View
230
Download
0
Category
Tags:
Preview:
Citation preview
2
Introduction of the Internal Controls Team
Discuss the Internal Controls initiative for the State of Kansas
Present the Internal Controls Managers Guide & key framework concepts
Looking Forward….
3
Chief Financial Officer: DeAnn Hill CPA, CGMA, PFSStatewide Controls, Reporting, & Collections Manager: Annette Witt
4
Brett Bauer, Internal Controls Team Lead Brett.Bauer@da.ks.gov (785) 368-8165
Kristie Courtney, Central Business Analyst Kristie.Courtney@da.ks.gov (785)296-2934
5
Internal Control Framework and Policies
Process Reviews and Recommendations
Book to Bank Reconciliation
Continuity of Operations Plan (COOP)
Data Analysis, Reporting, and Account Reconciliation
6
While the State has numerous accounting policies that incorporate internal controls, Kansas has not addressed internal controls in a holistic way.
The Internal Controls Team has begun a multi-phase project to develop an internal control framework for Kansas based on the Federal GAO Green Book.
That project will include development of standards for internal control in Kansas to meet Kansas specific requirements, drafting internal control policies, educating state agencies on the new standards, and eventually reviewing implementation efforts by agencies and monitoring compliance.
7
8
The State of Kansas has developed the Internal Control Framework based on the U.S. GAO Standards for Internal Control in the Federal Government (Green Book)
The Managers Guide provides a high-level overview of key points contained in the Green Book
The Managers Guide is designed to be an introduction to Internal Control concepts
9
10
Internal control is a process, effected by an entity’s oversight body, management, and other personnel that provides reasonable assurance that the objectives of an entity will be achieved.
These objectives and related risks can be broadly
classified into one or more of the following three categories:
Operations - Effectiveness and efficiency of operations Reporting - Reliability of reporting for internal and external use Compliance - Compliance with applicable laws and regulations
11
Internal control is what we do to see that the things we want to happen will happen …
And the things we don’t want to happen won’t happen.
12
What do you worry about going wrong?
What steps have been taken to assure it doesn’t?
How do you know things are under control?
13
14
15
Financial misstatements Business loss Loss of funds or materials Incorrect or untimely
management information Fraud or collusion Tarnished reputation with
the public Program Sustainability
compromised Missed goals
16
When looking at controls
More is not necessarily better Controls that do not work together leaving holes Cost of duplicated or inefficient controls Controls that do not align with the importance of the risks
Complex and poorly implemented controls Not understood or followed Inconsistently applied Control effectiveness can degrade over time
No value for money Controls cost money Duplication of ineffective controls do not provide benefits
17
18
19
Foundation for all other standards of internal control.
Pervasive influence on all the decisions and activities of an organization.
Provides the discipline and structure, which affect the overall quality of internal control.
Effective organizations set a positive “tone at the top”.
20
21
Risks are internal & external events (economic conditions, staffing changes, new systems, regulatory changes, natural disasters, etc.) that threaten the accomplishment of objectives.
Risk assessment is the process of identifying, evaluating, and deciding how to manage these events… What is the likelihood of the event occurring? What would be the impact if it were to occur? What can we do to prevent or reduce the risk?
22
Anything that could negatively impact the agency’s ability to:
Achieve its goals
Operate efficiently and effectively
Protect its assets from loss
Provide reliable financial data
Comply with applicable laws, regulations, policies and procedures
23
24
Tools - policies, procedures, processes -designed and implemented to help ensure that management directives are carried out.
Help prevent or reduce the risks that can impede the accomplishment of objectives.
Occur throughout the organization, at all levels, and in all functions.
25
Authorization and approval controls
Information processing controls
Physical Controls
Segregation of duties
26
Pertinent information must be captured, identified and communicated on a timely basis.
Effective information and communication systems enable the organization’s people to exchange the information needed to conduct, manage, and control its operations.
27
Internal control systems must be monitored to assess their effectiveness… Are they operating as intended?
Ongoing monitoring is necessary to react dynamically to changing conditions…Have controls become outdated, redundant, or obsolete?
Monitoring occurs in the course of everyday operations, it includes regular management & supervisory activities and other actions personnel take in performing their duties.
28
Reasons internal control systems lose effectiveness:
Processes or risks change, and underlying controls do not adapt
Previously effective controls cease to operate as they were designed
29
Ongoing Performance evaluation Code of ethics certification Training and Education
Corroboration of information Bank reconciliations, etc.
Comparison of physical assets to book assets Inventories
Internal and external audits Effectiveness
30
31
Reducing and preventing errors in a cost-effective manner
Ensuring priority issues are identified and addressed
Protecting employees & resources
Providing appropriate checks and balances
Having more efficient audits, resulting in shorter timelines, less testing, and fewer demands on staff
32
Make sense within each organization’s unique operating environment.
Benefit rather than encumber management.
Are not stand-alone practices; they are woven into day-to-day responsibilities.
Are cost-effective.
33
Internal control is a process; it is a means to an end, not an end itself.
Internal control is effected by people; it’s not merely policy manuals and forms, but people at every level of an organization.
Internal control can be expected to only provide reasonable assurance, not absolute assurance.
34
35
36
Think about Internal Controls whenever you are providing analysis or developing policies or implementing programs
Beware of the pitfalls – more is not always better, controls must be maintainable
Think about the things that worry you in your job and try to think of how internal controls could help alleviate your worry
37
Internal Control Framework: A Managers Guide – Coming Soon!
https://admin.ks.gov/offices/chief-financial-officer/internal-control-and-systems-audit/internal-controls-framework-for-kansas/
GAO Green Book http://www.gao.gov/products/GAO-14-704G
Internal Controls Team Brett Bauer, Team Lead Brett.Bauer@da.ks.gov (785)
368-8165 Kristie Courtney, Kristie.Courtney@da.ks.gov (785) 296-
2934
Recommended