Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managers’ Internal Control Program ICONO and ICOFR

Published byMaverick Weeder Modified over 9 years ago

Similar presentations

Presentation on theme: "Managers’ Internal Control Program ICONO and ICOFR"— Presentation transcript:

1 Managers’ Internal Control Program ICONO and ICOFR
Navy Medicine Audit Readiness Training Symposium 5 and 6 June 2012 Ms. Meg Sherwood, Program Manager—ICONO Ms. Freda King, Program Manager—ICOFR

2 Context Purpose Outcome
To understand the MIC Program’s two parallel components: Internal Controls over Nonfinancial Operations (ICONO) and Internal Controls over Financial Reporting (ICOFR). Purpose To better define the MIC Program’s structure and objective. Outcome Commands are able to utilize the tools available in the MIC Program to support audit readiness efforts. FOR OFFICIAL USE ONLY

3 Agenda MIC Program Overview
Internal Controls over Nonfinancial Operations (ICONO) Internal Controls over Financial Reporting (ICOFR) Exercise: Classifying and Reporting Deficiencies Questions FOR OFFICIAL USE ONLY

4 Part 1: MIC Program Overview FOR OFFICIAL USE ONLY

5 Legal/Regulatory Framework
Federal Managers’ Financial Integrity Act of 1982 (FMFIA) OMB Circular A-123 “Management’s Responsibility for Internal Control” ICONO ICOFR ICOFS Annual Statement of Assurance From FMFIA: “…internal accounting and administrative controls of each executive agency shall be established IAW standards prescribed by the Comptroller General…” ~ Head of each agency must prepare an annual statement certifying whether the agency’s systems of internal accounting and administrative control comply with FMFIA From OMB Circular A-123: ~ Implementing guidance for federal agencies ~ Establishes 3 objectives of internal controls ~ Outlines 5 standards of internal control activities 3 Levels of Assurance: ~ Unqualified: no material weaknesses (MWs) ~ Qualified: MWs identified with corrective action plan developed ~ No Assurance: no assessment done or MWs are pervasive ICONO: Internal Controls Over Non-financial Operations ICOFR: Internal Controls Over Financial Reporting ICOFS: Internal Controls Over Financial Systems Goal: Effective Internal Controls FOR OFFICIAL USE ONLY

6 What are Internal Controls?
Organization, policies and procedures to help program and financial managers achieve results and safeguard the integrity of their programs. Ensure what should occur in daily activities does occur. 3 objectives: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations Support performance-based management Incorporate into every business process Further, not hinder, mission accomplishment Cost/benefit analysis when implementing controls Safeguarding of assets is a subset Goal: provide reasonable assurance 3 objectives are met FOR OFFICIAL USE ONLY

7 5 Standards of Internal Control Activities
Monitoring MICP, CLT, MEDIG, CE, JC, PPMAP Control Activities Policies/procedures, SOPs Risk Assessment DSG’s Areas for Leadership Engagement; Internal Controls Program Management Office (ICPMO) Control Environment “Tone from the top,” SG’s Memo on Internal Controls, Code of Ethics Information & Communication FOR OFFICIAL USE ONLY

8 Annual Program Guidance
MICP Program Guidance BUMEDINST A Annual Program Guidance FOR OFFICIAL USE ONLY

9 ICONO and ICOFR Assessable Units (AUs)
MICP analyzes operational and financial internal controls across all functional areas FOR OFFICIAL USE ONLY

10 Quarterly & Annual Reporting Requirements
Quarterly Certifications Annual Statement of Assurance (SOA) Provide two levels of assurance, one for ICONO and one for ICOFR, that internal controls are in place and operating effectively Provide sources that were assessed to determine the level of assurance and identify control deficiencies Report deficiencies Attest to implementation of Standard Operating Procedures (SOPs) FOR OFFICIAL USE ONLY

11 Sources of Internal Control Assessment
MICP Sources: ICONO: Assessable Unit results ICOFR: Command Level Testing (CLT) results Other Sources: Internal to Navy Medicine MEDIG findings Command Evaluation Program Logistics Assist Visits UBO Quarterly Audits Unauthorized Commitments Management Observation Program Reviews External to Navy Medicine Government Accountability Office (GAO) DoD IG findings Navy IG findings Navy Audit Service (NAS) Joint Commission Inspections PPMAP Inspections FOR OFFICIAL USE ONLY

12 Level of Assurance Unqualified: Reasonable assurance with no material weaknesses (MWs) reported. Certification must be accompanied by a firm basis for this position. Qualified: Reasonable assurance with the exception of one or more MW(s) reported. Certification must cite MW(s) that precluded an unqualified statement. No Assurance: No reasonable assurance either because no assessments were conducted or MWs are pervasive. FOR OFFICIAL USE ONLY

13 Internal controls over nonfinancial operations (ICONO)
Part 2: Internal controls over nonfinancial operations (ICONO) FOR OFFICIAL USE ONLY

14 ICONO Assessable Units
Organized functionally Inventory developed based on TMA- and BUMED-identified risks Reviewed and updated annually with input from program managers/subject matter experts Supplemented by Region/Activity identified electives Support audit readiness initiatives Increased effort to introduce data driven elements and transactional reviews into the assessments Goal: Identify control deficiencies and implement corrective actions FOR OFFICIAL USE ONLY

15 Identifying Deficiencies
Must be control related Identified through the Assessable Units, as well as, the internal and external assessment sources Classify the deficiency according to its severity Establish corrective action plans to address deficiencies Activities are responsible for implementing the corrective actions within their control and updating their plans Regions/BUMED provide oversight to ensure corrective actions are being implemented and provide implementation assistance when needed Report through quarterly Certification Statements and Annual Statement of Assurance (SOA) FOR OFFICIAL USE ONLY

16 Classifying Deficiencies
How severe is the deficiency? Is there a significant threat to mission, resources, and/or image? Deficiency Categories: Material Weakness (MW): A reportable condition of combination of reportable conditions, which is significant enough to report to the next higher level. The determination is a management judgment as to whether a weakness is material. Reportable Condition (RC): A control deficiency, or combination of control deficiencies, that adversely affects the ability to meet mission objectives but are not deemed by the Head of the Component as serious enough to report as material weaknesses. Item to be Revisited (IR): An internal control issue brought to management’s attention with insufficient information to determine whether the control deficiency is material or not. These issues will be revisited throughout the following quarters to determine the materiality of the control deficiency. FOR OFFICIAL USE ONLY

17 Corrective Action Plans
Develop for all deficiencies—whether or not you report them Elements to include: Identify the deficiency Set a target correction date Identify the corrective actions that will be taken to remediate the deficiency Call attention to higher level assistance, if needed Monitor and update progress on a regular basis FOR OFFICIAL USE ONLY

18 Determining What Deficiencies to Report
Report from your organization’s perspective MTFs/activities should report deficiencies as they impact the MTF/activity Regions should report deficiencies as they impact the Region Questions to ask: Does higher echelon need to know about this issue? Can we resolve this issue within our own means at the MTF/activity or Regional level? Does this issue permeate the entire Region or is it an isolated issue? FOR OFFICIAL USE ONLY

19 Determining Level of Assurance
A management decision Based on the types of deficiencies identified and whether or not the items need to be reported to the next higher level 3 levels of assurance: qualified, unqualified, no assurance Level of Assurance Types of Deficiencies Unqualified No MWs Some RCs and/or IRs identified Qualified 1 or more MWs No Assurance MWs are pervasive No assessments were conducted FOR OFFICIAL USE ONLY

20 How ICONO Efforts Support Audit Readiness
Examine and/or test internal controls to ensure compliance with laws, regulations, policies, etc. Evaluate processes to determine if Standard Operating Procedures (SOPs) are fully implemented and correct processes where they are not Practice pulling documents which support transactions Identify internal control deficiencies and correct them before audit FOR OFFICIAL USE ONLY

21 INTERNAL CONTROLS OVER FINANCIAL REPORTING (ICOFR)
Part 3: INTERNAL CONTROLS OVER FINANCIAL REPORTING (ICOFR) FOR OFFICIAL USE ONLY

22 OMB Circular A-123, Appendix A
Internal Controls Over Financial Reporting (ICOFR)

23 Objective OMB Circular A-123, Appendix A - Internal Controls
over Financial Reporting (ICOFR) Requires Management to Assess, Test, Document, and Report on Financial Controls Financial Improvement and Audit Readiness(FIAR) Plan Provide Guidelines, Goals, Priorities, and Strategies to become Audit Ready Achieving Audit Readiness DoD’s Goals and Roles to Achieve Audit Readiness FOR OFFICIAL USE ONLY

24 Appendix A - Governing Statutes
Federal Managers’ Financial Integrity Act of 1982 Requires all DoD managers to assess the effectiveness of management controls applicable to their responsibilities An Act to amend the Accounting and Auditing Act of 1950 to require ongoing evaluations and reports of the adequacy of the systems of internal accounting and administrative control Sarbanes-Oxley Act of 2002 Public Company Accounting Reform and Investor Protection Act FOR OFFICIAL USE ONLY

25 Appendix A - Requirements
Reporting on Financial Internal Controls Internal Controls are specific policies procedures and activities that are established to manage or mitigate risks Assessing and Validating Controls and Processes Internal Controls are part of every process and activity being performed throughout the organization Providing ICOFR Annual Assurance Statement Internal controls provided reasonable assurance that what should happen does happen FOR OFFICIAL USE ONLY

26 Internal Control Internal Control Objectives:
Effectiveness and Efficiency of Operations, Reliability of Financial Reporting, and Compliance with Applicable Laws and Regulations FOR OFFICIAL USE ONLY

27 Standards of Internal Control Activities
Control Environment - the organizational structure to sustain organizational support for effective internal control Risk Assessment - identify internal and external risks that may prevent the organization from meeting its objectives Control Activities - include policies, procedures and mechanisms in place to help ensure that agency objectives are met Information and Communications - should be relevant, reliable, and timely Monitoring - periodic reviews, reconciliations or comparisons of data should be included as part of the regular assigned duties of personnel FOR OFFICIAL USE ONLY

28 Financial Improvement and Audit Readiness (FIAR)
FIAR Plan (OMB Circular A-123, Appendix A) Goals Priorities Strategies FIAR Phases Discovery Corrective Action Evaluation Assertion Validation Audit FOR OFFICIAL USE ONLY

29 FIAR Goals Improve the Department’s Financial Management Operations
Provide our Service men and women with the resources they need to carry out the mission Improving our stewardship of the resources entrusted to us by the taxpayers. FOR OFFICIAL USE ONLY

30 FIAR Priorities The First Priority is the Budgetary Resources. The benefits of focusing on budgetary information are to: Improve the visibility of budgetary transactions Provide for operational efficiencies through more readily available financial information; Improve fiscal stewardship (ensures that funds appropriated, expended and recorded are reported accurately, reliably and timely); and Improve budget processes and controls The Second Priority is the Mission Critical Assets. Mission critical assets are: Military Equipment Real Property Inventory Operating Materials and Supplies General Equipment FOR OFFICIAL USE ONLY

31 FIAR Strategies Wave 1 Wave 2 Wave 3 Wave 4
Statement of Budgetary Resources Appropriations Received Mission Critical Assets Existence & Completeness Full Audit (except for valuation) FOR OFFICIAL USE ONLY

32 WAVE 1 Appropriations Received
Accurate and timely recording of the budget authority needed to commit, obligate, and expend funds Processes and controls include activities performed to control and record transactions related to: Receipt of the budget (Appropriations Received) Distribution of the Budget to the Major Commands Fund Balance with Treasury (FBWT) FOR OFFICIAL USE ONLY

33 WAVE 2 Statement of Budgetary Resources
The SBR presents: all budgetary resources a reporting entity has available the status of those resources at period end a reconciliation of changes in obligated balances from the beginning to the end of the period and cash collections and disbursements for the period reported. Includes all processes, internal controls, systems and supporting documentation that must be audit ready before the SBR can be audited. FOR OFFICIAL USE ONLY

34 Sample Statement of Budgetary Resources (SBR)
FOR OFFICIAL USE ONLY

35 WAVE 3 Mission Critical Assets (E&C)
Focuses on the “existence and completeness” financial statement assertions and includes the “rights” assertion and portions of the “presentation and disclosure” assertion.  Reporting entities must ensure that: all assets recorded in the property books exist all of the reporting entities’ assets are recorded in their system reporting entities have the right to report all assets (Rights) assets are consistently categorized, summarized, and reported period to period (Presentation and Disclosure). FOR OFFICIAL USE ONLY

36 WAVE 4 Full Audit Include the proprietary side of financial transactions covered in Wave 2, and:  accounts receivable earned revenue accounts payable gross costs other liabilities  Adds the “valuation” assertion for assets FOR OFFICIAL USE ONLY

37 Assertions Existence: Only valid or authorized transactions are processed during the correct period, and the underlying asset exists during the period reported in the accounting system Completeness: All transactions are processed that should be and the entire population of assets is accounted for and established. Rights & Obligations: Assets represent the rights of the organization as of a given date (Ownership/Custody) Valuation: Assets, liability, equity, revenue, and expense components have been included in the financial statements at appropriate amounts. Presentation and Disclosure: Components of the financial statements are properly classified, described and disclosed (properly recorded as acquisitions, disposals, reparable, expendable, salvageable) FOR OFFICIAL USE ONLY

38 Asserting We will be asserting : that our financial controls are in place and operating effectively that our financial reports are accurately prepared that transactions can be supported with documentation and that that we have fully complied with our laws and regulations. FOR OFFICIAL USE ONLY

39 BUMED Assertion Dates to TMA
Assessable Units Assertion Dates Travel SEP 2012 Consumables DEC 2012 Reimbursable Work Orders – Grantor Reimbursable Work Orders – Performer APR 2013 Military Payroll Contract Administration JUL 2013 Non-Federal Receivables Federal Receivables SEP 2013 Civilian Payroll DEC 2013 Financial Reporting Fund Balance with Treasury FOR OFFICIAL USE ONLY

40 FIAR Phases Discovery Corrective Action Evaluation Assertion
Validation Audit FOR OFFICIAL USE ONLY

41 BUMED’s FIP Tool Box Command Level Testing/Validation Testing
Standard Operating Procedures (SOPs) FMO Samples and Workbooks NAS Sample Testing FOR OFFICIAL USE ONLY

42 Verify Beginning Balances
Audit Preparation Verify Beginning Balances Supporting Documents Reconciliations Population Control Testing IT Controls Service Providers

43 Managers’ Internal Control Program (MICP)
ICONO ICOFR MICP FOR OFFICIAL USE ONLY

44 It’s not just a Job; it’s the path to audit success…
Audit Readiness It’s not just a Job; it’s the path to audit success… FOR OFFICIAL USE ONLY

45 Audit Readiness Trivia
What are the Priorities of the FIAR Plan? What are Two Internal Control Objectives? What are the Five Financial Assertions? What is the date for Audit of the SBR? What is the date for Full Audit? FOR OFFICIAL USE ONLY

46 EXERCISE: CLASSIFYING AND REPORTING DEFICIENCIES
Part 4: EXERCISE: CLASSIFYING AND REPORTING DEFICIENCIES FOR OFFICIAL USE ONLY

47 Scenario At Naval Hospital Atlantis, during a 6 month timeframe, questionable transactions were found on the GTCCs for 60 members. During this timeframe, the total number of members who used their card was 70. The types of questionable transactions included: Expenses not related to official government travel such as video games purchased at Target Cash advances taken within a member’s permanent duty station and the member is not on official government travel orders Airline tickets purchased for a member’s spouse and children Lodging charges for a member’s personal travel following a period of official government travel These questionable expenses were not identified during travel card or DTS voucher review processes FOR OFFICIAL USE ONLY

48 Analysis Is the deficiency a threat to mission, resources, and/or image? How would you classify the deficiency and why? Material Weakness, Reportable Condition, Item to be Revisited What is your corrective action plan? Would you report the deficiency? Why or why not? Is the deficiency related to ICONO, ICOFR, or both? If you do report the deficiency, what level of assurance do you report? Unqualified, Qualified, or No assurance FOR OFFICIAL USE ONLY

49 Higher Level Resources
Federal Managers’ Financial Integrity Act of 1982 (P.L ) OMB Circular A-123: Management’s Responsibility for Internal Control DoD Financial Improvement and Audit Readiness (FIAR) Guidance of December 2011 DoDI of 29 July 2010: Managers’ Internal Control Program (MICP) Procedures SECNAVINST E of 8 November 2006: Department of the Navy (DON) Managers’ Internal Control (MIC) Program SECNAV M of June 2008: Department of the Navy Managers’ Internal Control Manual OPNAVINST D of 03 October 2011: Managers’ Internal Control Program GAO Products: “Standards for Internal Control in the Federal Government” and “Internal Control Management and Evaluation Tool” FOR OFFICIAL USE ONLY

50 BUMED Resources SG’s Memo on Internal Controls in Navy Medicine of 5 January 2012; Reference: Ser M82/11UM82757 DSG’s Memo on Annual Areas for Leadership Engagement of 30 August 2010; Reference: Ser M82/10UM82749 BUMEDINST A of 29 October 2008: Managers’ Internal Control Program Managers’ Internal Control Program (MICP) Guidance for Fiscal Year (FY) 2012 dated 6 October 2011; Reference: Ser M82/11UM82758 FOR OFFICIAL USE ONLY

51 Questions? Contact Information Meg Sherwood Phone: Freda King Phone: FOR OFFICIAL USE ONLY

Download ppt "Managers’ Internal Control Program ICONO and ICOFR"

Similar presentations

Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated.

Using Internal Control to Manage Risk Mary C. Braun, CPA, CGFM Management Concepts, Incorporated.
Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.

Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011.

Service Provider Support of Audit Readiness Office of the Under Secretary of Defense (Comptroller) March 14, 2011.
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
Internal Controls 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.

Internal Controls 101 RDML K. Taylor | DHS CFO Brief | 25 JAN 2010 Assistant Commandant For Resources.
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.

Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Auditability Update ASMC National Capital PDI Navy Break-Out Session

Auditability Update ASMC National Capital PDI Navy Break-Out Session
Effective Internal Control, Establishing an Internal Audit Function, and Compliance Plans 2014 Governmental Accounting For Local Public Health September.

Effective Internal Control, Establishing an Internal Audit Function, and Compliance Plans 2014 Governmental Accounting For Local Public Health September.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Anita Hairston DOI Office of Acquisition and Property Management

Anita Hairston DOI Office of Acquisition and Property Management
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.

INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

Similar presentations

Ads by Google