Скачать презентацию Internal Control Under the Microscope Business Officers Meeting Скачать презентацию Internal Control Under the Microscope Business Officers Meeting

f9c599d311ae674f9211446d6f0136a5.ppt

  • Количество слайдов: 32

Internal Control Under the Microscope Business Officers Meeting March 7, 2006 Presented by Randy Internal Control Under the Microscope Business Officers Meeting March 7, 2006 Presented by Randy Van Dyke

Overview • Quiz • Background • Internal Control Defined • Internal Control Framework • Overview • Quiz • Background • Internal Control Defined • Internal Control Framework • Self Assessment Checklist

Quiz – Handout Pages 2 -4 “First, get your facts. Then you can distort Quiz – Handout Pages 2 -4 “First, get your facts. Then you can distort ‘em as you please. ” Mark Twain

Background A Rough Ride for Business – War on Terrorism / Natural Disasters – Background A Rough Ride for Business – War on Terrorism / Natural Disasters – Economic downturn / Aftermath – Financial frauds / Business failures

Sarbanes Oxley Act “This law says to every dishonest corporate leader: you will be Sarbanes Oxley Act “This law says to every dishonest corporate leader: you will be exposed and punished; the era of low standards is over. ” George W. Bush

Sarbanes Oxley Act • Audit Committee organization and function • Companies must document and Sarbanes Oxley Act • Audit Committee organization and function • Companies must document and evaluate the effectiveness of internal controls • CEOs and CFOs must personally certify financial statement accuracy

Sarbanes Oxley Act • Outside audit reports must include a statement on the effectiveness Sarbanes Oxley Act • Outside audit reports must include a statement on the effectiveness of internal controls • Companies must have in place mechanisms for reporting and investigating wrongdoing (including anonymous reports)

Impact on U • Board of Regents Policy • Trustees Audit Committee – Level Impact on U • Board of Regents Policy • Trustees Audit Committee – Level of Involvement – Scope of Oversight

Impact on U • Ethical Conduct Guidance • Ethics & Compliance Hotline 585 -1593 Impact on U • Ethical Conduct Guidance • Ethics & Compliance Hotline 585 -1593 [email protected] utah. edu

Core Process Assessments This assessment focused on internal controls for 15 business processes. 192 Core Process Assessments This assessment focused on internal controls for 15 business processes. 192 risks and related controls were evaluated.

Core Process Assessments Core Process Assessments

Core Process Assessments Potential Risk: Unauthorized access to check stock and printing capability. Primary Core Process Assessments Potential Risk: Unauthorized access to check stock and printing capability. Primary Control: A secured laser printer is used to print checks at the time they are issued.

College-Wide Reviews Reviewed 44 potential issues in each of the College’s 14 organizational units. College-Wide Reviews Reviewed 44 potential issues in each of the College’s 14 organizational units.

College-Wide Reviews College-Wide Reviews

Audit Follow-Up Responsible Person: Peggy Halliday Completion Date: March 1, 2006 Audit Follow-Up Responsible Person: Peggy Halliday Completion Date: March 1, 2006

Internal Control Defined Activities undertaken to increase the likelihood of achieving management objectives in Internal Control Defined Activities undertaken to increase the likelihood of achieving management objectives in three areas: – Efficiency and effectiveness of operations – Financial accountability – Compliance with laws and regulations

Internal Control Defined “Internal control gets us where we want to go, with no Internal Control Defined “Internal control gets us where we want to go, with no surprises along the way. Internal control is everyone’s responsibility. . Internal control is me. ” Cargill Corporation

Control Activities Risk Assessment n tio to ca ica un un mm mm Co Control Activities Risk Assessment n tio to ca ica un un mm mm Co Co In for ma tio n& Monitoring n& n& tiio to ma ma for f r In In Co mm un ica tio n Internal Control Framework Control Environment Adapted from Committee of Sponsoring Organizations of the Treadway Commission (COSO)

Control Environment • • • Integrity and ethical values Commitment to Competence Management Operating Control Environment • • • Integrity and ethical values Commitment to Competence Management Operating Style Organizational Structure Assignment of Authority and Responsibility • Human Resource Policies and Practices

Risk Assessment • Organizational Goals and Objectives • Risk Identification and Prioritization • Managing Risk Assessment • Organizational Goals and Objectives • Risk Identification and Prioritization • Managing Change

Control Activities • Written Policies and Procedures • Controls over Information Systems Control Activities • Written Policies and Procedures • Controls over Information Systems

Information & Communication • Access to Information • Communication Patterns Information & Communication • Access to Information • Communication Patterns

Monitoring • Management Supervision • Outside Sources • Response Mechanisms • Self-assessment Mechanisms Monitoring • Management Supervision • Outside Sources • Response Mechanisms • Self-assessment Mechanisms

Quiz 1. Internal control starts with a strong set of policies and procedures. False: Quiz 1. Internal control starts with a strong set of policies and procedures. False: Internal control starts with a strong control environment.

Quiz 2. Internal and external auditors are responsible to develop and monitor internal controls. Quiz 2. Internal and external auditors are responsible to develop and monitor internal controls. False: While auditors play an important role, management is the owner of internal control.

Quiz 3. Internal controls are mostly concerned with control over assets, cash receipts, and Quiz 3. Internal controls are mostly concerned with control over assets, cash receipts, and cash disbursements. False: Internal control is integral to every aspect of business.

Quiz 4. Internal controls are essentially negative, like a list of “thoushalt-nots. ” False: Quiz 4. Internal controls are essentially negative, like a list of “thoushalt-nots. ” False: Internal control makes the right things happen the first time.

Quiz 5. Internal controls take time away from core activities, such as serving faculty Quiz 5. Internal controls take time away from core activities, such as serving faculty and students. False: Internal control should be built “into, ” not “onto” business processes.

Quiz 6. When delegating authority and empowering employees, it is necessary to give up Quiz 6. When delegating authority and empowering employees, it is necessary to give up a certain amount of internal control. False: Decentralized decisionmaking requires different forms of control.

Quiz 7. If controls are strong, we can be assured employees will be prevented Quiz 7. If controls are strong, we can be assured employees will be prevented from committing fraud. False: Internal control provides reasonable, but not absolute assurance.

Quiz 8. What are some impediments to establishing effective internal controls? • Lack of Quiz 8. What are some impediments to establishing effective internal controls? • Lack of knowledge and ‘ownership’ • Lack of creativity • Lack of interest

Links & Contact Information • Internal Audit Department http: //www. utah. edu/Internal Audit/ • Links & Contact Information • Internal Audit Department http: //www. utah. edu/Internal Audit/ • Ethics and Compliance Hotline 585 -1593; [email protected] utah. edu • Ethical Standards and Code of Conduct http: //www. hr. utah. edu/ethicalstandards/ • University of Utah Policies and Procedures http: //www. admin. utah. edu/ppmanual/ • COSO http: //www. coso. org/ • Randy. Van. [email protected] utah. edu, 581 -5988 • Chuck. [email protected] utah. edu, 581 -6561 • Pamela. [email protected] utah. edu, 585 -3529