1 Resource Management, Data Integrity, and the Computing Environment September 2, 2015 Resource Management, Data Integrity, and the Computing Environment.

Slides:



Advertisements
Similar presentations
INTERNAL CONTROLS.
Advertisements

Lessons Learned from Financial Management Reviews May 15, 2008 Bruce Robinson FTA Office of Research, Demonstration and Innovation.
Cash Collection and Deposit Training Financial Services.
Office of the Controller and Internal Controls Sandra Featherson Associate Director of Controls Office of the Controller February 2010.
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
PCard Program Roles and Responsibilities Review Karen Brookbanks, C.P.M., CPPB.
Resource Management, Data Integrity, and the Computing Environment Sandra Featherson Office of the Controller Doug Drury Information Systems & Computing.
Petty Cash/Change Fund Policies & Procedures
Data Ownership Responsibilities & Procedures
Departmental Cash Handling By: Maria De Jesus Sussy Palomo Accounting Group Supervisor
BACK TO BASICS Indiana Prosecuting Attorneys Council May 2013.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza
Audits: How to Prepare and What to Expect Council of Senior Business Administrators Focus Session April 21, 2004 James Laird Assistant Dean for Finance.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Information Security Policies Larry Conrad September 29, 2009.
Developing a Records & Information Retention & Disposition Program:
Laboratory Personnel Dr/Ehsan Moahmen Rizk.
Managing the Information Technology Resource Jerry N. Luftman
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Departmental Cash Handling By: Maria Sussy Palomo.
Purpose of the Standards
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Office of the Controller and Internal Controls Jim Corkill Controller Office of the Controller September 2014.
(rev 3/09) Stewardship, Accountability and Regulatory Compliance Jim Corkill Sandra Featherson Office of the Controller.
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Peer Information Security Policies: A Sampling Summer 2015.
Chapter 10 Cash and Financial Investments McGraw-Hill/Irwin
Auditors: Why do they ask all those questions? LGC Resource April 2015 Penny Austin, Assistant Director – IS Local Government Audit.
DAS: State Controller's Division1January 2010 Department of Administrative Services State Controller’s Division Updated January, 2010.
Effective Management and Compliance 1 ANA GRANTEE MEETING  FEBRUARY 5, 2015.
Cash Handling Cash Handling Policies and Procedures May 27, 2015.
The University of California UC Financial Management Jim Corkill Controller, Accounting Services & Controls University of California, Santa Barbara November,
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
FISCAL RESPONSIBILITY IN TITLE III AND OTHER SPONSORED PROGRAMS AND GRANTS ADMINISTRATION Presented by Sharon S. Crews, M.Ac., CPA Vice President for Administrative.
Best Practices: Financial Resource Management February 2011.
SBIR Budgeting Leanne Robey Chief, Special Reviews Branch, NIH.
Internal Control 7. Management Issues Related to Internal Control OBJECTIVE 1: Identify the management issues related to internal control.
Automated Statement of Accounts Project and Operational Guideline March 2011.
U.S. DEPARTMENT OF LABOR EMPLOYMENT AND TRAINING ADMINISTRATION ARRA GREEN JOB AND HEALTH CARE / EMERGING INDUSTRIES NEW GRANTEE POST AWARD FORUM JUNE.
Webinar for FY 2011 i3 Grantees February 9, 2012 Fiscal Oversight of i3 Grants Erin McHughJames Evans, CPA, CGFM, CGMA Office of Innovation and Improvement.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
College Reviews An Overview Presented by Howard Lutwak, CIA Director of Internal Audit January 2004.
Chapter 9: Introduction to Internal Control Systems
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Student Activity Funds Procedures and Findings MGFOA October 22, 2015 Melanson Heath Certified Public Accountants John J. Sullivan, CFE.
Title IV Administration is a Team Sport
1 Banking and Reconciliation. 2 To Certify As A Cash Handler  Visit the training website  Review the Payment Card Industry (PCI)
INTRODUCTION TO PUBLIC FINANCE MANAGEMENT Module 4.3: Internal Control & Audit.
Internal Sales Policy and Procedure Updates. Agenda o Policy o Procedures o Roles & Responsibilities o Definitions o Questions & Answers anytime during.
WESTERN PA CHAPTER OF THE AMERICAN PAYROLL ASSOCIATION – NOVEMBER 4, 2015 Risk Management for Payroll.
Business Continuity Disaster Planning
Child Support Director’s Association 2007 Training Conference Administrative Audits Presentation #107 September 18, 2007.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
1 Stewardship, Accountability and Regulatory Compliance October 22, 2015 Stewardship, Accountability and Regulatory Compliance Jim Corkill | Controller.
Welcome. Contents: 1.Organization’s Policies & Procedure 2.Internal Controls 3.Manager’s Financial Role 4.Procurement Process 5.Monthly Financial Report.
Personnel.
Lessons Learned from Financial Management Reviews
Internal Controls.
Managing Property What Principal Investigators and Business Officers need to know Business Services - Rates and Review Team Established February 25, 2015.
Red Flags Rule An Introduction County College of Morris
Cash Handling Policies and Procedures
Cash Collection and Deposit Training
Managing Property What Principal Investigators and Business Officers need to know Business Services - Rates and Review Team Established February 25, 2015.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Internal Controls.
Cash Handling Policies and Procedures
Internal Controls.
Presentation transcript:

1 Resource Management, Data Integrity, and the Computing Environment September 2, 2015 Resource Management, Data Integrity, and the Computing Environment Jim Corkill | Controller Business and Financial Services Controller’s Office Doug Drury | Director ETS Business Relationship Management Enterprise Technology Service (ETS)

September 2, Resource Management, Data Integrity, and the Computing Environment Agenda Computing Environment Resource Management Data Integrity

September 2, Resource Management, Data Integrity, and the Computing Environment Computing Environment Maintaining a reliable computing environment: Why is this important?

September 2, Resource Management, Data Integrity, and the Computing Environment Computing Environment Physical Security Equipment is properly secured Equipment is maintained Contact Sam Horowitz (Chief Information Security Officer) –

September 2, Resource Management, Data Integrity, and the Computing Environment Computing Environment Systems Development IS-10 – UC Policy Establish a plan Well trained technical professionals Identify projects Define scope, benefits, risks, priorities, timing, and implementation method Contact Doug Drury – to determine if a solution to your need may already

September 2, Resource Management, Data Integrity, and the Computing Environment Computing Environment Systems Development What is ‘System Development’? Impact of the project – campus impacts – IT Governance Determine staffing, equipment, and other needs Funding requirements and sources Documentation of system UC Policy – IS-2, IS-3, IS-10, IS-11 ml ml

September 2, Resource Management, Data Integrity, and the Computing Environment Computing Environment Other Things to Think About: Systems Management Password Maintenance Disaster Recovery Separating Employees

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information: What Is It? SB1386 designed to address identity theft  took effect July 1 st, 2003  added § , § to State Civil Code (Information Practices Act)  created disclosure requirements upon a security breach of systems containing “unencrypted” personal information An individual’s first name or initial and last name in combination with one or more of the following:  Social Security Number  Driver’s License Number  Financial account or credit card number in combination with any password that would permit access to the individual's account See for more information

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information UCSB Campus Roles Data Proprietor Data Proprietor - A personal information data store proprietor is the department director or senior manager who is the functional owner of the application that is the primary source of the personal information. It is the responsibility of the data store proprietor to ensure that the inventory of personal information data stores is kept current for the data stores for which the proprietor is responsible.

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information UCSB Campus Roles Data Custodian - Data Custodian - A personal information data store custodian is an individual or organization that is responsible for providing technical or system administration support for the data store. It is the responsibility of the personal information data store custodian to ensure that the implementation and administration of the personal information data store conforms to IS- 3 requirements, as a minimum, and to campus and industry best practices for system security where appropriate. Campus Sensitive Data Incident Coordinators - Campus Sensitive Data Incident Coordinators - Doug Drury

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information Policy & Guidelines UC Policy IS-3 and IS-11 define policy regarding management of Electronic Personal Information (as well as other information system issues) UCSB Guideline provides process for handling exposure of personal information

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information Best Practices Don’t Store It Unless Absolutely Necessary If You Do Store It  Follow IS-3 Policy  Retain contact information for stored individuals  Submit Inventory Data To Campus Coordinators  Follow Industry Best Practices For System Security  UC Electronic Communication Policy allows UC campuses to encrypt personal information data stores – ENCRYPT IF POSSIBLE

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information Incident Process Incident Detection  Requires active monitoring of data store  Requires extensive analysis to determine if a breach as occurred  UCSB Guideline provides assessment guidance Incident Handling Process  Follow the UCSB Guideline closely  Allow appointed UCSB/UC officials to handle any communication

September 2, Resource Management, Data Integrity, and the Computing Environment Electronic Personal Information Sources UC Policy: UCSB Guideline: California Law: Finally – The UC/UCSB definition of Personal Data is evolving. You will be kept up to date if the definition changes

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management Financial Data Value of Budgets Analyze Costs, Benefits, and Risks Asset Management

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Financial Data Verify data is accurate and complete Compare GLO60 to any Shadow System Review significant deviations Document corrective action

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Value of Budgets Represents your financial plan for future periods Decisions based on data Proper use of resources Valuable control Evaluate resource opportunities

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Value of Budgets Budget for: Departmental Operations Events Projects

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management and SAS 115 Department Key Controls GL Reconciliation Review of Budget Reports Equipment Inventory

September 2, Resource Management, Data Integrity, and the Computing Environment Scenario #1 Your department is hosting an international conference. The expected number of participants is 250. Pre-registration is required. The PI, who is the host, believes $500 is the going rate for conferences. In Groups: List the steps you would take to develop the budget and track expenditures for the conference.

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Analyze Costs, Benefits, and Risks Something sounds like a good idea, but is it?

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Analyze Costs, Benefits, and Risks Components of Analysis Statement of Purpose Statement of Benefits Assumptions Impact on administrative support

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Analyze Costs, Benefits, and Risks Components of Analysis Quantify costs (one time vs. on-going), space needs, and capital outlay Funding sources Potential risks/problems

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Analyze Costs, Benefits, and Risks Components of Analysis Performance follow-up  Did cost projections come in on target?  Did the benefits outweigh the costs?  Did the results meet expectations?

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Cash Receivables University Resources/Equipment People

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Cash Proper receiving and storing Proper depositing and recording Reconcile the deposits

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Cash Management: Short Term Investment Pool (STIP) Depository bank accounts Disbursement bank accounts  Vendor  Payroll Balances are invested in STIP daily

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Cash Management: Short Term Investment Pool (STIP) Earnings are credited back to the funds which generated the interest The interest for “campus owned” funds is distributed back to the campus

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Receivables Do you have any?  Collections  Monitor status  Collection Agencies  Write Off If you have receivables, you should be using the BA/RC process

September 2, Resource Management, Data Integrity, and the Computing Environment Discussion Item #1 Do you have any cash management issues?

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management University Resources Use of the University Seal Use of the University Name/Logo

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Use of the University Name/Logo  Policy 5010: “Use of the University’s Name” Use of the University Seal  Policy 5015: “Use of the Unofficial Seal”

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Campus designees to authorize use of the seal/name/logo are:  Tessa Mendez  Mark Beisecker (for commercial products)

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management Equipment Proper purchasing Proper tracking  Physical assets are compared to recorded assets and discrepancies are resolved Proper disposing

September 2, Resource Management, Data Integrity, and the Computing Environment Resource Management: Asset Management People - This is our most important asset! Proper training Formal delegations Current job descriptions Timely evaluations Consistent and fair treatment

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity Why do we care? What could go wrong?

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity How do you maintain data integrity? Separation of duties  Small departments might need to partner with other departments Adequate documentation and description Well trained employees

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity How do you maintain data integrity? Compliance with policies and procedures Coding Transactions Correctly Reconcile departmental reports to the GLO60 Reconcile the GLO60 on a timely basis Record retention

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity Coding Transactions Correctly Types of Costs  Direct  Indirect  Unallowable Function of Cost  Teaching  Research  Public Service Purpose of Costs  Travel  Office Supplies  Services Consistency in treatment of costs is a critical policy for the federal government.

September 2, Resource Management, Data Integrity, and the Computing Environment Discussion Item #2 You are given a list of transactions for today’s activity. Identify the correct coding for each transaction.

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity: Record Retention Why is this important? The institution needs to consistently apply a records management program If your practice is to keep everything, you will be expected to produce what is requested If you can show that you consistently follow the record management program, the court will accept your inability to produce the record

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity: Record Retention How long do we have to keep records? The UC Records Disposition Schedules Manual specifies the length of time records must be maintained by the office of record and others:

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity: Record Retention Who is the office of record? The office of record is the office responsible for retaining the original record, and for producing a requested record

September 2, Resource Management, Data Integrity, and the Computing Environment Data Integrity: Record Retention Who do you call if you have questions? Tessa Mendez, the Campus Policy and Records Management Coordinator:  x4212 

September 2, Resource Management, Data Integrity, and the Computing Environment Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.