1 / 31

SAN JOSE STATE SPARTANS

SAN JOSE STATE SPARTANS. WHO am I and WHY?. Doug Younce CFO of New York Transit, Inc. Friend of Pat Kwan (a NYT “advisor”) NYT, a growing company with MIS/I.S. challenges Share some experiences & observations Q & A. NEW YORK TRANSIT, INC . COMPANY BACKGROUND. Middle Market - $100 mil

maine
Download Presentation

SAN JOSE STATE SPARTANS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SAN JOSE STATE SPARTANS

  2. WHO am I and WHY? • Doug Younce • CFO of New York Transit, Inc. • Friend of Pat Kwan (a NYT “advisor”) • NYT, a growing company with • MIS/I.S. challenges • Share some experiences & observations • Q & A

  3. NEW YORK TRANSIT, INC. COMPANY BACKGROUND • Middle Market - $100 mil • Privately owned • Wholesale women’s footwear • Founded in 1984 • 110 employees • Import from China • Sell to dept stores & independents (boutiques) • Highly competitive, 4 seasons, environment

  4. You may ask yourself, WHY SHOULD I CARE? • My understanding is that this class is a mixed bag of business related majors; not necessarily computer science majors • ALL companies face Information Technology issues & challenges, and ……… they never end • Internal needs for better, more timely information • Competition never stands still • Customer demands • Outside influences such as SOX • “All” means every size and every industry and every family • Oh, and you will be tested on today’s information

  5. NYT’s EXPERIENCE - STRUCTURE & PURPOSE • 2000/2001 DP Steering Committee • Composition: Finance, Ops & I.S. • Purpose: Determine what we needed to do in IT area to • Support Growth • Enhance effectiveness of internal MIS • Reduce dependency on highly tailored systems and their authors • Meet or Exceed Customer Expectations

  6. NYT’s EXPERIENCE -WHAT WE WERE WORKING WITH • Systems - window based UNIX • Software: • In-house, highly tailored for operations • Separate software for financial reporting • Not necessarily utilizing common data bases • Overriding Concern - • WHAT IF IT DOESN’T WORK!!!!

  7. NYT’s EXPERIENCE -DECISION PROCESS • Establish hierarchy of needs, without consideration to costs, then consider: • Software vs. Programming • Priorities – Cost / Benefit • Security – Systems / Personnel • Cost

  8. NYT’s EXPERIENCE -OUR DECISION - NYT must . Set in motion commitment to change . Establish base for coordinated improvements . Minimize risk and costs - Two basic systems, two approaches: • Operations – programming • Financial Reporting – software (Oracle)

  9. NYT’s EXPERIENCE –THREE YEAR’S LATER • Working,……… yes • Continuous Improvement, a “must” • 2004 Task Force re Operations • Composition: I.S. and Ops • Dual Purpose: • Improve current applications • Software study • Decision, in process & on-going • IT is a journey, not a destination!

  10. KEYS TO SUCCESS • Support from the top, must be a corporate initiative • Know your objectives, don’t be sidetracked or wooed, but • Be open minded • Cross functional task force • See software demos & on-site applications • Think long-term • Ensure in-house expertise to support • Go mainstream for continuity • Follow up with user TRAINING

  11. OUTSIDE INFLUENCES - SOX

  12. SARBANES-OXLEY ACT EXECUTIVE OVERVIEW

  13. BACKGROUND • Congress reaction to corporate shenanigans (Enron, MCI, AA, etc.) • Senator Paul Sarbanes & Congressman Michael Oxley • Sarbanes-Oxley Act of 2002 (“SOX”)

  14. SOX – MATTERS ADDRESSED • PCAOB • Auditor independence • Corporate responsibility (Sec 302) • Enhanced financial disclosures (Sec 404) • Corp criminal fraud accountability (HR) • White collar crime (penalties)

  15. SECTION 302 DISCLOSURE CONTROLS • Disclosure Controls & Procedures, Quarterly • Financial Statements (Section 404) • Strategic Relations • Contracts • Mngt Discussion & Analysis • Legal Proceedings • Required info accurate & timely • Quarterly certification by CEO & CFO • Penalty: Neglect, up to $1mil & 10 yrs • Penalty: Willful, up to $10 mil & 20 yrs

  16. SECTION 404 - INTERNAL CONTROLS OVER FINANCIAL REPORTING • Mng’t resp for IC over financial reporting: • B/S, I/S, CF, Equity, Notes • Mng’t assessment of IC • Annual certification by CEO & CFO • Penalties as at Section 302 slide • Auditor attestation

  17. COSOCommittee of Sponsoring Organizations of the Treadway Commission • Integrated Framework for Internal Control • COSO Cube (operations/financial) • Five integrated components: • Control Environment (ethics & integrity) • Risk Assessment • Control Activities (Reviews, reconciliations, etc.) • Information & Communications (How gathered & disseminated) • Monitoring

  18. SOX and PRIVATE COMPANIES • Standard for Best Practices • Lenders, insurance & underwriters • IPO/acquisition (18% premium) • Cost of implementation per FEI: • $825,000 for $100 million company

  19. RISK ASSESSMENT • Business Risks: • Impact health of the company • NYT examples: • China factories • WT health • Retail consolidation • Independent warehousing

  20. RISK ASSESSMENT • Material misstatement of financials • Identify what drives general ledger entries • Identify primary risks: • Choices of accounting policies (GAAP) • Accounts requiring judgment (reserves/allowances) • Adjustments outside routine processing (JE’s) • Environment encouraging “stretch” (incentives) • Pts in processing where data is manipulated

  21. IDENTIFY “SIGNIFICANT CONTROL OBJECTIVES” • To manage most significant financial reporting risks (consider value chain activities) • Giving consideration to – • Key business activities • Industry characteristics • Most significant risks to entity & industry • Financial reporting matters • Accounts that are subjective • Complex accounting • Accounting rules subject to interpretation • Dependent on external information

  22. ASSESS & IMPLEMENTINTERNAL CONTROLS

  23. ENTITY LEVEL CONTROLS(Corporate governance, sets the tone) • Company culture • Define/communicate ethical & behavioral norms • Code of Conduct • Reinforce via Leadership behavior • Minimize temptation for actions o/s ethical norms • Enforce remedial action for behavior o/s ethical norms • Personnel policies: Select / retain competent employees • HR responsibilities

  24. HR RESPONSIBILITIES • HR must provide all employees – • An understanding of: • Expectations of the individual employee • Individual employee’s authority • Corporate lines of authority • Corporate attitude re risk identification • Corporate attitude re fraud • Formal job descriptions • Training, including corporate ethics • Performance appraisals & feedback

  25. COMPUTER CONTROLS • General Controls • Application Controls

  26. OVERVIEW OF COMPUTER CONTROLS • Aligned w/ business objectives to provide • Systems to manage the quality & integrity of financial & other business information • Access controls over IT systems & applications • Authorization process for computer applications • Information on a timely basis • Confidentiality of sensitive information • Support of continued information flow

  27. IT - GENERAL CONTROLS • Data Center – Backup, recovery & scheduling • Systems Software – Acquisition & implementation • Access Security – Firewalls, access codes, etc. • Application Systems – Development & maintenance • Documentation – All significant processes/activities • Monitor – IT performance & capacity levels

  28. IT – APPLICATION CONTROLS • Control processing of data/transactions • Completeness • Accuracy • Authorization & validity • Data storage & backup • Control system interface & data exchange

  29. ACTIVITY LEVEL INTERNAL CONTROLS • Prevent material misstatement of financials • Reflect risk assessment – • Account • Activity • Input source • Focus on: • F/S accounts (debits & credits) & disclosure, consider • Materiality, quality, inherent risk, non-routine sources • Data security (boundaries & authorization) • Processing points where data is manipulated • Preventative controls supplemented by detection

  30. BOTTOM LINE - WHAT ALL PUBLIC COMPANIES NEED TO DO • Clearly communicate SOX is a priority • Assess risks & control environment • Document: • Entity Level Controls • Computer Controls • Activity Level Controls • Information flow to GL accounts • Implement additional controls where needed • Document updated control procedures • Monitor effectiveness of controls

  31. Q & A

More Related