1.3 Internal controls Flashcards

Internal controls

1
Q

Federal Managers Financial Integrity Act of 1982

A

Internal Controls mandated for each Agency and required annual reporting. 1. Obligations and costs are in compliance with applicable law 2. Funds property and other assets are safeguared against loss, unauthorized use 3. Revenues and expeditures applicable to agencies operations are properly recorded and accounted for.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Steps of Eterprise Risk Management

A

Establishing, assessing, correcting and reporting on internal controls. Involves a “portfolio view” meaning all areas HR, technolgoy, finance, reputation risk, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DOD subdocument for implementing internal controls, and what gov docs did it referene

A

Federal Managers Financial Intergrity Act of 1982 came out and OMB published OMB Circular A-123 describing how to implement and DOD then created DOD 5010.40 to adress how to implement FIMFIA and OMB A-123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Annual assuarnce statements

A

Required by FMFIA; Annual Statement required by every federal agency on whether there is reasonable assurance that the agencies internal contols are achiving their intended objectives 2. Any material weaknesses in the agency’s controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Internal Controls required over which processes

A
  1. Operations 2. Financial Reporting (accurate/reliable) 3. Financial Systems (compliant with law)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Primary purpose of a risk profile

A

provide a thoughtful analysis of the risks and Agency faces towards achieving its strategic objectivess and arising from its activities and operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Enterprise Risk Management and development of “Risk Profiles” mandated by

A

OMB Circular A-123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

FISCAM includes which controls

A
  1. General Controls 2. Business process application controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Three Broad categories of internal controls which should provide reasonable assurance

A

Operations -efficiency of, reporting- reliable reporting, compliance - comply with law/regs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does reasonable assurance mean for internal controls

A

Doesn’t mean you’ll never find waste or fraud but making best and logical effort

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Internal control category of Financial Systems has two sub categories that are set by what manual

A

General (Security, configuration and access to entities information systems) and Business Process Application Controls (Individual Computerized applications generate complete, accurate, valid, confidential transactions); Federal Information System Controls Audit Manual (FISCAM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Components in Green Book

A
  1. Control Environment 2. Risk Assessment 3. Control Activities 4. Information and Communication 5. Monitoring
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Control Environment in Internal Controls

A

The foundation of IC system. Discipline and structure to help an entity achieve objectives. Tone at the top, decipline, commitment to integrity, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Risk Assessment in Internal Controls

A

Assesses the risks facing the entity as it seeks to achieve its objective. Basis for developing appropriate risk responses. Defined risk tolerances for reasonable assurance threshold.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Control Activites in Internal Controls

A

The actions management establishes throguh policies and procedures to achive objectives and respond to risks. Intstalling safes, segregation of duties, changing passwords, too much access, spot checks, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Information and Communication in Internal Controls

A

The quality information management and personnel communicate and use to support the IC system. Timely accurate and validatable information. Reporitng, mid year reviews, etc.

17
Q

Monitoring in internal controls

A

Activites management establishes and operates to assess the quality of performance over time and proptly resolve findings. Always looking for ways to improve and test controls. Testing, auditing, continuous review

18
Q

OMB A-123 requires the following in annual statement of assurance

A
  1. Conduct Assessment of Internal Control 2. Identify Control Deficiencies 3. Conclude on Internal Control Principle Evaluation 4. Conclude on internal control component evaluation 5. Conclude on overall assessment of a system of internal controls
19
Q

Internal Control Significant Deficiency

A

deficienct that is less severe than a material weakness. Reported internally in the organization, not external. Definiciency can be correted internally

20
Q

Material Weakness

A

Significant deficiency and Agency head reports outside the agency. Non-achievement of a relevent internal control priciple. Weakness and summary of corrective actions reported to OMB and congress through AFR, PAR or other reports. Periodic progress of corrective action must also be reported

21
Q

Corrective Action Plan required for and included in

A

Material weaknesses; reported in Agency Financial Report (AFR), Performance and Acountablity Report (PAR) or other mgmt report

22
Q

Performance and Accountability Report (PAR)

A

Wrapped up all inclusive report that is submitted 45 days after FY.

23
Q

Definicieny is deemed corrected when…

A

1.sufficient corrective action taken 2. Achieved desired results (corrective action must be VALIDATED)

24
Q

Responsibility for IC for DOD and mandated by what

A

DOD 5010.40; Major responsibility USD (Comptroller), All other responsibilities to each DOD and OSC Component head

25
Q

4 levels of DOD material weakness

A
  1. DOD Level - Big deal, exists in majority of DOD components 2. Component Level - Big deal throughout DOD component 3. Major Command or Field Activity Level - Throughout Major command or one or more installations 4. Installation or Activity Level - Requires attendtion of head of installation
26
Q

DOD 5010.4 required USD Comptroller to

A

Establish Senior Management Council to advise on internal controls and Co-chair a Financial Improvement and Audit Remediation (FIAR) Governanace Board with the DOD Deputy Chief Management Officer (DCMO)

27
Q

Most due dates regarding internal controls

A

November 15th, 45 days after end of FY

28
Q

DOD Statement of assurance provides three levels of statement of assurance

A
  1. Unmodified Statement of Assurance - No material weaknesses 2. Modified - One or more material weaknesses 3. Statement of no assurance
29
Q

Assessable Unit

A

Any unit that has its own internal controls that need to be addressed

30
Q

Control Objective

A

Specific goal or level of control desired for an assessable unit (Unit meeting threshold to have own Internal Controls)

31
Q

Annaul Statement of Assuranc required parts

A
  1. Statement of Reasonable assurance 2. Assurace regarding ICOFR (Financial Reporting) 3. Assurance regarding ICOFS (Financial Statements) 4. Unmodified/Modified/No assurance
32
Q

Internal control definition

A

Internal Control comprises the plans, methods, policies and procedures used to fullfill the mission, strategic plan, goals and objectives of the entity. First line of defence safeguarding assets.