More Related Content
Similar to 2 of 2--Internal Controls Sp 2010 (20)
2 of 2--Internal Controls Sp 2010
- 1. IPOL 8530—Spring 2010 The Finance Function in Nonprofit & Public OrganizationsAlfredo Ortiz
- 2. Policies and procedures—Internal controlsIncreasing transparency and safeguarding assets2MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 3. Reasons for internal controls3Mostly on the governance side of thingsSafeguard the assets of the organizationPrevent unintentional misstatements of accounts and reportsRun the business efficiently, with rules that work, and apply to everyone (consistency)Create an environment of stewardship and accountabilityCompliance with laws and regulationsMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 4. Caveats for internal controlsProvides reasonable, not absolute assurance that objectives will be metReasonable assurance should provide appropriate balance between risk and level of control—controls must always be gauged to respond to the actual level of risk. Stronger controls for higher risk levels and fewer controls for lower risk levels.Cost/benefit?But…Policies & procedures around internal controls must first be balanced to fulfill their control need.4MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 5. Internal Control per A-1335A process, effected by an entity's management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categoriesEffectiveness and efficiency of operations;Reliability of financial reporting; andCompliance with applicable laws and regulations MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 6. Questions To Ask When Identifying RiskWhat assets do we need to protect? Where are we particularly vulnerable?What could go wrong?What activities are regulated by the government?What’s our greatest legal exposure?How do we protect our reputation?6MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 7. Common Areas of High RiskProcurementEquipmentPetty cashTravelPayroll7MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 8. Internal controls8Our internal controls processes should address the following:The control environmentRiskInformation and communication flowsControl activitiesMonitoring MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 9. Control environment9Sets the organizational tone, influences control consciousness of people and is the foundation of internal controls. Integrity and ethical valuesCommitment to competenceHuman resource policies & practicesBoard of directors and audit committeeManagement philosophy and operating styleOrganizational structureAssignment of authority & responsibilityMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 10. Risk—susceptibility of material misstatement10Inherent riskComes from withinCould have to do with the nature of the businessControl riskThe risk that a company's internal controls are insufficient to mitigate or detect errors or fraudBased on assessed strength of internal controls systemDetection riskThe risk that the auditor will not detect a material misstatement that exists in the financial statementsMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 11. 11MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 12. Information & communication12How reliable is the information system and accounting system—technology, structure, maintenance, etc.?
- 13. How clear is the communication system regarding individual roles and responsibilities of operating the internal control system?MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 14. Control activities13Actions or procedures that manage or reduce risk
- 15. Preventive and Detective Controls
- 16. Preventive – attempt to deter or prevent undesirable events
- 17. Detective - attempt to detect undesirable events after the factMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 18. Control activities14Information processing controls
- 19. General systems, hardware, software
- 21. Authorizations
- 22. Documentation
- 27. Continual budget vs. actual
- 28. Relationship of non-financial to financial data
- 29. Training graduates vs. training expenseMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 30. Monitoring 15Investment in improving processes and innovation
- 31. Willingness to allow professional diagnosis for improvement
- 32. External audits
- 33. Scheduled (but not announced) internal testing of systems MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 34. Reminder—Written procedures16Test if written procedures exist and are followed covering the following areas:A/RA/PProcurementInventory and asset controlAccounting processesCost evaluationOther relevant proceduresMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 35. Basic Controls17Control over receiptsPre-numbered receipts2 people for Cash collections and mail and make list of receipts Timely deposits—everything into the bankMonthly reconciliation to invoices or other billingsControl over disbursementsAlways by check with support (use a standard internal doc)Prior authorizationTied to budget (i.e. planned)Contract in place?More than one sig?Have someone else reconcile the bank accountMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 36. Written procedures—A/R A/R proceduresSimple A/R cycle18Billing and how invoices are processedHow payment is followed up (avoid overly “aged” AR)Opening the mailReceiving moneyRecording receipt of moneyDepositing money, and,Reconciling bank accounts. How and when we bill for services and get paidMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 37. Written procedures—A/P Simple A/P procurement cycleA/P procedures19Verifying proper authorization before checks are runSetting limits on when two signatures are neededPetty cash system for very small purchases No duplicate paymentsPayment against invoiceBill stamped paidControl of the check stockReceipt of goods in proper conditionEasily accessible, relevant documentationHow and when we enter into purchases and pay our billsMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 38. Definition of AuditingA systematic process of objectively… evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and communicating the results to interested users.Source: American Accounting Association20MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 39. Try this again21A logical, organized process of examining what you do in comparison with what you should be doing—all measured against established criteria.
- 40. The process communicates an opinion as to the reliability of what you say (assert) you do and may help or hurt your credibility as an organization. Source: MeMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 41. Why are audits needed?22FASB states that 2 primary qualities make accounting information useful for decision making:RelevanceReliabilityUsers of financial statements look to the independent auditor’s report to see if these qualities have been metMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 42. Required Scope of A-133 Audits23GAAP
- 45. Compliance with:
- 46. laws,
- 47. regulations,
- 48. Provisions of contracts or grant agreements that may have a direct and material effect on each of its major programs.
- 49. Follow upMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 50. Auditor minimum expectations24Stakeholders expect auditors to:Perform the audit with:
- 52. Integrity
- 53. Independence
- 54. Objectivity
- 55. Detect intentional or unintentional material misstatements
- 56. Prevent the issuance of misleading financial statementsMIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 57. Internal controls caseshttp://www.eurojournals.com/irjfe_27_11.pdfhttp://www.colorado.edu/ArtsSciences/facultystaff/administration/budget/docs/CaseStudies.pdfhttp://jobfunctions.bnet.com/abstract.aspx?docid=55890Do a Google search—there is tons online25MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"
- 58. Exercise26Share your story as a blog post either individually or as a group.
- 59. If as a group, create a single group story mixing the best of all the stories
- 60. Make it dramatic
- 61. Exaggerate to make a point
- 62. Change names and dates to protect the innocent
- 63. Use the framework below to guide your discussion if needed
- 64. Post the story to the wiki (1 for the group)
- 65. If individual, post individuallyShare an internal control story from your own experience. It could be:Witness of risky behavior or actual lossOr accident waiting to happenSomething caught in the nick of time, i.e. good proceduresToo much controlNot enough controlEtc.MIIS--IPOL 8530, "The Finance Function in Social Change Organizations"