1 management controls and audits. 2 why? significant dollar value decentralized program lack of...

1

MANAGEMENT CONTROLS AND AUDITS


2


WHY?

•Significant dollar value

•Decentralized program

•Lack of knowledge

•New and emerging programs

•Mismanagement and abuse

•System complexity - merging state and federal systems

3


FEDERAL FINANCIAL MANAGERS INTEGRITY ACT OF 1982

Requires federal managers to ensure:• Obligations/costs compliant with law• Funds, property, and assets safeguarded against

waste, loss, unauthorized use or misappropriation• Revenues and expenditures are properly

accounted and recorded

Federal managers may be held pecuniary liable for mismanagement of funds!

4


INTERNAL CONTROL STANDARDS

• GAO/AIMD-00-21.3.1, NOV 1999

• Updated standards from FFMIA accommodate

> Changes in information technology

> Emerging human resource Management

> New fiscal management legislation

• GAO-01-1008G, Internal Control Management

5


INTERNAL CONTROL STANDARDS

Control Environment

Risk Assessment

Control Activities

Information and Communications

Monitoring

6


MANAGEMENT CONTROLS• Management Control = Internal Control

• Command Program

• CA’s are highly vulnerable

• CA’s part of state/wing’s Mgmt Ctrl Plan

• TAG/USPFO conduct risk assessments

• Must provide “reasonable assurance”

• Must address material weaknesses

• ARNG/ANG evaluation programs differ

7


ANG - MCP• AF Determines which programs are mission critical

• Critical/non-critical programs may vary by unit

• CAs are assessed on a 1 or 3 year basis

– Mission critical assessed every year– Non-mission critical assessed every 3 year

• ANG uses Command Review Guides

• May assess non-critical programs more frequently

8


ARNG - MCP

• CA s are assessed on a 1 to 5 year basis

• Frequency is based upon risk assessment

• PMs must be a part of the risk assessment

• ARNG uses program/regulation checklists

• But, are there specific checklists for CAs?

9


ANNUAL ASSURANCE STATEMENT

• Deliberate process by MCP Administrators

• Requires TAG and USPFO involvement

• Addresses assessable programs for that year

• May include out of cycle programs

• Identifies Material Weaknesses

• Identifies fix plan for Material Weaknesses

• Certifies to Dir, Army/Air National Guard

• Material Weaknesses worked at NGB

10


Senior Leader Steering Group (SLSG)

• NGB G-Staff, Chaired by Dep Dir, ARNG

• Meet quarterly

• Review Material Weaknesses and progress of fix

• Coordinate with external DA agencies

• Provides feedback to states

• Similar process in place in some states

• ANG review Material Weakness, less formal

11


RISK FACTORS• New programs

• Funding levels

• Historical problems

• Audits

• Degree of decentralization

• Statutory use of federal funds

• Assessable Unit Manager’s review results

• Program Manager’s proficiency and experience

12


SINGLE AUDIT ACT OF 1984• Requires annual independent audit of state’s

accounting system

• Prohibits Federal Government from auditing CA’s unless a program audit is requested by TAG, USPFO, DODIG or NGB Program Mgr

• Included in language of all agreements

• Results available to USPFO/TAG upon request

• Can cost of audits be billed back to CA?

• CAs might not be included in audit. What then?

13


INTERNAL REVIEW AUDIT PROGRAM

• Internal Review Auditable Entity File identifies CAs and APPs

• Supervisory Auditor includes in annual review schedule

• High risk programs audited more frequently

• External audits coordinated with DCAA, AAA, AFAA, NGB-IR

• State files and records may be audited by federal auditors

14


MANAGEMENT CONTROLS(1 of 2)

• Training available for Program Managers on GAO standards and Management Controls?

• Cooperative Agreements included in State Management Control Plan and the IR Auditable Entity File?

• Conducting risk assessments?

• Establishing controls to minimize risk of fraud, waste abuse and mismanagement?

15


MANAGEMENT CONTROLS (2 of 2)

• Material weaknesses identified and properly addressed?

• Audits conducted with a frequency commensurate with the assigned risk?

• State require Annual Audit under the Single Audit Act?

• State Audit findings provided to the USPFO and Program Managers?

16


MANAGEMENT CONTROL PROGRAM (MCP)

• Identify APP & CA by Program Manager (PM)

• Conduct Risk Assessment by PM

• Include in state’s 5 yr MCP and Auditable Entity File

• Evaluate according to plan

• Take corrective actions (material weakness)

• Submit required reports (reasonable assurance)

17


Practical Exercise

Under the Single Audit Act, a State performs an audit of all State agencies, including the State Military Department (SMD). The audit did not specifically look at any cooperative agreements; however, each cooperative agreement was assessed its share of the audit cost.

Since the cooperative agreements were not covered The Adjutant General requested an independent audit of the cooperative agreements and also charged the audit costs to the cooperative agreements as a direct cost.

During the year the USPFO directed the Internal Review team to audit the new Youth Challenge program which has a $2.8 mil budget and is located at a remote site.

During the same fiscal year the Army Audit Agency (AAA) decided to audit the cooperative agreement program.

19


Why or why not?

Which these audits is authorized?

For which should the Federal Government pay?

Should the Youth Challenge program be audited?

20


QUESTIONS ?

1 management controls and audits. 2 why? significant dollar value decentralized program lack of...

Documents