Anita Hairston DOI Office of Acquisition and Property Management

Slides:



Advertisements
Similar presentations
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Advertisements

EMS Checklist (ISO model)
Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
Internal Control–Integrated Framework
Internal Controls 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Internal Control.
Management Accountability and Control
HHS Webinar Internal Controls and You: How Internal Controls Can Improve and Protect Your Energy Assistance Program John M. Harvanko, Director Office of.
Environmental Management Systems An Overview With Practical Applications.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Institute of Municipal Finance Officers & Related Professions
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Auditing A Risk-Based Approach To Conducting A Quality Audit
Office of Inspector General (OIG) Internal Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Purpose of the Standards
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Control environment and control activities. Day II Session III and IV.
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 3.2 -Internal Control & Audit.
Internal Auditing and Outsourcing
Minnesota’s Internal Control Initiative National Association of State Comptrollers March 25, 2011 Speaker Jeanine Kuwik, MBA, CPA, CISA Director of Internal.
Central Piedmont Community College Internal Audit.
An Educational Computer Based Training Program CBTCBT.
Chapter 9: Introduction to Internal Control Systems
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Introduction to Internal Control Systems
ARMICS Randy Sherrod, Internal Audit Manager – Department of Behavioral Health and Developmental Services.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Chapter 5 Internal Control over Financial Reporting
Considering Internal Control
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
Internal Control in a Financial Statement Audit
NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette.
Internal Control in a Financial Statement Audit
Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.
Evaluation of Internal Control System
Evaluation of Internal Control System. Learning Objective 1 Contrast management’s need for internal control with the auditor’s need to consider internal.
Evaluation of Internal control mechanism in Audit of Autonomous Bodies.
[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 7.1 Internal.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Presented to Managers. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an organization.
Assessing Financial Statement Risks and Internal Controls
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
Purchasing Forum – May The integration of the activities, plans, attitudes, policies, and efforts of the people of an organization working together.
Acquisition and Assistance Management Review Entrance Briefing Name of office reviewed Date of Review.
Session 11 & 12. Auditing standard of I.A. & A.D. Prescribes: Auditor should report about weakness in Internal Control of management (Para 7.1.) Weakness.
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 4.3: Internal Control & Audit.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
SUNY Maritime College Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal.
Kate B. Oliver and Patricia E. Corrigan
Internal control - the IA perspective
The Elements of appropriate Internal Controls
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Financial Assistance Internal Controls and Administrative Review Checklists Anita Hairston DOI Office of Acquisition and Property Management Financial Assistance Training Seminar

Internal Controls Defined Internal controls are the organization, policies, procedures, actions, and activities that management implements to ensure that goals and objectives are met. Effective internal control provides assurance that significant weaknesses in the design or operation of internal control, that could adversely affect the agency’s ability to meet its objectives, would be prevented or detected in a timely manner. Internal control should be an integral part of the entire cycle of planning, budgeting, management, accounting, and auditing. It should support the effectiveness and the integrity of every step of the process and provide continual feedback to management. Internal control – organization, policies, and procedures – are tools to help managers achieve results and safeguard the integrity of their programs and it applies to program, operational, and administrative areas not just accounting and financial management.

Internal Control Objectives Internal control is an integral component of an organization’s management that provides reasonable assurance that the following objectives are being achieved: - Effectiveness and efficiency of program activities and operations - Reliable, complete, and timely data are maintained - Compliance with applicable laws and regulations - Programs and resources are protected from waste, fraud, and mismanagement

RISK Internal control guarantees neither the success of agency programs, nor the absence of waste, fraud, and mismanagement, BUT is a means of managing the risk associated with Federal programs and operations. Managers should define the control environment (e.g., programs, operations, reporting) and perform risk assessments to identify the most significant areas within that environment in which to place or enhance internal control. The risk assessment is a critical step in the process to determine the extent of controls. Once significant areas have been identified, control activities should be implemented. Continuous monitoring and testing should help identify poorly designed or ineffective controls and should be reported. Financial Reporting, Revenue Management, Funds Management, Financial Assistance (grants and cooperative agreements), Inventory Management Environmental Management, Custodial Collections, Custodial Distributions, Budget Execution, Human Capital Management, Procurement, Contracting, Franchise Activities, Credit Program Management, Real Property Management, and Information Technology are control environments. Agency managers must ensure an appropriate balance between the strength of controls and the relative risk associated with particular programs and operations. We cannot rely on auditors instead of doing our own internal control reviews BUT we must consider results of OIG, GAO, and other reviews in performing risk assessments and preparing assurance statements.

Who is Responsible for Internal Controls? Management has a fundamental responsibility to develop and maintain effective internal control. The proper stewardship of Federal resources is an essential responsibility of agency managers and staff. Federal employees must ensure that Federal programs operate and Federal resources are used efficiently and effectively to achieve desired objectives. Programs must operate and resources must be used consistent with agency missions, in compliance with laws and regulations, and with minimal potential for waste, fraud, and mismanagement.

Actions Required Agencies and individual Federal managers must take systematic and proactive measures to: Develop and implement appropriate, cost-effective internal control for results-oriented management; Assess the adequacy of internal control in Federal programs and operations; Identify needed improvements; Take corresponding corrective action; and Report annually on internal control through management assurance statements.

Internal Control Standards – Two Approaches OLD CIRCULAR A-123 General Control Standards Compliance with Laws and Regulations Reasonable Assurance and Safeguards Integrity, Competence, and Attitude Specific Standards Delegation of Authority and Organization Separation of Duties and Supervision Access to and Accountability for Resources Recording and Documentation Resolution of Audit Findings and Other Deficiencies CIRCULAR A-123 (Revised) Emphasizes management’s responsibility for developing and maintaining internal control activities that comply with standards related to: Control Environment Risk Assessment Control Activities Information and Communications Monitoring

Control Environment Emphasizes importance of establishing organizational structure and culture by management and employees to sustain support for effective internal control. This includes: Well defined areas of authority and responsibility; Appropriate delegation of authority and responsibility throughout the agency; Establishment of a suitable hierarchy for reporting; Supporting appropriate human capital policies for hiring, training, evaluating, counseling, advancing, compensating and disciplining personnel; and Upholding the need for personnel to possess and maintain the proper knowledge and skills to perform their assigned duties as well as understand the importance of maintaining effective internal control within the organization.

Control Environment (Continued) The organizational culture is also crucial within the control environment standard. The culture should be defined by management’s leadership in setting values of integrity and ethical behavior. Management’s philosophy and operational style will set the tone within the organization. Management’s commitment to establishing and maintaining effective internal control should cascade down and permeate the organization’s control environment which will aid in the successful implementation of internal control systems.

Risk Assessment Management should identify internal and external risks that may prevent the organization from meeting its objectives. When identifying risks, management should take into account relevant interactions within the organization as well as with outside organizations. Management should also consider previous findings, e.g., auditor identified, internal management reviews, or non-compliance with laws and regulations when identifying risks. Identified risks should then be analyzed for their potential effect or impact on the agency.

Risk Assessment, Continued Risk assessment is an internal management process for identifying, analyzing and managing risks relevant to achieving the objectives of reliable financial reporting, safeguarding of assets and compliance with relevant laws and regulations.

Risk Mitigation Mitigation is an important word in risk management. It simply means reducing the likelihood of occurrence or recurrence of situations or events. Mitigation strategies are essential components of the risk plan. These strategies may not totally prevent an occurrence but proactive interventions may diminish the consequences.

Example Diabetes can be life threatening but careful planning and adherence to a health risk plan may help keep the individual healthier and not as likely to go into crisis. Regular blood sugar checks will mean that appropriate interventions are taken to manage the disease before a person reaches a crisis point.

Control Activities Control activities include policies, procedures and mechanisms in place to address or mitigate risk and help ensure internal control objectives are met. Examples include: Proper segregation of duties and supervision; Access to and accountability for resources, e.g., physical control over assets; Appropriate recording and documentation and access to that documentation; and General and application controls over information systems

Information and Communications Information should be communicated to all relevant personnel at all levels within an organization. Information should be relevant, reliable, and timely. It is also crucial that an agency communicate with outside organizations as well, whether providing information or receiving it. Examples include: Receiving updated guidance from oversight offices; Management communicating requirements to the operational staff; Operational staff communicating with the information systems staff to modify application software to extract data requested in the guidance.

Monitoring I Monitoring the effectiveness of internal control should occur in the normal course of business. In addition, periodic reviews, reconciliations or comparisons of data should be included as part of the regular assigned duties of personnel. Periodic assessments should be integrated as part of management’s continuous monitoring of internal control, which should be ingrained in the agency’s operations. NEWS FLASH: If an effective continuous monitoring program is in place, it can level the resources needed to maintain effective internal controls throughout the year.

Monitoring II Deficiencies found in internal control should be reported to the appropriate personnel and management responsible for that area. Please note, you cannot prepare an annual internal control assurance statement for your function if: Deficiencies identified, whether through internal review or by an external audit, are not evaluated and corrected. A systematic process is not in place for addressing deficiencies.

GAO Framework Developed to assess the strengths and weaknesses of agencies’ acquisition functions. Framework comprises four interrelated cornerstones that promote an efficient, effective, and accountable acquisition function: - Organizational Alignment and Leadership - Policies and Processes - Human Capital - Knowledge and Information Management

Organizational Alignment and Leadership Clearly defined roles and responsibilities. While there is no single, optimal way to organize an agency’s financial assistance function, each agency must assess whether the current placement of its on function meets organizational needs and that any associated risk is identified and mitigated. Critical success factors to be evaluated/assessed in this area include: - Assuring appropriate placement of the acquisition function - Organizing the acquisition function to operate strategically - Clearly defining and integrating roles and responsibilities - Clear, strong, and ethical executive leadership - Effective communications and continuous improvement

Policies and Processes Effective policies and processes govern the planning, award, administration, and oversight of acquisition efforts, with a focus on assuring that these efforts achieve intended results. Critical success factors to be evaluated/assessed in this area include: - Partnering with internal organizations - Assessing internal requirements and the impact of external events - Managing and engaging suppliers - Monitoring and providing oversight to achieve desired outcomes - Enabling financial accountability - Using sound Capital Investment strategies

Human Capital Agencies must think strategically about attracting, developing, and retaining talent, and creating a results-oriented culture within the acquisition workforce. Critical success factors to be evaluated/assessed in this area include: - Commitment to human capital management - Integration and alignment - Data-driven human capital decisions - Targeted investments in people - Human capital approaches tailored to meet organizational needs - Empowerment and inclusiveness - Unit and individual performance linked to organizational goals

Knowledge and Information Management Effective knowledge and information management provides credible, reliable, and timely data to make decisions. Critical success factors to be evaluated/assessed in this area include: - tracking acquisition data - tracking financial data into meaningful formats - analyzing goods and services spending - safeguarding the integrity of operations and data stewardship

Assessing Internal Control In conducting your reviews of internal control in the acquisition and financial assistance functions, use the standards in the GAO and OIG frameworks as the “lens” or the evaluation factors with which to assess the functions, identify areas of risk and weakness, and develop and implement corrective action plans.

Administrative Tools DOI Financial Assistance Checklist (Non-Recovery Act Awards) Recovery Act Financial Assistance Checklist

Assessing Internal Control Identify deficiencies from reviews and other sources of information described above. Report deficiencies in accordance with annual guidelines. A control deficiency or combination of control deficiencies that in management’s judgment represents significant deficiencies in the design or operation of internal control that could adversely affect the function’s ability to meet its internal control objectives is a reportable condition (to be tracked and monitored within the Bureau). Managers and staff are encouraged to identify control deficiencies, as this reflects positively on the Bureau’s commitment to recognizing and addressing management problems. Failing to report a known reportable condition reflects adversely on the bureau and continues to place its operations at risk.

Assessing Internal Control In preparing their reports and assurance statements, Bureaus must carefully compare and review the results of all the reviews conducted during the reporting cycle and consider whether systemic weaknesses exist that adversely affect internal control across organizational or program lines. They must then develop a plan of action for addressing these types of weaknesses in addition to the individual corrective action plans resulting from each review.

Correcting Deficiencies Corrective actions plans must be developed to correct deficiencies identified in reviews. Taking timely and effective action to implement corrective actions. Progress must be tracked at the appropriate level to ensure timely and effective results. Maintain appropriate supporting documentation regarding corrective action plan implementation in order to support closure.

Reporting on Internal Control Bureau internal control assessment reports for financial assistance must include the following: findings of management reviews performed and corrective action plans implemented (including timeframes for complete implementation of corrective actions); summary findings of applicable OIG, GAO, and third party Notices of Finding and Recommendations, and corrective plans implemented (including timeframes for complete implementation of corrective actions); bureau-wide targets review and supplementary reports; and an assurance statement regarding the adequacy of bureau-wide internal controls, i.e., assurance that processes are in place for the bureaus to: (1) prevent or promptly detect unauthorized acquisition, use, or disposition of assets; and (2) implement and monitor corrective actions for identified compliance or systemic weaknesses in order to bring identified weaknesses in bureau acquisition and financial assistance processes/procedures into compliance with applicable laws, regulations, and policy.

QUIZ Internal control only applies to accounting and financial management. (True/False) Internal control is basically a post-award “inspection”-type process. (True/False) Internal control guarantees the success of agency programs and the absence of waste, fraud, and mismanagement. (True/False) OMB Circular A-123 (Revised) states that only Federal managers are responsible for ensuring that Federal programs operate and Federal resources are used efficiently and effectively to achieve desired objectives. (True/False) Internal control is a means of identifying and managing risk associated with Federal programs and operations. (True/False) Federal managers must report annually on internal control through management assurance statements. (True/False) False True

RESOURCES DOI Office of Acquisition and Property Management Website: http://www.doi.gov/pam (GAO Framework can be accessed under “Acquisition”) DOI Office of Financial Management Website: http://www.doi.gov/pfm DOI Office of Inspector General Website: http://www.oig.doi.gov Office of Management and Budget Website: http://www..whitehouse.gov/omb Government Accountability Office Website: http://www.gao.gov

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.