AUDIT INFORMATION PROJECT Presented by FINANCIAL AFFAIRS

AUDIT INFORMATION PROJECT Presented by FINANCIAL AFFAIRS

FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ AUDIT INFORMATION PROJECT Presented by FINANCIAL AFFAIRS April 2008 7/17/2008 FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ AUDIT INFORMATION PROJECT Table of Contents Introduction Audit Survival Guide Internal Controls Segregation of Duties Job Aids for the University Community Departmental Cash Receipts & Deposits Disbursements / Payroll / Misc Human Resources Petty Cash Purchasing Operations Purchasing pCard Travel Job Aids for Units Handling Cash, Credit Cards and PCI Compliance Additional Resources 7/17/2008 FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ INTRODUCTION The Financial Affairs Audit Information Project is designed to assist departments and personnel at Florida Atlantic University with daily operations and how the operations may relate to audits and audit findings. The first presentation is the Audit Survival Guide which explains audits and how to prepare for one. The next two topics are ones that most often result in audit findings – Internal Controls and Segregation of Duties. The last section is a tool that can be used to help determine if current operations may result in an audit finding. If you have any questions, contact Purchasing, the Controller’s Office, the Office of the Inspector General, or Dianne Parkerson, [email protected]. 7/17/2008 FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ AUDIT SURVIVAL GUIDE View a PowerPoint presentation at http://www.fau.edu/fiscal/files/audit_web.pps Introduction Compliance Policies & Procedures Money Handling Safeguarding Assets Separation Of Duties Documentation Contracts & Grants Authorized Signatures Telephone Charges Prior Audit Criticisms Additional Resources Summary INTRODUCTION Audits at Florida Atlantic University are performed to ensure compliance with generally accepted accounting principles and with FAU and Florida’s Board of Governors policies and State Statutes. These audits may be conducted by federal, state, internal or external auditors. Questions relating to types of audits and the audit process should be directed to the Office of Inspector General. This publication is to be used as a general guideline for how your area may best prepare itself for an audit. The topics are those that have been frequently covered in past audits. The subject of prior recommendations may have been directed to a particular department, but are applicable to most departments. Please review this document with your management team, particularly those involved with operational procedures or financial operations. COMPLIANCE WITH STATUTES RULES AND POLICIES Florida Atlantic University must comply with a variety of Federal and state regulations and statutes, as well as internal policies and procedures. A department, whether academic or administrative, should be familiar with compliance issues pertaining to its operations. Many departmental websites make reference or have links to regulatory and compliance resources applicable to their operations. All employees should be familiar with their regulatory environment and if a formal institutional compliance program does not exist, a periodic internal evaluation of the level of compliance should be performed. POLICIES & PROCEDURES One of the first requests from auditors will be to review the department's written policies and procedures in order to determine compliance. This documentation should be at two levels, one being the department's general operating policies and the other, more detailed procedures, often referred to as desktop procedures. 7/17/2008 FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ It is especially important to document procedures used in handling fiscal matters. Flowcharts are useful, and current, detailed job descriptions should be a part of the entire package. If there are no procedures or if they are vague and/or out of date, it may result in an audit criticism. It is suggested that policies and procedures be written if none exist. If they do exist, they should be periodically reviewed and updated as needed. Past memos outlining policies can often be used as a basis for developing a manual. The manual should be available to all employees, and ideally they should sign an acknowledgment form that they have read and understand the procedures. MONEY HANDLING PROCEDURES The term "money" refers not only to actual cash, but also to checks and credit cards, and may also be referred to as "funds." If your department is involved in collecting funds, make sure written procedures are up-to-date and expect this function to be scrutinized by the auditors. Prior to involvement in accepting funds, the department should contact the Controller's Office for approval and the correct procedures to be used. If billing by invoice is a part of a department's routine, consult with the Controller's Office to determine if this should be handled through the Accounts Receivable system. Audit concerns will include the proper use of pre-numbered departmental cash receipts, immediate and restrictive endorsement of checks, use of mail logs, security of funds, use of transfer forms, timely deposits and written procedures. Any unusual transactions or exceptions to the norm must be documented and should be approved in writing if possible. If there are any questions about these items, contact either the Controller's Office for detail procedures or the Inspector General's Office for general information. Another area of money handling is petty cash accounts. The operation of a petty cash fund needs to have the Controller's Office approval. The cash must be secured and safeguarded from misuse or theft. It must not be used to cash personal checks or IOUs. Be certain the petty cash custodians are aware of the proper procedures to be used for petty cash. In addition, expect periodic visits by the internal audit staff to verify accuracy of the fund. SAFEGUARDING ASSETS & PHYSICAL INVENTORY Assets are any items of value and include equipment, cash, financial records, and the physical structures. Confidential information, such as student records must also be safeguarded from misuse, unauthorized changes or theft. Evaluate the physical security of the offices and limit distribution of keys to authorized personnel. If certain areas should be restricted to employees only, at a minimum this restriction should be posted. Review the security of computer equipment, software programs, computer files, and the proper use of password procedures. Also review the security of other equipment, materials and supplies that may be of value to someone. Assets that cost $1,000 or more (plus certain other items) are tagged and accounted for as fixed assets. State law requires a physical inventory be conducted annually and the department's cooperation is a necessary part of this process. Property Management conducts the annual fixed asset inventory, including verification of off-campus items. Departments can facilitate accountability for fixed assets by completing forms as property is moved or taken off campus, when grants are closed, or when 7/17/2008 FINANCIAL AFFAIRS AUDIT INFORMATION PROJECT ___________________________________________________________________________ the "accountable officer" changes. Accounting for fixed assets is within the scope of each state operational audit and lack of proper controls can result in adverse audit findings and publicity. Contact Property Management for additional information and to learn of the department's responsibility in this area. SEPARATION OF DUTIES (See Separation of Duties section for more information) || AUTHORIZATION || CUSTODY || RECORD-KEEPING || This is a basic internal control and deterrent to fraud, yet it is frequently overlooked and can be difficult to achieve in smaller operations. Ideally, authorization of transactions, custody of assets, and record- keeping should be the responsibility of different individuals. One overall consideration when designing the best control system is that, generally, the more negotiable the asset, the greater the need for separation of duties, as well as the need for increased physical security. Duties are considered incompatible if someone can carry out and conceal an error or irregularity in the course of day-to-day activities. If adequate separation of duties is not possible due to lack of sufficient staff, then there should be increased oversight by management. DOCUMENTATION & REVIEWS Auditors will always want to see documentation that will support decisions, exceptions, transactions, end results, etc. Documentation is important in fiscal matters or for any action that is a deviation from the norm or the established policy. Auditors are also concerned about documented supervisory reviews or approvals. Anytime an employee's work is reviewed, such review or approval should be notated by the reviewer's initials and the date. Logs are a form of documentation, but to be effective they need to be used properly and consistently and should evidence supervisory review. Logs for checks received by mail, combination safe control listings, etc. are examples of logs which should have documented reviews. Documented, periodic sampling by management is a form of review to ascertain that policies

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    31 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us