Guide to Internal Control Over Financial Reporting

Total Page:16

File Type:pdf, Size:1020Kb

Guide to Internal Control Over Financial Reporting GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING ABOUT THE CENTER FOR AUDIT QUALITY Please note that this publication is intended as general information and should not be relied upon as being The Center for Audit Quality (CAQ) is an autonomous definitive or all-inclusive. As with all other CAQ resources, public policy organization dedicated to enhancing this is not authoritative, and readers are urged to refer investor confidence and public trust in the global capital to relevant rules and standards. If legal advice or other markets. The CAQ fosters high-quality performance by expert assistance is required, the services of a competent public company auditors; convenes and collaborates professional should be sought. The CAQ makes no with other stakeholders to advance the discussion of representations, warranties, or guarantees about, and critical issues that require action and intervention; assumes no responsibility for, the content or application and advocates policies and standards that promote of the material contained herein. The CAQ expressly public company auditors’ objectivity, effectiveness, and disclaims all liability for any damages arising out of the responsiveness to dynamic market conditions. Based in use of, reference to, or reliance on this material. This Washington, DC, the CAQ is affiliated with the American publication does not represent an official position of the Institute of CPAs. CAQ, its board, or its members. GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING CONTENTS SCALING ICFR TO THE COMPANY 02 INTRODUCTION 11 11 ICFR DEFICIENCIES 04 KEY ICFR CONCEPTS 12 ICFR ROLES AND RESPONSIBILITIES 04 INTERNAL CONTROL MANAGEMENT INTERNAL CONTROL OVER FINANCIAL 12 04 REPORTING MANAGEMENT REPORTING ON THE 13 EFFECTIVENESS OF ICFR 06 REASONABLE ASSURANCE 13 INDEPENDENT AUDITORS 07 THE CONTROL ENVIRONMENT 13 AUDIT COMMITTEES 07 CONTROL ACTIVITIES 07 SEGREGATION OF DUTIES WHAT ICFR MEANS FOR COMPANIES, 15 INVESTORS, AND MARKETS 08 IT GENERAL CONTROLS ENTITY-LEVEL AND PROCESS-LEVEL 09 CONTROLS PREVENTIVE AND DETECTIVE 09 CONTROLS CENTER FOR AUDIT QUALITY | THECAQ.ORG 1 GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING INTRODUCTION Preparing reliable financial information is a key responsibility of the management of every public company. The ability to effectively manage the company’s business requires access to timely THE CENTER FOR AUDIT and accurate information that informs decision QUALITY HAS PREPARED making. Moreover, investors must be able to THIS GUIDE TO PROVIDE place confidence in a company’s financial reports if the company wants to raise capital in the public THE PUBLIC WITH AN securities markets. OVERVIEW OF ICFR. Management’s ability to fulfill its financial reporting responsibilities depends in part on the design and operating effectiveness of the controls and safeguards it has put in place over Congress codified the requirement that public accounting and financial reporting. Without such companies have internal accounting controls in the controls, it would be extremely difficult for most Foreign Corrupt Practices Act of 1977 (FCPA). This business organizations—especially those with federal law requires public companies to establish numerous locations, operations, and processes—to and maintain a system of internal accounting prepare timely and reliable financial reports for controls sufficient to provide reasonable assurance management, investors, lenders, and other users. that transactions are recorded as necessary to While no practical control system can absolutely permit preparation of financial statements in assure that financial reports will never contain accordance with generally accepted accounting material misstatements, an effective system of principles (GAAP). The Sarbanes-Oxley Act of 2002 internal control over financial reporting (ICFR) can (SOX) added a requirement, applicable to most substantially reduce the risk of such misstatements public companies, that management annually in a company’s financial statements. assess the effectiveness of the company’s ICFR 2 CENTER FOR AUDIT QUALITY | THECAQ.ORG GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING and report the results to the public. SOX also enhanced audit committee oversight responsibility THE STATUTORY INTERNAL related to ICFR and requires most large public ACCOUNTING CONTROL companies to engage their independent auditor to REQUIREMENT audit the effectiveness of the company’s ICFR. The FCPA requires public companies to The Center for Audit Quality has prepared this “devise and maintain” a system of internal guide to provide the public with an overview of accounting controls sufficient to provide ICFR. The guide explains what public company reasonable assurance that1 ICFR is and describes management’s responsibility for implementing effective ICFR. It also discusses + transactions are executed in accordance the responsibilities of the audit committee to with management’s general or specific oversee ICFR and of the independent auditor to authorization; audit the effectiveness of the company’s ICFR. • + transactions are recorded as necessary (1) to permit preparation of financial statements in conformity with GAAP or any other criteria applicable to such statements, and (2) to maintain accountability for assets; + access to assets is permitted only in accordance with management’s general or specific authorization; and + the recorded accountability for assets is compared with the existing assets at reasonable intervals, and appropriate action is taken regarding any differences. • 1 Section 13(b)(2)(B) of the Securities Exchange Act of 1934. CENTER FOR AUDIT QUALITY | THECAQ.ORG 3 GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING KEY ICFR CONCEPTS INTERNAL CONTROL ICFR is one element of the broader concept of internal control. The latter is defined by the ICFR IS ONE ELEMENT Committee on Sponsoring Organizations (COSO) of the Treadway Commission—an initiative of several OF THE BROADER groups with an interest in effective internal CONCEPT OF INTERNAL control—which provides a framework to assist CONTROL. companies in structuring and evaluating controls that address a broad range of risks. Released in 1992 and updated in 2013, that framework defines internal control as “a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable of the controls that are designed to provide assurance regarding the achievement of objectives reasonable assurance that the company’s relating to operations, reporting, and compliance.”2 financial statements are reliable and prepared in accordance with GAAP. INTERNAL CONTROL OVER FINANCIAL REPORTING Misstatements in a financial statement may occur, for example, due to mathematical ICFR refers to the controls specifically designed errors, misapplication of GAAP, or intentional to address risks related to financial reporting. In misstatements (fraud). A system of ICFR should simple terms, a public company’s ICFR consists address these possibilities. The risk of fraudulent 2 COSO’s Internal Control – Integrated Framework ©2014 COSO. All rights reserved. Used by permission. See Executive Summary, page 3. 4 CENTER FOR AUDIT QUALITY | THECAQ.ORG GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING THE COSO FRAMEWORK’S FIVE INTEGRATED COMPONENTS OF EFFECTIVE ICFR INTERNAL CONTROL3 PROVIDES REASONABLE 1. Control Environment — The control ASSURANCE THAT environment is the set of standards, processes, and structures that provide CORPORATE RECORDS the basis for carrying out internal control ARE NOT INTENTIONALLY across the organization. The board OR UNINTENTIONALLY of directors and senior management establish the tone at the top regarding MISSTATED. the importance of internal control, including expected standards of conduct. Management reinforces expectations at the various levels of the organization. The control environment comprises the integrity and ethical values of the financial reporting is a key consideration in the organization; the parameters enabling design and operation of public company ICFR. the board of directors to carry out its For example, market expectations for revenues, governance oversight responsibilities; the earnings, or other targets may create pressures organizational structure and assignment on management to meet these thresholds. of authority and responsibility; the process Effective ICFR provides reasonable assurance that for attracting, developing, and retaining corporate records are not purposefully misstated competent individuals; and the rigor in response to those pressures. ICFR should around performance measures, incentives, therefore be designed and implemented with the and rewards to drive accountability risk of fraud in mind and tailored to the particular for performance. The resulting control circumstances of the company. environment has a pervasive impact on the overall system of internal control. Financial reporting often requires sophisticated decision making and the application of informed 2. Risk Assessment — Every entity faces a judgment. The following three items, for example, variety of risks from external and internal all require management to make judgments sources. Risk is defined as the possibility regarding assumptions and the likelihood of future that an event will occur and adversely events: affect the achievement of objectives. Risk assessment involves a dynamic + accounting areas such as estimating allowances and iterative process for identifying and for
Recommended publications
  • Assurance on XBRL Instance Document: a Conceptual Framework of Assertions
    Assurance on XBRL Instance Document: A Conceptual Framework of Assertions Rajendra P. Srivastava Ernst & Young Professor and Director Ernst & Young Center for Auditing Research and Advanced Technology School of Business, The University of Kansas 1300 Sunnyside Avenue, Lawrence, Kansas 66045 Email: [email protected] and Alexander Kogan Department of Accounting and Information Systems Rutgers Business School – Newark and New Brunswick Rutgers University 180 University Avenue, Newark, NJ 07102-1895 Email: [email protected] 1 Assurance on XBRL Instance Document: A Conceptual Framework of Assertions ABSTRACT XBRL stands for extensible business reporting language. It is an XML based computer language for reporting business information. Starting December 2008, the United States Security and Exchange Commission (US SEC) has a proposal requiring top 500 public companies to file their financial statements with the SEC not only in the text format (i.e., in ASCII or HTML) but also in the XBRL format. The file created using XRBL language is called an XBRL instance document. Under this requirement, the filers are not required to obtain a third party assurance on the XBRL instance document. The main reason for not requiring a third party independent assurance of XBRL instance documents is to encourage filers to comply with the SEC requirement without incurring much added costs. In addition, to encourage the filers to comply with this requirement, the SEC is not holding filers legally liable of any errors in the filed XBRL instance documents so long as they look similar to the standard reports when viewed using the SEC viewer. Even though the SEC is not currently requiring a third party assurance of the XBRL instance documents of the SEC filings, it is in the best interest of the public that these documents be assured.
    [Show full text]
  • OIG-18-031 Financial Management: Audit of the Bureau
    Audit Report OIG-18-031 FINANCIAL MANAGEMENT Audit of the Bureau of Engraving and Printing’s Fiscal Years 2017 and 2016 Financial Statements December 19, 2017 Office of Inspector General Department of the Treasury This Page Intentionally Left Blank DEPARTMENT OF THE TREASURY WASHINGTON, D.C. 20220 OFFICE OF December 19, 2017 INSPECTOR GENERAL MEMORANDUM FOR LEONARD R. OLIJAR, DIRECTOR BUREAU OF ENGRAVING AND PRINTING FROM: James Hodge /s/ Director, Financial Audit SUBJECT: Audit of the Bureau of Engraving and Printing’s Fiscal Years 2017 and 2016 Financial Statements I am pleased to transmit the attached subject report. Under a contract monitored by our office, KPMG LLP (KPMG), an independent certified public accounting firm, audited the financial statements of the Bureau of Engraving and Printing (BEP) as of September 30, 2017 and 2016, and for the years then ended, and provided an opinion on the financial statements, an opinion on management’s assertion that BEP maintained effective internal control over financial reporting, and a report on compliance with laws, regulations, and contracts tested. The contract required that the audit be performed in accordance with U.S. generally accepted government auditing standards, Office of Management and Budget Bulletin No. 17-03, Audit Requirements for Federal Financial Statements, and the Government Accountability Office/President’s Council on Integrity and Efficiency, Financial Audit Manual. In its audit of BEP, KPMG found • the financial statements were fairly presented, in all material respects, in accordance with U.S. generally accepted accounting principles; • management’s assertion that BEP maintained effective internal control over financial reporting as of September 30, 2017, was fairly stated in all material respects; and • no instances of reportable noncompliance with laws, regulations, and contracts tested.
    [Show full text]
  • Statutory Audit and Eligibility for Appointment As Internal Auditors in Public Companies Under Section 138 of the Companies Act, 2013
    WEBINAR on the Opinion of the Council of Institute of Cost Accountants of India on Statutory Audit and eligibility for appointment as Internal Auditors in Public Companies under section 138 of the Companies Act, 2013 CMA B. B. GOYAL Former Addl. Chief Adviser Cost Ministry of Finance, Government of India What is Internal Audit? • Internal audit is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. • It assists the organization to accomplish its objectives by bringing a systematic, & disciplined approach to evaluate and improve the effectiveness of • risk management, • control, and • governance processes. • IA provides an assurance relating to • Effectiveness of operations, • Reliability of financial management and reporting, and • Compliance with laws and regulations. August 15, 2020 B B GOYAL 2 Legal Provisions on Internal Audit • Section 138 of the Companies Act 2013 read with Rule 13 of the Companies (Accounts) Rules, 2014 - following class of companies shall be required to appoint an internal auditor • every listed company; • every unlisted public company having – • paid up share capital of Rs.50 crore or more during the preceding financial year; or • outstanding deposits of Rs.25 crore or more at any point of time during the preceding financial year; and • every unlisted public company or private company having – • turnover of Rs.200 crore or more during the preceding financial year; or • outstanding loans or borrowings from banks or public financial institutions exceeding Rs.100 crore or more at any point of time during the preceding financial year: Legal Provisions on Internal Auditor • Section 138 (1) Such class or classes of companies as may be prescribed shall be required to appoint an internal auditor, who shall either be a chartered accountant or a cost accountant, or such other professional as may be decided by the Board to conduct internal audit of the functions and activities of the company.
    [Show full text]
  • Metropolitan Council Internal Audit Charter A
    METROPOLITAN COUNCIL INTERNAL AUDIT CHARTER A. AUDIT COMMITTEE PURPOSE: The Metropolitan Council has established a special committee of the Council to be called the Metropolitan Council Audit Committee. The purpose of the Committee is to assist the Metropolitan Council in fulfilling its oversight responsibility for the integrity of the Council’s financial and operational results, compliance with legal and regulatory requirements, and the performance of internal audit and external auditors. AUTHORITY: The Audit Committee has authority to conduct or authorize special audits and investigations into any matters within its scope of responsibility. It is empowered to: Approve the Chief Audit Executive’s Audit Plan. Resolve any disagreements between management and the internal/external auditors regarding financial or operational control and reporting. Review and accept external auditors’ reports along with management’s written responses when appropriate. Obtain information from employees or external parties as part of its review. Council employees are directed to cooperate with Audit Committee requests. Meet with Council employees, external auditors, legal counsel, or others as necessary. Be consulted regarding changes in the Chief Audit Executive’s duties. Be informed of all matters that impair the conduct of an audit or review. However, where feasible such matters shall be first brought to the attention of the Regional Administrator for resolution before communicating them to the Audit Committee. Make periodic reports to the Council or appropriate standing committee established by the Council. RESPONSIBILITIES: Financial and Operational Review Oversight Review significant accounting, operational and reporting issues and understand their impact on the financial and operating results on the Metropolitan Council’s system of internal control.
    [Show full text]
  • Agenda Item 545 Fifth Avenue, 14Th Floor Tel: +1 (212) 286-9344 New York, New York 10017 Fax: +1 (212) 856-9420 Internet: 3-A
    IFAC Education Committee Meeting Agenda 3-A Stockholm, August 2004 DRAFT IES INTERNATIONAL FEDERATION OF ACCOUNTANTS Agenda Item 545 Fifth Avenue, 14th Floor Tel: +1 (212) 286-9344 New York, New York 10017 Fax: +1 (212) 856-9420 Internet: http://www.ifac.org 3-A IES 8 EDUCATION REQUIREMENTS FOR AUDIT PROFESSIONALS CONTENTS Purpose and Scope of this Standard Introduction and Background Effective Date Knowledge Content for Audit Professionals Professional Skills Professional Values, Ethics and Attitudes Practical Experience Requirements Assessment of Professional Capabilities and Competence Continuing Professional Development Education Requirements for Audit Professionals Involved in Transnational Audits Page 1 of 18 IFAC Education Committee Meeting Agenda 3-A Stockholm, August 2004 DRAFT IES Purpose and Scope of this Standard 1. This Standard prescribes the specific education requirements IFAC member bodies should require their individual members to obtain before they may work as audit professionals. 2. The aim of this Standard is to ensure professional accountants have acquired the specific professional knowledge, professional skills and professional values, ethics and attitudes required to work as competent audit professionals. Audit professionals also need to maintain a level of competence which the public expects of those working in audit. Life-long learning will therefore be required to develop and maintain professional competence (see also International Education Standard for Professional Accountants 7, Continuing Professional Development: A Program of Lifelong Learning and Continuing Development of Professional Competence). 3. An audit professional is a professional accountant whose role is to undertake the general audit function and who has substantial involvement in an audit assignment. Substantial involvement in an audit assignment requires the professional accountant to make significant judgment decisions assisting in the formation of the audit opinion.
    [Show full text]
  • Internal Control and the Board: What Is All the Fuss About?
    The Deloitte Academy June 2021 Stakeholders Societal licence Shareholders Responsible business Transparency Corporate governance Viability Company purposeAudit committee Culture Strategy Viability Internal control KPIs Audit quality Remuneration Sustainability Trust Shareholders Strategy Assurance KPIs Reputation Capability Stakeholders Company purpose Viability Internal control and the board: What is all the fuss about? Headlines • The UK Corporate Governance Code already establishes a clear responsibility on the whole board to establish a framework of prudent and effective controls – however, behind the UK proposals for a US style internal control attestation are very real questions as to whether responsibilities go far enough and whether there is sufficient guidance for boards, together with sufficiently detailed information from management, to meet these responsibilities effectively. • In particular the guidance does not address the pervasiveness of technology in detail, and boards may not be obtaining sufficient assurance over the effectiveness of IT controls given the complexity and interdependency of the IT infrastructure which exists in many companies today. • The extent of work performed by external auditors is also not well understood - careful questioning of auditors in relation to their audit scope and approach could reveal much about the control environment. • In summary, boards should not wait for further announcements from the Government or FRC/ARGA before taking action in this area, particularly if they are not able to answer the questions which we raise throughout this publication. Internal control and the board: What is all the fuss about? A reminder of the current UK Corporate Governance Code requirements • Overarching board responsibility from Code Principle C: The board should establish a framework of prudent and effective controls, which enable risk to be assessed and managed.
    [Show full text]
  • Guide for Financial Statement Audits and Compliance Attestation Engagements of Lender Servicers Administering the Federal Family Education Loan Program
    Lender Servicer Audit Guide September 2020 GUIDE FOR FINANCIAL STATEMENT AUDITS AND COMPLIANCE ATTESTATION ENGAGEMENTS OF LENDER SERVICERS ADMINISTERING THE FEDERAL FAMILY EDUCATION LOAN PROGRAM U.S. DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 2020 Lender Servicer Audit Guide September 2020 Table of Contents ABBREVIATIONS AND ACRONYMS ......................................................................................................................... 4 CHAPTER 1 – GENERAL REQUIREMENTS ................................................................................................................ 5 A. INTRODUCTION .......................................................................................................................... 5 A.1. PURPOSE AND APPLICABILITY ...................................................................................................5 A.2. BACKGROUND ..........................................................................................................................5 A.3. EFFECTIVE DATE AND IMPLEMENTATION ..................................................................................6 A.4. ENGAGEMENT PERIOD AND SCOPE...........................................................................................7 A.5. REPORT DUE DATES AND SUBMISSION .....................................................................................7 A.6. COORDINATING FINANCIAL STATEMENT AUDITS AND COMPLIANCE ATTESTATION ENGAGEMENTS 8 B. PROFESSIONAL STANDARDS .......................................................................................................
    [Show full text]
  • Comparison of a Financial Audit and Financial Review
    The Community Foundation requires that all organizations that submit applications to our competitive grant programs must receive a financial audit or a financial review. These are both terms used to describe levels of financial analysis completed by an “auditor,” meaning someone external to the nonprofit organization (generally a CPA or accounting firm). Here is more detailed information on what is meant by these terms: Comparison of a Financial Audit and Financial Review Attribute Audit Review Engagement performed for the purpose of providing The auditor obtains a high, but not Accountant obtains limited assurance an opinion or report about whether the financial absolute, level of assurance about that no material modifications should statements are presented fairly in conformity with whether the financial statements are be made to the financial statements generally accepted accounting principles free of material misstatement CPA obtains an understanding of internal control Yes No over financial statements CPA tests the effectiveness of internal control Frequently, but not always. The No nature and extent of internal control testing depends on the auditor’s judgment and conclusions pertaining to risk assessment CPA verifies certain balances and transactions with Yes No third parties CPA performs procedures to obtain reasonable Yes No assurance that financial statements are free of material misstatements whether caused by fraud or error Financial statements are the responsibility of Yes Yes management Financial statements are prepared
    [Show full text]
  • Audit Committee Meeting August 10, 2021
    Bella Vida Community Development District Audit Committee Meeting August 10, 2021 District Office: 9530 Marketplace Road, Suite 206 Fort Myers, Florida 33912 (239) 936-0913 www.bellavidacdd.org BELLA VIDA COMMUNITY DEVELOPMENT DISTRICT District Office · Ft. Myers, Florida · (239) 936-0913 Mailing Address · 3434 Colwell Avenue, Suite 200, Tampa, Florida 33614 www.bellavidacdd.org August 2, 2021 Audit Committee Bella Vida Community Development District AGENDA Dear Committee Members: The second meeting of the Audit Committee of Bella Vida Community Development District will be held on Tuesday, August 10, 2021 at 5:00 p.m., at the Bella Vida Clubhouse, 3427 Malagrotta Circle, Cape Coral, FL 33909. The following is the tentative agenda for this meeting. 1. CALL TO ORDER/ROLL CALL 2. BUSINESS ITEMS A. Consideration of Proposals Received for Audit Services .. Tab 1 1. Berger, Toombs, Elam, Gaines & Frank 2. Grau & Associates 3. REQUESTS AND COMMENTS 4. ADJOURNMENT We look forward to seeing you at the meeting. In the meantime, if you have any questions, please do not hesitate to call us at (239) 936-0913. Very truly yours, Belinda Blandon Belinda Blandon District Manager cc: Lauren Gentry, Hopping Green & Sams, P.A. Tab 1 BELLA VIDA COMMUNITY DEVELOPMENT DISTRICT PROPOSAL FOR AUDIT SERVICES PROPOSED BY: Berger, Toombs, Elam, Gaines & Frank CERTIFIED PUBLIC ACCOUNTANTS, PL 600 Citrus Avenue, Suite 200 (772) 461-6120 Fort Pierce, Florida 34950 CONTACT PERSON: J. W. Gaines, CPA, Director DATE OF PROPOSAL: July 26, 2021 TABLE OF CONTENTS DESCRIPTION OF SECTION PAGE A. Letter of Transmittal 1-2 B. Profile of the Proposer Description and History of Audit Firm 3 Professional Staff Resources 4-5 Ability to Furnish the Required Services 5 Arbitrage Rebate Services 6 A.
    [Show full text]
  • References to Practical Guidance on Professional Scepticism in an Audit of Financial Statements Issued February 2013
    EG Au7 Issued 2/13 EXPLANATORY GUIDE Au7 References to Practical Guidance on Professional Scepticism in an Audit of Financial Statements Issued February 2013 This Explanatory Guide provides references to papers that contain guidance on how professional scepticism can be enhanced in an audit of financial statements, and reflected in audit documentation. This Explanatory Guide is an explanatory document and has no legal status. EG Au7 COPYRIGHT © External Reporting Board (“XRB”) 2013 This XRB explanatory guide contains copyright material. Reproduction in unaltered form (retaining this notice) is permitted for personal and non-commercial use subject to the inclusion of an acknowledgement of the source. Requests and enquiries concerning reproduction and rights for commercial purposes within New Zealand should be addressed to the Chief Executive, External Reporting Board at the following email address: [email protected] ISBN 978-1-927238-26-4 3 © Copyright EG Au7 EXPLANATORY GUIDE Au7 REFERENCES TO PRACTICAL GUIDANCE ON PROFESSIONAL SCEPTICISM IN AN AUDIT OF FINANCIAL STATEMENTS Issued by the New Zealand Auditing and Assurance Standards Board Professional Scepticism in an Audit of Financial Statements 1 Professional scepticism has an important role to play in the audit of financial statements. Being sceptical is a key element of every ISA (NZ) audit. Rather than approaching work in an unthinking box-ticking way, the auditor should challenge information and the evidence obtained. 2 Scepticism is a behavioural issue or attitude of mind for the entire audit team rather than an issue that can be addressed solely through specific requirements in standards. The ISAs (NZ) should be brought to life by ensuring that all auditor behaviour and actions flow from, and are informed by a sceptical mindset.
    [Show full text]
  • Preparing Your Accounting Records for Audit
    © Tony Abeyta PREPARING YOUR ACCOUNTING RECORDS Presented by: FOR AUDIT James Montoya INTRODUCTION James Montoya, CPA — Principal . 20 years providing audit and consulting services . Have provided audit or accounting services to over 120 entities, primarily tribal governments and related entities . Work with a team of accounting specialists that specialize in providing audit preparation accounting services . Have served as the board Treasurer for three organizations and as a board member on another 2 TRIBAL GOVERNMENT AUDIT EXPERIENCE (2016 AUDITED FEDERAL EXPENDITURES BY AUDIT FIRM) Total: $7B in Native American Federal Award Expenditures $890 $576 $559 $530 $442 $384 $341 $269 $260 $187 REDW KPMP Stauffer BKD Moss Adams BDO RSM CLA Joseph Eve Bluebird Millions $890 $576 $559 $530 $442 $384 $341 $269 $260 $187 * Source: 2016 Federal Audit Clearinghouse Data (as of 11/20/17) 4 SESSION TOPICS . Overview of types of financial statements . Provide target timelines for issuing the financial statements . Describe goals for issuing reports timely, receiving unmodified opinions and minimizing audit findings . Techniques to effectively prepare for your audits . Software tools to manage month-end close processes . Common areas that require additional attention . Q&A OBJECTIVES OF PREPARING FOR AN ANNUAL FINANCIAL AUDIT Provide Auditors with Ensure Adequate Information Needed Minimize Audit Accounting Records for a Timely and Findings and Internal Are Maintained Efficient Audit Control Deficiencies Understand Internal Minimize the Control Processes Effectively Disruption to Daily Needing Communicate Results Responsibilities Improvement to Governing Body COMMON TYPES OF TRIBAL GOVERNMENT FINANCIAL STATEMENT REPORTS 1. Audited Financial Statements of Individual Funds, Component Units and Special-purpose Governments – Examples include enterprise funds, housing authorities, tribal schools, etc.
    [Show full text]
  • Risk Management and Internal Controls
    Risk Management and Internal Controls Accounting & Audit Update April 26, 2018 Learning Objectives . Develop an understanding of risks your organization may be facing . Understand the value of enterprise risk management . Know how internal controls can help in addressing risks . Recognize your role in risk management 2 1 Agenda . Overview of Risk Management . The State of Risk Oversight – AICPA & North Carolina Poole College of Management ERM Initiative Study 2017 . COSO ERM Framework . What can I do? 3 Risk Management and IC OVERVIEW 4 2 Introduction . Every choice we make in the pursuit of objectives has its risks. From day- to-day operational decisions to the fundamental trade-offs in the boardroom, dealing with uncertainty in these choices is a part of our operational lives. 5 Risk vs. Uncertainty . Risk – the possibility that event(s) will occur and affect the achievement of strategy and business objectives . Uncertainty – the state of not knowing how or if potential events may manifest 6 3 Variety of Risks & Assessments . Governance . Compliance . Financial . Environmental risk . Operational . Fraud risk . Technology . IT/information . Legal security risk . Reputation . Insurance . Strategic . Investments . HR 7 Governance Risk . Lack of succession planning . Board make-up and structure . Poor advisors . Dysfunctional working relationships between executives and board . Ethical issues . Non-prudent behavior . Changing values 8 4 Financial Risks . Access to/availability of capital . Investment risks . Errors or fraud and financial reporting . Lack of oversight or approvals . Misappropriation of assets . Loss of revenue sources . Loss of key suppliers 9 Operational Risks . Decrease in service quality . Safety . Inadequate internal controls . Lack of accountability by business partners .
    [Show full text]