Single Audit
Tracy Hensley, Partner
Brett Burns, Manager
KPMG LLP
May 19, 2015
Agenda
•
•
•
•
•
•
•
•
•
What is a Single Audit?
Programs Audited
Audit Approach
KPMG Audit Team
Student Financial Aid
Other Federal Programs
Single Audit Timeline
Determination of Findings Overview
New Uniform Guidance Overview
May 2015
Year-End GAAP Training
2
What is a Single Audit?
• The Single Audit Act of 1996, OMB Circular A-133, established requirements for audits
of entities that administer Federal financial assistance programs.
• The Compliance Supplement is revised on an annual basis in order to identify existing
important compliance requirements that the Federal Government expects to be
considered as part of a single audit. The 2015 Compliance Supplement is expected to
be released soon.
• The requirements for Single Audits will change in 2016 with the release of the new
Uniform Guidance, which may also have an impact on the 2015 audit. The Uniform
Guidance Compliance Supplement is expected to be released soon.
• The 2015 transitional Compliance Supplement will be the basis of the Single Audit
conducted by KPMG for the year-ended June 30, 2015.
• Currently, all non-Federal entities that expend $500,000 or more of Federal awards in
a year are required to obtain an annual audit in accordance with OMB Circular A-133.
May 2015
Year-End GAAP Training
3
What is a Single Audit? (continued)
• OMB Circular A-133 indicates the auditee shall:
• Maintain internal control over Federal programs that provides reasonable assurance
that the auditee is managing Federal awards in compliance with laws, regulations,
and the provisions of contracts or grant agreements that could have a material effect
on each of its Federal programs.
• Comply with laws, regulations, and the provisions of contracts or grant agreements
related to each of its Federal programs.
•
The A-133 Single Audit opinion includes:
• One consolidated “in relation to” opinion on the Schedule of Expenditures of
Federal Awards, representing all CSU campuses and federally-funded programs
subject to A-133.
• A report on internal controls over compliance.
• An opinion on compliance with applicable Federal regulations for the programs
audited.
May 2015
Year-End GAAP Training
4
What is a Single Audit? (continued)
• The auditee’s major programs subject to higher scope procedures are based on a
quantitative assessment of the amount of federal awards expended by each
program as well as a qualitative assessment of each program’s risks.
•
For each compliance area of each major program audited, KPMG audit procedures
include both:
• Tests of campus-specific controls, including understanding, assessment, and tests of
operating effectiveness;
• Tests of compliance with applicable rules and regulations.
May 2015
Year-End GAAP Training
5
Knowledge Check #1
OMB Circular A-133 indicates the auditee shall:
A.
B.
C.
D.
Manage Federal awards in compliance with laws, regulations and the provisions of
contracts or grant agreements that could have a material effect on each of its
Federal programs, without regard to internal controls.
Comply with laws, regulations, and the provisions of contracts or grant agreements
related to each of its Federal programs, but only if convenient.
Maintain internal control over Federal programs and manage Federal awards in
compliance with laws, regulations, and the provisions of contracts or grant
agreements that could have a material effect on each of its Federal programs.
Comply with laws, regulations, and the provisions of contracts or grant agreements
related only to its major Federal programs.
May 2015
Year-End GAAP Training
6
Knowledge Check #1 Answer
OMB Circular A-133 indicates the auditee shall:
C.
Maintain internal control over Federal programs and manage Federal awards in
compliance with laws, regulations, and the provisions of contracts or grant agreements
that could have a material effect on each of its Federal programs.
May 2015
Year-End GAAP Training
7
What is an Internal Control?
•
•
•
Internal Controls are policies and procedures organizations employ to make sure
that the information being processed is complete and accurate.
Controls need to be documented to demonstrate they are operating
Two general categories of internal controls:
• Preventive Controls:
• Segregation of Duties – Separate individuals authorize (approve) and
process transactions
• Supervisory Review - A supervisor reviews and approves all work
performed by staff
• Reviewing and addressing exception reports
• Detective Controls:
• Account reconciliations
• Sampling transactions after the fact to ensure the desired result was
achieved (consider minimum sample size of 25)
• Reviewing and addressing exception reports
May 2015
Year-End GAAP Training
8
So Then, What is a Process?
•
•
A process includes the steps taken to compute an amount or record a transaction
Processes include internal control components
An example of a student financial aid process (refunds) and the control in the process:
Process:
• Financial Aid counselor computes a student’s refund by obtaining the student’s last
day of attendance, referencing the campus refund policy and applying that information
to the student’s payment
Control:
• The financial aid counselor’s knowledgeable supervisor reviews the refund
computation, compares the information used in the computation to the information
used by the financial aid counselor and signs the refund computation indicating that
the review was performed.
May 2015
Year-End GAAP Training
9
And Compliance?
•
Compliance is actually getting the right answer
•
•
•
•
Was the refund properly made in the right amount in the right timeframe?
There is a higher likelihood of compliance when effective internal controls are in place
Controls could be in place, but if they are not effective, errors could occur
Causes of ineffective controls (using prior example):
• Supervisory review performed by someone who isn’t knowledgeable
• Supervisory review performed, but underlying documents aren’t reviewed
• Not occurring (assumed if not documented)
May 2015
Year-End GAAP Training
10
Questions You Should Ask to Determine
if Controls are In Place and Effective
•
How do you know it’s right?
•
If there is no answer, other than the steps the financial aid counselor performs
(process), there may be no control in place
•
Every compliance requirement should have a documented control in place to minimize
errors, even if reliance is placed on computer systems
 If there are no documented controls in place over a compliance requirement, it is
possible to have a control finding (significant deficiency or material weakness)
without having a compliance finding.
 Compliance findings are usually a result of ineffective controls and generally result
in a control finding (significant deficiency or material weakness)
May 2015
Year-End GAAP Training
11
Knowledge Check #2
An internal control can be described as follows:
A.
B.
C.
D.
The process used to compute a refund by a financial aid counselor
A procedure in place that is effective in determining that refunds are computed
properly
A control isn’t necessary if refunds are usually computed correctly
The only effective control is a detective control
May 2015
Year-End GAAP Training
12
Knowledge Check #2 Answer
An internal control can be described as follows:
B.
A procedure in place that is effective in determining that refunds are computed
properly
May 2015
Year-End GAAP Training
13
Knowledge Check #3
Which of the following situations could result in an internal control finding:
A.
B.
C.
D.
The supervisor may perform a review of a refund computation, however that review
is not documented
Internal controls are in place and documented, however, numerous errors in refund
computations were noted
The supervisor reviewed and approved the refund computation, as evidenced by
his/her signature on the computation
Both A. and B.
May 2015
Year-End GAAP Training
14
Knowledge Check #3 Answer
Which of the following situations could result in an internal control finding:
D.
Both A. and B.
The supervisor may perform a review of a refund computation, however that review
is not documented
Internal controls are in place and documented, however, numerous errors in refund
computations were noted
May 2015
Year-End GAAP Training
15
Major Programs Selection Process for 2015 Audit
•
The selection process will be performed by KPMG once a final consolidated
Schedule of Federal Awards has been provided by the CSU System in early August.
We will perform the following procedures to determine the programs subject to audit:
•
Compute a threshold to distinguish between Type A and Type B programs
•
Evaluate programs over the threshold based on inherent risk in the program, last time the
program was audited, and any findings noted in program in prior year
•
Those programs over the threshold that are considered low risk, are subject to audit every
three years
•
Programs with the same CFDA number are considered the same program, even if on
different campuses or from different agencies
•
Certain programs, such as Student Financial Aid programs and Research and
Development programs, are audited as one program or cluster
May 2015
Year-End GAAP Training
16
Preliminary Major Program Selection
• Programs Subject to Audit in 2015
• Student Financial Aid Cluster
• Programs that may be subject to audit in 2015
• Research and Development
• Head Start
• Trio
• Higher Education Institutional Aid
• Foster Care Program – Title IV
• Other smaller programs, to be determined
May 2015
Year-End GAAP Training
17
Audit Approach
•
Chapter 15 in the GAAP Manual discusses the procedures and planned approach for the
A-133 Single Audit, including:
• Designated space for providing guidance and memorializing questions and answers
that arise regarding preparation for the audit,
• Comprehensive A-133 PBC lists.
•
There are two PBC lists included at Exhibit 24 to the GAAP Manual:
• Limited Scope: applicable to all campuses
• Higher Scope: applicable to the eight campuses selected for Higher Scope procedures
for the Student Financial Aid Cluster
• Due dates are stated on the respective PBC lists
•
PBC lists and other guidance applicable for audit testwork of major programs (other than
the Student Financial Aid Cluster) will be provided directly to selected campuses once
planned procedures are identified.
May 2015
Year-End GAAP Training
18
Audit Approach (continued)
•
All campuses are responsible for the preparation of the Schedule of Expenditures of
Federal Awards (SEFA).
•
Campuses are to submit a preliminary SEFA in YES by July 28, 2015.
•
The CO will submit a preliminary consolidating SEFA to KPMG by August 7, 2015.
•
See GAAP Manual for other relevant deadlines.
•
Subsequent changes to each campus SEFA may affect the selection process of major
programs. Please keep the CO informed with regard to subsequent changes in the
SEFA that are either reported or planned to be reported.
•
All campuses will also need to prepare a reconciliation of the SEFA to other reporting
sources, such as FISAP (template provided at Exhibit 23 of the GAAP Manual).
Support for reconciling items should be prepared by the campus and made available to
the audit team.
May 2015
Year-End GAAP Training
19
Audit Approach (continued)
•
Single audit fieldwork will be conducted by specialized audit teams, separate from
those conducting the financial statement audit.
•
The timing of the student financial aid audit begins in late-July and will continue
through the end of August (with the exception of the testing of the FISAP, which is not
due until October).
•
The timing of the audits for non-student financial aid programs will be in August or
September, and will be coordinated with the individual campuses once program
selections have been finalized.
•
Each campus subject to higher scope procedures will have a preliminary entrance
discussion, regular status meeting updates, and a closing discussion.
•
We ask that the GAAP Coordinator at each campus take an active role with ensuring
that PBCs are prepared in a timely manner and that any open items at the conclusion
of fieldwork are addressed.
May 2015
Year-End GAAP Training
20
KPMG Team
Partner
Tracy Hensley
Senior
Manager/Manager
Brett Burns
Stephanie Sakai
SoCal
SFA Team
Senior Associate
May 2015
NoCal
SFA Team
Staff Associate
Senior Associate
Other Programs
Team
Staff Associate
Year-End GAAP Training
Senior Associate
Staff Associate
21
Knowledge Check #4
Which of the following is true with regard to preparation and reporting for the A-133 Single
Audit procedures?
A. All campuses are expected to prepare a reconciliation of the SEFA to other reporting
sources, such as the FISAP.
B. Changes to the SEFA subsequent to initial reporting will have no impact to the
selection of major programs or scoping of the year-end single audit.
C. Documents requested on the PBC lists are suggested rather than required
deliverables.
D. All campuses are required to prepare the documents requested on the Higher Scope
PBC list.
May 2015
Year-End GAAP Training
22
Knowledge Check #4 Answer
Which of the following is true with regard to preparation and reporting for the A-133 Single
Audit procedures?
A.
All campuses are expected to prepare a reconciliation of the SEFA to other reporting
sources, such as the FISAP.
May 2015
Year-End GAAP Training
23
Pell Grants
Federal Supplemental
Educational Opportunity
Grants
TEACH Grants
Scholarships for
Disadvantaged Students
Federal Work Study
Postsecondary Education
Scholarships for Veteran’s
Dependents
May 2015
Loan Programs
Grant Programs
Grant Programs
Student Financial Aid Cluster of Programs
included in Scope of Federal A-133 Audit
Federal Direct Student
Loans
Federal Perkins Loans
Nursing Student Loans
Year-End GAAP Training
24
Student Financial Aid – Full Scope Campuses
Dominguez Hills
Monterey Bay
East Bay
San Jose
Los Angeles
San Luis Obispo
Maritime
Academy
San Marcos
May 2015
Year-End GAAP Training
25
Student Financial Aid – Compliance Areas Subject to Audit & Sample Procedures
Cash Management
• Select a sample of cash receipts and compare with campus accounting records to test
for compliance with applicable payment method (i.e., Advance, Reimbursement, etc.).
Eligibility and Disbursements
• Select a sample of students and review Campus records to ascertain appropriate
determination of:
• Student Eligibility for Various Grant and Loan Programs
• Calculation of Benefits
• Disbursements only occurring after certain criteria have been met
• Proper disclosure to students with respect to repayment and cancellation of any
loans or loan increments disbursed
May 2015
Year-End GAAP Training
26
Student Financial Aid – Compliance Areas Subject to
Audit & Sample Procedures (continued)
Reporting
• Obtain FISAP and test for accuracy and completeness by selecting a sample of line
items reported and comparing to Campus records.
• Select a sample of students that received Pell Grants and compare the data reported
on Pell origination and disbursement records to the COD to Campus records for
accuracy.
Verification
• Select a sample of students that were selected for Verification and obtain Campus
records to ascertain that verifications were performed in accordance with campus
policies and Federal requirements, generally prior to disbursement of aid.
Student Status Changes
• Select a sample of students to test for timing and accuracy of the status change data
submitted to the NSLDS.
May 2015
Year-End GAAP Training
27
Student Financial Aid – Compliance Areas Subject to
Audit & Sample Procedures (continued)
Return of Title IV Funds
• Select a sample of students, or students that did not begin attendance, and obtain
Campus calculation of amounts earned and due back. Obtain campus records, and
test for accuracy and timeliness of returns (i.e., 45 days).
Borrower Data Transmission and Reconciliation (Direct Loans)
• Select a sample of School Account Statements and ascertain that reconciliations are
being performed.
• Select a sample of borrowers and verify the accuracy of data in the Direct Loan
Servicing System by comparing to campus records.
May 2015
Year-End GAAP Training
28
Knowledge Check #5
Which of the following areas of compliance are expected to be part of the A-133 Single
Audit for the Student Financial Aid Cluster?
A.
B.
C.
D.
Cash Management
Eligibility
Refunds
All of the Above
May 2015
Year-End GAAP Training
29
Knowledge Check #5 Answer
Which of the following areas of compliance are expected to be part of the A-133 Single
Audit for the Student Financial Aid Cluster?
D. All of the Above
Cash Management, Eligibility, and Refunds are all areas of compliance that will likely be
tested as part of the A-133 Single Audit.
May 2015
Year-End GAAP Training
30
Other Federal Programs – Compliance Areas Subject to
Audit & Sample Procedures
Allowable Activities/Allowable Costs
• Select a sample of non-payroll-related expenditures charged to the program and test
allowability in accordance with OMB Circular A-21 and the applicable program
regulations.
• Select a sample of payroll-related costs charged to the program and test if time and
effort documentation is in accordance with OMB Circular A-21 and supports the
expense charged to the program.
• Obtain a copy of the approved indirect cost rate for the audit year and review the
Campus’ calculation to determine if an appropriate base was used and the rate was
applied correctly.
Cash Management
• Select a sample of cash receipts from the Federal government along with campus
records that support the related cost incurred. Test for compliance with applicable
timing requirements for advance payments or reimbursements.
May 2015
Year-End GAAP Training
31
Other Federal Programs – Compliance Areas Subject to
Audit & Sample Procedures (continued)
Eligibility
• Select a sample of program participants and obtain the Campus records that support
their eligibility. Re-perform the eligibility determination in accordance with program
guidelines.
Earmarking
• Obtain the Campus documentation for its calculations regarding any required program
earmark amounts or participants. Perform procedures to verify that the records support
that at least the minimum or no more than the maximum was achieved.
Reporting
• Obtain the reports submitted and supporting documentation from the Campus.
• Test the reports for accuracy and completeness with the Campus records.
May 2015
Year-End GAAP Training
32
Other Federal Programs – Compliance Areas Subject to
Audit & Sample Procedures (continued)
Subrecipient Monitoring
• Select a sample of program subrecipients and determine if
the Campus:
• Provided appropriate Federal award notification.
• Monitored the activities and expenditures of the subrecipient in accordance with
program regulations.
• Obtained and reviewed the subrecipient’s single audit report.
Special Tests and Provisions
• As applicable, test any additional program specific requirements contained in the OMB
Circular A-133 Compliance Supplement.
May 2015
Year-End GAAP Training
33
Single Audit Timeline
July
Student
Financial Aid –
Higher Scope
Campuses
August
Fieldwork
Other Major
Programs
System wide
(all campuses
and CO)
May 2015
SEFA
Preparation
September
Review
October
FISAP
Testing
Review and
Reporting
Fieldwork
Review and
Reporting
Update of SEFA (if needed)
and other deliverables
Review and
Reporting
Year-End GAAP Training
34
Determination of Findings Overview
At the conclusion of the single audit procedures, KPMG will assess matters noted during fieldwork and
determine whether or not they rise to the level of a finding subject to presentation in the year-end report. The
analysis will consider issues identified at individual campuses individually as well as in aggregate across
campuses for the CSU System as whole.
Section 717(a) of Circular A-133, as amended, provides that the auditor should report the following instances as
audit findings in the schedule of findings and questioned costs:
1. significant deficiencies and material weaknesses in internal control over major programs and significant
instances of abuse relating to major programs.
2. material noncompliance with the provisions of laws, regulations, contracts, or grant agreements related to a
major program.
3. known questioned costs that are greater than $10,000 for a type of compliance requirement for a major
program. [In evaluating the effect of questioned costs on the opinion on compliance, the auditor should
consider the best estimate of the total costs questioned (likely questioned costs), not just the questioned
costs specifically identified (known questioned costs).]
4. known questioned costs that are greater than $10,000 for programs that are not audited as major.
5. the circumstances concerning why the auditor's report on compliance for major programs is other than an
unmodified opinion,
6. known or likely fraud affecting a federal award,
7. instances in which the results of audit follow-up procedures disclosed that the summary schedule of prior
audit findings prepared by the auditee materially misrepresents the status of any prior audit finding.
May 2015
Year-End GAAP Training
35
Which Findings Get Reported?
• For findings not associated with a question cost, the determination as to whether it
will be reported as a finding will generally be based on the following criteria:
• Noncompliance at any one particular campus that constitutes an error rate greater
than 10-20% of the sample size depending on the particular compliance
requirement
• Combined noncompliance at more than one campus that constitutes an error rate
greater than 5% of the sample size for any particular compliance requirement (for
the system as a whole).
• Sometimes a campus, on a stand alone basis, may have some noted exceptions that
alone would not warrant inclusion as a finding. However, if there are exceptions in a
particular compliance requirement that cross several or more campuses, it may be
considered a systemic issue and may therefore be reported as a finding. The auditor
generally can’t conclude on which findings will be included until all potential findings
at all campuses are resolved.
May 2015
Year-End GAAP Training
36
Knowledge Check #6
Which of the following is false regarding the determination of findings to be reported for
the Single Audit?
A. Material noncompliance with the provisions of laws, regulations, contracts, or grant
agreements related to a major program should be reported by the auditor.
B. Findings are only assessed at the individual campus level and there is no
consideration for issues identified when aggregated with matters noted at other
campuses
C. Known or likely fraud affecting a federal award should be reported by the auditor.
D. In evaluating the effect of questioned costs on the opinion on compliance, the
auditor should consider the best estimate of the total costs questioned (likely
questioned costs), not just the questioned costs specifically identified.
May 2015
Year-End GAAP Training
37
Knowledge Check #6 Answer
Which of the following is false regarding the determination of findings to be reported for
the Single Audit?
B. Findings are only assessed at the individual campus level and there is no
consideration for issues identified when aggregated with matters noted at other
campuses.
As the year-end report presents consolidated activity for the CSU System as a
whole, the analysis of findings for presentation in our report will consider issues
identified at individual campuses as well as in aggregate across campuses for the
CSU System as whole.
May 2015
Year-End GAAP Training
38
New A-133 – Uniform Guidance
•
•
•
•
•
•
•
•
•
•
•
Effective for the year ended June 30, 2016
New entity threshold is $750,000 in Federal Expenditures
Entity coverage now 20% or 40% (currently 25% and 50%)
New findings threshold (known or likely) is $25,000
Selection of programs to audit is more risk based, i.e., smaller programs likely to be
selected
Combination of cost circulars (A-87, A-21, A-122)
Prescribes five procurement methods
Clarifies Subrecipient Monitoring requirements
Changes in time and effort documentation
Clarifies Federal expectations about establishing and maintaining effective internal
control over compliance. Specifies compliance with COSO like framework, to include.
• Control environment, risk assessment, control activities, information and
communication and monitoring
Document and the related crosswalks can be obtained at:
http://www.whitehouse.gov/omb/grants_docs#final
May 2015
Year-End GAAP Training
39
Thank you
Tracy Hensley
Partner
213-955-8850
thensley@kpmg.com
Brett Burns
Manager
(213) 533-3039
bburns@kpmg.com
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although
we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it
will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination
of the particular situation.
© 2015 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with
KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. NDPPS 259935
The KPMG name, logo and “cutting through complexity” are registered trademarks or trademarks of KPMG International.
Uniform Guidance
New Federal Regulations (2 CFR 200)
Audit Requirements
Sue DeRosa, Director, Financial Services / Sponsored Programs
Chancellor’s Office
May 19, 2015
Uniform Guidance (UG):
Effective Dates for compliance with 2 CFR 200
• All federal grants/contracts (direct and subawards) awarded on or
after December 26, 2014
• Awards issued prior to December 26, 2014 with new funding
added on or after December 26, 2014, in accordance with federal
agency award modification
• Awards issued prior to December 26, 2014 where the federal
agency notifies recipients that the award is subject to the new
guidance (otherwise compliance remains with OMB A-21, A-110
and A-133)
May 2015
Year-End GAAP Training
42
UG: Effective Date - Exceptions
• UG Procurement Standards – 2 CFR 200, Subpart D – (200.318.326) effective July 1, 2016 – CSU issued policy announcement on
ICSUAM, 11000.00 indicating CSU campuses would continue to
follow A-110 Procurement Standards through June 30, 2016,
unless a campus/ auxiliary decides to implement 2 CFR 200,
Procurement Standards (and then update their policy accordingly)
• UG Audit Section – 2 CFR 200, Subpart F – (200.501-520) will not
go into effect until the fiscal year beginning July 1, 2015. EXCEPT
for federal expenditures during the FY2014/15 under awards
issued AFTER December 26, 2014– which will be audited under
Subpart F for FY2014/15; while other expenditures will remain
subject to OMB A-133
May 2015
Year-End GAAP Training
43
UG: Audit Requirements (2 CFR 200.501-520, Subpart F)
• Basic Structure of the Single Audit Process Unchanged
200.501
200.501 &
200.330
200.504 &
200.507
200.509
200.510
200.511 &
200.521
200.512
200.512
•
•
•
•
•
•
•
•
Audit threshold ($750K)
Subrecipient vs Contractor (formerly referred to as Vendor)
Biennial & Program-specific audits
Non-federal entity selects auditor
Auditee prepares financial statements and SEFA
Audit follow-up & corrective action
9-month due date (set in law) – March 31st for the CSU
Reporting to Federal Audit Clearinghouse
• By March 31st or within 1 month of publishing Single Audit Report, whichever
comes first
200.518
App XI
• Major programs determined based on risk
• Compliance Supplement –overall format (Appendix XI)
May 2015
Year-End GAAP Training
44
UG: I N T E R N A L C O N T R O L S
• Major focus on Internal Controls throughout the UG
•
• While the UG states that the non-federal entity MUST establish & maintain
effective internal control over the Federal award –and– “These internal controls
SHOULD be in compliance with guidance in…” (MUST is required, SHOULD is a
good business practice) –COSO standards may be a good practice to consider
• CSU Internal Audit on Internal Controls:
http://www.calstate.edu/audit/internalcontrols.shtml
UG: Internal Controls (cont.)
(from CSU Audit Website)
Who is responsible for
internal controls?
The auditors, right? Wrong!
Everyone plays a part in the
CSU's internal control
system. Ultimately, it is CSU
management's responsibility
to ensure that controls are in
place. That responsibility is
delegated to each area of
operation, which must
ensure that internal controls
are established, properly
documented, and
maintained. Every employee
has some responsibility for
making this internal control
system function.
The COSO Report defines the five interrelated
components of internal control that must be present and
functioning and operating together in order to conclude
that internal control relating to an operation’s objective is
effective:
• Control Environment - This sets the tone of the
organization and is the foundation for carrying out
internal controls across the organization.
• Risk Assessment - Management establishes activitylevel objectives and mechanisms for identifying and
analyzing risks related to their achievement.
• Control Activities - Policies and procedures that help
ensure that management's directives to mitigate risks
to the achievement of objectives are carried out.
• Information and Communication - Information
identified, captured, and communicated in a form and
timeframe to enable people to carry out their
responsibilities.
• Monitoring - Ongoing monitoring activities, separate
evaluations or a combination of the two used to
ascertain whether each of the five components of
internal control is present and functioning.
References
• 2 CFR 200 –
http://www.ecfr.gov/cgi-bin/text-idx?SID=ce1befe113eae2382c5c54a463115d26&node=pt2.1.200&rgn=div5
• CSU Policy Announcement on Uniform Guidance
https://csyou.calstate.edu/Policies/icsuam/Pages/11000-00.aspx
• CSU PI Quick Reference Guide – https://csyou.calstate.edu/Divisions-Orgs/busfin/Financial-Services/spa/Documents/PI_UG_QuickRefGuide%20Dec2014_v1.2%20Mar2015.pdf
• COSO – Executive Summary on Internal Controls –
http://www.coso.org/documents/990025P_Executive_Summary_final_may20_e.pdf
• CSU Audit & Advisory Services (Internal Controls):
http://www.calstate.edu/audit/internalcontrols.shtml
May 2015
Year-End GAAP Training
47
May 2015
Year-End GAAP Training
48
www.calstate.edu