Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Control.

Published byAnnabelle Patrick Modified over 9 years ago

Similar presentations

Presentation on theme: "Internal Control."— Presentation transcript:

1 Internal Control

2 Internal control basics Processes to review Tracking tools

3 Internal Control Internal control is a process – effected by those charged with governance, management, and other personnel designed to provide reasonable assurance about the achievement of an entity’s objectives which may fall into 3 categories: Reliability of financial reporting Effectiveness and efficiency of operations Compliance with applicable laws and regulations

4 WHY ARE INTERNAL CONTROLS IMPORTANT?
Effective internal controls Safeguard public resources Protect employees Assist in fraud prevention

5 Five Components of Internal Control
Control Environment Risk Assessment Control Activities Information and Communication Monitoring

6 Control Environment Starts at the top and sets the tone. Functions well if Management believes that controls are important and communicates that view to employees at all levels. Foundation for all other components of internal control providing discipline and structure. Key managers responsibilities clearly defined. Reflective of managements respect for and adherence to compliance requirements.

7 Evaluation of general control environment
The person assigned to perform the internal control review must be or become, if not already familiar with the day-to-day activities of the entity. Organizational charts Planning and budget documents Job descriptions Inventory of statutory responsibilities and authorities Policies and procedures manuals Reports Audits, management reviews, program evaluations Internal control policies and procedures

8 Risk Assessments Identify the vulnerability of each assessable entity to waste, loss, unauthorized use or misappropriation. Consider Internal as well was External Events. (change in personnel) Consider Controls that have not been reviewed for a period of time. Analyze for possible effect, considering the likelihood and impact. Consider factors unique to your agency Past experience Staffing levels and experience Complexity of activities in relation to your mission Determine how to respond to each risk and who is responsible.

9 Step 1: Identify events(risks) ask
What practices are being questioned by auditors and other oversight agencies? What information is critical to the agency’s operations and how vulnerable is it? What activities are regulated by the federal or state government? Are assets (cash, inventory, fixed assets) adequately protected? What circumstances may endanger future funding of your programs? New personnel. Incorporation of new technology.

10 Step 2: Analyze identified risks
How important is this risk? How likely is it that this risk will occur (likelihood)? How large is the dollar amount involved (impact)? To what extent does the risk potential of one activity affect other activities? Are existing controls (policies and procedures) sufficient to manage this risk? To what degree are secondary controls in place?

11 Speak their language What is the mission?
What will stop you from completing that mission? What preventative steps are you taking to reduce or eliminated that risk?

12

13 Step2 continued: Prioritize identified risks
Likelihood = the possibility that a given event will occur. Impact the result or effect of an event. 3= High Risk – Mitigate or reduce the risk. 2= Medium Risk – Manage the risk. 1= Low Risk – Accept the risk.

14

15 Determine a risk response
Identify possible response Accept and Monitor Transfer (Share) Reduce the likelihood Reduce the impact Avoid Evaluate the risk responses Consider the likelihood and impact Consider costs and benefit Select a response

16 Control Activities are the policies and procedures that help ensure that management directives are carried out. Policies and Procedures Management objectives (clearly written and communicated throughout the agency) Approvals and Authorizations Verifications Reconciliations Segregation of duties Physical and access controls Education, training and coaching

17 Control Activities in a strong system of Internal Control
Pre-numbering Documents Authorization of transactions Independent Checks to maintain asset accountability Documentation Timely and appropriate performance reviews Physical controls for safeguarding assets Segregation of duties

18 Information and communication
Risk communication creates a dialog about the existence, nature and severity or acceptability of risks. Communication can be formal through reports, training, written policy manuals, accounting and financial reporting manuals Communication can be informal through , speech, and actions of management. Most effective when travels in all directions.

19 Monitoring The process that assesses the quality of internal control performance over time by assessing the design and operation of controls on a timely basis and taking the necessary corrective actions. Allows an agency to react dynamically to change. Ensures things are working as planned Ongoing – Supervisory review of reconciliations, reports and processes. Periodic – internal audit sampling and at least annual reviews of high-risk business processes.

20 Limitations on Internal Control
Human Error which may include errors in the design or use of automated controls. Deliberate circumvention of controls by collusion of two or more people. Management override of internal controls. Segregation of duties issues.

21 Recommendations/ Reporting
A brief narrative of potential subsequent actions. Develop a new policy and/or procedure. Provide additional training. Functionally realign responsibilities to improve the segregation of duties. Schedule a detailed internal control review. Give any reasons why subsequent action should not be taken. For example: cost implement corrective action exceeds the value of the relative risk; legal mandate requires that the controls be in place even though costs exceeds perceived benefits.

22 Balance Sheet reviews Cut-off procedures for Liabilities – Payroll and A/P Controls over Assets in FAE – How are new assets communicated to finance, depreciation calculations, disposal of assets. Matching/Timeliness – Expenses recorded in the proper period. Accuracy of tuition revenues – resident, non-resident, who gets a waiver. Who prepares and reviews your journal entries? Investments – Who controls? Who reviews?

23 EVENT cYCLE Determine the event cycle. Review the series of processes which initiate and achieve an end product. Each have a defining beginning and ending point. Examples The disbursement cycle begins with the submission of the A-19 ends with a check printed. A student loan event cycle begins with the receipt of an application and concludes with the disbursement of the loan.

24 Document each event cycle
Interview the person(s) involved in the cycle Review existing documentation Observe the activity Prepare either a narrative explanation documenting personnel performing the procedures, the forms and records developed and maintained, the number or dollar value processed. Walkthrough of the process from start to finish by tracing transactions from start to finish.

25 Proper segregation of duties
Properly segregate duties so that no one person performs two or more of these functions Processes/records transactions Authorizes/Approves transactions Has custody of asset related records

26 Incompatible duties Payroll – process payroll, employee file maintenance, receive/distribute checks/ prepare bank reconciliation A/R – prepare deposit, access cash and check/ perform cash application in HP/ prepare bank reconciliation A/P – setting up vendors/ processing payments/ printing checks/preparing bank reconciliation Journal entries/Reconciliations – Prepare, sign, date must have a second reviewer sign and date.

27 Areas of exposure Employees who control a transaction, process or function from beginning to end. Not the entire system of cash receipts or disbursements, but rather a small slice. Primarily serves as bank account custodian but also performs the monthly reconciliation. Primarily acts as a cashier but also prepares the daily bank deposit. Primarily prepares input in account payable, but also has access to the checks. Prepares customer A/R cancellations and adjustments (write-offs) but also acts as a relief cashier. Primarily acts a cashier, but also reconciles the bank deposit information with the organizations accounting records. Employee with custody of assets, authorization or approval affecting those assets and reporting of related transactions.

28

29 PREVENTION OF SOD ISSUES
Hire additional staff Split the responsibility between two existing staff members Establish a monitoring program for this key employee that effectively accomplishes a segregation of duties without hiring or using 2 employees to do the job, such as having an independent party monitor key employee tasks.

30 Don’t forget about the HP
Documented procedure to remove terminated employees and periodically verify terminated users have been removed. Appropriate approval of new users and new menu access. Review current menu access for segregation issues. Be mindful of back up personnel. Make sure their additional duties to not create segregation of duties issues. Don’t share passwords.

31 POP QUIZ The 2012 Association of Certified Fraud Examiners Report to the Nations on Occupational Fraud and Abuse analyzed where fraud is occurring and at what frequency by industry. Where do you think government and public administration cases rank? A. 7th B. 1st C. 2nd D. 15th

32 Cash receipting LOSS prevention and detection
Adequate SOD Compare Bank deposits to cash receipts records and verify the mode of payment agrees – deposits are intact. Review voided transactions to ensure they are supported Verify inventory records agree to usage Review bank reconciliations Perform surprise cash counts Look for missing deposit slips Look for unusual activity by employee or department Look for unusual journal entries

33 Additional Cash receipting CONTROLS
Safeguard and limit access to receipts awaiting deposit. How long has it been since the safe combination was changed? Perform a periodic “look back” of revenues. Do they make sense given your understanding of operations? Review receipt sequence. Are receipts used in sequential order? Are all receipt numbers accounted for? Review bank reconciliations. Are they timely? Do the reconciling items make sense? Get a handle on unanticipated revenues Create and review error reports Know who is receiving the billing complaint calls Mandatory vacations Cross train duties

34 Purchase Card Review Ensure second signature on all submitted P-card logs. Ensure detailed credit card receipt is received, summary only is not acceptable. Statements paid without detail receipt to support purchase. Ensure items that were purchased are received and on-site. Review purchases for unusual vendors. Expense greatly exceeds what was budgeted or prior year totals.

35 Accounts Payable check review
Review Travel Expense Report – Require conference agendas/registration be included in submission to ensure per diem is not submitted. Support is originals and not photocopies. Review vendor lists for unusual vendors or excessive payments. Reports are approved by budget authority or someone other than employee submitting for reimbursement. Ask follow up questions on unusual items. Confirm with a third party if necessary. Ensure reimbursement is not for expenses paid by college credit card.

36 Additional payment controls
Ensure items purchased are on site. If you use positive pay make sure you know what the bank is verifying. Review for expenses that end in round numbers. Have an expectation of reasonable expenses and compare it to actual payments entered into the system. Checks should never go back to the department or person that initiated the payment.

37 Payroll internal controls
Review payroll expenses for unusual fluctuations and amounts that are outside of your expectation, including benefit line items and overtime. Review personnel files to ensure you are not paying ghost employees. Look for unusual journal entries. Look for employees that rarely or never take leave. Review payroll reports for employees that use a PO box.

38 Documentation/Evidence of review
Required to have adequate written documentation of activities conducted in connection to risk assessments, review of internal control activities and follow-up actions. Completed risk assessments Spreadsheets Write up of process Testing documentation

39

40 How to keep track of it all
Survey Monkey Binders One - Note Data Base

Download ppt "Internal Control."

Similar presentations

INTERNAL CONTROLS.

INTERNAL CONTROLS.
Chapter 6 Cash and Internal Control

Chapter 6 Cash and Internal Control
LOUISIANA GFOA 31 ST ANNUAL FALL CONFERENCE.  Currency  Coin  Checks  Debit Cards  Credit Cards.

LOUISIANA GFOA 31 ST ANNUAL FALL CONFERENCE.  Currency  Coin  Checks  Debit Cards  Credit Cards.
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.

Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Identify the key elements of a strong system of internal control.

Identify the key elements of a strong system of internal control.
CHAPTER 8 INTERNAL CONTROL AND CASH After studying this chapter, you should be able to: 1 Define internal control. 2 Identify the principles of internal.

CHAPTER 8 INTERNAL CONTROL AND CASH After studying this chapter, you should be able to: 1 Define internal control. 2 Identify the principles of internal.
Reducing Fraud With Improved Internal Controls Dr. Raymond S. Kulzick, CPA St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.

Reducing Fraud With Improved Internal Controls Dr. Raymond S. Kulzick, CPA St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
Accounting Principles, Ninth Edition

Accounting Principles, Ninth Edition
7-1 FRAUD, INTERNAL CONTROL, AND CASH Financial Accounting, Sixth Edition 7.

7-1 FRAUD, INTERNAL CONTROL, AND CASH Financial Accounting, Sixth Edition 7.
Fraud and Internal Control

Fraud and Internal Control
Audits: How to Prepare and What to Expect Council of Senior Business Administrators Focus Session April 21, 2004 James Laird Assistant Dean for Finance.

Audits: How to Prepare and What to Expect Council of Senior Business Administrators Focus Session April 21, 2004 James Laird Assistant Dean for Finance.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Cash and Internal Control

Cash and Internal Control
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Departmental Cash Handling By: Maria Sussy Palomo.

Departmental Cash Handling By: Maria Sussy Palomo.
Chapter 11 Auditing the Purchasing Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 11 Auditing the Purchasing Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.

INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

Similar presentations

Ads by Google