1. 1 MANAGEMENT CONTROLS AND AUDITS

2. 2 WHY? Significant dollar value Decentralized program Lack of knowledge New and emerging programs Mismanagement and abuse System complexity - merging state and federal systems

3. 3 MANAGEMENT CONTROLS AND AUDITS FEDERAL FINANCIAL MANAGERS INTEGRITY ACT OF 1982 Requires federal managers to ensure: Obligations/costs compliant with law Funds, property, and assets safeguarded against waste, loss, unauthorized use or misappropriation Revenues and expenditures are properly accounted and recorded Federal managers may be held pecuniary liable for mismanagement of funds!

4. 4 MANAGEMENT CONTROLS AND AUDITS INTERNAL CONTROL STANDARDS GAO/AIMD-00-21.3.1, NOV 1999 Updated standards from FFMIA accommodate > Changes in information technology > Emerging human resource Management > New fiscal management legislation GAO-01-1008G, Internal Control Management

5. 5 MANAGEMENT CONTROLS AND AUDITS INTERNAL CONTROL STANDARDS Control Environment Risk Assessment Control Activities Information and Communications Monitoring

6. 6 MANAGEMENT CONTROLS AND AUDITS MANAGEMENT CONTROLS Management Control = Internal Control Command Program CA’s are highly vulnerable CA’s part of state/wing’s Mgmt Ctrl Plan TAG/USPFO conduct risk assessments Must provide “reasonable assurance” Must address material weaknesses ARNG/ANG evaluation programs differ

7. 7 MANAGEMENT CONTROLS AND AUDITS ANG - MCP AF Determines which programs are mission critical Critical/non-critical programs may vary by unit CAs are assessed on a 1 or 3 year basis –Mission critical assessed every year –Non-mission critical assessed every 3 year ANG uses Command Review Guides May assess non-critical programs more frequently

8. 8 MANAGEMENT CONTROLS AND AUDITS ARNG - MCP CA s are assessed on a 1 to 5 year basis Frequency is based upon risk assessment PMs must be a part of the risk assessment ARNG uses program/regulation checklists But, are there specific checklists for CAs?

9. 9 MANAGEMENT CONTROLS AND AUDITS ANNUAL ASSURANCE STATEMENT Deliberate process by MCP Administrators Requires TAG and USPFO involvement Addresses assessable programs for that year May include out of cycle programs Identifies Material Weaknesses Identifies fix plan for Material Weaknesses Certifies to Dir, Army/Air National Guard Material Weaknesses worked at NGB

10. 10 MANAGEMENT CONTROLS AND AUDITS Senior Leader Steering Group (SLSG) NGB G-Staff, Chaired by Dep Dir, ARNG Meet quarterly Review Material Weaknesses and progress of fix Coordinate with external DA agencies Provides feedback to states Similar process in place in some states ANG review Material Weakness, less formal

11. 11 MANAGEMENT CONTROLS AND AUDITS RISK FACTORS New programs Funding levels Historical problems Audits Degree of decentralization Statutory use of federal funds Assessable Unit Manager’s review results Program Manager’s proficiency and experience

12. 12 MANAGEMENT CONTROLS AND AUDITS SINGLE AUDIT ACT OF 1984 Requires annual independent audit of state’s accounting system Prohibits Federal Government from auditing CA’s unless a program audit is requested by TAG, USPFO, DODIG or NGB Program Mgr Included in language of all agreements Results available to USPFO/TAG upon request Can cost of audits be billed back to CA? CAs might not be included in audit. What then?

13. 13 MANAGEMENT CONTROLS AND AUDITS INTERNAL REVIEW AUDIT PROGRAM Internal Review Auditable Entity File identifies CAs and APPs Supervisory Auditor includes in annual review schedule High risk programs audited more frequently External audits coordinated with DCAA, AAA, AFAA, NGB-IR State files and records may be audited by federal auditors

14. 14 MANAGEMENT CONTROLS AND AUDITS MANAGEMENT CONTROLS (1 of 2) Training available for Program Managers on GAO standards and Management Controls? Cooperative Agreements included in State Management Control Plan and the IR Auditable Entity File? Conducting risk assessments? Establishing controls to minimize risk of fraud, waste abuse and mismanagement?

15. 15 MANAGEMENT CONTROLS AND AUDITS MANAGEMENT CONTROLS (2 of 2) Material weaknesses identified and properly addressed? Audits conducted with a frequency commensurate with the assigned risk? State require Annual Audit under the Single Audit Act? State Audit findings provided to the USPFO and Program Managers?

16. 16 MANAGEMENT CONTROLS AND AUDITS MANAGEMENT CONTROL PROGRAM (MCP) Identify APP & CA by Program Manager (PM) Conduct Risk Assessment by PM Include in state’s 5 yr MCP and Auditable Entity File Evaluate according to plan Take corrective actions (material weakness) Submit required reports (reasonable assurance)

17. 17 MANAGEMENT CONTROLS AND AUDITS Practical Exercise

18. Under the Single Audit Act, a State performs an audit of all State agencies, including the State Military Department (SMD). The audit did not specifically look at any cooperative agreements; however, each cooperative agreement was assessed its share of the audit cost. Since the cooperative agreements were not covered The Adjutant General requested an independent audit of the cooperative agreements and also charged the audit costs to the cooperative agreements as a direct cost. During the year the USPFO directed the Internal Review team to audit the new Youth Challenge program which has a $2.8 mil budget and is located at a remote site. During the same fiscal year the Army Audit Agency (AAA) decided to audit the cooperative agreement program.

19. 19 MANAGEMENT CONTROLS AND AUDITS Why or why not? Which these audits is authorized? For which should the Federal Government pay? Should the Youth Challenge program be audited?

20. 20 MANAGEMENT CONTROLS AND AUDITS QUESTIONS ?