Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated.

Published byKaela Tarry Modified over 10 years ago

Similar presentations

Presentation on theme: "Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated."— Presentation transcript:

1 Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated

2 Agenda Background Requirements Implementation

3 Internal Control Legislation – 1950 Accounting and Auditing Act – 1982 Federal Managers Financial Integrity Act – 1990 Chief Financial Officers Act – 1994 Government Management Reform Act – 1996 Federal Financial Management Improvement Act

4 What are Internal Controls? Anything you do to successfully achieve your mission/goal legally and efficiently Objectives of controls: –Effective and efficient operations –Reliable financial reporting –Compliance with laws and regulations Applies to all aspects of life

5 Internal Control Standards Treadway Commission: Internal Control Guidance Control Environment Risk Assessment Activities M Information Communication GAO StandardsCOSO Framework

6 Internal Control Standards Control Environment Risk Assessment Control Activities M Information Communication GAO Standards Control Environment: Tone at the Top Risk Assessment: Threats to Mission Control Activities: Design & Operation Monitoring: Test Schedule Information & Communication: Up and down the Organization

7 Government Implementation: Assess Controls

8 Elements of an IC Program Mission Objectives Risks Control Activities

9 Internal Goals Management: Acknowledge it responsibility for establishing and maintaining ICs Apply IC objectives: –Effective and efficient operations –Reliable financial reporting –Compliance with laws and regulations Understand that ICs exist (or should) at every level and in every process of the organization Realize that good internal control leads to financial reporting integrity

10 Three Step Process Planning Phase Testing Phase Reporting Phase

11 Planning Phase Identify assessable units Establish governance body Determine material contributors Identify/document key business processes Perform risk assessment Identify key controls Develop 3-yr control assessment schedule Develop test methodology

12 Divide and Conquer !! Establish Assessable Units

13 Divide and Conquer !! Establish Assessable Units

14 Establish Governance Establish a governance body who will: –Have decision-making leaders as members –Identify material business lines/ processes –Know flowcharted business process –Identify risks and assess materiality –Document internal controls –Test internal controls –Report on control effectiveness –Develop corrective action plans

15 Identify Material Contributors Look at the Budget/Financials 2010 2009 Change 2010 2009 Change 2010 2009 Change Assets: Cash and investments............. $ 10.7 $ 10.4 $ 0.3 $ 4.6 $ 4.6 $ - $15.3 $ 15.0 $ 0.3 Capital assets (net).................. 28.6 26.7 1.9 0.1 0.1 - 28.7 26.8 1.9 All other assets......................... 7.9 7.1 0.8 1.6 1.4 0.2 9.5 8.5 1.0 Total assets.............................. 47.2 4 4.2 3.0 6.3 6.1 0.2 53.5 50.3 3.2 Liabilities: Accounts payable..................... 5.9 6.0 (0.1) 0.9 0.9 - 6.8 6.9 (0.1) All other current liabilities.... 4.2 3.7 0.5 4.1 2.1 2.0 8.3 5.8 2.5 Total current liabilities............ 10.1 9.7 0.4 5.0 3.0 2.0 15.1 12.7 2.4 Bonds payable.......................... 9.8 8.5 1.3 - - - 9.8 8.5 1.3 All other long-term liabilities 3.8 2.8 1.0 2.5 2.5 - 6.3 5.3 1.0 Total long-term liabilities........ 13.6 11.3 2.3 2.5 2.5 - 16.1 13.8 2.3 Total Liabilities........................ 23.7 21.0 2.7 7.5 5.5 2.0 31.2 26.5 4.7 Government Business-typeTotal

16 Identify Key Business Processes Capital Assets: –What processes add to balances? –What processes decrease balances? –What systems support the processes? –Where do the processes take place? –Where do the managers exist in the states organization chart?

17 Document Key Processes

18 Perform Risk Assessment Assess Risk: Document from flowcharts

19 IT Assertions Completeness Accuracy Validity Restricted Access

20 Financial Assertions Completeness Obligations/Rights Valuation Existence/Occurrence Reporting/Presentation Look for Risk of Misstatement

21 Identify Key Controls Document from flow charts

22 Document Key Controls IntraGov Accts Rec Not reported Document, document, document high 1 Reimb R/O Track & check low Inspect Preliminary Control Assessment

23 Develop Key Control Assessment Schedule All key controls are assessed at least once every three years Some more: –High risk –Change in: Law System Key personnel

24 Control Testing Options: 3-Year Plan Control Risk Test Low High Develop Corrective Action Plan If: Changes in: -Personnel? -Process? -System? Yes Annually for 3 years No Rotate to 3-year plan

25 Testing Phase Entity-Level Assessment Control Testing: –Process level –Transaction level –Include automated systems –Remember service providers

26 Entity-Level Assessment Evaluate Internal Control at Entity Level – GAO-01-1008G: Internal Control Management and Evaluation Tool – Use GAO Internal Control Standards

27 Control Testing Test key controls – Develop test plan and document – Decide on the appropriate test method – Establish tolerance level for error, document – Identify sample size: OMB recommendations – Test and document Consider dependencies – Service provider process controls – SAS 70 reports???

28 Reporting Phase Identifying Material Weaknesses Developing Corrective Action Plans Preparing Statement of Assurance

29 Identify Material Weaknesses At assessable unit level At subagency/department level At Agency/ Bureau/ Department level Management has the discretion to make the determination! OMB generous with Material Weakness definitions

30 Basis for Assurance Deficiencies can be: –Single deficiency –Significant deficiency –Material weakness Determines level of assurance –Cannot be unqualified if material weakness exists

31 Develop Corrective Actions Managers: Process Owners develop corrective actions plans and timelines Governance body concurs or non- concurs Published in Annual Financial Report (PAR) for feds Should be monitored by leadership Fed report periodically on progress to Office of Management and Budget

32 Corrective Action Plans Plan well Divide corrective steps into small manageable pieces – governance body should approve Develop realistic target dates Monitor progress continuously

33 Statement of Assurance Report on effectiveness of internal control Separate statements of assurance: – for operations and administration – for systems (Sec 4) – for financial reporting Report options: – Prescribed format for statement – Defined qualifiers: Unqualified Qualified No Assurance

34 Internal Control Reporting

35

Download ppt "Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated."

Similar presentations

Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.

Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
1 AUDIT AND AUDIT RESOLUTION Peg Rosenberry, Director of Grants Management Claire Moreno, Audit Liaison, Office of Grants Management 9/18/2009 AMERICORPS.

1 AUDIT AND AUDIT RESOLUTION Peg Rosenberry, Director of Grants Management Claire Moreno, Audit Liaison, Office of Grants Management 9/18/2009 AMERICORPS.
MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
E- Learning Technologies: Applications for Government Accounting & Financial Systems Page - 1 January 19, 2004 International Institute of Business Technologies.

E- Learning Technologies: Applications for Government Accounting & Financial Systems Page - 1 January 19, 2004 International Institute of Business Technologies.
The Managing Authority –Keystone of the Control System

The Managing Authority –Keystone of the Control System
EMS Checklist (ISO model)

EMS Checklist (ISO model)
Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.

Vision: A strong and capable civil society, cooperating and responsive to Cambodias development challenges 1.
Human Capital Investment Programme 2007-2013 Disability Activation Project (DACT) WELCOME Support Workshop Thursday 7 th February 2013 1.

Human Capital Investment Programme Disability Activation Project (DACT) WELCOME Support Workshop Thursday 7 th February
Auditing 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.

Auditing 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.
Additional Assurance Services: Other Information

Additional Assurance Services: Other Information
Checking & Corrective Action

Checking & Corrective Action
Section 404 Audits of Internal Control and Control Risk

Section 404 Audits of Internal Control and Control Risk
© 2004 Dechert LLP FORM N-CSR, CERTIFICATIONS AND DISCLOSURE CONTROLS AND PROCEDURES James F. DesMarais, Esq. MFS Investment Management Brian S. Vargo,

© 2004 Dechert LLP FORM N-CSR, CERTIFICATIONS AND DISCLOSURE CONTROLS AND PROCEDURES James F. DesMarais, Esq. MFS Investment Management Brian S. Vargo,
Internal Control and Control Risk

Internal Control and Control Risk
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 21 - 1 Audit of the Capital Acquisition and Repayment.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley Audit of the Capital Acquisition and Repayment.
Overall Audit Plan and Audit Program

Overall Audit Plan and Audit Program
Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011.

Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011.
1 Single Audit Legislative Audit Bureau September 2009.

1 Single Audit Legislative Audit Bureau September 2009.
1  AGA-DC and GWSPCA 6 th ANNUAL CONFERENCE OMB Circular A-123, Appendix A Internal Control Over Financial Reporting Innovative Approaches Jerome A. Vaiana.

1  AGA-DC and GWSPCA 6 th ANNUAL CONFERENCE OMB Circular A-123, Appendix A Internal Control Over Financial Reporting Innovative Approaches Jerome A. Vaiana.

Similar presentations

Ads by Google