Internal Controls 25% Flashcards
Internal controls are also referred to as
Management Controls
Budget and Accounting Procedures Act of 1950
the head of each Government agency is required to establish and maintain systems of internal control to safeguard assets. The same legislation requires the GAO to prescribe accounting standards, to work with agencies in developing systems, and to audit agencies to determine the adequacy of internal controls over financial operations. In addition, the GAO is responsible for approving agencies’ accounting systems when they conform to standards prescribed by the Comptroller General of the United States.
Federal Manager Financial Integrity Act of 1982
Federal Managers’ Financial Integrity Act (FMFIA) requires that federal agency executives periodically review and annually report on the agency’s internal control systems. FMFIA requires the Comptroller General to prescribe internal controls standards. These internal control standards, first issued in 1983, present the internal control standards for federal agencies for both program and financial management.
Single Audit Act of 1984
Single Audit. In the United States, the Single Audit, also known as the OMB Uniform Guidance, is a rigorous, organization-wide audit or examination of an entity that expends $750,000 or more of Federal assistance (commonly known as Federal funds, Federal grants, or Federal awards) received for its operations.
CFO Act 1990
Bring more effective general and financial management practices to the Federal Government through statutory provisions which would establish in the Office of Management and Budget a Deputy Director for Management, establish an Office of Federal Financial Management headed by a Controller, and designate a Chief Financial Officer in each executive department and in each major executive agency in the Federal Government.
Provide for improvement, in each agency of the Federal Government, of systems of accounting, financial management, and internal controls to assure the issuance of reliable financial information and to deter fraud, waste, and abuse of Government resources.
Provide for the production of complete, reliable, timely, and consistent financial information for use by the executive branch of the Government and the Congress in the financing, management, and evaluation of Federal programs.
Sarbanes-Oxley Act
Sarbanes–Oxley Act. An Act To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes.
Government Management Reform Act of 1994
Required by 24 CFO reporting agencies to prepare audited financial statements and by mandating an audited annual consolidated financial statement for the executive branch of the federal government.
Federal Financial Management Improvement Act of 1996
requires federal agencies to follow federal accounting standards, financial management system requirements for the federal government and the treasury standard general ledger at the transaction level, important to maintain proper internal controls.
Accountability of Tax Dollars Act of 2002
expanded the requirement for an annual audit to virtually all federal agencies.
OMB Circular A-130
This Circular1
establishes general policy for the planning, budgeting, governance, acquisition,
and management of Federal information, personnel, equipment, funds, IT resources and
supporting infrastructure and services. The appendices to this Circular also include
responsibilities for protecting Federal information resources and managing personally
identifiable information (PII). While it is the responsibility of all agency leadership, program
managers, and staff to implement the requirements of this Circular, agency heads have ultimateresponsibility for ensuring that the requirements of this Circular are implemented for their
agency.
OMB Circular A-123- Green Book
GAO Internal control by COSO
Information Technology application and general controls
Application controls refer to the transactions and data relating to each computer-based application system; therefore, they are specific to each application. General Control: To ensure the proper development and implementation of applications, as well as the integrity of programs, data files, and computer operations.
Enterprise Risk Management
COSO ERM framework
The COSO “Enterprise Risk Management-Integrated Framework” published in 2004 defines ERM as a “…process, effected by an entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”[5]
The COSO ERM Framework has eight Components and four objectives categories. It is an expansion of the COSO Internal Control-Integrated Framework published in 1992 and amended in 1994. The eight components - additional components highlighted - are:
Authority and pledge to the ERM RISK Management policy Mixer of ERM in the institution Risk Assessment Risk Response communication and reporting Information and Communication Monitoring The four objectives categories - additional components highlighted - are:
Strategy - high-level goals, aligned with and supporting the organization’s mission
Operations - effective and efficient use of resources
Financial Reporting - reliability of operational and financial reporting
Compliance - compliance with applicable laws and regulations
Risk Response
Risk response is the process of developing strategic options, and determining actions, to enhance opportunities and reduce threats to the project’s objectives. A project team member is assigned to take responsibility for each risk response.
