Internal Controls Integrating COSO
|
|
- Cody Webb
- 6 years ago
- Views:
Transcription
1 Community Action Partnership 2016 Annual Convention August 30 September 2, 2016 Austin, TX J.W. Marriott Austin Internal Controls Integrating COSO Thursday, September 1, :15 am 10:45 am Presented by: Janet S. Johnson, CPA, CMA, Senior Manager NONPROFIT AND GOVERNMENT PRACTICE Reproduction or use of any training materials in this manual, except within a participant s agency without express written permission is prohibited by copyright law.
2
3 Internal Controls Integrating COSO Trainer: Janet S Johnson, CPA, CMA, Senior Manager 1 Materials/Disclaimer Please note that these materials are incomplete without the accompanying oral comments by the trainer(s). These materials are informational and educational in nature and represent the speakers' own views. These materials are for the purchasing agency s use only and not for distribution outside of the agency or publishing on a public website. 2 An Auditor s Look at Internal Controls (COSO) 1
4 Agenda Framework of internal control Management responsibilities Overview and best practices for an organization-wide model of internal control 3 Internal Control Defined A process effected by those charged with governance, management, and other personnel Designed to provide reasonable assurance about the achievement of an entity s objectives Framework developed by the Committee of Sponsoring Organizations (COSO), which issued Internal Control Integrated Framework (1992, updated in 2013) 4 An Auditor s Look at Internal Controls (COSO) 2
5 COSO Framework 5 6 An Auditor s Look at Internal Controls (COSO) 3
6 Objectives of Internal Controls There are three main objectives of internal controls Effective and efficient operations Reliable financial reporting Compliance with applicable laws and regulations 7 Safeguarding of Assets A subset of each of these three objectives Internal control should provide assurance that assets are safeguarded from: Ineffective or inefficient use Unauthorized acquisition, use, disposal, or theft (fraud) Illegal use 8 An Auditor s Look at Internal Controls (COSO) 4
7 Internal Control Framework 9 Figure 2. Internal Control Components and Related Principles The following is a summary of the 17 internal control principles by internal control component as presented in the 2013 Framework. (Pleaserefer to the 2013 Framework for the actual principles and related descriptions.) Control Environment Risk Assessment Control Activities Information and Communication Monitoring Activities 1. Demonstrates commitment to integrity and ethical values 2. Exercises oversight responsibilities 3. Establishes structure, authority, and responsibility 4. Demonstrates commitment to competence 5. Enforces Accountability 6. Specifies suitable objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10.Selects and develops control activities 11.Selects and develops general controls over technology 12.Deploys through policies and procedures 13.Uses relevant, quality information 14.Communicates internally 15.Communicates externally 16.Conducts ongoing and/or separate evaluations 17.Evaluates and communicate s deficiencies 10 An Auditor s Look at Internal Controls (COSO) 5
8 Control Environment COSO Objectives Demonstrate commitment to character, integrity & ethical values Establish the consciousness of the organization Set the tone and foundation for all the internal controls Demonstrate the competence of the entity's people and management Enforce accountability, attention, and direction provided by the audit committee and board of directors Exercise oversight responsibility Establish structure, authority and responsibility Tools & Methods to Achieve Mission statement Ethics statement, code of conduct, and other key policies (e.g., acceptable business practices, conflicts of interest, etc.) Standing board committees with charters (e.g., Audit Committee, Nominating & Corporate Governance Committee, Compensation Committee) Tenure and depth of senior management experience, including the CEO, CFO and COO Training to support execution of staff and management s assigned duties Formal job descriptions Segregate incompatible activities 11 Control Environment Components: Integrity & ethical values of management Commitment to competence Board oversight & interaction w/auditors Management philosophy regarding risk Organizational structure Assignment of authority & responsibility Human resource policies 12 An Auditor s Look at Internal Controls (COSO) 6
9 Risk Assessment COSO Objectives Establish objectives, including how risks should be managed, including entity and activity objectives Establish and maintain an effective process to identify, analyze, and manage risks relevant to the preparation of reliable financial statements (both internal and external) Identify, analyze, and manage change Develop mechanisms to anticipate, identify, and react to routine events or activities that affect achievement of entity or activity-level objectives Tools & Methods to Achieve Business plans and budgets with realistic goals Periodic review and update strategic plans and objectives Document and communicate about risk throughout the organization Involve a broad spectrum of personnel with collective knowledge of all areas in risk assessment and business planning Senior management should periodically report on risk management to the audit committee or board Work with the independent auditors and other third-party experts to appropriately address complex changes in accounting or regulation 13 Risk Assessment Examples: Changes in regulations New personnel New systems or technology Rapid growth or downsizing New programs, grants, services 14 An Auditor s Look at Internal Controls (COSO) 7
10 Control Activities COSO Objectives Establish policies and procedures that help ensure management directives are carried out Ensure controls address risks Establish controls throughout the organization at all levels and in all functions Ensure action is taken on exceptions Review the design and operating effectiveness of controls Select and develop controls over technology Tools & Methods to Achieve Monitoring Policy Segregation of duties Verification System access System automation Board oversight Financial review Authorization Transaction review Reconciliation Entity level controls (e.g.,, Company-wide programs, controls and/or monitoring) 15 Information and Communication COSO Objectives Ensure that pertinent information is identified, captured, and communicated in a form and timeframe that enables people to carry out their responsibilities Demonstrate the organization communicates internally and externally Produce reports containing operational, financial, and compliance-related information Communicate to all personnel that control responsibilities must be taken seriously Ensure significant information can be communicated upwards within the organization. Exercise effective communication must occur down, across, and up an organization and with parties external to the organization Tools & Methods to Achieve Conduct monthly conference calls Accounting bulletins and a company handbook Standard half-day employee orientation that addresses company ethics and values issues A record retention period that follows all applicable federal, state and local laws (Generally 7 years) Conduct a survey to determine the information that is needed or desired Period-end reporting deadlines that allow for an appropriate review by management Whistleblower hotline 16 An Auditor s Look at Internal Controls (COSO) 8
11 Information and Communication Means of informing and communicating: Accounting records Accounting processing Financial reporting process Communication of employee duties and responsibilities Disaster recovery Includes IT controls 17 Monitoring COSO Objectives Assess the quality of the entity's internal control performance over time by conducting ongoing and/or separate evaluations Ensure internal control deficiencies are reported throughout the organization with serious matters reported to top management and the board Detect and remediate control deficiencies throughout the entire system of internal control over financial reporting Tools & Methods to Achieve Internal audit or personnel with the requisite skills and independence periodically evaluate areas Investigate complaints of improper financial matters by external parties such as suppliers or regulators are fully investigated and documented Use surveys and focus groups to understand employee perceptions Require employees to acknowledge compliance with the code of conduct Require signatures to verify performance of significant control functions such as reconciliations Checklists, questionnaires, or programs 18 An Auditor s Look at Internal Controls (COSO) 9
12 Monitoring Assessing internal control performance using: Internal audit External audit Special assessments of internal controls Input from personnel Input from third parties (e.g. donors, grantors, vendors, etc.) 19 COSO Cube 20 An Auditor s Look at Internal Controls (COSO) 10
13 Internal Controls Let s look at controls for significant classes of transactions and account balances. 21 Internal Controls Preventive Designed to prevent errors, fraud, or illegal acts from being committed Distinguish preventive policies from preventive controls (e.g. requiring two signatures on checks) Detective Designed to detect errors, frauds, or illegal acts and allow for corrective action Example: bank account reconciliation 22 An Auditor s Look at Internal Controls (COSO) 11
14 Revenue and Cash Receipts Goal: Make it impossible to commit and conceal fraud Segregate: Receipt of funds, Recording of revenue, and Maintenance of accounts. 23 Cash Segregation of Duties Billing Recording revenue in the accounting records Receipt of payments Initial recording of collections Preparation of deposits Posting of receipts to the accounting records Reconciling the bank statement Reconciling accounts receivable subledger with the general ledger 24 An Auditor s Look at Internal Controls (COSO) 12
15 Revenue and Cash Receipts Preventive Controls Examples: Restrictive endorsement of checks received Timely depositing of funds daily Lock up undeposited funds in a safe 25 Revenue and Cash Receipts Detection Controls Examples: Log cash receipts: payor names, amounts, form of payment, description of what the payment is for. Reconcile cash receipts log with deposits made to the bank. Reconcile cash receipts log with revenue recorded on accounting records. 26 An Auditor s Look at Internal Controls (COSO) 13
16 Revenue and Cash Receipts Common revenue and cash receipts fraud Skimming Lapping Write-offs of accounts receivable Unauthorized credits 27 Purchasing and Disbursements Key control areas: Ordering and receipt of goods Check writing process Payment authorization and approval Delivery of checks Bank reconciliation 28 An Auditor s Look at Internal Controls (COSO) 14
17 Purchasing Segregate duties in the following areas: Purchase request Purchase authorization Receiving supplies, other items Recording of accounts payable Approval of vendor invoices Check writing Recording of disbursements Delivery of checks to vendors Reconciliation of accounts payable subledger Reconciliation of bank account 29 Check-Writing Internal Controls Manually-signed checks No pre-signed checks Require 2 real signatures over a certain $ amount DO NOT USE signature stamps!! Check signers should really review the checks and supporting documentation Computer-signed checks: Authorized check signer reviews and approves the check register The Finance Director should not be a check signer 30 An Auditor s Look at Internal Controls (COSO) 15
18 Disbursements Common controls over check writing process (cont.) Mailing all checks promptly after signature Locking up all signed checks that are not mailed the same day Reconciling the bank statement in a timely manner by someone other than the person who writes and records checks Properly voiding checks Maintaining a list of voided checks as well as physical custody 31 Disbursements Payment authorization and approval Require original invoices (no copies or statements accepted) Match with receiving reports Match with purchase order Match with vendor bid/proposal Review of invoice Mathematical accuracy Description of goods or services Quantities and prices Vendor information Documented approval by purchasing agent Cancellation of invoice 32 An Auditor s Look at Internal Controls (COSO) 16
19 Disbursement Check Delivery Mail by individual other than the one authorizing the expenditure Example: supervisors do not hand out paychecks Avoid direct delivery to vendor by purchasing agent 33 Disbursements Bank Reconciliation Review statement for duplicate checks or unnumbered checks Investigate gaps in check numbers Review statement for other debits Examine returned checks Signs of alteration or forged signatures Review endorsements for consistency Compare payees with check register or disbursements journal Verify lists of voided checks 34 An Auditor s Look at Internal Controls (COSO) 17
20 Purchasing and Disbursements Common cash disbursement fraud schemes Billing schemes - internal and external Misclassifying personal expenditures Check tampering 35 Payroll General payroll controls Maintain written policies and procedures for timekeeping and payroll processing Utilize a separate bank account for payroll Use pre-numbered checks in sequence Maintain proper physical security over unused payroll checks Hold unclaimed payroll checks in a secure location 36 An Auditor s Look at Internal Controls (COSO) 18
21 Payroll General payroll controls (cont.) Maintain a detailed payroll register that lists every paycheck along with total gross pay, all payroll withholdings and net pay Use a timekeeping system Review and approve of payroll tax returns Review the posting of payroll from the payroll register Authorize in writing all salaries and wage rates by a designated Agency official 37 Payroll Segregate these duties: Authorize pay rates and changes Enter master employee data into the payroll system Enter timekeeping information Authorize timekeeping information Process payroll Distribute payroll Transfer funds to the payroll bank accounts Reconcile the payroll bank accounts Post payroll to the general ledger 38 An Auditor s Look at Internal Controls (COSO) 19
22 Payroll Common payroll fraud schemes Ghost employees Overstatement of hours worked Overstatement of pay rates Under-withholding of payroll taxes 39 Property and Equipment General controls over property and equipment Budget for additions of property and equipment Physical security over the Agency s premises and buildings Use numbered identification tags on all acquired property Take physical inventories and reconcile with the general ledger Maintain appropriate levels of insurance for theft and damage 40 An Auditor s Look at Internal Controls (COSO) 20
23 Property and Equipment Segregation of duties: Budgets Purchase Receipt Maintenance of inventory records Write-offs of property and equipment that are fully depreciated, obsolete or unused Physical inventories 41 Information Technology The most important element of information technology is the security plan. It should address: Physical access Controls over access to data Data input controls Software controls Protection of hardware Disaster recovery 42 An Auditor s Look at Internal Controls (COSO) 21
24 Information Technology Limit physical access to servers Access to data should be restricted to only authorized individuals Read-only access to modules Restrictions on copying of data Restrictions on adding, deleting or changing data 43 Information Technology Software controls Document all changes in software Review and authorize all requested changes to software Restrict access to software 44 An Auditor s Look at Internal Controls (COSO) 22
25 Information Technology Protection of Hardware Communicate the risks of off-site use of laptops Require that data stored on a laptop be backed up prior to taking off-site Permanently mark laptops as property of the Agency 45 What can go Wrong with Internal Controls? Management override! Recording fictitious business events or transactions Changing the timing of recognition of legitimate transactions Establishing or reversing reserves to manipulate results, including intentionally biasing assumptions and judgments used to estimate account balances. 46 An Auditor s Look at Internal Controls (COSO) 23
26 The COSO Model How to make it work for you An Auditor s Look at Internal Controls (COSO) 24
27 Figure 2. Internal Control Components and Related Principles The following is a summary of the 17 internal control principles by internal control component as presented in the 2013 Framework. (Pleaserefer to the 2013 Framework for the actual principles and related descriptions.) Control Environment Risk Assessment Control Activities Information and Communication Monitoring Activities 1. Demonstrates commitment to integrity and ethical values 2. Exercises oversight responsibilities 3. Establishes structure, authority, and responsibility 4. Demonstrates commitment to competence 5. Enforces Accountability 6. Specifies suitable objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10.Selects and develops control activities 11.Selects and develops general controls over technology 12.Deploys through policies and procedures 13.Uses relevant, quality information 14.Communicates internally 15.Communicates externally 16.Conducts ongoing and/or separate evaluations 17.Evaluates and communicate s deficiencies 49 Documents to download: Poster of Internal Control Integrated Framework Principles Leveraging COSO Across the Three Lines of Defense Other Thought Papers are availble 50 An Auditor s Look at Internal Controls (COSO) 25
28 For Information on How We Can Help Visit the Wipfli Booth (#402) for more details or Connect with me: Bring Wipfli to You: Tammy T. Jelinek My Wipfli Access to our experts: Regulation questions Audit Process Human Resource Technology Leadership 52 An Auditor s Look at Internal Controls (COSO) 26
29 COSO Internal Control Integrated Framework Principles 2013, Committee of Sponsoring Organizations of the Treadway Commission (COSO). Used by permission. Control Environment The organization demonstrates a commitment to integrity and ethical values. The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control. Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives. The organization demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives. The organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives. Monitoring Activities 16 The organization Information & Communication Risk Assessment The organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives. The organization identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed. The organization considers the potential for fraud in assessing risks to the achievement of objectives. The organization identifies and assesses changes that could significantly affect the system of internal control. selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning. Control Activities 10 The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels. 11 The organization selects and develops general control activities over technology to support the achievement of objectives. 12 The organization deploys control activities through policies that establish what is expected and procedures that put policies into action. 13 The organization obtains or generates and uses relevant, quality information to support the functioning of internal control. 17 The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate. 14 The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control. 15 The organization communicates with external parties regarding matters affecting the functioning of internal control. COSO For more information about COSO, visit coso.org.
The Episcopal Diocese of Kentucky
The Episcopal Diocese of Kentucky Internal Control Questionnaire Manual of Business Methods in Church Affairs (Spring 2012) Chapter II: Internal Controls, Section C The following Internal Control Questionnaire
More informationInternal Control Evaluation
INTERNAL CONTROL EVALUATION Adapted from a checklist created by Jackie F. Breland, CPA (www.jackiebreland.com) Organization: Date Prepared or Updated: Prepared by: Introduction The purpose of this checklist
More informationFraud Risk Management
Fraud Risk Management Specific Anti-Fraud Controls (Process or Transaction Level) 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization have adequate staffing
More informationOVERVIEW 4/19/10. Internal Controls and the Audit Process May 4, 2010 OVERVIEW. Definition and historical perspective of internal auditing
and the Audit Process May 4, 2010 Presented by: Deborah A. Stevens CPA Wichita County Auditor 1 OVERVIEW Definition and historical perspective of internal auditing Role and responsibilities of the internal
More informationUnderstanding Internal Controls Office of Internal Audit
Understanding Internal Controls Office of Internal Audit July 2015 Objectives for this manual Provide guidance to help management understand their responsibility to ensure that internal controls are established,
More information2/27/2017. Segregation of Duties/ Internal Controls. Objectives. Agenda
Segregation of Duties/ Internal Controls 2017 WASBO Accounting Conference David Maccoux, Shareholder Objectives Discuss failures of internal controls to detect or prevent fraud and learn how to implement
More informationInternal Control Questionnaire
Internal Control Questionnaire CASH RECEIPTS/SALE QUESTIONS: 1. Is there a designated cash receipt custodian? 2. Are all receipts recorded on pre-numbered cash receipts tickets, including those received
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 15, 2016 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationPART 6 - INTERNAL CONTROL
PART 6 - INTERNAL CONTROL INTRODUCTION The A-102 Common Rule and OMB Circular A-110 (2 CFR part 215) require that non-federal entities receiving Federal awards (i.e., auditee management) establish and
More informationInternal Controls: Need Them, Have Them, Love Them
Internal Controls: Need Them, Have Them, Love Them Tiffany R. Winters, Esquire twinters@bruman.com Brustein & Manasevit Fall Forum 2010 Why Do We Have Internal Controls? The Federal Managers Financial
More informationDiocese of Covington Policies & Procedures Manual Section: Compliance Accounting Policy: Internal Control & Segregation of Duties
Internal Control refers to the policies and procedures established to provide reasonable assurance that parish assets are safeguarded, that accountability is achieved, and that errors in financial records
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationCash Reconciliations and Cash Handling
Cash Reconciliations and Cash Handling WASBO Accounting Conference March, 2016 Handling Cash Cash may be the most vulnerable asset in your LEA. How do you safeguard your cash? Timely reconciliation of
More informationAN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org PRELIMINARY STAFF VIEWS AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL
More informationSAN FRANCISCO COURT APPOINTED SPECIAL ADVOCATE PROGRAM
SAN FRANCISCO COURT APPOINTED SPECIAL ADVOCATE PROGRAM FINANCIAL PROCEDURES MANUAL Table of Contents GENERAL ACCOUNTING POLICY AND PROCEDURES... 3 OVERALL ACCOUNTING SYSTEM DESIGN... 3 CONTROL OBJECTIVE...
More informationGuide to Internal Controls
Guide to Internal Controls Updated January 2017 The Guide to Internal Controls was developed to help you establish and maintain effective internal controls in your department/division. This guide summarizes
More informationOUTSMART FRAUD. Strategic Internal Controls to Prevent Business Fraud
OUTSMART FRAUD Strategic Internal Controls to Prevent Business Fraud GrowthForce LLC 800 Rockmead Drive Suite 200 Phone 281.358.2007 Fax 281.358.4120 OUTSMART BUSINESS FRAUD Using statistical data from
More informationGATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA
GATU Webinar Part 1 March 2017 Presented by Carol Kraus, CPA Definition of Internal Controls COSO Internal Control Framework Internal Controls (2 CFR 200.303) Grantee responsibilities Awarding state agency
More informationEMPLOYEE FRAUD OPPORTUNITIES CHECKLIST
Page 128 of 174 EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST Recognizing Warning Signs and Preventing Problem Situations Why are consistent internal controls important? Management decisions, financial reports,
More informationCHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS
5-1 CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION In accordance with Statements on Auditing Standards Numbers 78 and 94, issued by the American Institute of Certified Public Accountants
More informationUniversity Internal Audit
University Internal Audit Compliance Audit Overview Bill Abplanalp Audit Manager Agenda Introductions What is Internal Audit Compliance Review Questions Internal Audit Mission Provide independent, objective
More informationFraud Prevention, Detection, and Internal Controls
Fraud Prevention, Detection, and Internal Controls Budget, Accounting and Reporting Council May 28, 2015 Sherrie Ard, CPA, CFE Financial Management Specialist Local Government Performance Center Local
More informationEvaluating Internal Controls
A SSURANCE AND A DVISORY BUSINESS S ERVICES Fourth in the Series!@# Evaluating Internal Controls Evaluating Overall Effectiveness, Identifying Matters for Improvement, and Ongoing Assessment of Controls
More information9/13/2017 CHA-CHING! PAYROLL CONTROLS THAT PAY OFF PERSONAL INTRODUCTION. Personal Introduction. Melinda Stinnett, CPA, CIA Managing Director
CHA-CHING! PAYROLL CONTROLS THAT PAY OFF Melinda Stinnett, CPA, CIA Managing Director September 15, 2017 1 PERSONAL INTRODUCTION Professional Bachelor s Degree (Accounting) Oklahoma State University Public
More informationCompany LOGO C B T. An Educational Computer Based Training Program
C B T An Educational Computer Based Training Program The University of Texas at Dallas Compliance Training Effectively Controlling Risks Company Effectively Controlling Risks What is the purpose of this
More informationInternal Audit How the Internal Audit Function Facilitates Internal Controls. Office of the City Auditor City of Tallahassee
Internal Audit How the Internal Audit Function Facilitates Internal Controls Office of the City Auditor City of Tallahassee 1 Internal Audits and Internal Controls Session Purpose: How does an internal
More informationSegregation of Duties
Segregation of Duties The Basics of Accounting Controls Segregation of Duties The Basics of Accounting Controls 2014 SP Plus Corporation. All rights reserved. No part of this publication may be reproduced,
More informationEmmet County. Consulting Engagement Phase 1 Evaluation of Internal Controls over Financial Reporting. September 13, rehmann.
Emmet County Consulting Engagement Phase 1 Evaluation of Internal Controls over Financial Reporting September 13, 2017 616.975.4400 rehmann.com Table of Contents Letter to the Board of Commissioners 1
More informationDefining Payroll Process
Defining Payroll Process Personal Services = Big Bucks Expenditure includes Adjusted gross pay Employer s share of benefits Payroll department Pays employees Strong internal controls needed 42 Payroll
More informationUsing Data Analytics as a Management Tool to Identify Organizational Risks
2013 CliftonLarsonAllen LLP Using Data Analytics as a Management Tool to Identify Organizational Risks Government Finance Officers Association of South Carolina October 13, 2014 cliftonlarsonallen.com
More informationFile. Audit. City Auditor
Accounts Payab ble - Vendor Master File Audit Craig Hametner, CPA, CIA, CISA, CMA, CFE City Auditor Prepared By Marla Hamilton, Staff Auditor Reviewed By Jed Johnson, Sr. Auditor INTERNAL AUDIT DEPARTMENT
More informationInternal Audit Report. Contract Administration: 601CT Contracts TxDOT Internal Audit Division
Internal Audit Report Contract Administration: 601CT Contracts TxDOT Internal Audit Division Objective Review contract administration and governance of 601CT contracts for structural compliance with laws
More information- Excessive gambling or investment habits - Strong challenge to beat the system - Undue family pressure such as divorce - Overwhelming desire for pers
RED FLAGS OF INTERNAL FRAUD PROFILE OF THE PERPETRATOR: - Most frequently it is the person you trust the most - Has the technical skills to pull off the theft secretly - The activity is clandestine - The
More informationMaryland School for the Deaf
Audit Report Maryland School for the Deaf December 2015 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY For further information concerning this report contact:
More informationWeek 3: Fraud, Procure to Pay Process Controls
Edward Beaver Edward.Beaver@temple.edu ff MIS 5121: Business Processes, ERP Systems & Controls Week 3: Fraud, Procure to Pay Process Controls Video: Record the Class Discussion v Something really new,
More informationSTUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD
STUDY UNIT TEN INTERNAL AUDIT RESPONSIBILITIES FOR FRAUD 1 10.1 Fraud -- Nature, Prevention, and Detection..................................... 1 10.2 Fraud -- Indicators........................................................
More informationSheena Tran, CPA May 19, 2014
Internal Controls Review 2012/13 Sheena Tran, CPA May 19, 2014 TO: ACCCA BOARD OF DIRECTORS This is considered to be a financial review and recommendations for the Association of California Community College
More informationCHAPTER 7. Internal Control. Review Questions
CHAPTER 7 Internal Control Review Questions 7 1 Internal control is a process, affected by the entity s board of directors, management and other personnel, designed to provide reasonable assurance regarding
More informationAccounting Specialist I Accounting Specialist II Accounting Specialist III Class Specification
Accounting Specialist I Accounting Specialist II Accounting Specialist III Class Specification FLSA Designation: Non-Exempt Effective: 03/2004 Revised: N/A DEFINITION Under general supervision (Accounting
More informationBusiness Requirements Definitions
Business Requirements s Department of Financial Services Date: 01/19/2017 Revision: Version 2.0 Table of Contents Overview... 3 Priority Field Values s... 4 Functional Requirements Categories... 5 Accounts
More informationChapter 7 Internal Controls
Chapter 7 Internal Controls Establishment of and adherence to internal controls is a major part of managing an organization. Internal controls serve as the first line of defense in safeguarding assets
More informationBOARD SELF-EVALUATION TOOL
BOARD SELF-EVALUATION TOOL The following assessment tool is to be completed at a meeting of the Board of Directors. We believe that this assessment can be completed in about 30 minutes, but the more time
More informationFiscal Oversight Fundamentals
Fiscal Oversight Fundamentals Module 1: School District Finances: Roles and Responsibilities 2012 New York State School Boards Association, Latham NY The Five-Point Plan 1. Requires training for school
More informationFinancial Statement Close Process
Financial Statement Close Process Process Control Objective Risk Control Considerations Segregation of Duties Accounting functions are properly segregated. Unauthorized and inaccurate transactions may
More informationWhat does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP
What does an external auditor look for in SAP R/3 during SOX 404 Audits? Ram Bapu, CISSP, CISM Sandra Keigwin, CISSP What does an external auditor look for in SAP during SOX 404 Audits? Corporations have
More informationA Discussion About Internal Controls February 2016
A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal
More informationHFTP Hospitality Financial and Technology Professionals
About our Sample Accounting Jobs Descriptions for Clubs: The HFTP Americas Research Center, with guidance from members of the HFTP Club Advisory Council, has developed example job descriptions for accounting
More informationUsing the COSO Map. Unpublished Article By Larry Hubbard
Unpublished Article By Larry Hubbard Internal Control Integrated Framework published by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission How many times have we read articles
More informationInternal Audit Work Plan
Internal Audit Work Plan Fiscal Year 2018 Department of Management and Finance 1 Internal Audit Services Arlington County s Internal Audit Division is organizationally located in the Department of Management
More informationCITY OF CORPUS CHRISTI
CITY OF CORPUS CHRISTI CITY AUDITOR S OFFICE Audit of Purchasing Program Project No. AU12-004 September 20, 2012 City Auditor Celia Gaona, CIA CISA CFE Auditor Nora Lozano, CIA CISA Executive Summary In
More informationWire Transfer Audit. Craig Hametner, CPA, CIA, CMA, CFE City Auditor. Prepared By: Jed Johnson Senior Audit Analyst. Michelle Taylor Audit Analyst
Wire Transfer Audit Craig Hametner, CPA, CIA, CMA, CFE City Auditor Prepared By: Jed Johnson Senior Audit Analyst Michelle Taylor Audit Analyst INTERNAL AUDIT DEPARTMENT March 1, 2010 Report 0902 Table
More informationWhether you take in a lot of money. or you collect pennies
Whether you take in a lot of money or you collect pennies ..it is important to maintain good cash handling procedures: Segregation of Duties Security Reconciliation Management Review Documentation It s
More informationCost Control Systems. Conclusion. Is the District Using the Cost Control Systems Best Practices? Internal Auditing. Financial Auditing
12 Cost Control Systems The district generally has effective cost control systems, but has room to improve. Improvements could be made in internal auditing, asset management, financial management, purchasing,
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationFINANCE - CORPORATE FINANCIAL MANAGEMENT SYSTEM (CFMS)
),1$1( 25325$7( ),1$1,$/ 0$1$*(0(17 6
More informationSegregation of Duties Employee Compensation
Segregation of Duties Employee Compensation Internal Controls A process the provides reasonable assurance that the objectives of the institution will be achieved. Not one event, but a series of actions
More informationProtecting Fixed Assets: Internal Controls for Non Profits
Protecting Fixed Assets: Internal Controls for Non Profits 25 September 2012 Community Sector Council Newfoundland and Labrador (CSC) Darlene Scott, Senior Program Associate darlenescott@cscnl.ca www.communitysector.nl.ca
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationCORP Appendix A CORPORATE POLICY. Attachments: Related Documents/Legislation: Revenue Administrative Policy
CORP2014-085 Appendix A CORPORATE POLICY Policy Title: Cash Handling Policy Policy Category: Financial Control Policy Policy No.: FC-016 Department: Corporate Services Approval Date: Revision Date: Author:
More informationBOM/BSD 2/November 1994 BANK OF MAURITIUS. Guideline on Maintenance of Accounting and other Records and Internal Control Systems
BOM/BSD 2/November 1994 BANK OF MAURITIUS Guideline on Maintenance of Accounting and other Records and Internal Control Systems November 1994 Revised November 2013 Revised December 2017 TABLE OF CONTENTS
More informationIf an adequate segregation of duties does not exist, the following could occur:
Segregation of Duties Safeguarding Assets Review and Approval Accounting Policies and Procedures Efficiency and Effectiveness Reporting Timeliness Segregation of Duties Duties within the department or
More informationInternal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC
Internal controls over Financial Reporting Key concepts Presentation by Jayesh Gandhi at WIRC Page 1 ICFR Key Concepts WIRC 28 May 2016 Agenda Scope and requirements Overview of internal controls as per
More informationIPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:
IPO Readiness Sarbanes-Oxley Compliance & Other Considerations Presented by: IPO Readiness Enhanced Financial / Legal compliance SEC / Stock Exchange Compliance Entity Structure / Registration Filing Requirements
More informationCash Disbursement Procedure
ACCOUNTING PROCEDURES Georgia Recreation and Park Association March 2015 Cash Disbursement Procedure The following Cash Disbursement Procedure is the responsibility of the GRPA Office Manager under the
More informationUNIVERSITY OF NEW MEXICO INTERNAL AUDIT CONTROL SELF ASSESSMENT QUESTIONNAIRE. School/Organization Phone Organization Code
UNIVERSITY OF NEW MEXICO INTERNAL AUDIT CONTROL SELF ASSESSMENT QUESTIONNAIRE School/Organization Phone Organization Code The purpose of the control self-assessment is to provide you with a tool to evaluate
More informationEric Anderson, City Manager. Scottie Nix, Internal Auditor
City of Tacoma Internal Audit Office Memorandum TO: FROM: SUBJECT: Eric Anderson, City Manager Scottie Nix, Internal Auditor Improving SAP Roles Assignment and Monitoring at the City of Tacoma Follow Up
More informationSeveral unallowable expenditures and exceptions to policy were noted.
Several unallowable expenditures and exceptions to policy were noted. In our testing of 16 disbursement/pcard transactions, 12 travel transactions, and 9 gift transactions, we noted 6 transactions contained
More informationUniversity System of Maryland Bowie State University
Audit Report University System of Maryland Bowie State University December 2004 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up
More informationAUDITING. Auditing PAGE 1
AUDITING Auditing 1. Professionalism The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal
More informationSarbanes-Oxley Compliance Kit
Kit February 2018 This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery
More informationChapter 12: The Revenue Cycle
Chapter 12: The Revenue Cycle Syaiful Ali, SE., MIS., Ak. Introduction Revenue Cycles tend to be similar for all types of firms. Two subsystems perform the processing steps within the revenue cycle: The
More informationFinance Module Best Practices Dynamics GP. Speaker Name: McDowell, VanJura, Eichner GPUG
Finance Module Best Practices Dynamics GP Speaker Name: McDowell, VanJura, Eichner GPUG Mike McDowell Experience COO, Mekorma Software CFO for 15 years 12 years working with Dynamics GP Believes in: Working
More informationFraud Prevention: How to Identify and Protect Your Higher Ed Institution
Fraud Prevention: How to Identify and Protect Your Higher Ed Institution November 16, 2017 Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationManaging Risk in Your P2P Process: 10 Ways that Automation Can Help Mitigate Risk
Managing Risk in Your P2P Process: 10 Ways that Automation Can Help Mitigate Risk Chris Doxey, CAPP, CCSA, CICA, CPC President, Doxey, Inc. chris@chrisdoxey.com 571-267-9107 Agenda Introduction to Risk
More information2013 COSO Internal Control Framework Update. September 5, 2013
2013 COSO Internal Control Framework Update September 5, 2013 Agenda 2013 COSO IC Framework Topic Minutes The update process 5 What is not changing / What is changing 5 The 17 principles and changes to
More informationIntuit QuickBooks Enterprise Solutions 11.0 Complete List of Reports
Intuit QuickBooks Enterprise Solutions 11.0 Complete List of Reports Intuit QuickBooks Enterprise Solutions is the most advanced QuickBooks product for businesses with more complex needs. It offers advanced
More informationLEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE
Committee of Sponsoring Organizations of the Treadway Commission Governance and Internal Control LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE By The Institute of Internal Auditors Douglas J. Anderson
More informationEFFICIENT USE OF AUDIT COMMITTEES
AGENDA EFFICIENT USE OF AUDIT COMMITTEES BRENT YOUNG, CPA JERRY GAITHER, CPA Best practices related to: Audit Committee Process Internal Audit Risk Management 2 AUDIT COMMITTEE PROCESS AND PROCEDURES Audit
More informationComptroller of the Treasury Central Payroll Bureau
Audit Report Comptroller of the Treasury Central Payroll Bureau June 2006 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up
More informationInternal Financial Controls (IFC) - An Overview
Internal Financial Controls (IFC) - An Overview Increased responsibilities of the Board: Companies Act 2013 Board s responsibility extended to ensure Legal compliances to all applicable statutes. The increasingly
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationAssurance Hand Note Professional Stage-Knowledge Level By: Shafique Ahmed-Sr. Officer (Internal Audit-BSRM) Assurance
Assurance 1 CONTENTS OF ASSURANCE 01. Preliminary of Assurance: 1.01 Assurance Engagement: 1.02 Key elements of an assurance engagement: 1.03 Levels of assurance 1.04 Objective of an Audit: 1.05 True &
More informationTHE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Communication Report No
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Report No. 15-02 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive Edinburg, Texas
More informationSOX106. Accounts Payable and Sarbanes-Oxley; Strengthening your Internal Controls- 10 hours. Objectives
SOX106 Accounts Payable and Sarbanes-Oxley; Strengthening your Internal Controls- 10 hours Objectives This course describes how Sarbanes Oxley requirements should be implemented as they pertain to accounts
More informationAuditing Standards and Practices Council
Auditing Standards and Practices Council PHILIPPINE STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT PHILIPPINE STANDARD ON AUDITING
More informationFINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS
FINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS Dear clients and friends of the firm, Corporate governance is a significant area of focus for stakeholders of financial institutions.
More informationSeattle Public Schools The Office of Internal Audit
Seattle Public Schools The Office of Internal Audit Internal Audit Report September 1, 2014 through Current Issue Date: June 21, 2016 Executive Summary Background Information The function is centralized
More informationPrince William County Public Schools Annual Audit Plan
Prince William County Public Schools 2011 Annual Audit Plan Office of Internal Audit Vivian Calkins-McGettigan, MBA, CPA, CPFO Chief Internal Auditor Table of Contents Foreword 3 Introduction to the Office
More informationRecords Retention and Destruction
s and Destruction This policy is in effect for all directors, officers, and employees of the National Council of Juvenile and Family Court Judges aand its related entities, which are designated as the
More informationAudit Preparation Best Practices
Audit Preparation Best Practices November 4, 2014 Jeffrey P. Allen, CPA, CGFM Senior Manager Maner Costerisan 5 Audience Poll How many have been through an audit? Multiple times? Why do you have an audit?
More informationCantalician Center Job Description. Assistant to the Chief Financial Officer
Assistant to the Chief Financial Officer GENERAL PURPOSE OF POSITION Assistant to the CFO is responsible for helping to maintain the financial health of the Organization as directed by the CFO. This includes,
More informationChapter 16. Auditing Operations and Completing the Audit. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 16 Auditing Operations and Completing the Audit McGraw-Hill/Irwin Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. Auditing Operations Corporate earnings are considered as
More informationPAYROLL CHECK-OFF AUDIT
PAYROLL CHECK-OFF AUDIT Prepared By: Craig Hametner, CPA, CIA, CMA, CFE City Auditor Randall Mahaffey, CIA, CGAP Senior Audit Analyst Steve Culpepper, CPA, CIA Audit Analyst Jed Johnson Audit Analyst Elizabeth
More informationB S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013
B S R & Co. LLP Reporting on Internal Controls over Financial Reporting An Overview Sarbanes Oxley Act (SOX) 28 December 2013 Agenda Sarbanes Oxley Key Sections COSO Framework Management Approach to ICOFR
More informationPresent and functioning: Fine-tuning your ICFR using the COSO update
Present and functioning: Fine-tuning your ICFR using the COSO update November 2014 With the COSO s 1992 Control Framework being superseded by the 2013 updated edition on December 15, 2014, now is the time
More informationTHE NEW AND REVISED INTERPRETATIONS CONTAINED IN THIS DOCUMENT ARE EFFECTIVE ON AUGUST 31, 2017 UNLESS OTHERWISE NOTED.
THE NEW AND REVISED INTERPRETATIONS CONTAINED IN THIS DOCUMENT ARE EFFECTIVE ON AUGUST 31, 2017 UNLESS OTHERWISE NOTED. Ethics interpretations are promulgated by the executive committee of the Professional
More informationTransparency in the Workforce System Establishing Firewalls & Internal Controls
Transparency in the Workforce System Establishing Firewalls & Internal Controls Presented by the Today s Objectives Define internal controls Identify components of an internal control structure Discuss
More informationRetail Payment Systems Internal Control Questionnaire
Retail Payment Systems Internal Control Questionnaire Completed by: Date Completed: POLICIES AND PROCEDURES 1. Has the board of directors, consistent with its duties and responsibilities, adopted formal
More informationHeads Up. Control Integrated Framework. COSO Enhances Its Internal. In This Issue: Enhancements in the 2013 Framework
June 10, 2013 Volume 20, Issue 17 Heads Up In This Issue: Enhancements in the 2013 Framework Effective Systems of Internal Control COSO Transition Guidance and Impact on Other COSO Documents Internal Control
More information