Internal Controls and Risk Assessment
Download
Report
Transcript Internal Controls and Risk Assessment
Presented By:
Donna Denker, CPA
Donna Denker & Associates
Per
SAS 99 – (2002) – “An
intentional act that results in
material misstatement to the
financial statements that are
subject to an audit.”
Financial
Reporting Fraud
Misappropriation of Assets
External Fraud
Diverting
cash receipts
Lapping
Stealing
or forging checks
Altering bank deposits
Stealing petty cash
Creating
fictitious
vendors or
overstating vendor
accounts
Stealing inventory or
equipment
Taking kickbacks
Abusing
travel and
entertainment
reimbursements
Creating ghost
employees or
overstating hours
worked
Opportunity
Fraudster’s
Need
Rationalization
Defines
internal controls
Describes the components of effective
internal controls
Provides evaluation criteria for internal
controls
Guidance on management’s reporting of
internal controls over financial reporting
A
process, effected by an entity’s board
of directors, management and other
personnel, designed to provide
reasonable assurance regarding the
achievement of objections in any of the
following categories:
Efficiency
and effectiveness of
operations
Reliability of financial reporting
Compliance with applicable
laws and regulations
Integrity
Ethical Values
Competency
Entity
must be aware of and deal with
risks it faces
Entity must set objectives integrated with
other activities so that the organization
works together
Entity must establish mechanisms to
identify, analyze and manage the related
risk
Establishment
of policies to ensure that
risks are addressed
Execution of policies to ensure they are
carried out correctly and completely
Systems
to capture and exchange
information
Monitoring
all of the processes
Allow modifications as necessary
System should react dynamically by
changing as conditions warrant
Existence
or Occurrence
Completeness
Rights and Obligations
Valuation and Allocation
Presentation and Disclosure
Establish
organization control
environment
Risk identification and analysis
Communications
Monitoring
Human
judgment
Breakdowns
Management overrides
Collusion
Message
from the board and
management
Ethics policy and repercussions for
violations
Conflict of Interest policies
Recognizing temptations
Hiring
policies
In-house or external training
Outside consultants to supplement if
needed
Performance and skills evaluated
periodically
Board does performance and skills
evaluations for management
Understand
your fraud risks
Set the tone at the top – zero tolerance
policy
Oversee internal controls
Retain outside experts when in doubt
Ask questions and exercise skepticism
Whistleblower program
Commitment
to excellence
All journal entries are authorized,
supported and reviewed
Organizational
chart
Job descriptions
Roles are supportive of financial
reporting objectives
Considerations of segregation of
responsibility
Responsibilities are commiserate with
authority
Empowers employees
HR
policies
Job descriptions
Pre-employment investigation
Ensure appropriate training
Regular performance evaluations
Competency is considered
Exit interview with staff
Funding
agents and regulatory bodies
Vendors
Tribal
Council
Creditors
Access to assets
News media
Changes
Employees
Technology
Personnel
practices
Access to assets
Changes
Previously
identified failures
Complexity of activities
Brainstorming
sessions
Regular management meetings to
discuss issues
Reacting to changes in a timely manner
Education or training programs
Supervision
Personnel evaluations
Segregation of duties
Early identification of changes
Physical
Controls
Segregation of Duties
IT Controls
Management activities
Budget monitoring
Policy and procedures
• Policies establish what should be done
• Procedures establish how it should be done
Staff
to Staff
Management to Staff
Upward communication to Board
Vendors
Funding
Agents
Independent Auditors
Policies
and procedures
Management meetings
Departmental meetings
Financial Statements and Budget Reports
External financial reporting
Reports from External Auditors or
Regulators
Supervision
of staff performance
Budget to Actual expenditure
comparisons
Reconciliations and comparisons to
physical assets
Enforcement of policies
Bank
and investment statements
Vendors monthly statements
Federal agencies communicating
concerns
External or internal auditors