1/12/2016. Standards for Internal Control in the Federal Government. Standards for Internal Control in the Government
|
|
- Aldous Simon
- 6 years ago
- Views:
Transcription
1 Standards for Internal Control in the Federal Government Internal Control through the Years Standards for Internal Control in the Government GAO s Revised Green Book 1 2 Why the Green Book? What s in the Green Book for the Federal Government? GAO develops the internal control (IC) standards The Green Book Federal Managers Financial Integrity Act 31 USC 3512 Consultation OMB develops guidance for agencies to implement GAO IC standards OMB A-123 Reflects federal internal control standards required per Federal Managers Financial Integrity Act (FMFIA) Serves as a base for OMB Circular A-123 Agencies use GAO Green Book Guidance to design internal controls Agencies issue IC implementation procedures OMB A-127 OMB A-136 Written for government Leverages the COSO Framework Uses government terms Agencies use OMB Guidance to conduct IC assessment FMFIA compliance Report Source: GAO analysis of the framework of the Federal Managers' Financial Integrity Act 31 USC What s in Green Book for State and Local Governments? Is an acceptable framework for internal control on the state and local government level under OMB s Uniform Guidance for Federal Awards Written for government Leverages the COSO Framework Uses government terms OMB s Uniform Guidance for Federal Awards Internal controls. The non-federal entity must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in Standards for Internal Control in the Federal Government issued by the Comptroller General of the United States and the Internal Control Integrated Framework, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Page 5 Page 6 1
2 OMB s Uniform Guidance for Federal Awards What s in the Green Book for Management and Auditors? Internal controls. Internal controls means a process, implemented by a non- Federal entity, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: (a) Effectiveness and efficiency of operations; (b) Reliability of reporting for internal and external use; and (c) Compliance with applicable laws and regulations. Provides standards for management Provides criteria for auditors Can be used in conjunction with other standards, e.g. Yellow Book Page 7 8 Session Objective Updated COSO Framework 1) Introduce revisions to GAO s Green Book Released May 14, Page 10 The COSO Framework From COSO to Green Book: Harmonization Relationship of Objectives and Components Direct relationship between objectives and the components COSO depicts the relationship in the form of a cube: Three objectives: columns Five components: rows Organizational structure: third dimension Source: COSO COSO Green Book Page 11 Page 12 2
3 Revision to the Green Book Revised Green Book: Overview What has not changed The fundamental concepts of internal control Three categories of objectives and five components of internal control Each of the five components of internal control are required for effective internal control Important role of judgment in designing, implementing and operating an internal control system and evaluating its effectiveness What changed Expanded discussion on objectives: operations, reporting, and compliance More detail of requirements to help management better understand and implement the standards Discusses management evaluation of internal control Additional consideration that apply to all components of an internal control system Discuss the layout of the Green Book Explain fundamental concepts of internal control Addresses how components, principles, and attributes relate to an entity s objectives Revised Green Book: Standards for Internal Control in the Federal Government Highlights Page Overview Standards 15 Page 16 Facsimile Page Fundamental Concepts What is internal control in Green Book? OV1.01 Internal control is a process effected by an entity s oversight body, management, and other personnel that provides reasonable assurance that the objectives of an entity will be achieved. What is an internal control system in Green Book? OV1.04 An internal control system is a continuous built-in component of operations, effected by people, that provides reasonable assurance, not absolute assurance, that an entity s objectives will be achieved. Page
4 Fundamental Concepts (cont.) Revised Green Book: The Components, Objectives, and Organizational Structure of Internal Control Put simply, internal control is a process to help entities achieve objectives. Page Components, Principles, and Attributes Structure of the Green Book Achieve Objectives Components Principles Attributes Components and Principles Components and Principles (cont.) In general, all components and principles are required for an effective internal control system OV2.05: The 17 principles support the effective design, implementation, and operation of the associated components and represent requirements necessary to establish an effective internal control system. COMPONENTS & PRINCIPLES = CRITERIA Page
5 Components and Principles (cont.) Components and Principles (cont.) Attributes Attributes (cont.) Attributes are considerations that can contribute to the design, implementation, and operating effectiveness of principles OV2.07 excerpt: The Green Book contains additional information in the form of attributes... Attributes provide further explanation of the principle and may explain more precisely what a requirement means and what it is intended to cover, or include examples of procedures that may be appropriate for an entity. Attributes are relevant to the proper implementation of the Green Book, but are NOT requirements. How do you use attributes? Use attributes to provide context and describe how a principle was not met. Do not cite attributes as criteria. However, attributes can be used to support criteria by further explaining the principle requirements. Page Control Environment Control Environment Red Flags Examples that could indicate an internal control deficiency and require further analysis: Personnel do not understand what behavior is acceptable or unacceptable. Top management is unaware of actions taken at the lower level of the entity. It is difficult to determine the entities or individuals that have responsibility for programs or particular parts of a program. The entity s structure is inefficient or dysfunctional. Management displays a lack of concern for internal control and is unresponsive to internal control deviations or recommendations to improve internal control
6 Risk Assessment Risk Assessment Red Flags Examples that could indicate an internal control deficiency and require further analysis: Management has not reassessed the risk related to recent major changes for example, new responsibilities, reorganization, cuts in funding, and expansion of programs. The agency or program does not have well-defined objectives. The agency or program does not have adequate performance measures. Management has not considered previous issues with fraud, waste, or abuse in the agency s risk assessment. The agency is unable to prioritize work appropriately. The agency is unaware of obstacles to its mission. The agency is not able to overcome obstacles to its mission efficiently or at all Control Activities Control Activities Red Flags Examples that could indicate an internal control deficiency and require further analysis: Employees are unaware of policies and procedures, but do things the way they have always been done. Operating policies and procedures have not been developed or are outdated. Key documentation is often lacking or does not exist. Key steps in a process are not being performed. Personnel and management are uncertain why processes are being performed or how processes are related to and support program goals Information & Communication Information and Communication Red Flags Examples that could indicate an internal control deficiency and require further analysis: When top management needs information, there is an excessive rush to assemble the information, or the process is handled through ad hoc mechanisms (e.g., the information was not readily available). Key information requests for basic information on the status of operations from external stakeholders (e.g., Congress or GAO) are difficult for the agency to respond to and require extra resources or special efforts. Management is using poor quality information or outdated information for making decisions. Staff are frustrated by requests for information because it is timeconsuming and difficult to provide the information. Management does not have reasonable assurance that the information it is using is accurate. Personnel are unaware of separate communication lines for reporting confidential information
7 Monitoring Monitoring (cont.) Management should establish and operate monitoring activities to monitor the internal control system and evaluate the results. (16.01) The following attributes contribute to the design, implementation, and operating effectiveness of this principle: -Establishment of a Baseline -Internal Control System Monitoring -Evaluation of Results Monitoring (cont.) Monitoring Red Flags Management should remediate identified internal control deficiencies on a timely basis. (17.01) The following attributes contribute to the design, implementation, and operating effectiveness of this principle: - Reporting of Issues - Evaluation of Issues - Corrective Actions Examples that could indicate an internal control deficiency and require further analysis: Management does not evaluate a program on an ongoing basis. Significant problems exist in controls and management was not aware of those problems until a big problem occurred or until an outside party brought it to its attention. There are unresolved problems with the other components: control environment, risk assessment, control activities, and information and communications. Previously identified engagement findings are not being resolved adequately or timely. Management misses key deadlines and was not aware that it would not be able to meet deadlines Controls Across Components Documentation requirements Documentation is required for the effective design, implementation, and operating effectiveness of an entity s internal control system. Green Book s minimum documentation requirements are as follows: Management develops and maintains documentation of its internal control system. (3.09) Management documents in policies the internal control responsibilities of the organization. (12.02) Management evaluates and documents the results of ongoing monitoring and separate evaluations to identify internal control issues. (16.09) Management evaluates and documents internal control issues and determines appropriate corrective actions for internal control deficiencies on a timely basis. (17.05) Page
8 Documentation requirements (cont.) Management completes and documents corrective actions to remediate internal control deficiencies on a timely basis. (17.06) Assessing Internal Control: Overview Assessing Internal Control If management determines a principle is not relevant, management supports that determination with documentation that includes the rationale of how, in the absence of that principle, the associated component could be designed, implemented, and operated effectively. (OV2.06) -See pages of the Green Book Yellow Book Requirements for Understanding and Assessing an Entity s Internal Control Engagement Planning Auditors should obtain an understanding of internal control that is significant within the context of the audit objectives. (Yellow Book, Para. 6.16) For internal control that is significant within the context of the audit objectives, auditors should assess whether internal control has been properly designed and implemented and should perform procedures designed to obtain sufficient, appropriate evidence to support their assessment about the effectiveness of those controls. (Yellow Book, Para. 6.16) Develop engagement objectives and determine whether engagement requires the consideration of internal control in the course of the engagement Planning and Design Helpful Hints for Obtaining an Understanding of Internal Control Obtain background information about the entity and program under review, including the entity s objectives for the program, relevant risks associated with the program, and internal control to the extent relevant to the objectives and scope of the engagement. Obtaining background information helps auditors better identify and understand the entity objectives (operations, compliance, and reporting) to be evaluated. The background information obtained during planning can form the basis for obtaining an understanding of internal control when gathering evidence. Below is one possible approach for obtaining an understanding of internal control: 1. Obtain an understanding of internal control at the entity level for each of the five components of internal control. 2. If a specific program is being reviewed, obtain an understanding of internal control related to the program. 3. Document the obtained understanding of internal control at a level of detail that is sufficient for understanding the controls that are relevant to the engagement. 4. Identify the entity s key controls that are relevant to the engagement
9 Helpful Hints for Obtaining an Understanding of Internal Control (cont.) Case Study: Background Auditors identify the key controls related to the entity s objectives that are relevant to the engagement. Key controls often have one or both of the following characteristics: Their failure might materially affect the entity s objectives, yet not reasonably be detected in a timely manner by other controls, and/or Their operation might prevent other control failures or detect such failures before they have an opportunity to become material to the entity s objectives. Congress passed the Bright Future of America Act (Act), authorizing the Department of Education to establish the Office of Promising Talent (Office) to support students in America from middle school through undergraduate school to improve academic performance in key areas of cultural, scientific, and economic studies. This Act requires that the Department of Education report to Congress 45 days after fiscal year-end on how the funds are being used. The Department of Education will provide only limited oversight to the Office, and the Office s appropriations will be a separate line item on the department s annual budget request to Congress Cast Study (cont.) Case Study (cont.) Office Strategic Goal: Support students in America from middle school through undergraduate school to improve academic performance in key areas of cultural, scientific, and economic studies. Auditor understanding of an application review process Office Objective: Establish a grant program that sponsors academic competitions in key educational areas to encourage educational achievement Helpful Hints for Obtaining an Understanding of Internal Control (cont.) Evidence Gathering and Analysis Below are some examples of documentation to: Obtain from the entity: Entity-level control documentation Policies and procedures Documents or records that support the processes and controls (e.g., flowcharts, memorandums, spreadsheets) Responses to questionnaires concerning controls Prepare: Narratives (e.g., Record of Inspection/Observation, Record of Interview) Tables Flowcharts
10 Assessing Internal Control Evaluating Design of Internal Control When evaluating design of internal control, management determines if controls individually and in combination with other controls are capable of achieving an objective and addressing related risks. (Para. OV3.05) A deficiency in design exists when (1) a control necessary to meet a control objective is missing or (2) an existing control is not properly designed so that even if the control operates as designed, the control objective would not be met. (Para. OV3.05) There is no need to determine implementation if a control is not effectively designed Helpful Hints for Evaluating Design of Internal Control Determining Implementation and Testing Operating Effectiveness of Internal Control One possible approach for evaluating the design of internal control is to perform the following steps: 1. Select the internal controls to evaluate for each entity objective being reviewed. 2. Individually evaluate the design of each selected control to determine whether the control, if operating as designed, is capable of achieving the entity objective and addressing related risks. 3. Consider the individual control evaluations and evaluate the design of the controls in the aggregate to determine whether the controls, if operating as designed, are capable of achieving the entity objectives and addressing related risks. 4. Document the evaluation of the design of the entity s internal control, including the conclusion on the design effectiveness and any deficiencies identified. Determining implementation of controls is verifying the existence of design of controls by obtaining evidence. A deficiency in implementation exists when a properly designed control is not implemented correctly in the internal control system. (Para. OV3.05) In evaluating operating effectiveness of controls, management [or auditor] determines if controls were applied at relevant times during the period under evaluation, the consistency with which they were applied, and by whom or by what means they were applied. (Para. OV3.06) A deficiency in operation exists when a properly designed control does not operate as designed, or when the person performing the control does not possess the necessary authority or competence to perform the control effectively. (Para. OV3.06) Summary of Internal Control Assessments Significance of Internal Control Deficiencies Evaluating design of controls will not allow you to conclude on internal controls beyond the point of design. Determining implementation of controls does not provide assurance for a time period of effectiveness. It provides assurance of effective implementation for a point in time when you reviewed documentation (e.g., on March 31, 2016). A control cannot be effectively operating if it was not effectively designed and implemented. (Para. OV3.06) Evaluate the significance of a deficiency by considering the magnitude of impact, likelihood of occurrence, and nature of the deficiency. (Para. OV3.08) Significance refers to the relative importance of a deficiency to the entity achieving a defined objective. (Para. OV3.08) Deficiencies are evaluated both on an individual basis and in the aggregate. (Para. OV3.09) Auditors' professional judgment is used in the evaluation
11 Product Development and Distribution Product Development and Distribution (cont.) Auditors should include in the audit report (Yellow Book, Para. 7.19): the scope of their work on internal control and any deficiencies in internal control that are significant within the context of the audit objectives and based upon the audit work performed. In a performance audit, auditors may conclude that identified internal control deficiencies are the cause of deficient performance of the program or operations being audited. In reporting this type of finding, the internal control deficiency would be described as the cause. (Yellow Book, Para. 7.20) If the agency responds to draft report findings with mitigating controls, the auditor may evaluate whether the controls mitigate the identified deficiencies Green Book and Yellow Book Where to Find Us Condition Criteria Cause The Green Book is available on GAO s website at: For technical assistance, contact us at: greenbook@gao.gov Chari Nash-Cannaday, Senior Auditor, GAO, nashcannadayc@gao.gov, Effect Thank You Questions? 65 11
What s New in Government Internal Control Standards? Going Green
What s New in Government Internal Control Standards? Going Green Page 1 Session Objective To discuss GAO s revision to the Standards for Internal Control in the Federal Government (Green Book) Page 2 What
More informationSingle Audit and Yellow Book / Govt. Audit Standards Update Presented by: William Blend, CPA, CFE
Single Audit and Yellow Book / Govt. Audit Standards Update Presented by: William Blend, CPA, CFE Topics Overview of New Single Audit Uniform Guidance Yellow Book Update and New Green Book OMB - 2CFR CHAPTER
More informationAGA Gulf Region PDT COSO and the Green Book: An Enhanced Internal Control Framework
AGA Gulf Region PDT COSO and the Green Book: An Enhanced Internal Control Framework Isabelle Dikland, Director, MorganFranklin Consulting Timothy Grace, Director, MorganFranklin Consulting May 6, 2015
More informationSingle Audit Update: Internal Control over Compliance and the GAO s Green Book. MSBO s 80 th Annual Conference April 19, 2018
Single Audit Update: Internal Control over Compliance and the GAO s Green Book MSBO s 80 th Annual Conference April 19, 2018 Presented by: Stephen W. Blann, CPA, CGFM, CGMA Director of Governmental Audit
More informationWashington Metropolitan Area Transit Authority Board Action/Information Summary
Washington Metropolitan Area Transit Authority Board Action/Information Summary Action Information MEAD Number: 201804 Resolution: Yes No TITLE: Board Audit Awareness Training PRESENTATION SUMMARY: The
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationDiving into the 2013 COSO Framework. Presented by: Ronald A. Conrad
Diving into the 2013 COSO Framework Presented by: Ronald A. Conrad 2 Objectives Obtain an understanding of why the COSO Framework has been updated Understand how the framework has changed Identify the
More informationCOSO What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions
COSO 2013 What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions Today s Presenter Jonathan Reiss is a Director in Protiviti s New York office in the Internal Audit Practice.
More informationIn Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015
In Control: Getting Familiar with the New COSO Guidelines CSMFO Monterey, California February 18, 2015 1 Background on COSO Part 1 2 Development of a comprehensive framework of internal control Internal
More informationAudit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization
Audit Training-of-Trainers Workshop, 18-19 November 2014, Vienna Components of internal control within organization Andrei Busuioc, Senior Financial Management Specialist, CFRR Session objectives The session
More informationBUSINESS CPA EXAM REVIEW V 3.0. For Exams Scheduled After March 31, 2017
For Exams Scheduled After March 31, 2017 CPA EXAM REVIEW BUSINESS UPDATES AND ACADEMIC HELP Click on Community and Support at www.becker.com/cpa CUSTOMER SERVICE AND TECHNICAL SUPPORT Call 1-877-CPA-EXAM
More informationDena Jansen, CPA Partner Maxwell Locke & Ritter LLP
Dena Jansen, CPA Partner Maxwell Locke & Ritter LLP Chapter by chapter Data to improve GAGAS audits Resources 2 Accounting Standards Private Companies FASB AICPA GAAS Public Registrants FASB PCAOB Government
More informationWhat s New In GAO s Revised Greenbook
What s New In GAO s Revised Greenbook Association of Government Accountants, KC Chapter Fall 2014 Professional Development Seminar November 10, 2014 Michael A. Fiene Chief, USDA/FSA-Internal Control and
More informationGATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA
GATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA Definition of Internal Controls COSO Internal Control Framework Internal Controls (2 CFR 200.303) Grantee responsibilities Awarding state agency
More informationInternal Controls: Need Them, Have Them, Love Them
Internal Controls: Need Them, Have Them, Love Them Tiffany R. Winters, Esquire twinters@bruman.com Brustein & Manasevit Fall Forum 2010 Why Do We Have Internal Controls? The Federal Managers Financial
More informationInternal Control in Higher Education
Internal Control in Higher Education Daniel Adams Office of Audit Services Audit Services Mission To provide assurance and advisory services that are independent, objective and risk-based in order to protect
More informationIn 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued a
Checkpoint Contents Accounting, Audit & Corporate Finance Library Editorial Materials Audit and Attest Internal Control Communications Chapter 1 INTRODUCTION AND OVERVIEW 100 Background 100 Background
More informationAirports Council International-North America 2006 Economic Specialty Conference June 5, 2006
How Airports are Responding to the Sarbanes-Oxley Act (SOX) Airports Council International-North America 2006 Economic Specialty Conference June 5, 2006 Gail Flister Vallieres U.S. Government Accountability
More informationHHS & NSF Audits of FDP Payroll Certification Pilots
HHS & NSF Audits of FDP Payroll Certification Pilots Background - Audits HHS & NSF agreement with FDP & OMB to conduct audits at 4 FDP universities NSF: George Mason University (GMU), Michigan Technological
More informationSIAAB Guidance #05. Conforming with FCIAA and Standards in Small Audit Functions in the State of Illinois. Adopted December 8, 2015
SIAAB Guidance #05 Conforming with FCIAA and Standards in Small Audit Functions in the State of Illinois Adopted December 8, 2015 Revised In Accordance with 2017 Standards Effective January 1, 2017 ***
More informationAssessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive
Assessment of the Design Effectiveness of Entity Level Controls Office of the Chief Audit Executive February 2017 Cette publication est également disponible en français. This publication is available in
More informationInternal and Governmental Financial Auditing and Operational Auditing
Internal and Governmental Financial Auditing and Operational Auditing Chapter 26 2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley 5-5 Learning Objective 1 Explain the role of
More informationInternational Standard on Auditing (UK) 600 (Revised June 2016)
Standard Audit and Assurance Financial Reporting Council June 2016 International Standard on Auditing (UK) 600 (Revised June 2016) Special Considerations Audits of Group Financial Statements (Including
More informationA Discussion About Internal Controls February 2016
A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal
More informationFinancial Management in the Federal Government:
Financial Management in the Federal Government: Considerations regarding the integration of OMB Circular No. A-123 and enterprise risk management for the Centers for Disease Control and Prevention (CDC)
More informationIAASB Main Agenda (December 2008) Page Agenda Item
IAASB Main Agenda (December 2008) Page 2008 2669 Agenda Item 2-C PROPOSED INTERNATIONAL STANDARD ON AUDITING 265 COMMUNICATING DEFICIENCIES IN INTERNAL CONTROL (Effective for audits of financial statements
More information1. Definition & Mission
1. Definition & Mission 1.1 Internal Auditing is an independent, objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of. 1.2 Group Internal
More informationPerformance Auditing: What It Is, and Why It Is Important Presented by: Harriet Richardson, CPA, CIA, CGAP Audit Manager, City of Berkeley
Performance Auditing: What It Is, and Why It Is Important Presented by: Harriet Richardson, CPA, CIA, CGAP Audit Manager, City of Berkeley ASMC Sacramento Mini PDI 24 January 2012 Session Objectives Provide
More informationAN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org PRELIMINARY STAFF VIEWS AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL
More informationStandards for Internal Control in New York State Government 2016 Update
Standards for Internal Control in New York State Government 2016 Update Presented to the New York State Internal Control Association John F. Buyce Audit Director April 28, 2016 1 Last Revised in 2007 A
More information20 Years in the Making. Meet the New ICIF: Revisions to COSO s Internal Control Integrated Framework. Dr. Sandra Richtermeyer COSO Board Member
Meet the New ICIF: Revisions to COSO s Internal Control Integrated Framework Dr. Sandra Richtermeyer COSO Board Member Associate Dean and Professor of Accountancy Xavier University Cincinnati Ohio USA
More informationTransparency in the Workforce System Establishing Firewalls & Internal Controls
Transparency in the Workforce System Establishing Firewalls & Internal Controls Presented by the Today s Objectives Define internal controls Identify components of an internal control structure Discuss
More informationQuality Control Review of Air Force Audit Agency s Special Access Program Audits (Report No. D )
August 26, 2005 Oversight Review Quality Control Review of Air Force Audit Agency s Special Access Program Audits (Report No. D-2005-6-009) Department of Defense Office of the Inspector General Quality
More informationSOX FOR NPO S Focus on Control. Stephen L. Kuptz, CPA
SOX FOR NPO S Focus on Control Stephen L. Kuptz, CPA Personal Background and Perspective SOX for NPO s Focus on Control 2 Introduction to SOX The Sarbanes Oxley Act of 2002 commonly called Sarbanes Oxley,
More informationInternal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)
Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR) Origin of IFC The first significant focus on internal control certification related to financial reporting
More informationInternal Controls: COSO, the Uniform Guidance, and More!
Code of Conduct Contact Us ncura.edu FAQ's Log In Internal Controls: COSO, the Uniform Guidance, and More! By Mary Lee Brown posted 02-06-2015 15:45 1 Recommend Within the research administration community
More informationEFFICIENT USE OF AUDIT COMMITTEES
AGENDA EFFICIENT USE OF AUDIT COMMITTEES BRENT YOUNG, CPA JERRY GAITHER, CPA Best practices related to: Audit Committee Process Internal Audit Risk Management 2 AUDIT COMMITTEE PROCESS AND PROCEDURES Audit
More informationInternal Controls: Providing an Effective Control Environment. Why This Session Is Needed. Lesson Overview & Module Objectives
Internal Controls: Providing an Effective Control Environment Internal Controls 1 Why This Session Is Needed Uniform Guidance has expanded the requirements and increased the focus on internal controls
More informationInternal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC
Internal controls over Financial Reporting Key concepts Presentation by Jayesh Gandhi at WIRC Page 1 ICFR Key Concepts WIRC 28 May 2016 Agenda Scope and requirements Overview of internal controls as per
More informationCOSO 2013: Updated internal control framework
COSO 2013: Updated internal control framework Athens, 10 October 2013 Background COSO's structure and mission COSO 1 is a joint initiative of five sponsoring organizations - American Accounting Association
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 15, 2016 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More information2013 New COSO 2013 Framework and Current Trends in Risk Management
2013 New COSO 2013 Framework and Current Trends in Risk Management Session 105 IASA 86 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Agenda COSO 2013 framework Overview Why the update? What has been
More informationImplementation Tool for Auditors
Implementation Tool for Auditors CANADIAN AUDITING STANDARDS (CAS) DECEMBER 2017 STANDARD DISCUSSED CAS 315, Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity
More informationNational Endowment for the Arts (NEA) Inspector General (OIG) Audit Policy and Procedures Manual, 2015
Description of document: Requested date: Released date: Posted date: Source of document: National Endowment for the Arts (NEA) Inspector General (OIG) Audit Policy and Procedures Manual, 2015 31-December-2016
More informationSRI LANKA AUDITING STANDARD 600 SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS) CONTENTS
SRI LANKA AUDITING STANDARD 600 SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS) (Effective for audits of group financial statements for periods beginning
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationFormat and organization of GAGAS Auditor preparation of financials is a significant threat to independence 3 party arrangements in government State
The Yellow Book = GAGAS GAGAS = Generally Accepted Government Auditing Standards Overlay of Generally Accepted Auditing Standards (GAAS) issued by the Auditing Standards Board GAGAS contains the framework
More informationKentucky State University Office of Internal Audit
Draft for Discussion Only P&P Manual Section - Policy# I. Function and Responsibilities MISSION Mission Statement Definition of Internal Auditing PURPOSE, AUTHORITY, RESPONSIBILITY Audit Charter STANDARDS
More informationAuditing and Assurance Standards Council
Auditing and Assurance Standards Council Philippine Standard on Auditing 600 (Revised and Redrafted) SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS)
More informationTable of Contents. Preface xi. Acknowledgments xv. Chapter 1: What We All Share 1. Need for Control Criteria 1
Table of Contents Preface xi Acknowledgments xv Chapter 1: What We All Share 1 Need for Control Criteria 1 Overview of the COSO Internal Control Integrated Framework 2 Holistic, Integrated View 3 Revised
More informationThe Ins and Outs: Audits Under FDICIA. Jennifer Gureckis and Kaylyn Landry BerryDunn February 27, 2018
The Ins and Outs: Audits Under FDICIA Jennifer Gureckis and Kaylyn Landry BerryDunn February 27, 2018 Presenters Jennifer Gureckis, CPA Kaylyn Landry, CPA Objectives Overview of Internal Controls over
More information9/17/2017. An Overview of COSO s New Framework and Implementation Guidance SPEAKER. Laura Harden, CPA History
An Overview of COSO s New Framework and Implementation Guidance SPEAKER Laura Harden, CPA lharden@cbh.com History 2 1 About COSO Committee of Sponsoring Organizations Formed in 1985 to sponsor the National
More informationGood Governance and Anti-Corruption: The Role of Supreme Audit Institutions (SAIs)
Good Governance and Anti-Corruption: The Role of Supreme Audit Institutions (SAIs) Phillip Herr, Ph.D. Managing Director, Physical Infrastructure Issues U.S. Government Accountability Office The Vision
More informationReport on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2016 (Headquartered in Berlin, Federal Republic of Germany) Issued by the Public Company
More informationPART 6 - INTERNAL CONTROL
PART 6 - INTERNAL CONTROL INTRODUCTION The A-102 Common Rule and OMB Circular A-110 (2 CFR part 215) require that non-federal entities receiving Federal awards (i.e., auditee management) establish and
More informationInternal Control Integrated Framework. May 2013
Internal Control Integrated Framework May 2013 0 Table of Contents COSO & Project Overview Internal Control-Integrated Framework Illustrative Documents Illustrative Tools for Assessing Effectiveness of
More information38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud
38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud Presented By William Blend, CPA, CFE Session Overview Review the new COSO model on internal
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationAn Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements
AUDITING STANDARD No. 2 An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements March 9, 2004 AUDITING AND RELATED PROFESSIONAL PRACTICE STANDARDS
More informationAn Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements
Page A 1 Standard Appendix Auditing Standard No. 2 AUDITING AND RELATED PROFESSIONAL PRACTICE STANDARDS Auditing Standard No. 2 An Audit of Internal Control Over Financial Reporting Performed in Conjunction
More informationBeginning Auditor Tools and Techniques
Beginning Auditor Tools and Techniques To become a successful auditor, a strong base of knowledge and an understanding of basic audit skills are essential. With this program, new auditors, as well as non-auditors
More informationCLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING
CLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING All public companies either have begun or will soon begin a process, required under Section 404 of the Sarbanes-Oxley Act of 2002 ( SOX ), of reviewing
More informationTable of Contents. 2 Introduction: Planning an Audit? Start Here. 4 Starting From Scratch. 6 COSO s 2013 Internal Control Integrated Framework
Table of Contents 2 Introduction: Planning an Audit? Start Here 4 Starting From Scratch 6 COSO s 2013 Internal Control Integrated Framework 8 Preparing for a Planning Meeting 10 Preparing the Audit Program
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationCHAPTER II THEORETICAL FOUNDATION. ensure the effectiveness and efficiency of a company s operation. Operational audit is
CHAPTER II THEORETICAL FOUNDATION 2.1 Definition of Operational Audit Operational audit is an audit which is commonly performed in a company in order to ensure the effectiveness and efficiency of a company
More informationAssistance Options to New Applicants and Sponsors in connection with Internal Controls over Financial Reporting
Technical Bulletin - AATB 1 Issued March 2008 Technical Bulletin Assistance Options to New Applicants and Sponsors in connection with Internal Controls over Financial Reporting This Technical Bulletin
More informationHUD-US DEPT OF HOUSING & URBAN DEVELOPMENT: Understanding Internal Controls. Ladies and gentlemen, thank you for standing by and welcome to the
Final Transcript HUD-US DEPT OF HOUSING & URBAN DEVELOPMENT: Understanding Internal Controls SPEAKERS Petergay Bryan PRESENTATION Moderator Ladies and gentlemen, thank you for standing by and welcome to
More informationImplementation Guide 2130
Implementation Guide 2130 Standard 2130 Control The internal audit activity must assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting
More informationJohn F. Buyce, CPA, CIA, CFE, CGFM Audit Director NYS OSC - State Government Accountability
John F. Buyce, CPA, CIA, CFE, CGFM Audit Director NYS OSC - State Government Accountability The Comptroller s Responsibilities Under the Internal Control Act Objective is to help public sector managers
More informationInternal Auditing For Medicare Part D. The Medicare Part D Prescription Drug Program
Internal Auditing For Medicare Part D Scott Robinson, CPA Senior Internal Auditor CareFirst BlueCross BlueShield Health Care Compliance Association 6500 Barrie Road, Suite 250, Minneapolis, MN 55435 888-580-8373
More informationHong Kong Deposit Protection Board
Hong Kong Deposit Protection Board Independent Assessment Program and Self-Declaration for Compliance with the Guideline on Information Required for Determining and Paying Compensation ( Program Guide
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationIAASB Main Agenda (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1
Agenda Item 3-A Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1 Objectives of the IAASB Discussion The objective of this agenda item are to: (a) Present initial background
More informationInternal Audit and SOX Best Practices
Internal Audit and SOX Best Practices ERIC LISTER RISK ADVISORY SERVICES Agenda Internal Audit Procedures and Examples SOX 404 Procedures and Examples Questions and Discussion Overview of IA Best Practices
More informationInternal Audit Policy and Procedures Internal Audit Charter
Mission Statement Internal Audit Policy and Procedures Internal Audit Charter The mission of the Internal Audit Department is to provide independent and objective reviews and assessments of the business
More informationU. S. GAO Government Auditing Standards Update The New Yellow Book
U. S. GAO Government Auditing Standards Update The New Yellow Book C H R I S T I N E H A R D E N, M B A, C P A, C G M A F E B R U A R Y 5, 2 0 1 9 2 0 1 9 G F O A A 3 5 TH A N N U A L C O N F E R E N C
More information2014 Integrated Internal Control Plan. FRCC Spring Compliance Workshop April 8-10, 2014
2014 Integrated Internal Control Plan Contents Definitions Integrated Components of COSO Internal Control Framework The COSO Internal Control Framework and Seminole Control Environment Risk Assessment
More informationREGISTERED CANDIDATE AUDITOR (RCA) TECHNICAL COMPETENCE REQUIREMENTS
REGISTERED CANDIDATE AUDITOR (RCA) TECHNICAL COMPETENCE REQUIREMENTS 1. Context After completion of the recognised training contract, a period of specialisation is required, appropriate to the level required
More informationConsumer Financial Protection Bureau Independent Audit of Selected Operations and Budget
Consumer Financial Protection Bureau Independent Audit of Selected Operations and Budget December 16, 2016 KPMG LLP Suite 12000 1801 K Street, NW Washington, DC 20006 Table of Contents EXECUTIVE SUMMARY...
More information[RELEASE NOS ; ; FR-77; File No. S ]
SECURITIES AND EXCHANGE COMMISSION 17 CFR PART 241 [RELEASE NOS. 33-8810; 34-55929; FR-77; File No. S7-24-06] Commission Guidance Regarding Management s Report on Internal Control Over Financial Reporting
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA DEPARTMENT OF ADMINISTRATION DIVISION OF PURCHASE AND CONTRACT FINANCIAL RELATED AUDIT OFFICE SUPPLIES TERM CONTRACT AUDIT FOLLOW-UP JUNE 2014 OFFICE OF THE STATE AUDITOR BETH A.
More informationComparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)
Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining) Topic AS No. 5 AS No. 2 Objective of ICFR Audit Planning the ICFR Audit Integration
More informationInternal Control Integrated Framework. An IAASB Overview September 2016
Internal Control Integrated Framework An IAASB Overview September 2016 0 Table of Contents COSO & Project Overview Internal Control-Integrated Framework Illustrative Documents Illustrative Tools for Assessing
More informationInternal Control Integrated Framework. An IAASB Overview September 2016
Internal Control Integrated Framework An IAASB Overview September 2016 0 Table of Contents COSO & Project Overview Internal Control-Integrated Framework Illustrative Documents Illustrative Tools for Assessing
More informationCommunity Bankers Conference
3rd Annual Regional and Community Bankers Conference The Federal Reserve Bank of Boston Disclaimer NEVER WRONG DON T COMPLETELY RELY UPON Recent Developments in Audit Practice SOX, FDICIA 112, Other Robert
More informationSAS Teleconference
SAS 104-111 Teleconference Jan. 15, 2009 Craig Funkhouser, Crowe Horwath LLP craig.funkhouser@crowehorwath.com Ken Goldmann, J.H. Cohn kgoldmann@jhcohn.com 1 Today s Program Historical Background, Review
More informationB U S I N E S S R I S K M A N A G E M E N T L T D
B U S I N E S S R I S K M A N A G E M E N T L T D Governance, Risk and Compliance (GRC) After completing this course you will be able to Course Level Understand the requirements and benefits of GRC Develop
More informationAn Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements
ASB Meeting July 30 August 1, 2013 Agenda Item 3B AT Section 501 An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements Source:
More informationPractices in Enterprise Risk Management
Practices in Enterprise Risk Management John Foulley Risk Management Practices Head SAS Institute Asia Pacific What is ERM? Enterprise risk management is a process, effected by an entity s board of directors,
More informationCouncil on Financial Assistance Reform s Uniform Guidance Training
Council on Financial Assistance Reform s Uniform Guidance Training UNIFORM ADMINISTRATIVE REQUIREMENTS, AUDIT REQUIREMENTS, AND COST PRINCIPLES 2 CFR CHAPTER 1, CHAPTER 2, PART 200, ET AL. January 27,
More informationSuccessful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)
1 Successful ERM Program Standards Enterprise Risk Management Vendor Management Business Continuity IT GRC Internal Audit Regulatory Compliance Manager William C. Hord V.P. of Enterprise Risk Management
More informationWATCH WORDS FROM THE PEER REVIEW PROCESS
WATCH WORDS FROM THE PEER REVIEW PROCESS Peer Review 3 NOT DOCUMENTED = NOT PERFORMED Vendor-obtained practice aids, checklists and forms are NOT audit evidence Sources of audit evidence Books, records,
More informationNew York City Human Resources Administration. Personal and Miscellaneous Services Contracts
O f f i c e o f t h e N e w Y o r k S t a t e C o m p t r o l l e r Division of State Government Accountability New York City Human Resources Administration Personal and Miscellaneous Services Contracts
More informationHow to Pass an ALGA Yellow Book Peer Review Training by the Association of Local Government Auditors (ALGA) Tampa, Florida September 20, 2013
How to Pass an ALGA Yellow Book Peer Review Training by the Association of Local Government Auditors (ALGA) Tampa, Florida September 20, 2013 7:30 8:00 Continental Breakfast & Registration 8:00 8:30 Section
More informationReport on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2016 (Headquartered in Santiago, Republic of Chile) Issued by the Public Company Accounting
More informationDIVISION OF PROBATION AND CORRECTIONAL ALTERNATIVES QUALITY OF INTERNAL CONTROL CERTIFICATION. Report 2008-S-105
Thomas P. DiNapoli COMPTROLLER OFFICE OF THE NEW YORK STATE COMPTROLLER DIVISION OF STATE GOVERNMENT ACCOUNTABILITY Audit Objective... 2 Audit Results Summary... 2 Background... 2 Audit Findings and Recommendations...
More informationFocused Assessment Program Overview and Updates. Office of International Trade Regulatory Audit October 2, 2014
Focused Assessment Program Overview and Updates Office of International Trade Regulatory Audit October 2, 2014 Who is Regulatory Audit? Regulatory Audit s (RA s) mission is to conduct postentry audits
More informationA Firm s System of Quality Control
A Firm s System of Quality Control 2759 QC Section 10 A Firm s System of Quality Control (Supersedes SQCS No. 7.) Source: SQCS No. 8; SAS No. 122; SAS No. 128. Effective date: Applicable to a CPA firm's
More informationManagement and Inspector General Road Rules in Enterprise Risk Management. June 16, 2016
Management and Inspector General Road Rules in Enterprise Risk Management June 16, 2016 Introductions/Opening Remarks Speakers: Deb Jeffrey, Inspector General, Corporation National Community Service Bob
More information2014 Integrated Internal Control Plan. FRCC Compliance Workshop May 13-15, 2014
2014 Integrated Internal Control Plan FRCC Compliance Workshop Contents Definitions Integrated Components of COSO Internal Control Framework The COSO Internal Control Framework and Seminole Control Environment
More information