320 likes | 467 Views
OSA Update. Katie Thigpen, Audit Supervisor Holli Harrison, IS Audit Supervisor. NC Office of the State Auditor. Session Etiquette. Please turn off all cell phones. Please keep side conversations to a minimum.
E N D
OSA Update Katie Thigpen, Audit Supervisor Holli Harrison, IS Audit Supervisor NC Office of the State Auditor
Session Etiquette • Please turn off all cell phones. • Please keep side conversations to a minimum. • If you must leave during the presentation, please do so as quietly as possible.
Session Topics Financial Audit Update Information Systems Audit Update 3
Financial Audit Update • Financial Audit Update - Topics • Summary of Financial Reporting for 2012 • Preview of Financial Reporting for 2013 • Audit Standards Update • Federal Compliance Audit Scope for 2013 • Materiality and Risk in a Financial Statement Audit 4
Summary of Financial Reporting - 2012 • Findings/Issues Noted • Statement on Auditing Standard 115 • Communicating Internal Control Related Matters Identified in an Audit 5
Summary of Financial Reporting - 2012 • Findings/Issues Noted • No pervasive reportable findings… TOUCHDOWN! 6
Summary of Financial Reporting - 2012 • Audit Adjustments Posted – Pervasive Items • Classification • Invested in Capital Assets, Net of Related Debt • Unspent Debt Proceeds • Retainage and Accounts Payable 7
Summary of Financial Reporting - 2012 • North Carolina Accounting System • Fiscal year 2011 – 4 pilot Universities • Fiscal year 2012 – all Universities • OSA concern – completeness of data file • Feedback 8
Preview of Financial Reporting – 2013 • Financial Reporting Standards Update (GASB) • GASB 60 – Service Concession Arrangements • GASB 61 – Financial Reporting Entity (amends GASB 14 & 34) • GASB 62 – Codification of pre-1989 FASB • GASB 63 – Deferred Outflows / Deferred Inflows 9
GASB 60 • Accounting and Financial Reporting for Service Concession Arrangements • Definition / Criteria • Financial Reporting / Required Disclosures • GASB 60 Flowchart • Pro forma Impact 10
GASB 60 GASB 60 Appendix C 11
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment 12
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment • More Restrictive Blending Criteria for Identified Component Units 13
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment • More Restrictive Blending Criteria for Identified Component Units • Additional Criterion for Blending for Identified Component Units 14
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment • More Restrictive Blending Criteria for Identified Component Units • Additional Criterion for Blending for Identified Component Units • Condensed Combining Information for Blended Component Units 15
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment • More Restrictive Blending Criteria for Identified Component Units • Additional Criterion for Blending for Identified Component Units • Condensed Combining Information for Blended Component Units • Reporting an Asset for Equity Interest in Discretely Presented Component Units 16
GASB 61 • The Financial Reporting Entity Omnibus (an amendment of GASB Statements No. 14 and No. 34 • Fiscal Dependency AND Financial Benefit/Burden for Component Unit Treatment • More Restrictive Blending Criteria for Identified Component Units • Additional Criterion for Blending for Identified Component Units • Condensed Combining Information for Blended Component Units • Reporting an Asset for Equity Interest in Discretely Presented Component Units • Going Forward / Pro Forma Impact 17
GASB 62 • Codification of Accounting and Financial Reporting Guidance Contained in Pre-November 30, 1989 FASB and AICPA Pronouncements • No new requirements • Add to the GASB codification • No change required for financial reporting 18
GASB 63 • Financial Reporting of Deferred Outflows of Resources, Deferred Inflows of Resources, and Net Position • Background • Reporting Requirements • Statement of Net Assets becomes Statement of Net Position • Statement of Revenues, Expenses and Changes in Net Assets becomes Statement of Revenues, Expenses, and Changes in Net Position • Pro Forma Impact 19
GASB 63 20
GASB 63 21
GASB 63 22
Highlights for Financial Reporting – 2013 Pro Forma Update – 2013 Financial reporting follows GAAP. The pro forma is provided to be a guide (not all inclusive) Availability of Pro Forma (www.ncauditor.net) 23
Auditing Standards Update – 2013 • No impact on fiscal year 2013 audits 24
Federal Compliance Audits – 2013 • Federal Programs Selected For Audit • Research and Development Cluster • Student Financial Assistance Cluster • Higher Education Grant 25
Audit Risk and Materiality • Concept of Materiality • Financial Reporting • Auditing • Determining Materiality • Quantitative Factors • Qualitative Factors 26
Information Systems Audit Update • Summary of 2012 IS Audit Procedures • Common Opportunities for Improvement - 2012 • Preview of IS Audit Procedures for 2013 27
Summary of 2012 IS Audit Procedures • 2012 – Third Year of Financial/IS Audit Partnership • Years one & two – no formal communication of IS issues to Universities • Concerns were communicated verbally to frontline IT staff • Issues with potential financial impact noted in financial audit workpapers • Financial auditors found end-user controls to mitigate IS audit concerns 28
Summary of 2012 IS Audit Procedures • 2012 – Third Year of Financial/IS Audit Partnership • Year three – formal communication of IS issues to CIO • NOT findings in the Financial Statement audit • “Opportunities for Improvement” • Goal – help you avoid findings in an IT audit 29
Common Opportunities for Improvement - 2012 • IT Risk Assessments incomplete or outdated • Disaster Recovery plans not tested • Inadequate separation of duties between programmers and DBAs • Lack of access rights recertification on the server, database and/or network 30
Common Opportunities for Improvement - 2012 • Less than optimal password settings • End users with local administrator access (can override controls) • Insufficient monitoring of network equipment and events • Excessive number of privileged users on the network 31
Preview of IS Audit Procedures for 2013 • Continue to work with Financial Audit • New workpaper methodology this year – different understanding of IT controls • Goal – improve efficiency of partnership so we have time for in-depth IT audits 32