Upload
kamran1355
View
221
Download
0
Embed Size (px)
Citation preview
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
1/19
Federal Audit ExecutiveCouncil (FAEC)
June 2012
Bi-Monthly Meeting
Heather I. Keister
Doris G. Yanger
June 14, 2012
Green Book Update
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
2/19
Session Objectives
Discuss update of The Committee of SponsoringOrganizations of the Treadway Commission(COSO) Internal Control-Integrated Framework
Discuss GAOs plan to update the Standards forInternal Control in the Federal Government,GAO/AIMD-00.21.3.1, November 1999 (Green
Book)
2
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
3/19
COSOs Internal Control-IntegratedFramework
COSO Framework first published in 1992
Framework concepts timeless, but context needsupdating
COSO released exposure draft for comment in
December 2011 Deadline for submitting comments was March 31, 2012
Draft available at www.ic.coso.org
3
http://www.ic.coso.org/http://www.ic.coso.org/7/29/2019 GAO Slides on GB Revision FAEC 06 2012
4/19
4
Why update the COSO InternalControl-Integrated Framework?
Changes in operating environments
Changes in business models
Tight budget constraints
Expectations for governance oversight
Use and reliance on evolving technologies Expectations for preventing and detecting fraud
Demands and complexities in laws, rules, regulationsand standards
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
5/19
Highlights of COSOs Internal Control Integrated Framework Update
Project goal is to refresh the Framework
Update not intended to alter core concepts developed in
original Framework
Additional focus on operational and compliance controlobjectives
Expands the reporting category of objectives
Codification of five internal control components into
Principles and Attributes5
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
6/19
6
Whats Not Changing?
Definition and objectives of internal control
Five components of internal control
Criteria used to assess effectiveness of systems ofinternal control
Use of judgment in evaluating the effectiveness ofsystems of internal control
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
7/197
Definition and Objectives of InternalControls Remain Unchanged
Definition
Internal control is a process, effected by an entitys board of directors,
management and other personnel, designed to provide reasonable
assurance regarding the achievement of objectives.
ObjectivesOperations: Effectiveness and efficiency of operations
Reporting: Reliability of reporting
Compliance: Compliance with applicable laws and regulations
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
8/198
Components of Internal ControlRemain Unchanged
Relationship of Objectives and ComponentsA direct relationship exists between objectives (which arewhat an entity strives to achieve) and the components(which represent what is needed to achieve the
objectives).
COSO depicts therelationship in a form of a cube:
The three objectives are representedby the columns.
The five components are representedby the rows.
The entitys organization structure isrepresented by the third dimension.
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
9/19
What Changed in COSOExposure Draft?
Update not intended to alter core conceptsdeveloped in the original Framework
Goal of the project is to refresh objectives ofthe Framework
Address significant changes to the businessenvironment and associated risks
Codify criteria to use in the development andassessment of systems of internal control
Increase focus on operations, compliance, and non-financial reporting objectives
9
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
10/1910
What Changed in COSOExposure Draft? (cont.)
Expanded financial reporting objective toaddress internal and external, financial and non-financial reporting objectives
Enhanced internal control guidance over:
Operations
Compliance
Information Technology
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
11/19
What Changed in COSOExposure Draft? (cont.)
Codification of internal control concepts intoPrinciples and Attributes Represents the fundamental concepts associated with
each component Provides a basis for evaluating the effectiveness ofinternal controls
17 Principles supported by related attributes that representcharacteristics associated with these principles
Provides clarity in the design and development of internalcontrols
Supports assessment on the effectiveness of internalcontrols
11
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
12/19
Codification of 17 Principles Embeddedin the Original Framework
13. Uses relevant information
14. Communicates internally
15. Communicates externally
Control Environment 1 Demonstrates commitment to integrity and ethical values2 Exercises oversight responsibility3 Establishes structure, authority and responsibility4 Demonstrates commitment to competence5 Enforces accountability
Risk Assessment 6 Specifies relevant objectives7 Identifies and analyzes risk8 Assesses fraud risk9 Identifies and analyzes significant change
Control Activities 10 Selects and develops control activities11 Selects and develops general controls over technology12 Deploys through policies and procedures13 Uses relevant information14 Communicates internally15 Communicates externally
Monitoring Activities 16 Conducts ongoing and/or separate evaluations17 Evaluates and communicates deficiencies
Information &Communication
12
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
13/1913
GAOs Responsibility for IssuingStandards for Internal Control in theFederal Government (Green Book)
Federal Managers Financial Integrity Act of1982(FMFIA) requires GAO to issue standards forinternal control in the Federal government
Provides an overall framework for establishing andmaintaining internal control in Federal agencies
Existing Green Book utilizes COSO internal controlconcepts
Last revision issued November 1999
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
14/19
Why Revise the Green Book?
General recognition of the need to update
The COSO Internal Control Integrated-Framework is currentlybeing updated
Consider the updated COSO Framework where applicable togovernment and add additional areas of emphasis forgovernment
Green Book will be updated and harmonized with the revised
COSO framework
Revised Green Book will provide clarified standards andattributes to assist:
Management in developing internal control
Auditors in auditing and reporting on internal control14
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
15/19
Green Book Revision Process and Timing
GAO will seek input from user groups- Management
- IG and audit community
-OMB and other users
A Green Book advisory council with cross-representation, similar to the Yellow Book
council, will be established
An exposure draft will be available for commentwith a final version due later in the year
15
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
16/1916
Green Book Revision Timeline
Seek input from user groups - Ongoing
Public Exposure Period 2013 90 day comment period
Finalize 2013
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
17/1917
Proposed Green Book Changes
Expand discussion of the five components ofinternal control
Expand discussion of controls over informationtechnology
Expand discussion on compliance withapplicable laws and regulations
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
18/19
Why are we here today?
Outreach to the user community to obtain theirinput on areas of interest related to internalcontrol in the Federal government
Opportunity to discuss areas of interest,concerns and other internal control related topics
18
7/29/2019 GAO Slides on GB Revision FAEC 06 2012
19/19
Questions?
GAO Contact Information
Jim Dalkin, Director, (202) 512-3133, [email protected]
Heather Keister, Assistant Director, (202) 512-2943, [email protected]
Doris Yanger, Senior Auditor, (202) 512-4819, [email protected]
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]