditor, Direct Testing

Assessment, Documentation and Reporting Tools (Continued) 2.Evaluate Internal Control and the Entity Level (Continued) –GAO G – Internal Control Management and Evaluation Tool is useful in evaluating and documenting the 5 components of internal control Each section contains a list of major factors as well as points and sub-points to consider when completing the assessment process. – Search for Report Number – GAO G

Assessment, Documentation and Reporting Tools (Continued) 3.Determine Significant Accounts or Groups of Accounts –Identify those that individually or collectively could have a material effect on the financial report. (Consider both Qualitatively and Quantitatively) Treasury has identified 7 ‘Core’ Financial Processes –Budget and Finance, Accounting, Purchasing, Accounts Payable & Payments, Sales, A/R, & Collections, Manage Assets & Liabilities, Reporting & Information, and Information Technology

Assessment, Documentation and Reporting Tools (Continued) 4.Identify and Evaluate Major Classes of Transactions –Identify the major classes of transactions that materially affect those accounts Treasury has identifued 119 individual transactions for testing.

Assessment, Documentation and Reporting Tools (Continued) 4.Identify and Evaluate Major Classes of Transactions (Continued) –Transaction Examples Cash Reconciliation (AC-6) Budgetary to Proprietary Relationships (AC-7) Reconciliation of Intra/Inter Governmental Transactions (AC-9) System & Maintenance of System Application Security (IT-2) Verify Systems Software Change Control Procedure (IT-3)

Assessment, Documentation and Reporting Tools (Continued) 5.Gain Understating of Control Design to Achieve Management Assertions –Inquires of Agency Personnel –Inspection of Documents, Reports, or Electronic Files –Observation of the application of the control (‘Walk-Through’) Controls are ‘Effective’, ‘Moderately Effective’ or ‘Not Effective”

Assessment, Documentation and Reporting Tools (Continued) 6.Test Controls and Assess Compliance to Support Management Assertions –Determine the extent to which the controls were applied, the consistency of their application, and who applied them. Test plans should be developed at the Transaction Level. Examples of how testing can be performed – Inquiry, Inspection, Observation, and Re-performance

Assessment, Documentation and Reporting Tools (Continued) 6.Test Controls and Assess Compliance to Support Management Assertions (Continued) –Test Plans must be documented and should include the following components: (Treasury has developed a template) Test Objective and Expected Results Type of Assertion provided by the Control Type of Test Sample Size Testing Procedures Test Results

Assessment, Documentation and Reporting Tools (Continued) 7.Overall Assessment –Statement of Assurance Overall Conclusion as to the Design and Operation of the Internal Controls over Financial Reporting Include whether the controls are operating effectively or whether material weaknesses exist in the design or operation –OMB Circular A-123 includes an example of the Statement of Assurance

Questions ? Anda Coiner, Accounting – Program Support Branch (304) ;

SAS-70 – Agency Internal Control Considerations Overview Examples

Overview Designed with the expectation that certain internal controls would be implemented by customer agencies. The application of such controls by the customer agencies is necessary to achieve all control objectives in ARC’s SAS 70 Report

Examples Specific Agency Control considerations are provided for Control Objectives (CO) 1-3, 5-6, 8-12 and 18

CO 1 – Obligations CO 2 – Disbursements CO 3- Unfilled Customer Orders, Receivables and Cash Receipts CO 4 – Deposits CO 5 – Payroll Accruals CO 6 – Payroll Disbursements CO 8 – Accruals CO 9 – Government-Wide Reporting CO 10 – Administrative Spending CO 11 – Budget CO 12 – Manual Journal Entries CO 18 – System Access Examples (Continued )

Obligations –Properly approve and accurately enter obligations into the procurement and travel systems in the proper period –Send valid requests to record manual obligations to ARC in a timely manner –Review open obligation reports for completeness accuracy and validity –Restrict customer agency access to authorized individuals

Disbursements –Approve invoices for payment and send approved invoices to ARC in a timely manner –Approve travel vouchers and accurately enter the vouchers into GovTrip in the proper period –Review financial reports provided by ARC to ensure disbursement transactions are complete and accurate

Unfilled Customer Orders, Receivables and Cash Receipts –Monitor and pursue collection of delinquent balances –Review unfilled customer orders, re3ceivable and advance reports for completeness, accuracy and validity

Payroll Accruals and Payroll Disbursements –Review financial reports to ensure that payroll accruals and disbursements are complete and accurate –Verify that payroll processed by third-party providers is complete and accurate

Accruals –Review open accrual reports for completeness, accuracy, and validity –Approve and send revenue and expense accruals to ARC in a timely manner

Government Wide Reporting –Review Financial Reports prepared for external use are complete, accurate, and submitted in a timely manner –Provide certification of FACTS II

Administrative Spending –Properly approve and accurately enter obligations into the procurement and travel systems in the proper period –Send valid requests to record manual obligations –Review open obligations reports for completeness, accuracy and validity

Budget –Review financial reports to ensure that budget entries are complete and accurate –Send approved budget –Communicate customer agency required levels of budget and spending controls –Communicate OMB apportionment status –Monitor usage of BA under CR

System Access –Review and approve users for appropriateness

QUESTIONS ? Anda Coiner, Accounting – Program Support Branch (304) ;