Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office of the Comptroller Internal Control Overview & Update October 5, 2007.

Published byAlvin Gyles Skinner Modified over 8 years ago

Similar presentations

Presentation on theme: "Office of the Comptroller Internal Control Overview & Update October 5, 2007."— Presentation transcript:

1 Office of the Comptroller Internal Control Overview & Update October 5, 2007

2 Internal Control Overview & Update AGENDA Welcome Internal Control Overview – –Howard Olsher, Director of State Audits, SAO Revised Internal Control Guide – –Martin Benison, Comptroller, CTR – –Peter Scavotto, Quality Assurance Bureau Director, CTR Questions & Answers

3 Howard Olsher Office of the State Auditor

4 Chapter 647 of the Acts of 1989 An Act Relative to Improving Internal Controls At State Departments

5 Chapter 647 of the Acts of 1989   Modeled after the Federal Managers Financial Integrity Act.   Sets forth the minimum level of quality acceptable for internal controls at State Departments for Financial and Program Operations.   Internal controls at State Departments should be established in accordance with the guidelines promulgated by the Office of the Comptroller.   Applies to all State Departments in all branches of government.

6 Chapter 647 of the Acts of 1989 Three Parts of the Law Internal Control Standards Management’s Responsibility (State Departments) Reporting all unaccounted for variances, losses, shortages and theft of funds or property to the Office of the State Auditor.

7 Part I of Chapter 647 Internal Control Standards 1) 1)Documentation of Internal Control Structure. 2) 2)Transactions promptly recorded, clearly documented and properly classified throughout the lifecycle of the transaction and event. 3) 3)Transactions should be authorized and executed by persons acting within the scope of their authority. 4) 4)Key duties and responsibilities should be segregated for all financial transactions in order to allow for adequate checks and balances. 5) 5)Access to resources only to authorized individuals. 6) 6)Periodic comparison between resources and recorded accountability of resources. 7) 7)Qualified and continuous supervision should be provided to all staff to ensure that internal control objectives are achieved.

8 Part II of Chapter 647 Management’s Responsibility The Legislation requires that an Official, equivalent in title to an assistant or deputy to the department head (in addition to his/her regular duties) has the responsibility to ensure that: (1)Written documentation of its internal accounting and administrative control system is on file for review by:   Office of the State Auditor   Office of the Comptroller   Office of the Secretary for Administration and Finance (2)Internal Control Structure is evaluated annually or as conditions warrant. (3)Audit recommendations promptly evaluated and corrective action taken by Management. (4)Corrective action is addressed in Management’s budget request to the Legislature.

9 Part III of Chapter 647 Reporting to the Office of the State Auditor Departments’ Responsibility: (1)All unaccounted for variances, losses, shortages, or thefts of funds or property shall be reported immediately to the Office of the State Auditor. (2)Based on the OSA’s recommendations, Department management is responsible to immediately implement policies and procedures necessary to prevent a reoccurrence of the condition. Office of the State Auditor’s Responsibility: (1) (1)Review the condition to determine amounts involved and report the facts surrounding the condition to the appropriate management and law enforcement officials. (2)Determine the internal control weaknesses that contributed to or caused the condition and make the necessary recommendations to management to correct the internal control weaknesses.

10 Internal Control Campaign Internal Control Legislation (Chapter 647 of the Acts of 1989) Partnership – –Office of the Comptroller » »Independent department within the Executive Branch » »Increase the efficiency of department financial operations across state government thereby enhancing its delivery of services while ensuring a high level of accountability throughout the Commonwealth’s fiscal operations. – –Office of the State Auditor » »Independent constitutional office within the Commonwealth. » »A catalyst for good government by promoting economy, efficiency, and effectiveness in state government.

11 Internal Control Campaign (Cont) Internal Control Campaign Objectives – –To increase departments’ awareness of and the importance of Internal Controls. – –To educate departments on internal controls and how they affect department financial and programmatic operations. – –To assist departments and give guidance on the development of an internal control plan. – –To assist departments and give guidance on assessing risks of their operation in order to determine if they have the proper internal controls in place to mitigate risks.

12 Internal Control Campaign (Cont) Departments are at the point where they understand the importance and concepts of internal controls. Fiscal and Program Managers should view their Internal Control Plan and Risk Assessment as an Insurance Policy.

13 Office of the State Auditor Audit Approach To Internal Controls Chapter 11, Section 12 of the General Laws Generally Accepted Government Auditing Standards (GAGAS) GAGAS requires a study and evaluation of internal controls OSA audit tests and procedures are based on the study and evaluation of internal controls Review the Department Internal Control Plan Review the Department Risk Assessment Determine if identified risks are taken into consideration in the Internal Control Plan Use and rely on the CTR Internal Control Guide Guide/Reference Document Criteria for audit results

14 Martin Benison Office of the Comptroller

15 Office of the Comptroller’s Mission Statement To increase the efficiency of back office operations across state government, thereby enhancing its delivery of services while ensuring a high level of accountability throughout the Commonwealth's financial operations and providing taxpayers assurance that tax dollars are spent for their intended purposes.

16 A Series of Reliances Treasury Governor's Council Comptroller Department Head Staff Policy, Procedure Internal Controls Warrant Treasury Governor

17 Peter Scavotto Office of the Comptroller

18 New Internal Control Guide 1. How did we get here? 2. Status of Internal Control Plans today? 3. Where do we want to go? 4. What do Departments need to do? 5. How can we help?

19 Previous Guidance Early 90’s: Issued first Internal Control Guide Early 90’s: Issued first Internal Control Guide 1999: Issued Volume 1 – Internal Control Guide for Managers 1999: Issued Volume 1 – Internal Control Guide for Managers 2001: Issued Volume 2 – Internal Control Guide for Departments 2001: Issued Volume 2 – Internal Control Guide for Departments

20 Previous Guidance 2004: Issued Policy on Internal Control and updated guides with launch of NewMMARS 2004: Issued Policy on Internal Control and updated guides with launch of NewMMARS 2005: Established Quality Assurance Bureau; Quality Assurance Review Process 2005: Established Quality Assurance Bureau; Quality Assurance Review Process

21 Status of Internal Control Plans Does every agency have a plan? Does every agency have a plan? ICQ: Document internal controls? Yes: 144No: 2 Do they update them? Do they update them? ICQ: …within past year or when warranted? Yes: 138No: 8

22 What we see: Control activities are documented Control activities are documented All plans need continuous work All plans need continuous work

23 Plans Are: Not always based on a Risk Assessment Not always based on a Risk Assessment Not always a comprehensive assessment of all aspects of department business Not always a comprehensive assessment of all aspects of department business

24 Plans Are: Sometimes a compilation of fiscal policies/procedures only – Sometimes a compilation of fiscal policies/procedures only – These are OK for the lower level detail that supports the plan

25 Where do we want to go? Plans based on Enterprise Risk Management (ERM) Plans based on Enterprise Risk Management (ERM) All programs and activities included All programs and activities included Summarized Summarized Referencing supporting procedures documented elsewhere Referencing supporting procedures documented elsewhere Updated as often as necessary (change), but 1/yr minimum Updated as often as necessary (change), but 1/yr minimum

26 Enterprise Risk Management Goals Risk Management Business Units

27 ERM Components Internal Environment Internal Environment tone of the organization Objective Setting Objective Setting support the mission; needed before risk events can be identified

28 ERM Components Event Identification Event Identification affect achievement of objectives; internal and external Risk Assessment Risk Assessment analyze for likelihood of occurrence; impact if they do occur

29 ERM Components Risk Response Risk Response avoidaccept reduceshare Control Activities Control Activities policies/procedures are implemented to ensure risk responses are carried out

30 ERM Components Information and Communication Information and Communication flows down, across and up; enables people to carry out their responsibilities Monitoring Monitoring ongoing activities evaluated; modifications made as necessary

31 What do Departments need to do? Evaluate mission and goals/objectives Evaluate mission and goals/objectives Involve all managers to cover all programs/activities Involve all managers to cover all programs/activities ID events that threaten success ID events that threaten success ID risk level (occurrence and severity) ID risk level (occurrence and severity) ID controls to mitigate risk ID controls to mitigate risk

32 What do Departments need to do? Summarize into a plan Summarize into a plan Implement daily activities to support controls Implement daily activities to support controls Share the plan Share the plan Monitor the plan Monitor the plan –test transactions –adjust activities if objectives change

33 Who’s Involved? Department Head Department Head Senior Staff Senior Staff Fiscal and Program Managers Fiscal and Program Managers Line Staff Line Staff OSA, CTR, ANF OSA, CTR, ANF Internal Audit Internal Audit

34 How can we help? Revised guide stressing ERM Revised guide stressing ERM Policies on Web Policies on Web Training workshops once/month Training workshops once/month QA reviews to critique plans QA reviews to critique plans Internal Control Questionnaire Internal Control Questionnaire Templates to collect information Templates to collect information

35 Risk Assessment Template Risk Assessment Template

36 Risk Inventory

37 Benefits of a Good Plan Focus on the Right Stuff (day-to-day) Focus on the Right Stuff (day-to-day) Effectiveness and Efficiency Effectiveness and Efficiency Basis for CTR’s Series of Reliance's Basis for CTR’s Series of Reliance's Accurate Financial Reporting Accurate Financial Reporting Ties to Internal Control Questionnaire Ties to Internal Control Questionnaire Compliance Compliance Accomplish Your Goals and Objectives All in Order To:

38 Wrap Up Evaluate Your Plan Evaluate Your Plan Widen the Scope – all programs/activities Widen the Scope – all programs/activities Do a Risk Assessment – ERM Principles Do a Risk Assessment – ERM Principles Refer to detailed procedures Refer to detailed procedures Summarize the Plan Summarize the Plan Update when necessary and each year Update when necessary and each year

39 Plan Impact Examples EXECUTIVE ORDER NO. 481 ORDER PROHIBITING THE USE OF UNDOCUMENTED WORKERS ON STATE CONTRACTS EXECUTIVE ORDER NO. 484 LEADING BY EXAMPLE—CLEAN ENERGY AND EFFICIENT BUILDINGS MMARS Policy: Payroll Public Records Exemption An Act Relative to Security Freezes and Notification of Data Breaches Chapter 82 of the Acts of 2007 The Identity Theft Bill and State CIOS CIO Meeting September 26, 2007 Thursday, October 4, 2007 Data for 450,000 mistakenly released Social Security numbers on disks (Boston.com) © Copyright 2007 Globe Newspaper Company.

Download ppt "Office of the Comptroller Internal Control Overview & Update October 5, 2007."

Similar presentations

Commonwealth of Massachusetts Internal Control Questionnaire (ICQ) NASACT Managing Internal Control with Compliance Technology January 31, 2007.

Commonwealth of Massachusetts Internal Control Questionnaire (ICQ) NASACT Managing Internal Control with Compliance Technology January 31, 2007.
Commonwealth of Massachusetts Internal Control Questionnaire (ICQ) NSAA / NASC Joint Middle Management Conference Des Moines, IA April 17, 2007.

Commonwealth of Massachusetts Internal Control Questionnaire (ICQ) NSAA / NASC Joint Middle Management Conference Des Moines, IA April 17, 2007.
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.

Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Internal Audit Awareness

Internal Audit Awareness
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
The Islamic University of Gaza

The Islamic University of Gaza
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
HHS Webinar Internal Controls and You: How Internal Controls Can Improve and Protect Your Energy Assistance Program John M. Harvanko, Director Office of.

HHS Webinar Internal Controls and You: How Internal Controls Can Improve and Protect Your Energy Assistance Program John M. Harvanko, Director Office of.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Institute of Municipal Finance Officers & Related Professions

Institute of Municipal Finance Officers & Related Professions
Financial Controls Task Force Report Joint Financial-HRMS Unit Liaison Meeting March 17, 2004 Mike Kalasinski Norel Tullier Cheryl Soper.

Financial Controls Task Force Report Joint Financial-HRMS Unit Liaison Meeting March 17, 2004 Mike Kalasinski Norel Tullier Cheryl Soper.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Purpose of the Standards

Purpose of the Standards
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Similar presentations

Ads by Google