The New Era of Transparent Internal Audit: What You Should Know

Similar documents
Kentucky State University Office of Internal Audit

Effects of GDPR and NY DFS on your Third Party Risk Management Program

The CFO's game plan for tomorrow

John F. Buyce, CPA, CIA, CFE, CGFM Audit Director NYS OSC - State Government Accountability

STATE OF NORTH CAROLINA

Master Document Audit Program. Version 4.28, dated March 2018 B-1 Planning Considerations

Master Document Master Document. Version 4.28, dated December 2017 B-1 Planning Considerations

Format and organization of GAGAS Auditor preparation of financials is a significant threat to independence 3 party arrangements in government State

INTERNAL AUDIT OFFICE (IAO) FISCAL YEAR 2019 RISK-BASED AUDIT PLAN

Single Audit Update: Internal Control over Compliance and the GAO s Green Book. MSBO s 80 th Annual Conference April 19, 2018

Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP

Forward Pricing Proposal- Labor Categories. Next Slide

Subcontractor and Vendor Kickbacks. Next Slide

Repetitive Bidding of Duplicative Material Costs. Next Slide

Understanding the DCAA Audit Process and How to Prepare for Success

Master Document Audit Program. Statement. Version 4.9, dated December 2017 B-1 Planning Considerations

Dena Jansen, CPA Partner Maxwell Locke & Ritter LLP

What We Will Cover Today

Pre-Audit Collaboration and Cooperation

Prince William County Public Schools Annual Audit Plan

FLORIDA STATE UNIVERSITY Office of Inspector General Services Report #17-06

STUDENT GUIDE. CON 170 Fundamentals of Cost & Price Analysis. Unit 5, Lesson 1 Cost Analysis Process, Players, and Business Systems

I. Mission. II. Scope of the Work

Master Document Audit Program. Activity Code Compliance Audit CAS 407 Version 5.19, dated December 2017 B-1 Planning Considerations

Financial CIA-I. Certified Internal Auditor (CIA) Download Full Version :

Defective Pricing- Material Pricing Deficiencies. Next Slide

Single Audit and Yellow Book / Govt. Audit Standards Update Presented by: William Blend, CPA, CFE

Internal Auditing 101 with Panel Discussion. VGFOA Virginia Beach May 2013

CHAPTER 6 GOVERNMENT ACCOUNTABILITY

Appropriate Role of Contractors Supporting the Government Working Group: Presentation of Recommendations 12/16/2005

Master Document Audit Program. Activity Code Compliance Audit CAS 408 Version 5.21, dated March 2018 B-1 Planning Considerations

Auditing Governments and Not-For-Profit Organizations

HCCA AUDIT & COMPLIANCE COMMITTEE CONFERENCE

Your committee: Evaluates the "tone at the top" and the company's culture, understanding their relevance to financial reporting and compliance

Fraud Prevention: How to Identify and Protect Your Higher Ed Institution

Government Auditing Standards

Subcontract Management Certification Program (ScMCP ) SUBCONTRACT MANAGEMENT TECHNICAL COMPETENCIES. SUBCONTRACT MANAGER (ScM)

Audit-Risk Committee. Board Approval: August 2018

Review of Water and Wastewater Services Procurement Card Transactions

OFFICE OF INTERNAL AUDIT AUDIT MANUAL

Master Document Master Document. Version 8.13, dated December 2017 B-1 Planning Considerations

EFFICIENT USE OF AUDIT COMMITTEES

The Red (Book) Rocks The Latest and Greatest Audit Standards

CONTRACTS MONITORING HUMAN RIGHTS DEPARTMENT

Maryland School for the Deaf

Master Document Audit Program

How to Pass an ALGA Yellow Book Peer Review Training by the Association of Local Government Auditors (ALGA) Tampa, Florida September 20, 2013

Material Transfers and Material Management and Accounting System (MMAS) Next Slide

What to Consider When Facing a Construction Cost Audit

Contractor Business Systems Earned Value Management, Material Management and Accounting, and Property Management

Presentation by: CPA Zachary Muthui

COSO Internal Control Integrated Framework Proposed Update

Timekeeping for Government Contractors Mike Mardesich & Brad Tress March 28, 2017

Maryland Department of Health Office of the Chief Medical Examiner

Session 7: Corporate Governance

Board Audit & Compliance Committee Conference

Leveraging cost & revenue analytics to drive enhanced decisions

Maintaining the Public Trust

Audit Committee Charter

DEPARTMENT OF DEFENSE Defense Contract Management Agency INSTRUCTION. Government Purchase Cards

Compliance and the Board of Directors

INTERNAL AUDIT S ROLE IN MONITORING AND CONTROLLING INTERNATIONAL EXPOSURE

Uncompensated Overtime. Next Slide

Master Document Audit Program. Version 1.7, dated April 2016 B-01 Planning Considerations

DEPARTMENT OF DEFENSE Defense Commissary Agency Fort Lee, VA MANUAL INTERNAL AUDIT MANUAL

Internal and Governmental Financial Auditing and Operational Auditing

External Quality Assessment of the Internal Audit Activity at. County of Orange. April County of Orange Final Report: June 13,

AUDITING. Auditing PAGE 1

PSP A/ March 28, PSP-003(R)

3.6.2 Internal Audit Charter Adopted by the Board: November 12, 2013

CONNECTING THE INTERNAL AUDIT DOTS AN OVERVIEW OF INTERNAL AUDIT S ROLE, SCOPE, STANDARDS AND ENGAGEMENT APPROACH

Consent Item (D) Washington Metropolitan Area Transit Authority Board Action/Information Summary

Accelerating growth through customer centricity March 20, 2018

International Standards for the Professional Practice of Internal Auditing (Standards)

Terms of Reference for the Inspector General 1

Master Document Audit Program. Version No. 2.16, dated October 2018 B-1 Planning Considerations

The New 2011 Yellow Book: What You Need to Know Now

International Standards for the Professional Practice of Internal Auditing (Standards)

Procurement Under the New Requirements 1

Follow Up Audit on OCC Swap Meet Investigation

DFARS Business Systems Compliance. March 11, 2015

Texas Facilities Commission (TFC) Office of Internal Audit (OIA)

Community Development Districts Workshop

Internal Audit Charter

Policy Changes Needed at Defense Contract Management Agency to Ensure Forward Pricing Rates Result in Fair and Reasonable Contract Pricing

Master Document Audit Program. Activity Code Compliance Audit CAS 420 Version 5.21, dated March 2018 B-1 Planning Considerations

Compliance Plans. Kelly S. McIntosh July 20, 2017

DFARS Accounting System Reviews

Contractor Estimating Systems: System Adequacy Standards and Key Compliance Issues

FINAL AUDIT REPORT DEPARTMENT OF COMMUNITY AFFAIRS ETHICS PROGRAM AUDIT. Report No. A-1011EOG-008 OIG ACN 11-A002. Connie Schulze Contract Auditor

2. The auditors' report on a corporation's financial statements usually is addressed to the president of the company.

Tools & Techniques II: Lead Auditor

OFFICE OF THE CITY AUDITOR CITY OF GAINESVILLE, FLORIDA

Association of American Railroads Quality Assurance System Evaluation (QASE) Checklist Rev. 1/12/2017

Department of Transportation Maryland Aviation Administration

Triple C Housing, Inc. Compliance Plan

Policy and Procedures Date: November 5, 2017

Conducting a Compliance Audit or Review Key Issues

Internal Audit Department

Transcription:

The New Era of Transparent Internal Audit: What You Should Know May 17, 2012 Presented by: Bryan Moser, CPA, CFF, ABV, CFE, Director, Grant Thornton LLP Bob Wagman, Counsel, Government Contracts Group, Crowell & Moring LLP Moderated by: Bill Olsen, CIA, CGFM, CFE, CAMS, Principal, Leader of Grant Thornton's Global Investigation and Anti-Corruption services Grant Thornton. All rights reserved. If you experience any technical difficulties, please contact 888.228.0988 or support@learnlive.com

Awarding CPE for this session In general Respond to all polling questions The rule Respond to at least 75% of the polling questions to pass with full credit Group participation will not receive CPE You have to be logged in individually to receive credit If you experience any technical difficulties, please contact 888.228.0988 or support@learnlive.com 2

Addressing your questions through Q&A Step 1 Step 2 If you experience any technical difficulties, please contact 888.228.0988 or support@learnlive.com 3

Other helpful features you can use Be sure to shut down all other applications to allow more Internet bandwidth. If you experience any technical difficulties, please contact 888.228.0988 or support@learnlive.com 4

Today s presenters Bryan Moser, CPA, CFF, ABV, CFE Director, Advisory Services Grant Thornton LLP Bob Wagman Counsel, Government Contracts Group Crowell & Moring LLP Moderator: Bill Olsen, CFE, CAMS, CIA Principal, Leader Global Investigation and Anti- Corruption services Grant Thornton LLP 5

Learning Objectives Discuss statutes and case law governing the Government s rights to access a company s internal audit Explore considerations in developing corporate policies for granting access to internal audit Identify the risks internal audit departments should consider Cite considerations in audit documentation approaches 6

Overview (Legal Issues) GAO report on improving access to defense company internal audit reports Background on the government s audit rights and access to internal audits Subsequent developments impacting company decisions related to providing the government access to internal audits Potential concerns of disclosing internal audits 7

Overview (Audit Issues) Lessons learned from GAO report Audit support and maintenance of documentation Enforcement and compliance environment Risk management 8

Polling question #1: Does your company (or client(s)) have a resident DCAA auditor at one or more of its facilities? A. Yes B. No C. Uncertain 9

GAO Report Report issued December 8, 2011 GAO assessed: (1) Adherence to internal auditing standards (2) Extent to which internal audits address internal controls (3) DCAA s ability to examine and use those reports in carrying out its oversight responsibilities 10

GAO Reviewed Adherence to Selected Standards Organizational characteristics Independence and objectivity Risk-based audit plan Proficiency Continuing professional education External quality assurance review 11

GAO Reviewed Adherence to Selected Standards Standards for individual audits Planning the engagement Conducting fieldwork including testing Reporting findings Tracking corrective actions 12

GAO Findings on Company Internal Audit Functions Internal audit departments generally adhered to IIA standards Organizational characteristics 2 of 7 have no external assessments / quality review Standards for individual audits 5 of 7 met the standards 2 did not provide information 13

Polling question #2: How many internal audit staff are employed by your company? A. Less than 10 B. 10 to 24 C. 25 74 D. 75 or more E. Uncertain 14

GAO Findings on Company Internal Audit Functions (continued) Internal audit reports contain information relevant to DCAA audits Business systems, specific DoD programs, compliance Access to and use of company internal audits are limited reports workpapers Requests / responses not tracked 15

GAO Conclusions DCAA is not making full use of internal audits to help accomplish its critical oversight role. DCAA auditors do not routinely request access to the reports due to limited visibility into the scope and objectives of internal audits. We believe that by not routinely obtaining access to relevant company internal audits that can inform their audits of the companies control environments, as well as audits of specific business systems and contracts, DCAA auditors are hindered in their ability to meet the GAGAS requirements for assessing internal controls. 16

GAO Recommendations Ensure that DCAA s central point of contact for each company coordinates issues pertaining to internal audits Periodically assess information regarding their disposition Reaffirm with DCAA staff through guidance and training how and under what circumstances company internal audits can be accessed and used 17

DoD s Response DoD partially concurred with the first recommendation and concurred with the remaining two recommendations. DoD will issue guidance and training by June 30, 2012. 18

Polling question #3: Which of the following was not a GAO recommendation? A. DCAA central point of contact coordination B. Periodically assess information compiled by central points of contact C. Expand scope of DCAA reviews at large government contractors D. Reaffirm with DCAA staff circumstances for internal audit access and use 19

Government s Audit Rights 10 U.S.C. 2313. Examination of records of contractor (a) Agency Authority. (1) The head of an agency, acting through an authorized representative, is authorized to inspect the plant and audit the records of (A) a contractor performing a cost-reimbursement, incentive, timeand-materials, labor-hour, or price-redeterminable contract, or any combination of such contracts, made by that agency under this chapter; and (B) a subcontractor performing any cost-reimbursement, incentive, time-and-materials, labor-hour, or price-redeterminable subcontract or any combination of such subcontracts under a contract referred to in subparagraph (A). 20

FAR Audit Provision FAR 52.215-2 Audit and Records-Negotiation The Contracting Officer, or an authorized representative of the Contracting Officer, shall have the right to examine and audit all records and other evidence sufficient to reflect properly all costs claimed to have been incurred or anticipated to be incurred directly or indirectly in performance of this contract. 21

Newport News I United States v. Newport News Shipbuilding and Dry Dock Co., 837 F.2d 162 (4 th Cir. 1988) Held that DCAA s subpoena authority does not extend to contractors internal audits. 1. The internal audits are not related to any particular government contract. 2. The reports were not compilations of contract cost charges and supporting documentation, but rather subjective evaluations of the company s operations and suggestions for changes. 22

Newport News I (Cont.) Interpreted the government s statutory audit rights to be construed principally to provide access to cost information related to particular contracts. Cost verification data, not the work product of internal auditors, is the proper subject of a DCAA subpoena. DCAA performs a critical auditing mission, but it is not running the company. 23

DCAA vs. Inspector General United States v. Westinghouse Elec. Corp., 788 F.2d 164 (3d Cir. 1986). Held that the Inspector General has authority to subpoena a contractor s internal audits as part of an investigation. The Newport News I court distinguished between the two because the IG Act vests the IG with authority to investigate fraud waste and abuse. Both agencies serve important but different functions. 24

Newport News II United States v. Newport News Shipbuilding and Dry Dock Co., 862 F.2d 464 (4 th Cir. 1988) Enforces subpoena seeking contractor s tax returns and supporting schedules Rejected the argument that access is limited to only materials used to determine or allocate costs to a specific contract Held that the government s audit rights include access to objective factual materials useful in verifying the actual costs 25

Polling Question #4: Has your company (or client(s)) established policies for disclosing internal audits to DCAA or other government auditors? A. Yes B. No 26

Considerations in Developing Policies for Granting Access to Internal Audits Legal standards No recent cases on the subject Limited to Fourth Circuit Industry practice Six companies have policies that provide for DCAA access to at least some internal audits. Four of the six companies have policies granting access to supporting workpapers. One company adopted a policy of not providing DCAA with access to its internal audit reports. 27

Other Considerations Attorney-Client Privilege Business Systems Rule Ethics/Compliance/Mandatory Disclosure Requirements Fraud allegations 28

Initial Steps Review the types of contracts the company is performing Review the types of internal audits that the company performs Review the company s procedures for handling matters discovered in the course of an internal audit 29

Polling Question #5: Which of the following is not a suggested step to take in response to the GAO report? A. Review the types of contracts the company is performing B. Review the types of internal audits that the company performs C. Review documentation to ensure every preliminary observation is retained D. Review procedures for handling matters discovered in the course of an internal audit 30

Other Related Guidance COSO Enterprise Risk Management Inherent Risk control and control system Residual Risk Other FAR Acquisition Regulation Contractor Code of Business Ethics Internal Controls System Communication of Fraud Hotline 31

Risk Assessment Risk assessment emphasized in report evidence for planning steps assessments specific to audit's scope chart cited as supporting rationale for inclusion in audit scope Ensure you invest sufficient time in your risk assessment Document effectively 32

Audit Documentation Questions to ask beyond the basics Does it leave questions unanswered? Could it cause confusion? Are paper and electronic sources both documented adequately? User-developed applications 33

Enforcement and Compliance Environment Dodd Frank Whistleblower provisions Continued FCPA enforcement Prosecution of individuals 34

Polling Question #6: The GAO report did NOT reference the following regarding assessing the risk of fraud. A. Noting evidence in planning steps B. Fraud risk assessments specific to audit scope C. Consulting with private investigators when planning the audit D. Risk assessment chart with supporting rationale for inclusion in audit scope 35

Summary DCAA may pursue internal audit reports more frequently Establish or review company policy regarding access to internal audit reports Ensure information in internal audit reports is well documented 36

Q&A Bryan Moser Bryan.Moser@us.gt.com (703) 847-7586 Bob Wagman RWagman@crowell.com (202) 624-2507 37

Disclaimer This Grant Thornton LLP presentation is not a comprehensive analysis of the subject matters covered and may include proposed guidance that is subject to change before it is issued in final form. All relevant facts and circumstances, including the pertinent authoritative literature, need to be considered to arrive at conclusions that comply with matters addressed in this presentation. The views and interpretations expressed in the presentation are those of the presenters and the presentation is not intended to provide accounting or other advice or guidance with respect to the matters covered. For additional information on matters covered in this presentation, contact your Grant Thornton LLP adviser.

Thank you for attending To retrieve your CPE certificate: Respond to online evaluation form Print your CPE Certificate from the CPE confirmation email or participation tab *Note: Group participation will not receive CPE Download today s slides as a reference resource 39 39

Thank you for attending. Visit us online at: www.grantthornton.com www.crowell.com twitter.com/grantthorntonus linkd.in/grantthorntonus http://www.governmentcontractslegalforum.com/ For questions regarding your CPE certificate, contact Learnlive at 888.228.0988.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback