Presentation is loading. Please wait.

Presentation is loading. Please wait.

State Purchasing Forum 2008

Published byRobert Riley Modified over 5 years ago

Similar presentations

Presentation on theme: "State Purchasing Forum 2008"— Presentation transcript:

1 State Purchasing Forum 2008
Management's Responsibility for Internal Controls Does anyone get it? Presented by: David R. Hancox, CIA, CGFM Co-Author: Government Performance Audit in Action Faculty: Siena College and USDA Graduate School, Washington DC Director of Audits: NYS Comptroller’s Office David R. Hancox CIA CGFM

2 Five Components Control Environment Risk Assessment Control Activities
Information & Communication Monitoring David R. Hancox CIA CGFM David R. Hancox CIA CGFM

3 Scrap Your Thinking About Control
Controls over people aggravate them The more you control someone – the more they rebel Strong Controls – But the Wrong Controls David R. Hancox CIA CGFM David R. Hancox CIA CGFM

4 Control Environment Competence Characteristic of people who have the skill, knowledge, ability and tools to perform a task Management must ensure that staff possess the knowledge, skills, and ability necessary to do their jobs Management must ensure that staff have what they need – such as equipment, software and policy and procedure manuals David R. Hancox CIA CGFM David R. Hancox CIA CGFM

5 Control Environment Management should reflect a commitment to:
Competence Management should reflect a commitment to: Establishing levels of knowledge and skill required for every position Verifying the qualifications of job candidates Hiring and promoting only those with the required knowledge and skills Establishing training programs that help employees increase their knowledge and skills David R. Hancox CIA CGFM David R. Hancox CIA CGFM

6 Control Environment Morale The attitude people have about their work, as exhibited by their confidence, their discipline, enthusiasm and their willingness to perform tasks David R. Hancox CIA CGFM David R. Hancox CIA CGFM

7 Control Environment Management is responsible to maintain good Morale
Staff should have a sense that: Their opinions and contributions are welcomed, valued and recognized The organization is willing to help improve their level of competency There is opportunity for continuous improvement They have a stake in the mission, goals and objective of the organization The lines of communication are open David R. Hancox CIA CGFM David R. Hancox CIA CGFM

8 Control Environment Supportive Attitude Executive management should set a tone that emphasizes the importance of internal controls, including: Ongoing education to ensure everyone understands the internal control system and their role in it An openness to control self evaluations and internal and external audits of controls Responsiveness to issues raised as the result of the evaluations and audits Minimal and guarded use of control overrides David R. Hancox CIA CGFM David R. Hancox CIA CGFM

9 Components of Internal Controls
Assessing and Managing Risk Risks are events that threaten the accomplishment of objectives There are both internal and external risks Examples of risks include: Human error Fraud System breakdowns Natural disasters David R. Hancox CIA CGFM David R. Hancox CIA CGFM

10 Assessing and Managing Risk
Risk Assessment Process Identify each risk in terms of: Likelihood Significance or impact Cause You don’t know, what you don’t know! David R. Hancox CIA CGFM David R. Hancox CIA CGFM

11 Risk Assessment Process
Likelihood The probability that an unfavorable event would occur if there were no internal controls or limited internal controls David R. Hancox CIA CGFM David R. Hancox CIA CGFM

12 Risk Assessment Process
Significance or Impact A measure of the magnitude of the effect on an organization if the unfavorable event were to occur Inherent Risk Innate to the program, function or activity Evaluated by the ultimate harm that may be done or the opportunity that may be lost David R. Hancox CIA CGFM David R. Hancox CIA CGFM

13 Risk Assessment Process
Cause The Reason why an unfavorable event may occur David R. Hancox CIA CGFM David R. Hancox CIA CGFM

14 Evaluating Risk Impact High Judgment Required Low High Low LIKELIHOOD
David R. Hancox CIA CGFM David R. Hancox CIA CGFM

15 Risk Assessment Process
Risk Assessment Considerations How to manage risk How to prevent or reduce risk How to schedule the frequency of internal control system evaluations How to manage risk during change David R. Hancox CIA CGFM David R. Hancox CIA CGFM

16 Risk Assessment Process
Managing Risk Accept the risk: Do not establish control activities Prevent or reduce the risk: Establish control activities Avoid the risk: Do not carry out the function David R. Hancox CIA CGFM David R. Hancox CIA CGFM

17 Risk Assessment Process
Preventing or Reducing Risk What is the cause of the risk? What is the cost of control vs. the cost of the unfavorable event? What is the priority of this risk? David R. Hancox CIA CGFM David R. Hancox CIA CGFM

18 Risk Assessment Process
Managing Risk During Change New processes New systems Changes in job responsibilities Reorganizations Changes in personnel David R. Hancox CIA CGFM David R. Hancox CIA CGFM

19 Control Activity Considerations
Control Activities Control Activity Considerations The cost of the control activity should not exceed the cost incurred if the undesirable event occurred Build control activities into business processes and systems as the processes and systems are being designed The distribution of resources among the control activities should be based on the significance and likelihood of the risk it is preventing or reducing David R. Hancox CIA CGFM David R. Hancox CIA CGFM

20 Control Activities Preventive Detective Approvals, authorizations
Categories Preventive Approvals, authorizations Detective Reconciliations, audits David R. Hancox CIA CGFM David R. Hancox CIA CGFM

21 Diminishing Control Activities
Commonly Used Control Activities Documentation Approval and Authorization Separation of Duties – in many cases David R. Hancox CIA CGFM David R. Hancox CIA CGFM

22 Important Control Activities
Verification Supervision Safeguarding Assets Reporting David R. Hancox CIA CGFM David R. Hancox CIA CGFM

23 The glue that holds it all together
Information & Communication Communication channels in many organizations flow top down. What’s the top know? David R. Hancox CIA CGFM David R. Hancox CIA CGFM

24 Monitoring Should exist at all levels
Staff should be able to monitor their own work Management should monitor operations and results Internal auditors bring accountability David R. Hancox CIA CGFM David R. Hancox CIA CGFM

25 More Information State Comptroller’s Office www.osc.state.ny.us
David R. Hancox, CIA, CGFM David R. Hancox CIA CGFM David R. Hancox CIA CGFM

Download ppt "State Purchasing Forum 2008"

Similar presentations

Internal Control Integrated Framework

Internal Control Integrated Framework
NSAA/NASC JOINT MIDDLE MANAGEMENT CONFERENCE April 10-12, 2006 Presented by: David R. Hancox, CIA, CGFM Co-Author: Government Performance Audit in Action.

NSAA/NASC JOINT MIDDLE MANAGEMENT CONFERENCE April 10-12, 2006 Presented by: David R. Hancox, CIA, CGFM Co-Author: Government Performance Audit in Action.
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
An Internal Control Overview

An Internal Control Overview
2008 Financial Management Institute of Canada – Manitoba Chapter Professional Development Day Presented by: David R. Hancox, CIA, CGFM Co-Author: Government.

2008 Financial Management Institute of Canada – Manitoba Chapter Professional Development Day Presented by: David R. Hancox, CIA, CGFM Co-Author: Government.
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.

Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.

INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.
Office of Operations 2009 Fall Conference Navigating Uncertain Times October 21-22, 2009 Risk Assessment and Internal Controls Internal Controls Anna Tomassacci.

Office of Operations 2009 Fall Conference Navigating Uncertain Times October 21-22, 2009 Risk Assessment and Internal Controls Internal Controls Anna Tomassacci.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Accountability and Grants Management:

Accountability and Grants Management:
Review of Introduction to Auditing

Review of Introduction to Auditing
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Purpose of the Standards

Purpose of the Standards
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Buffalo State College Internal Control Program Presented to: Buffalo State College Line Staff Delivered by: BSC IC Program & Department Managers.

Buffalo State College Internal Control Program Presented to: Buffalo State College Line Staff Delivered by: BSC IC Program & Department Managers.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.

Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.

Similar presentations

Ads by Google