Presentation is loading. Please wait.

Presentation is loading. Please wait.

August 21 th, 2007 Board of Directors Meeting Semi-Annual Audit, Compliance, and Enterprise Risk Management Update Steve Byone Chief Financial Officer.

Published byKimberly Perkins Modified over 9 years ago

Similar presentations

Presentation on theme: "August 21 th, 2007 Board of Directors Meeting Semi-Annual Audit, Compliance, and Enterprise Risk Management Update Steve Byone Chief Financial Officer."— Presentation transcript:

1 August 21 th, 2007 Board of Directors Meeting Semi-Annual Audit, Compliance, and Enterprise Risk Management Update Steve Byone Chief Financial Officer

2 Page 2 2 Board of Directors MeetingAugust 21 st, 2007 Audit Update

3 Page 3 3 Board of Directors MeetingAugust 21 st, 2007 Audit Update – August 2007 The Internal audit department has started working on the 2008 audit plan and program –When warranted the program is augmented by external resources (i.e. IBM for Nodal) External audits and reviews are also conducted –Financial audit –SAS 70 Type II –Benefit program audit –Security and other reviews Management’s formalized program to monitor audit findings and remediation plans is ongoing –Subset of Internal Control Management Program (ICMP)

4 Page 4 4 Board of Directors MeetingAugust 21 st, 2007 Nodal Audits performed and completed in 2007 #Audit nameOpportunities for improvements identified 1.Nodal Compliance with Procurement Guidelines: Audit of ERCOT’s compliance with Corporate Standards and good business practices in its procurement and selection of vendors for the Nodal Program  Subcontractor Contract Language in Professional Service Agreements  Billing Rate Ranges for the “Preferred 7” Staffing Vendors  Procurement Metrics and Monitoring  Vendor Performance Monitoring  Audit Clauses in Professional Service Agreements 2.Nodal Signing Authority and Delegation of Authority: Audit to determine whether the approvals to commit ERCOT funds are controlled and in compliance with the Corporate Standard and ERCOT’s operating procedures  Invoice and Timesheet Approvals  Documentation regarding Single/Sole Source Contracts 3.Nodal Ethics Compliance: Compliance Review of Nodal Program employees and contractors with ERCOT’s Code of Conduct and Ethics Standards.  Nodal Work Spaces and Environment  Awareness of EthicsPoint (ERCOT’s anonymous ethics reporting hotline) 4.Nodal Recruiting: Review of the recruiting decision making process for staffing the Nodal Program and compliance with ERCOT’s hiring and other applicable procedures  Minor concern regarding use of a long-term, “staff augmentation” contract worker 5.Nodal Employee Time Tracking and Direct Internal Labor Expense Calculations: Audit of the recording of direct internal labor expenses to the Nodal Program  Implementation of Intended Cost Methodology  Employee Timesheets and Approvals Audit RatingDefinition UnsatisfactoryControls are not functioning and/or fraudulent activities have been detected which will or have a material impact on both the financial statements and operations of the company. Significant Improvements Needed The control environment is lacking or has degraded since the last audit and is a contributing factor to non-achievement of business objectives. Immediate management actions need to be taken to address the control deficiencies noted. Moderate Improvements NeededSome controls are in place and functioning; however, several major issues were noted that could jeopardize the accomplishment of business objectives. Minor Improvements NeededMany of the controls are functioning as intended; however, some minor changes are necessary to make the control environment more effective and efficient. ControlledControls are functioning as intended and no additional actions are necessary at this time. Legend - Report Rating

5 Page 5 5 Board of Directors MeetingAugust 21 st, 2007 Additional Nodal Audits Planned for 2007 Nodal Accounting –In Progress –To include allocation of support for Nodal vs. Zonal Nodal Contractor and Vendor Billings –In Progress –Just getting started Nodal Program Management Office –Not yet started –Targeted review of nodal program cost reporting –Planned for Q4 2007

6 Page 6 6 Board of Directors MeetingAugust 21 st, 2007 Recent Audits Completed External Internal

7 Page 7 7 Board of Directors MeetingAugust 21 st, 2007 August 2007 Recently Completed, Open and Planned Audits Audits Completed (last 3 months) Internal Audits PMO (Non-Nodal) Contract Audit of 21st Century Nodal Timetracking Nodal Delegation of Authority Employee Background/ Reference Checks & Drug Screens (Targeted Review) Nodal Procurement External Audits 2006 Final MPP Texas Nodal Program Controls - Review #3 (IBM-managed by IAD) Open Audits Internal Audits Nodal Acctg./Allocation Nodal Vendor Billings Cash & Investments QSE Credit Contractor Background/ Reference Checks & Drug Screens External Audits 2007 SAS70 (PwC) 2007 401K Audit (Maxwell, Locke & Ritter) Texas Nodal Program Controls – Review #4 (Managed by IAD) Planned Audits (next 3 months) Internal Audits Nodal PMO (Targeted Review) Congestion Mgmt./TCRs Disaster Recovery Plan Ethics Agreement Reaffirmation Protocol/Market Guide Approvals/Revisions Debt Financing External Audits Texas Nodal Program Controls – Review #5 - IBM (Managed by IAD) * NOTE: Conducted by internal resources other than Internal Audit

8 Page 8 8 Board of Directors MeetingAugust 21 st, 2007 Audit Update – August 2007 Status of Open Audit Points

9 Page 9 9 Board of Directors MeetingAugust 21 st, 2007 Compliance Update

10 Page 10 10 Board of Directors MeetingAugust 21 st, 2007 Management Compliance “Self Assessment” Management conducts regular “self assessments” of compliance –applicable laws –regulations & protocols –contractual obligations –disclosure mandates –etc. For each requirement, an assessment is made of whether the area is in compliance, ‘substantially compliant’*, or not in compliance with any ‘non- yes’ answer requiring further explanation. Each ERCOT Officer has completed a signed attestation as to the status of Compliance Requirements within their respective organizations For each requirement, an assessment is made of whether the area is in compliance, ‘substantially compliant’*, or not in compliance with any ‘non- yes’ answer requiring further explanation. * Substantially Compliant means compliance with essential requirements of a statutory provision, standard, policy or procedure as may be sufficient for the accomplishment of the purpose thereof. As such, there may be an accidental mistake or a good business reason for a minor modification or deviation from the statutory provision, standard, policy or procedure, but that does not affect that substantial compliance has been met of the statutory provision, standard, policy or procedure.

11 Page 11 11 Board of Directors MeetingAugust 21 st, 2007 Management Compliance – Status Update Details regarding areas deemed ‘substantially in compliance’ are included in your Executive Session materials.

12 Page 12 12 Board of Directors MeetingAugust 21 st, 2007 Management Compliance – Next Steps Continue to address ‘Substantially Compliant’ items to move to ‘Full Compliance’ in all areas –Progress report to F&A in November 2007 Continue quarterly signed Management Attestation as to the accuracy of the Compliance Certification Report Next semi-annual review of compliance results with the Board of Directors in February 2008

13 Page 13 13 Board of Directors MeetingAugust 21 st, 2007 Enterprise Risk Management Update

14 Page 14 14 Board of Directors MeetingAugust 21 st, 2007 Enterprise Risk Management Update ERCOT formalized its ERM program in 2005 Management reviews key enterprise risks on a monthly basis Changes in management assessment of a key risk are reported to the Finance & Audit Committee monthly Governance structure calls for a Board of Directors update semi- annually

15 Page 15 15 Board of Directors MeetingAugust 21 st, 2007 August 2007 Risk Inventory “Stoplight” Report

Download ppt "August 21 th, 2007 Board of Directors Meeting Semi-Annual Audit, Compliance, and Enterprise Risk Management Update Steve Byone Chief Financial Officer."

Similar presentations

MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
DHHS COE Meeting Agenda November, 2013 □Contract Compliance Reporting □Contract Update □Questions and Answers.

DHHS COE Meeting Agenda November, 2013 □Contract Compliance Reporting □Contract Update □Questions and Answers.
Internal Audit Awareness

Internal Audit Awareness
8 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.

8 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder Audit Planning and Analytical Procedures Chapter 8.
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
Audit Planning and Analytical Procedures Chapter 8.

Audit Planning and Analytical Procedures Chapter 8.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
August 15, 2006 Board of Directors Meeting Audit and Compliance, Incidence Response Preparedness, and Enterprise Risk Management Update Steve Byone Chief.

August 15, 2006 Board of Directors Meeting Audit and Compliance, Incidence Response Preparedness, and Enterprise Risk Management Update Steve Byone Chief.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.

Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
Purpose of the Standards

Purpose of the Standards
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist
Auditing II Unit 1 : Audit Procedures Unit 2: Audit of Limited Companies Unit 3: Audit of Government Companies.

Auditing II Unit 1 : Audit Procedures Unit 2: Audit of Limited Companies Unit 3: Audit of Government Companies.
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.

INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
BRIEFING TO THE PORTFOLIO COMMITTEE ON THE DPSA’S RISK MANAGEMENT STRATEGY PRESENTATION TO THE PORTFOLIO COMMITTEE 12 MAY 2010 1.

BRIEFING TO THE PORTFOLIO COMMITTEE ON THE DPSA’S RISK MANAGEMENT STRATEGY PRESENTATION TO THE PORTFOLIO COMMITTEE 12 MAY
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
South Carolina Public Charter School District Performance Framework Dana C. Reed, Assistant Superintendent of Performance Standards Courtney Mills, Director.

South Carolina Public Charter School District Performance Framework Dana C. Reed, Assistant Superintendent of Performance Standards Courtney Mills, Director.
Programmatic and Fiscal Compliance as a Team Effort 2014 Project Director Training & Annual Meeting1.

Programmatic and Fiscal Compliance as a Team Effort 2014 Project Director Training & Annual Meeting1.

Similar presentations

Ads by Google