Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managers’ Internal Control Program ICONO and ICOFR Navy Medicine Audit Readiness Training Symposium 5 and 6 June 2012 Ms. Meg Sherwood, Program Manager—ICONO.

Similar presentations

Presentation on theme: "Managers’ Internal Control Program ICONO and ICOFR Navy Medicine Audit Readiness Training Symposium 5 and 6 June 2012 Ms. Meg Sherwood, Program Manager—ICONO."— Presentation transcript:

1 Managers’ Internal Control Program ICONO and ICOFR Navy Medicine Audit Readiness Training Symposium 5 and 6 June 2012 Ms. Meg Sherwood, Program Manager—ICONO Ms. Freda King, Program Manager—ICOFR

2 Context Purpose Outcome Context To understand the MIC Program’s two parallel components: Internal Controls over Nonfinancial Operations (ICONO) and Internal Controls over Financial Reporting (ICOFR). Purpose To better define the MIC Program’s structure and objective. Outcome Commands are able to utilize the tools available in the MIC Program to support audit readiness efforts. FOR OFFICIAL USE ONLY 2

3 Agenda 1.MIC Program Overview 2.Internal Controls over Nonfinancial Operations (ICONO) 3.Internal Controls over Financial Reporting (ICOFR) 4.Exercise: Classifying and Reporting Deficiencies 5.Questions FOR OFFICIAL USE ONLY 3


5 5 Legal/Regulatory Framework Federal Managers’ Financial Integrity Act of 1982 (FMFIA) OMB Circular A-123 “Management’s Responsibility for Internal Control” ICONOICOFRICOFS Annual Statement of Assurance ICONO: Internal Controls Over Non-financial Operations ICOFR: Internal Controls Over Financial Reporting ICOFS: Internal Controls Over Financial Systems From FMFIA: “…internal accounting and administrative controls of each executive agency shall be established IAW standards prescribed by the Comptroller General…” ~ Head of each agency must prepare an annual statement certifying whether the agency’s systems of internal accounting and administrative control comply with FMFIA Goal: Effective Internal Controls From OMB Circular A-123: ~ Implementing guidance for federal agencies ~ Establishes 3 objectives of internal controls ~ Outlines 5 standards of internal control activities 3 Levels of Assurance: ~ Unqualified: no material weaknesses (MWs) ~ Qualified: MWs identified with corrective action plan developed ~ No Assurance: no assessment done or MWs are pervasive

6 What are Internal Controls? FOR OFFICIAL USE ONLY 6 Organization, policies and procedures to help program and financial managers achieve results and safeguard the integrity of their programs. Ensure what should occur in daily activities does occur. 3 objectives: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations Support performance-based management Incorporate into every business process Further, not hinder, mission accomplishment Cost/benefit analysis when implementing controls Goal: provide reasonable assurance 3 objectives are met Safeguarding of assets is a subset

7 5 Standards of Internal Control Activities FOR OFFICIAL USE ONLY 7 Information & Communication

8 MICP Program Guidance FOR OFFICIAL USE ONLY 8 BUMEDINST A Annual Program Guidance

9 ICONO and ICOFR Assessable Units (AUs) FOR OFFICIAL USE ONLY 9 MICP analyzes operational and financial internal controls across all functional areas

10 Quarterly & Annual Reporting Requirements Quarterly Certifications Annual Statement of Assurance (SOA) Provide two levels of assurance, one for ICONO and one for ICOFR, that internal controls are in place and operating effectively Provide sources that were assessed to determine the level of assurance and identify control deficiencies Report deficiencies Attest to implementation of Standard Operating Procedures (SOPs) FOR OFFICIAL USE ONLY 10

11 Sources of Internal Control Assessment MICP Sources: ICONO: Assessable Unit results ICOFR: Command Level Testing (CLT) results Other Sources: FOR OFFICIAL USE ONLY 11

12 Level of Assurance Unqualified: Reasonable assurance with no material weaknesses (MWs) reported. Certification must be accompanied by a firm basis for this position. Qualified: Reasonable assurance with the exception of one or more MW(s) reported. Certification must cite MW(s) that precluded an unqualified statement. No Assurance: No reasonable assurance either because no assessments were conducted or MWs are pervasive. FOR OFFICIAL USE ONLY 12


14 ICONO Assessable Units Organized functionally Inventory developed based on TMA- and BUMED-identified risks Reviewed and updated annually with input from program managers/subject matter experts Supplemented by Region/Activity identified electives Support audit readiness initiatives Increased effort to introduce data driven elements and transactional reviews into the assessments FOR OFFICIAL USE ONLY 14 Goal: Identify control deficiencies and implement corrective actions

15 Identifying Deficiencies Must be control related Identified through the Assessable Units, as well as, the internal and external assessment sources Classify the deficiency according to its severity Establish corrective action plans to address deficiencies Activities are responsible for implementing the corrective actions within their control and updating their plans Regions/BUMED provide oversight to ensure corrective actions are being implemented and provide implementation assistance when needed Report through quarterly Certification Statements and Annual Statement of Assurance (SOA) FOR OFFICIAL USE ONLY 15

16 Classifying Deficiencies How severe is the deficiency? Is there a significant threat to mission, resources, and/or image? Deficiency Categories: Material Weakness (MW): A reportable condition of combination of reportable conditions, which is significant enough to report to the next higher level. The determination is a management judgment as to whether a weakness is material. Reportable Condition (RC): A control deficiency, or combination of control deficiencies, that adversely affects the ability to meet mission objectives but are not deemed by the Head of the Component as serious enough to report as material weaknesses. Item to be Revisited (IR): An internal control issue brought to management’s attention with insufficient information to determine whether the control deficiency is material or not. These issues will be revisited throughout the following quarters to determine the materiality of the control deficiency. FOR OFFICIAL USE ONLY 16

17 Corrective Action Plans Develop for all deficiencies—whether or not you report them Elements to include: Identify the deficiency Set a target correction date Identify the corrective actions that will be taken to remediate the deficiency Call attention to higher level assistance, if needed Monitor and update progress on a regular basis FOR OFFICIAL USE ONLY 17

18 Determining What Deficiencies to Report Report from your organization’s perspective MTFs/activities should report deficiencies as they impact the MTF/activity Regions should report deficiencies as they impact the Region Questions to ask: Does higher echelon need to know about this issue? Can we resolve this issue within our own means at the MTF/activity or Regional level? Does this issue permeate the entire Region or is it an isolated issue? FOR OFFICIAL USE ONLY 18

19 Determining Level of Assurance A management decision Based on the types of deficiencies identified and whether or not the items need to be reported to the next higher level 3 levels of assurance: qualified, unqualified, no assurance FOR OFFICIAL USE ONLY 19 Level of AssuranceTypes of Deficiencies UnqualifiedNo MWs Some RCs and/or IRs identified Qualified1 or more MWs No AssuranceMWs are pervasive No assessments were conducted

20 How ICONO Efforts Support Audit Readiness Examine and/or test internal controls to ensure compliance with laws, regulations, policies, etc. Evaluate processes to determine if Standard Operating Procedures (SOPs) are fully implemented and correct processes where they are not Practice pulling documents which support transactions Identify internal control deficiencies and correct them before audit FOR OFFICIAL USE ONLY 20


22 OMB Circular A-123, Appendix A Internal Controls Over Financial Reporting (ICOFR)

23 Objective OMB Circular A-123, Appendix A - Internal Controls over Financial Reporting (ICOFR)  Requires Management to Assess, Test, Document, and Report on Financial Controls Financial Improvement and Audit Readiness(FIAR) Plan  Provide Guidelines, Goals, Priorities, and Strategies to become Audit Ready Achieving Audit Readiness  DoD’s Goals and Roles to Achieve Audit Readiness FOR OFFICIAL USE ONLY 23

24 Appendix A - Governing Statutes Federal Managers’ Financial Integrity Act of 1982  Requires all DoD managers to assess the effectiveness of management controls applicable to their responsibilities  An Act to amend the Accounting and Auditing Act of 1950 to require ongoing evaluations and reports of the adequacy of the systems of internal accounting and administrative control Sarbanes-Oxley Act of 2002  Public Company Accounting Reform and Investor Protection Act FOR OFFICIAL USE ONLY 24

25 Appendix A - Requirements Reporting on Financial Internal Controls  Internal Controls are specific policies procedures and activities that are established to manage or mitigate risks Assessing and Validating Controls and Processes  Internal Controls are part of every process and activity being performed throughout the organization Providing ICOFR Annual Assurance Statement  Internal controls provided reasonable assurance that what should happen does happen FOR OFFICIAL USE ONLY 25

26 Internal Control Internal Control Objectives: Effectiveness and Efficiency of Operations, Reliability of Financial Reporting, and Compliance with Applicable Laws and Regulations FOR OFFICIAL USE ONLY 26

27 Standards of Internal Control Activities Control Environment - the organizational structure to sustain organizational support for effective internal control Risk Assessment - identify internal and external risks that may prevent the organization from meeting its objectives Control Activities - include policies, procedures and mechanisms in place to help ensure that agency objectives are met Information and Communications - should be relevant, reliable, and timely Monitoring - periodic reviews, reconciliations or comparisons of data should be included as part of the regular assigned duties of personnel FOR OFFICIAL USE ONLY 27

28 Financial Improvement and Audit Readiness (FIAR) FIAR Plan (OMB Circular A-123, Appendix A) Goals Priorities Strategies FIAR Phases Discovery Corrective Action Evaluation Assertion Validation Audit FOR OFFICIAL USE ONLY 28

29 FIAR Goals Improve the Department’s Financial Management Operations Provide our Service men and women with the resources they need to carry out the mission Improving our stewardship of the resources entrusted to us by the taxpayers. FOR OFFICIAL USE ONLY 29

30 FIAR Priorities The First Priority is the Budgetary Resources. The benefits of focusing on budgetary information are to:  Improve the visibility of budgetary transactions  Provide for operational efficiencies through more readily available financial information;  Improve fiscal stewardship (ensures that funds appropriated, expended and recorded are reported accurately, reliably and timely); and  Improve budget processes and controls The Second Priority is the Mission Critical Assets. Mission critical assets are:  Military Equipment  Real Property  Inventory  Operating Materials and Supplies  General Equipment FOR OFFICIAL USE ONLY 30

31 FOR OFFICIAL USE ONLY 31 Wave 1Wave 1 Wave 2 Wave 3 Wave 4 Appropriations Received Statement of Budgetary Resources Mission Critical Assets Existence & Completeness Full Audit (except for valuation) FIAR Strategies

32 WAVE 1 Appropriations Received Accurate and timely recording of the budget authority needed to commit, obligate, and expend funds Processes and controls include activities performed to control and record transactions related to:  Receipt of the budget (Appropriations Received)  Distribution of the Budget to the Major Commands  Fund Balance with Treasury (FBWT) FOR OFFICIAL USE ONLY 32

33 WAVE 2 Statement of Budgetary Resources The SBR presents:  all budgetary resources a reporting entity has available  the status of those resources at period end  a reconciliation of changes in obligated balances from the beginning to the end of the period  and cash collections and disbursements for the period reported. Includes all processes, internal controls, systems and supporting documentation that must be audit ready before the SBR can be audited. FOR OFFICIAL USE ONLY 33

34 Sample Statement of Budgetary Resources (SBR) FOR OFFICIAL USE ONLY 34

35 WAVE 3 Mission Critical Assets (E&C) Focuses on the “existence and completeness” financial statement assertions and includes the “rights” assertion and portions of the “presentation and disclosure” assertion. Reporting entities must ensure that:  all assets recorded in the property books exist  all of the reporting entities’ assets are recorded in their system  reporting entities have the right to report all assets (Rights)  assets are consistently categorized, summarized, and reported period to period (Presentation and Disclosure). FOR OFFICIAL USE ONLY 35

36 WAVE 4 Full Audit Include the proprietary side of financial transactions covered in Wave 2, and:  accounts receivable  earned revenue  accounts payable  gross costs  other liabilities Adds the “valuation” assertion for assets FOR OFFICIAL USE ONLY 36

37 Assertions FOR OFFICIAL USE ONLY 37

38 Asserting FOR OFFICIAL USE ONLY 38 We will be asserting :  that our financial controls are in place and operating effectively  that our financial reports are accurately prepared  that transactions can be supported with documentation and that  that we have fully complied with our laws and regulations.

39 FOR OFFICIAL USE ONLY 39 Assessable UnitsAssertion Dates Travel SEP 2012 Consumables DEC 2012 Reimbursable Work Orders – GrantorDEC 2012 Reimbursable Work Orders – PerformerAPR 2013 Military PayrollAPR 2013 Contract AdministrationJUL 2013 Non-Federal ReceivablesJUL 2013 Federal Receivables SEP 2013 Civilian PayrollDEC 2013 Financial ReportingDEC 2013 Fund Balance with TreasuryDEC 2013 BUMED Assertion Dates to TMA


41 Command Level Testing/Validation Testing Standard Operating Procedures (SOPs) FMO Samples and Workbooks NAS Sample Testing FOR OFFICIAL USE ONLY 41 BUMED’s FIP Tool Box

42 Audit Preparation

43 FOR OFFICIAL USE ONLY 43 Managers’ Internal Control Program (MICP)

44 It’s not just a Job; it’s the path to audit success… FOR OFFICIAL USE ONLY 44 Audit Readiness

45 What are the Priorities of the FIAR Plan? What are Two Internal Control Objectives? What are the Five Financial Assertions? What is the date for Audit of the SBR? What is the date for Full Audit? FOR OFFICIAL USE ONLY 45 Audit Readiness Trivia


47 Scenario FOR OFFICIAL USE ONLY 47 At Naval Hospital Atlantis, during a 6 month timeframe, questionable transactions were found on the GTCCs for 60 members. During this timeframe, the total number of members who used their card was 70. The types of questionable transactions included: Expenses not related to official government travel such as video games purchased at Target Cash advances taken within a member’s permanent duty station and the member is not on official government travel orders Airline tickets purchased for a member’s spouse and children Lodging charges for a member’s personal travel following a period of official government travel These questionable expenses were not identified during travel card or DTS voucher review processes

48 Analysis Is the deficiency a threat to mission, resources, and/or image? How would you classify the deficiency and why? Material Weakness, Reportable Condition, Item to be Revisited What is your corrective action plan? Would you report the deficiency? Why or why not? Is the deficiency related to ICONO, ICOFR, or both? If you do report the deficiency, what level of assurance do you report? Unqualified, Qualified, or No assurance FOR OFFICIAL USE ONLY 48

49 Higher Level Resources Federal Managers’ Financial Integrity Act of 1982 (P.L ) OMB Circular A-123: Management’s Responsibility for Internal Control DoD Financial Improvement and Audit Readiness (FIAR) Guidance of December 2011 DoD Financial Improvement and Audit Readiness (FIAR) Guidance of December 2011 DoDI of 29 July 2010: Managers’ Internal Control Program (MICP) Procedures DoDI of 29 July 2010: Managers’ Internal Control Program (MICP) Procedures SECNAVINST E of 8 November 2006: Department of the Navy (DON) Managers’ Internal Control (MIC) Program SECNAVINST E of 8 November 2006: Department of the Navy (DON) Managers’ Internal Control (MIC) Program SECNAV M of June 2008: Department of the Navy Managers’ Internal Control Manual SECNAV M of June 2008: Department of the Navy Managers’ Internal Control Manual OPNAVINST D of 03 October 2011: Managers’ Internal Control Program GAO Products: “Standards for Internal Control in the Federal Government” and “Internal Control Management and Evaluation Tool”“Standards for Internal Control in the Federal Government” “Internal Control Management and Evaluation Tool” 49 FOR OFFICIAL USE ONLY

50 BUMED Resources FOR OFFICIAL USE ONLY 50 SG’s Memo on Internal Controls in Navy Medicine of 5 January 2012; Reference: 5200 Ser M82/11UM82757 DSG’s Memo on Annual Areas for Leadership Engagement of 30 August 2010; Reference: 5200 Ser M82/10UM82749 BUMEDINST A of 29 October 2008: Managers’ Internal Control Program Managers’ Internal Control Program (MICP) Guidance for Fiscal Year (FY) 2012 dated 6 October 2011; Reference: 5200 Ser M82/11UM82758

51 Questions? Contact Information Meg Sherwood Phone: Freda King Phone: FOR OFFICIAL USE ONLY 51

Download ppt "Managers’ Internal Control Program ICONO and ICOFR Navy Medicine Audit Readiness Training Symposium 5 and 6 June 2012 Ms. Meg Sherwood, Program Manager—ICONO."

Similar presentations

Ads by Google