Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAS 70 Third Party Report on Controls Overview and Timetable Finance / Audit Committee Meeting Austin, Texas January 14, 2003/ February 18, 2003.

Published byBryan Windham Modified over 10 years ago

Similar presentations

Presentation on theme: "SAS 70 Third Party Report on Controls Overview and Timetable Finance / Audit Committee Meeting Austin, Texas January 14, 2003/ February 18, 2003."— Presentation transcript:

1 SAS 70 Third Party Report on Controls Overview and Timetable Finance / Audit Committee Meeting Austin, Texas January 14, 2003/ February 18, 2003

2 PricewaterhouseCoopers 2 Agenda Overview of Project Scope and Results Scope of Project Summary of Report Commentary on Results of Testing Looking Forward

3 PricewaterhouseCoopers 3 Overview of Project Scope and Results Project is complete Final draft report issued last week Final report to be issued this week (perhaps today) Opinion is unqualified Scope of report is consistent with plan – described to the Committee in July (in depth)

4 Scope of Project 4

5 PricewaterhouseCoopers 5 Scope of Project – Reporting Structure What is a SAS 70 report? It is a report on internal controls based on a standard reporting structure. It is commonly referred to as a SAS 70 Report – named after the auditing standard that defines the reporting framework of an internal control examination for service organizations that must be relied upon by its users/members/participants. The Auditing Standard The American Institute of Certified Public Accountants (AICPA) Statement on Auditing Standards (SAS) No. 70: Reports on the Processing of Transactions by Service Organizations

6 PricewaterhouseCoopers 6 Market Operations Power Operations Load Prof., Data Acq. and Agg. Settlement, Billing & Finance Registration Business Process Controls Meter Data Acquisition Meter Data Aggregation Losses and UFE Ancillary Services Balancing Energy Replacement Reserve Revenue Neutrality Black Start Other Fees Statements, Invoicing and Clearing Market Participant Registration Scheduling and Bidding Verbal Dispatch Instructions Transmission Control Rights Processes Included in SAS 70

7 PricewaterhouseCoopers 7 Communications and IT Infrastructure General Controls Organization and Administration Logical Security Physical Security Configuration Management Computer Operations Processes Included in SAS 70

8 PricewaterhouseCoopers 8 Summary of Scope Included in the SAS 70 scope: All business processes and general controls that impact or affect financial wholesale market settlement; Processes that are otherwise invisible to the members and upon which they must rely on ERCOT for controls. Not included in SAS 70 scope Operator and control room decisions Congestion pricing calculations Dispute resolution process Retail operations and customer switching

9 PricewaterhouseCoopers 9 Summary of Scope SAS 70 Scope

10 Summary of Report 10

11 PricewaterhouseCoopers 11 Summary of Report Section One – PwC opinion Section Two – Description of processes and related control objectives and activities Section Three – User control considerations Section Four – Additional information Section Five - Glossary

12 PricewaterhouseCoopers 12 SAS 70 Opinion PwCs Unqualified Opinion states that: The description presents fairly, in all material respects, the ERCOTs controls for the identified processes. The controls have been suitably designed to provide reasonable assurance that the specified control objectives would be achieved if those controls were complied with as at a specific date. And

13 PricewaterhouseCoopers 13 Section Two – the Core of the Report Overview information - including ERCOTs governance, oversight functions, and general control environment Business processes - Generally comprising Settlements related functions (example meter data aggregation) - 14 business processes in total Information system processes - Representing IS infrastructure activities (example configuration and change management) – 6 functional areas in total

14 PricewaterhouseCoopers 14 Section Two – the Core of the Report Each of the 20 process descriptions is organized as follows: - Narrative description - Control objectives - Control activities In summary, PwCs report addresses the adequacy of the reported control activities to support the stated control objectives that are presented in this section

15 Commentary on Results of Testing 15

16 PricewaterhouseCoopers 16 Results of SAS 70 Execution in accordance with plan: Consistent with plan presented to the Committee in July 2002 October 31, 2002 as of date Unqualified opinion Scope as planned – with some relatively minor additions for late developments (example – RMR) Management took full responsibility: Responsible for control environment Responsible for report content

17 PricewaterhouseCoopers 17 Review of SAS 70 Timeline Mar 02: SAS 70 Initial Development of Control Objectives Apr 02: SAS 70 Readiness Exercise Business Processes – in good shape, most ready for SAS 70 testing General Controls – some control processes needed further documentation and refinement. Jun - Aug 02: SAS 70 Preparations Ongoing management efforts to complete readiness for SAS 70 PwC involved in real-time review of improvements as they are implemented Sep - Oct 02:SAS 70 Testing Oct 31, 2002: SAS 70 Type 1 Report as of Date Jan 03:Report Issuance The project began almost 10 months ago

18 PricewaterhouseCoopers 18 Results of SAS 70 PwC Observations: ERCOT management and staff were responsive to PwCs findings and recommendations identified during the audit process; Certain of ERCOTs Settlement Processes are best practice; We will issue an letter to management with recommendations for further strengthening and improvement of controls; The level of complexity of ERCOTs markets and transaction systems will continue to increase.

19 Looking Forward 19

20 PricewaterhouseCoopers 20 SAS 70 Reporting Alternatives The SAS 70 standard provides for two types of reports on internal control structures of service organizations: Type I On design of controls in place at a point in time. This is the report ERCOT is issuing Type II On design and effectiveness of controls in place for a period of time with details of tests performed. (Typically performed after a period of business and systems stability)

21 PricewaterhouseCoopers 21 Looking Forward ERCOT should plan to evolve to a Type 2 environment (perhaps in 2004); factors to consider: Stability of processes Resource requirements - time and costs Resulting process improvement Value of report What ERCOTs peers are doing PwC to present broad-based 2003 Assurance Plan at next Committee meeting

22 Questions? 22

23 PricewaterhouseCoopers 23

Download ppt "SAS 70 Third Party Report on Controls Overview and Timetable Finance / Audit Committee Meeting Austin, Texas January 14, 2003/ February 18, 2003."

Similar presentations

NERC Policies Introduction

NERC Policies Introduction
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.

Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.

Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
1 AUDIT AND AUDIT RESOLUTION Peg Rosenberry, Director of Grants Management Claire Moreno, Audit Liaison, Office of Grants Management 9/18/2009 AMERICORPS.

1 AUDIT AND AUDIT RESOLUTION Peg Rosenberry, Director of Grants Management Claire Moreno, Audit Liaison, Office of Grants Management 9/18/2009 AMERICORPS.
OECD International Futures Programme 1 OECD Futures Project The Commercialisation of Space and the Development of Space Infrastructure: The Role of Public.

OECD International Futures Programme 1 OECD Futures Project The Commercialisation of Space and the Development of Space Infrastructure: The Role of Public.
1 Balloting/Handling Negative Votes September 11, 2006 ASTM Training Session Bob Morgan Brynn Iwanowski.

1 Balloting/Handling Negative Votes September 11, 2006 ASTM Training Session Bob Morgan Brynn Iwanowski.
1 Balloting/Handling Negative Votes September 22 nd and 24 th, 2009 ASTM Virtual Training Session Christine DeJong Joe Koury.

1 Balloting/Handling Negative Votes September 22 nd and 24 th, 2009 ASTM Virtual Training Session Christine DeJong Joe Koury.
NCATS REDESIGN METHODOLOGY A Menu of Redesign Options Six Models for Course Redesign Five Principles of Successful Course Redesign Four Models for Assessing.

NCATS REDESIGN METHODOLOGY A Menu of Redesign Options Six Models for Course Redesign Five Principles of Successful Course Redesign Four Models for Assessing.
RXQ.3.4.1 Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) (3.3.1.5) Supplier receives and processes.

RXQ Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) ( ) Supplier receives and processes.
RXQ.3.4.1 Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) (3.3.1.5) Supplier receives and processes.

RXQ Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) ( ) Supplier receives and processes.
RXQ.3.4.1 Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) (3.3.1.5) Supplier receives and processes.

RXQ Dual Billing Process Flow Distribution Company Supplier Customer Distribution Company reads meter(s) ( ) Supplier receives and processes.
Aviation Security Training Module 4 Design and Conduct Exercise II 1.

Aviation Security Training Module 4 Design and Conduct Exercise II 1.
1 OAS Financial Management Challenges and Program- Budget Implications 1 SECRETARIAT FOR ADMINISTRATION AND FINANCE October 2008.

1 OAS Financial Management Challenges and Program- Budget Implications 1 SECRETARIAT FOR ADMINISTRATION AND FINANCE October 2008.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Market Interface Committee Recent Regulatory Activities Philip Tice October 14, 2011.

Market Interface Committee Recent Regulatory Activities Philip Tice October 14, 2011.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Some slides in this presentation were excerpted from US Eds February 2009 PowerPoint presentation titled: Help! Im a New Title I Director. What Do I Need.

Some slides in this presentation were excerpted from US Eds February 2009 PowerPoint presentation titled: Help! Im a New Title I Director. What Do I Need.

Similar presentations

Ads by Google