Add to collection(s) Add to saved
  1. Business

Chapter II Sonoma State University SCO Audit Tales

advertisement 
SCO Audit Tales
Chapter II
Sonoma State University
Agenda
„
„
„
„
„
„
„
„
„
„
Why??
Timeline
Scope
Preparation
Defining Parameters
Audit Team
Areas of SCO Interest
Areas of Campus Concern
Current Status
Lessons Learned
FOA April 2009
Why??
„
California Code Education Code 89721
Notwithstanding any other provision of law, the CFO of
each campus of the CSU shall deposit into and maintain
in local trust accounts…
„
„
(l) Moneys collected as higher education fees and income from
students of any campus of the CSU… The Controller shall have
the authority to audit the expenditure of these funds.
Legal authority for RMP also authorizes the SCO to audit
CSU Fund 485 expenditures
FOA April 2009
Timeline
„
„
„
„
„
„
„
„
„
„
„
„
„
„
January 10, 2008 – Exit Conference for FISMA Audit
January 28, 2008 – Campus was advised that SCO was considering
Sonoma for a student fee audit
March 4, 2008 – Conference Call with CO and Sacramento State
March 5, 2008 – Preparation Begins
March 12, 2008 – Entrance Conference/Information Request
March 20, 2008 – Information Submitted to SCO
March 24, 2008 – Fieldwork Begins
June 9, 2008 – KPMG Interim Fieldwork begins
June 19, 2008 – SCO Informal Exit Conference
July 10, 2008 - Sonoma closes 07/08
September 8, 2008 - KPMG begins Fieldwork
November 19, 2008 - Sonoma advised that FISMA will begin in March 2009
December 4, 2008 – SCO Draft Report received for comment
December 15, 2008 – Sonoma provides responses to SCO
FOA April 2009
Scope
CSU Fund 485 Disbursements
The contract between the CSU and the SCO stated
that the audit…
„ Will include testing to determine whether or not
expenditures from the trust accounts are legal
and proper
„
May, at SCO discretion, include revenue
collection processes of the student fee revenue
accounts to ensure… that they are expensed in a
legal and proper manner
FOA April 2009
Scope
CSU Fund 485 Disbursements
The contract between the CSU and the SCO stated
that…
„
„
The SCO shall assess the effectiveness of the internal
and administrative controls to achieve the CSU’s control
objectives for the student fee trusts, including but not
limited to, compliance with statutes, rules, and
regulations governing the use and maintenance of such
accounts
The SCO shall conduct pilot audits at one or two
campuses and, if necessary, adjust the audit program
based on findings during the pilot
FOA April 2009
Scope
CSU Fund 485 Disbursements
„
„
„
After consultation with the CO and Sacramento State and
review of the Ed Code, Sonoma took the position that…
The audit scope should be limited to operating expenses
created thru the Accounts Payable sub system from CSU
Fund 485, PO’s and associated internal controls
The SCO audit should dove tail and build upon, not
replicate, our recently completed FISMA audit and our
KPMG audit
FOA April 2009
Preparation
„
Reviewed Sonoma’s FIRMS data that was
provided to the SCO
„
„
State GL 9000 “Operating Expenditures” for CSU Fund
485 by FIRMS Object Code for 06/07 and 07/08
That data contained about one year of RMP
Disbursement transactions and PO’s
„
February 2007 Wells Fargo Disbursements “Go Live”
thru December 2007
FOA April 2009
Preparation
„
„
„
Tied FIRMS balances to Journal Sources to define and
focus the audit scope clearly
At Sonoma, APS Journal Source represents
disbursements from the AP subsystem
Our position: Transactions from all other Journal Sources
and CSU Funds are out of scope
FOA April 2009
Defining Parameters
Example - FIRMS Recon by Journal Source 7/07
thru 12/07
SCOPE
FOA April 2009
Defining Parameters
„
„
„
„
About 84% of CSU Fund 485 expenditure transactions
are for compensation
Those transactions are processed by the SCO and the
State Treasury - therefore, they should not be audited
About 8% of CSU Fund 485 expenditure transactions are
processed by Sonoma’s Accounts Payable department
and Wells Fargo Bank - therefore, they are in scope
Simply stated, this should be an audit of expense
transactions that we formerly would claim in the General
Fund
FOA April 2009
Audit Team
„
„
„
Four Auditors were scheduled to perform fieldwork
„ Usually three were on campus at any given time
Fieldwork commenced March 24, 2008 and was estimated to end
mid May 2008
„ Fieldwork actually ended June 19, 2008
Some fieldwork would be performed remotely because Audit Team
will have PeopleSoft Access
„ Fieldwork actually consisted of 8 weeks on campus and 5 weeks
at the SCO
„ Information requests continued while the team worked from the
SCO
FOA April 2009
Areas of SCO Interest
„
„
„
„
Chart of Accounts and All 485 PS Funds
Organization Chart and Staff Interviews
PeopleSoft Access and Training for Audit Team
Observe Processes/Review Business Process Guides,
Documentation & Transactions
„
„
„
„
„
„
„
Create Vendor
Create Voucher
Matching
Run Pay Cycles
Distribute Checks
Reconcile Bank Accounts
Mail Distribution
E Reqs, Bidding & PO’s
Contract Terms & Payments
Hospitality
Invoice Processing
Signature Authority
Creating Trust Funds
Cashiering
FOA April 2009
Areas of SCO Interest
„
„
„
„
„
„
„
„
„
Communications to the Campus about RMP
Trust Fund Agreements for 485
Student Health Center – Report 9 Requested for SHC
Travel – Pre Authorization, Audit of Travel Claims,
Review of Receipts and supporting documents
SUF & Application Fee Reconciliations for every month
Duplicate Payments processed by AP
Check Register, Voided Checks, review of “Check Foils”
for every payment sample, Check Stock & Log
ProCard - Transactions, Training, Signatories, Policies
Property Tagging/Fixed Assets
FOA April 2009
Areas of SCO Interest
Info and Sample Requests
„
485 AP transaction queries that included
„
„
485 PO queries that included
„
„
„
A combination of PO info with detailed AP activity against the encumbrances
Samples drawn from those queries for review
230 AP Samples (Direct Pay, Invoices, Pro Card)
„
„
PO Number, Vendor, PO Date, PO End Date, PO Amount, Open Enc Amount
485 Sample PO queries tied to AP transaction detail and Enc
liquidation
„
„
Invoice Number, Invoice Date, Accounting Date, Vendor Name, Control Group,
Voucher ID, PO Number, Check Number, Fund, Account, FIRMS Object Code,
Amount
Control Groups, Payment Requests, Invoices, Supporting Docs
50 PO Samples and Related Payments
„
Contract Files, Buyers Notes, E Reqs, Amendments, Supporting Docs
FOA April 2009
Areas of Campus Concern
„
PeopleSoft Access Requests for Audit Team
„
„
„
„
„
Vendor, Voucher, PO, Chartfields, Query, Users, Reports, CSU
Manage State and Systemwide Requirements
PeopleSoft, Chart of Accounts and remedial CSU training
requirements for Audit Team - “CSU 99”
Persistent Requests to Review RA - CSU Fund 499 at
Sonoma
“Ownership” of their office area for the duration of the
audit
Duplication of FISMA and KPMG audits
„
SUF Recons, Bank Recons, Review of Trust Agreements, Review
of Signature Authority, Fixed Assets, ProCard, Travel, Hospitality,
Detailed Review of Internal Controls
FOA April 2009
Areas of Campus Concern
„
Differences in SCO and CSU Organizational Cultures
„
Lack of Disclosure as audit proceeded
„
„
„
„
Unclear Fieldwork Schedule
„
„
„
Observations/Findings/Concerns not communicated consistently
Concerns could have been addressed as the audit progressed
Requests for information without disclosure of the issue or concern
they wanted to review - What is the purpose of this exercise??
Shifting on/off weeks and end date
Unfamiliarity with the CSU and routine expenditures that support
our educational mission
SCO’s conclusion - the CSU is a “quasi agency”
„
„
„
CSU is a very different type of agency for them to audit
Unusual expenditures when compared to other State agencies
Different Recons, reporting & year end requirements from other
FOA April 2009
agencies
Current Status
„
„
„
December 4, 2008 – SCO Draft Report received
for comment
December 15, 2008 – Sonoma provides
responses to SCO
We can not discuss the report until the SCO
publishes it
FOA April 2009
Lessons Learned
Common Sense Rules - Be Prepared….
„
Treat CSU Fund 485 like the General Fund
„
Clear findings from any recent audits
„
Document your Business Processes and Internal Controls
„
„
Test processes and controls regularly to ensure that you’re
walking the walk
Build a set of canned queries to retrieve data in the
SCO’s preferred format
„
„
„
View your world from the SCO’s perspective
Run the queries now and review questionable transactions
Test for duplicate payments
FOA April 2009
Lessons Learned
Common Sense Rules - Be Prepared….
„
„
Ensure that transactions are well documented and
authorized by valid signatories
Question the audit team if requests do not make sense
„
„
Learn a new mantra - “Out of Scope”
„
„
They are still learning about the CSU, PeopleSoft and Fund 485
Be able to explain clearly why a request is not appropriate
Take a deep breath!
„
Because this too will pass…
FOA April 2009
Questions??
„
Thanks for your time!
FOA April 2009
Related documents
JOB DESCRIPTION – Graduate Software Engineer
JOB DESCRIPTION – Graduate Software Engineer
Columbia Southern University, one of the nation's top online
Columbia Southern University, one of the nation's top online
Columbia Southern University is pleased to have the International
Columbia Southern University is pleased to have the International
Page of 3 Associated Students of CSU, Chico The CSU, Chico
Page of 3 Associated Students of CSU, Chico The CSU, Chico
The Hunger Games at Colorado State University
The Hunger Games at Colorado State University
Senior Communications Officer SR
Senior Communications Officer SR
Setting Career Goals
Setting Career Goals
Marketing Plan Rubric
Marketing Plan Rubric
Download
advertisement