Overhead Audits Risk and Reward
Overhead Audits Risk and Reward
Surviving Your Upcoming Overhead Audit and Benefitting from It All at the Same Time
www.gma-cpa.com Topics for Today
• Perception of Risk • Cognizant Agency Risk Framework • Financial and Operational Risks in Small Businesses • Mitigating those Risks • Benefits of Risk Mitigation
2 Risks: What do you see as your financial and related business risks?
3 Risk Framework: What Increases Risk to a Cognizant Agency? • Cognizant Agency definition • Factors that increase risk – Audit Report – improper presentation, qualified opinion, ICQ issues – High compensation to executives – Internal control deficiencies noted – Project dollars/exposure – Increase in rate – Increase in components in rate – Lack of experience
4 Risks We Face
• Financial Risks: – Transactions not coded properly (direct but not by contract, direct vs. indirect, improper GL account, lack of consistency) – Transactions not evaluated for unallowables – Transactions not properly documented – Work performed not reviewed – Results not reviewed regularly – Reconciliations not performed timely
5 Risks We Face
• Operational Risks: – Lack of segregation of duties – No written accounting policies – Policies not followed consistently – No written compensation policy – No written bonus policy – Poor computer and physical security – No/non-functioning backup policy
6 Risk Management Components
Interrelated components derived from the way management runs an enterprise and are integrated with the management process:
• Internal Environment • Objective Setting • Event Identification • Risk Assessment • Risk Response • Control Activities • Information and Communication • Monitoring http://www.coso.org/ermupdate.html
7 Financial Risks: What Can be Done To Mitigate Them
• Training (everyone) • Supporting documentation (certain expenses require more than others) and approval • Reviewer has knowledge of accounting and Part 31 of the FAR • Balance Sheet and P&L regularly reviewed • Reconciliations • Budgeting
8 Operational Risks: What Can be Done To Mitigate Them
• Tone at the Top • Segregation of duties when possible • Written accounting policies disseminated • Employee handbook • Feedback • Written compensation and bonus policies (best practice) • Password protection and restricted access • Backup and disaster recovery policy, tested
9 Benefits to Mitigation of Risk*
• Smooth audit review and approval • Less time spent preparing for the audit/scrubbing the books • Better understanding of finances • Better morale and buy-in of employees • Better understanding of expenses and how they impact the overhead rate • Tighter operational control • Company image enhanced • Lower cost audit *Not an all inclusive list
10 Questions?
Diana DeWitt, CPA, CCIFP [email protected] 410.685.5512 www.gma-cpa.com