Policy Guidelines for Manual Entries
Total Page:16
File Type:pdf, Size:1020Kb
Corporate Guidance/Best Practices Preventive Controls for Manual Journal Entries
Background and Overview
Controls for manual journal entries raised during NASS audit in 2003. A meeting between Controllers, NASS, CIA, and KPMG following that audit resulted in agreement that NASS would perform analysis to provide some context around the scope of manual entries. All agreed that detective controls at Pfizer were good but there was need for more structure around preventive controls. Gary Robertson, Director, NASS was tasked with overseeing the analysis on behalf of NASS. The analysis of AP12 2003 entries was complete and initial attempts at putting together guidance/best practices began in March. In the meantime, the need for preventive controls for manual journal entries was highlighted across the company during the SOX roadshows and readiness assessments. Accounting Services got involved in the discussions in April and we began a collaborative effort to develop guidance/best practices that could be shared across Pfizer. We sought input from PGP, PGM and NASS SOX Divisional Champions to ensure our approach was feasible and reasonable. The final draft of our corporate guidance/best practices and questions for discussion are attached.
0d0ec951472627a2176d15c76234bccc.doc 4/4/2018; 8:02 PM Guidance for Manual Journal Entries (DRAFT Version dated June 14, 2004)
Scope Manual journal entries represent transactions entered directly into the General Ledger by colleagues through journal entry maintenance, recurring entry maintenance and accrual/reversal entry maintenance. Manual journal entries represent entries made to the general ledger outside of subsystem interfaces. This guidance does not include entries transferred to the General Ledger via subsystem interfaces. Intercompany entries are also not included in the scope of this document.
Controls for Manual Journal Entries Any manual journal entry of $1 million or greater requires a description of the entry and contact name for further information in the extended text when entering the manual journal entry. Manual journal entry controls should include a 2nd party review and approval process that ensures the accuracy and integrity of the manual transactions. Appropriate thresholds for review can be established. Wherever functionally and technically possible, there should be segregation between colleagues who enter and those who post manual journal entries. Management review of financial results should occur prior to the external reporting or release of financial results for the accounting period to ensure the appropriateness and integrity of all financial transactions within the general ledger. Evidence of review of financial results is required. Management should review user access to post manual entries annually or whenever there are significant changes in department/divisional responsibilities. Access should be limited to departments, divisions and/or companies based on department/divisional needs. Such access should be limited to colleagues who have a valid business purpose to make manual entries. Proper communication between affected parties should be in place to ensure the accuracy of entries. For example, if a colleague in a Shared Service or Corporate function is preparing/posting a manual entry, proper review and approval should be obtained in the field prior to forwarding the entry to the Shared Service or Corporate function. After entering the transaction the Shared Service or Corporate function will communicate that the transaction has been made along with the transaction number and journal.
0d0ec951472627a2176d15c76234bccc.doc 4/4/2018; 8:02 PM Development of Divisional Policy Each division should develop divisional review and approval policies following an analysis of manual journal entries typically made by that division. Such analysis should take into account the number and dollar amount of manual entries and their various categories (recurring, intercompany, 3rd party, etc.) Based on the results of the analysis, the division may implement divisional or site specific procedures that are more stringent than those identified above.
0d0ec951472627a2176d15c76234bccc.doc 4/4/2018; 8:02 PM