Download presentation
Presentation is loading. Please wait.
Published byBrenden Richardson Modified over 10 years ago
1
Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011
2
Agenda Office of the Under Secretary of Defense (Comptroller) Background Service Provider Role and Approach Supply Existence and Completeness Example
3
Comply with Laws: Laws require financial statement audits Verify Correct Allocation of Funds: Verify that all resources are allocated to approved mission priorities in a legal manner Make Better Use of Resources: Provide better information for timely, informed decision-making and identify unused funds Increase Public Trust: Reassure the public and Congress that DoD is a good steward FIAR: Why Important? 3 DoD Only Federal Agency Without a Positive Audit Opinion… “It is unacceptable” Background and Context
4
Focus on information DoD uses to manage – Budgetary data – Asset counts / location (existence and completeness) Main emphasis: Improve information – Focus on internal controls and source documentation – Use audits to verify success or identify problems Seek cost-effective approach for lower priority information – Primarily historical valuations of assets This approach has created unified support for initiatives Goal and Law: Auditable statements by 2017 Streamlined FIAR Approach 4 We Need to Move From Strategy to Tactical Execution Established August 2009
5
5 Call to Action “It is unacceptable to me that the Department of Defense cannot produce a financial statement that passes all financial audit standards.” “I’ve directed the Department to cut in half the time it will take to achieve audit readiness for the Statement of Budgetary Resources so that by 2014 we will have the ability to conduct a full-budget audit.” Also: Increased effort on property accountability Review financial controls within 2 years Course-based certification for financial managers
6
Focus on Budget Statement and Asset Accountability What Successful Audit Requires 6 Doing the day-to-day job right is the starting point Verify that each transaction is recorded and supported – Invoice – Proof of receipt, issuance, transfer, or disposal of goods / services – Contract Verify “checkbook” balances with transaction-level detail Strong, consistent financial systems and management controls reassure auditors and allow limited sample sizes
7
Logistics Role in FIAR Priorities Budgetary Priority: Contract Pay (contracts for weapons systems and major service contracts) Vendor Pay (contracts for equipment, supplies, and services) Reimbursable Agreements (depot maintenance, transportation, etc.) Supply requisition (general fund activities purchasing from working capital fund activities) Mission Critical Assets (does not include value of property): Military Equipment Real Property General Equipment Inventory, Supply 7
8
Service Provider Role Auditors must consider the Service Provider’s internal controls if the services provided are a material part of the Reporting Entity’s processes or systems To support its customers a service provider must: – Document its internal control activities, – Test control operating effectiveness, and – Test Key Supporting Documents (KSDs) – Provide auditors access to data and/or Key Supporting Documents during the audit. – Obtain an unqualified Service Auditor’s Report (SSAE 16) to support the customers financial statement audit or allow all customer auditors to perform their own testing (OMB 07-04) 8
9
Assessable Unit Strategies 9 Reporting entities and service providers must develop a strategy for each assessable unit. A comprehensive and well- defined strategy will: Help ensure all significant processes, systems, risks and documentation are included in the scope Allow for the development of interim outcomes to measure and demonstrate progress Improve the accuracy of reported timelines Reduce efforts on non-key areas Before starting Discovery efforts, develop the assessable unit strategy by: Defining scope of assessable unit Identifying all key risks of financial misstatement and related outcomes Establishing roles and responsibilities Determine how much reliance will be placed on controls for the assessable unit examination
10
Financial Reporting RisksOutcomes Demonstrating Audit Readiness 1All inventory acquisitions may not be recorded in the APSR and general ledger (or DDRS-AFS) timely All inventory acquisitions are recorded in the APSR and general ledger (or DDRS- AFS) timely 2Inventory acquisitions may not be recorded accurately in the APSR and general ledger (or DDRS-AFS) Inventory acquisitions are recorded accurately (correct location, type, quantity) in the APSR and general ledger (or DDRS-AFS) 3All inventory sales/issuance/disposals may not be recorded in the APSR and general ledger (or DDRS-AFS) timely All inventory sales/issuance/disposals are recorded in the APSR and general ledger (or DDRS-AFS) timely 4Inventory sales/issuance/disposals may not be recorded accurately in the APSR and general ledger (or DDRS-AFS) Inventory sales/issuance/disposals are recorded accurately (correct location, type, quantity) in the APSR and general ledger (or DDRS-AFS) 5All changes to inventory may not be recorded in the APSR timely All changes to inventory (condition, location) are recorded in the APSR timely 6All changes to inventory may not be recorded accurately in the APSR All changes to inventory (condition, location) are recorded accurately in the ASPR 7IT General Controls may not be appropriately designed or operating effectively All material systems achieve the relevant FISCAM IT general and application-level general control objectives Supply E&C – Key Risks and Outcomes 10
11
Supply E&C – Roles and Responsibilities 11 NOTE: The reporting entity has overall responsibility to ensure all relevant risks and controls are addressed for their audit readiness assertions and audits. 11 Reporting Entity/Service Provider Reporting Entity and/or DISA Systems Environment DFAS DLA APSR General Ledger and/or DDRS- AFS Acquisition/Contracting (e.g., SPS) Sales/Issuance/Disposals
12
Supply E&C – Considerations when Scoping Systems 12 3. IT controls must be reliable for general ledger systems (or DDRS-AFS) unless components have implemented manual controls to ensure all inventory is recorded, processed and reported completely, accurately and timely. 2. IT controls must be reliable for APSR systems, unless components have implemented manual controls to ensure all inventory is recorded, processed and reported completely, accurately and timely. APSR General Ledger and/or DDRS- AFS Acquisition/Contracting (e.g., SPS) Sales/Issuance/Disposals 1. IT controls must be reliable for acquisition and sales/disposal systems if automated controls, system reports or electronic records are relied upon to ensure all inventory is recorded, processed and reported completely, accurately and timely.
13
How Can a Service Provider Best Support its Customers? Use the FIAR Service Provider Methodology to prepare to support customer audit readiness assertions and subsequent financial statement audits Develop a memorandum of understanding with reporting entities setting forth the expectations of both entities Communicate, communicate, and communicate with your customers Obtain an unqualified SSAE No. 16 report – DISA has a qualified SAS 70 – DFAS has an unqualified DCPS SAS 70 (future scope to include disbursing and accounting operations / systems) 13
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.