1 / 14

IT audits Workshop 2 – Report Ljubljana, 12-13 October 2009

IT audits Workshop 2 – Report Ljubljana, 12-13 October 2009. Mr. Gilles RECKERT Inspection générale des Finances, Ministère des Finances, Luxembourg. Mr. Billi’s presentation. Council Regulation 1083/2006 obliges to have computerised accounting records

sirius
Download Presentation

IT audits Workshop 2 – Report Ljubljana, 12-13 October 2009

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT auditsWorkshop 2 – ReportLjubljana, 12-13 October 2009 Mr. Gilles RECKERT Inspection générale des Finances, Ministère des Finances, Luxembourg

  2. Mr. Billi’s presentation Council Regulation 1083/2006 obliges to have computerised accounting records Commission’s Guidance Note on certification provides suggestions on the main elements of an IT-system Commission’s implementing rules 1828/2006 obliges to maintain reliable IT-systems

  3. The processing picture: underlying risks Unreliable / inaccurate accounting and monitoring data Irregularities or fraud left undetected A risk free system is an IT-system unplugged (no electricity) A well-functioning IT-system adds great value to the programmeand can mitigate a great deal of risks Unreliable IT system / data  Less money for projects

  4. Conclusion • IT system is mandatory for this programming period • It is mandatory to provide assurance on the reliability of the data and the functioning of the system • The therefore developped system has to be tested, i.e. IT-audited for reliabililty by professionals in compliance with international standars

  5. Ms Garsoux’ presentation The MIS has to be well audited to assure it is: Reliable Continuous Secure Efficient/effective Compliant Presentation of the ISACA (Information Systems Audit and Control Association)

  6. Ms Garsoux’ presentation Definition of an IT-auditor competencies Use of the Cobit standard for key controls The steps of an IT-audit (plan, execute the audit, write a report) Contents of an IT-audit (environment, input, process, output) Example of an IT audit Framework Reporting

  7. Conclusion & Reference IT audit is a mature and regulated profession with available tools and techniques from ISACA. WWW.ISACA.ORG for Cobit and the Assurance Guide and IT assurance framework -> free downloadable Email : M.Garsoux@QAP.EU Tel: + 32 472739836

  8. The Ministry of Economy and Finance’s (MEF IGRUE) role is to coordinate PRELEX CONTROLS • EUROPEAN COMMISSION • DG REGIO • DG EMPL • DG AGRI • DG MARE • NATIONAL ADMINISTRATIONS • MINISTRIES • REGIONS • AUTONOMOUS PROVINCES • OTHER BODIES ----- ----- ----- ----- MEF IGRUE IGRUE COMMON BUDGET MONITORING FINANCIAL MANAGMENT Ljubljana, 12-13 October 2009

  9. Mr Di Nuzzo’s presetation • description of the IGRUE’s role only coordination • experiences of the old period (2000-2006) • new requirements (digitalisation, availability of audit-data, deadlines) • description of IGRUE’s tasks in the financial management of EU-funds Ljubljana, 12-13 October 2009

  10. SFC 2007 System Area Local IT System Area Financial Management – Generalview IGRUE IT System Area Central Coordinating Administrations Certifying Authority Managing Authority European Commission MEF-IGRUE Beneficiaries Payment Body Treasury Payment request process Fund Transfer EU Accrediting Payment orders Ljubljana, 12-13 October 2009

  11. Mr Di Nuzzo’s presentation • records of irregularities • controls exercised by the MA, CA, and AA and the IGRUE’s role therein • the monitoring process • key features of the IT-system and the respective data flows Ljubljana, 12-13 October 2009

  12. Local IT System Area SFC 2007 System Area Controls - generalview IGRUE IT System Area Managing Authority Audit Authority MEF-IGRUE European Commission Certifying Authority Irregularities Evaluation Body Cabinet Presidency O.L.A.F. Othercontrollingbodies (Court ofAuditors, Financial Police, etc.) Annual summary Irregularities Recoveries Annual Audit Report

  13. Local IT System Area SFC 2007 System Area Monitoring - generalview IGRUE IT System Area Managing Authority European Commission MEF-IGRUE Beneficiaries Implementing bodies IT System Institutional Users Operations programming /implementing data Projects progress data Programming data System report Ljubljana, 12-13 October 2009

  14. Di Nuzzo’s Conclusions • The exploitation of the IT System allows: • coping easily with deadlines set by common legislation • the minimisation of potential errors connected with manual activities and paper flows • the immediate availability of information and either internal and external reports (EU, Court of Auditors, ISTAT, Italian Central Bank, etc.) Ljubljana, 12-13 October 2009

More Related