1 / 5

Audit Readiness: It is Like a Root Canal

elina
Download Presentation

Audit Readiness: It is Like a Root Canal

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Presented to: Anyone who would listen May 25, 2010 Greg Bitz Audit Readiness: It is Like a Root Canal

    3. A High Level Look at What An ERP has to do today….

    4. Everyone Contributes to Auditability– Bottom Line Up Front Essentially, auditability is: Well-controlled business processes to satisfy: Generally Accepted Accounting Principles (GAAP) Compliance with Federal Financial Management Regulations (FMR, FFMIA, FMFIA, etc.) Ability to verify the existence of well-controlled processes through substantive and transaction testing

    5. A High Level Look at What An ERP has to do today….

    8. Lessons Learned: Assertion to Audit Being a leader in DoD Audit Readiness, DON has a unique opportunity to analyze our progress and collect key lessons learned through testing, corrective action, audit assertions, and all other “audit readiness” activities. The ongoing USMC SBR Audit it is currently proving to be a wealth of helpful information when approaching and undergoing an audit. A list of major lessons learned can be grouped into four areas: Financial Environment, Human Resource Management, Data Management, and Auditor to Auditee Communication Financial Environment – “Know Your Environment” -Understand the flow of events and transactions from recognition through recording to reporting (transaction all the way to the Financial Statement) -Know how to approach Prepared by Client Lists (PBC) -Reconciliation of: Funds Balance With Treasury, Unadjusted Trial Balance to Adjusted Trial Balance, Delivered Orders-Unpaid to A/P, etc. -Know the location of Source Docs (have them readily available) Human Resource Management – “People Make the Difference” -Quality people are needed in the auditee organization as well as in the external service providers (e.g. DFAS, BTA, etc.) -Constant education of both auditor and auditee (training) -Must have the “Will to Win” – Audit is unrelenting – Commitment must be full and unwavering Data Management – “Transmitting Timely and Accurate Information” -Sample retrieval, submission, and tracking, as well as follow-up question management – A central, well organized tracking mechanism must be in place to account for the large number data/documents constantly being transferred -Sample Testing -DoD/DON information security requirements (Encryption/Decryption, Information Assurance, Personally Identifiable Information, etc.) -Data requirements are large and complex – requires constant focus Auditor-Auditee Communication – “Simple in Concept… Monumental in Execution” -Know how to communicate with the auditor – Answer the questions asked honestly and thoroughly, but do not give more information than asked for – Be courteous, polite and professional -Assure clear understanding by all parties of business activities -We know our business better than anyone, so be confident Being a leader in DoD Audit Readiness, DON has a unique opportunity to analyze our progress and collect key lessons learned through testing, corrective action, audit assertions, and all other “audit readiness” activities. The ongoing USMC SBR Audit it is currently proving to be a wealth of helpful information when approaching and undergoing an audit. A list of major lessons learned can be grouped into four areas: Financial Environment, Human Resource Management, Data Management, and Auditor to Auditee Communication Financial Environment – “Know Your Environment” -Understand the flow of events and transactions from recognition through recording to reporting (transaction all the way to the Financial Statement) -Know how to approach Prepared by Client Lists (PBC) -Reconciliation of: Funds Balance With Treasury, Unadjusted Trial Balance to Adjusted Trial Balance, Delivered Orders-Unpaid to A/P, etc. -Know the location of Source Docs (have them readily available) Human Resource Management – “People Make the Difference” -Quality people are needed in the auditee organization as well as in the external service providers (e.g. DFAS, BTA, etc.) -Constant education of both auditor and auditee (training) -Must have the “Will to Win” – Audit is unrelenting – Commitment must be full and unwavering Data Management – “Transmitting Timely and Accurate Information” -Sample retrieval, submission, and tracking, as well as follow-up question management – A central, well organized tracking mechanism must be in place to account for the large number data/documents constantly being transferred -Sample Testing -DoD/DON information security requirements (Encryption/Decryption, Information Assurance, Personally Identifiable Information, etc.) -Data requirements are large and complex – requires constant focus Auditor-Auditee Communication – “Simple in Concept… Monumental in Execution” -Know how to communicate with the auditor – Answer the questions asked honestly and thoroughly, but do not give more information than asked for – Be courteous, polite and professional -Assure clear understanding by all parties of business activities -We know our business better than anyone, so be confident

    9. The DoD Business “Control Continuum” displays the broad spectrum of possible internal control environments. The Continuum begins with a “Playground Rules” environment, in which no control is present. At the opposite end of the spectrum is complete control, akin to the environment of checks and balances present in dealing with nuclear reactor safety (absolutely necessary when lives are at stake). Obviously the ultimate goal is complete control, but the realist goal is to close the gap between the current state (Qualified Assurance) and Financial Auditability (Reasonable Assurance). Obtaining this goal will provide the apparent benefit of being auditable, but other benefits will be produced as well: -Controls that are in place and tested (confidence in the control environment, auditable processes) -More standard processes -Implementing more capable systems -Improved operational efficiency (streamlined organization, cost savings) -Reduced vulnerability to fraud/waste (tighter control) -Sustained public trust/confidence (stewardship) The DoD Business “Control Continuum” displays the broad spectrum of possible internal control environments. The Continuum begins with a “Playground Rules” environment, in which no control is present. At the opposite end of the spectrum is complete control, akin to the environment of checks and balances present in dealing with nuclear reactor safety (absolutely necessary when lives are at stake). Obviously the ultimate goal is complete control, but the realist goal is to close the gap between the current state (Qualified Assurance) and Financial Auditability (Reasonable Assurance). Obtaining this goal will provide the apparent benefit of being auditable, but other benefits will be produced as well: -Controls that are in place and tested (confidence in the control environment, auditable processes) -More standard processes -Implementing more capable systems -Improved operational efficiency (streamlined organization, cost savings) -Reduced vulnerability to fraud/waste (tighter control) -Sustained public trust/confidence (stewardship)

    10. What is the Significance of These Dates? What is the significance of these dates? 1990 1996 2000 2007 2017What is the significance of these dates? 1990 1996 2000 2007 2017

More Related