Compliance Issues and Audits Nov. 30, 2004 TOPICS TO BE DISCUSSED • Audits – definition, types of auditors, types of audits • Role of WSU Internal Auditor • Internal controls – definitions and types • Selected compliance issues Roles and Responsibilities • Controller’s office – establishes, maintains and reviews the system of internal control. • Organizational unit managers - responsible for internal control within that unit. OBJECTIVES • Provide employees with knowledge and skills so that we can be better prepared for an audit. OBJECTIVES • Encourage all employees to “take ownership” OBJECTIVES • Decrease overall risk for WSU Extension/CAHNRS OBJECTIVES • Create/maintain organizational efficiencies and local control BUSINESS AFFAIRS/CONTROLLER’S OFFICE OTHER CENTRAL SERVICES EXTENSION, CAHNRS, VETMED, SCIENCES, ETC. DEPARTMENT /DISTRICT ADMINISTRATIVE ASSTS. COUNTIES PRINCIPAL INVESTIGATORS, PROGRAM DIRECTORS, LEARNING CENTER COORDINATORS; INSTRUCTORS; EXTENSION ADMINISTRATOR EMPLOYEE What is an Audit? • Systematic review • Evaluate conformance to some norm or benchmark Types of Auditors • Internal – WSU Employees • External – State Auditors, Private Firms • Governmental Audit Agencies (GAA) Types of Audits • Financial Statement Audits - assure users that statements are fairly presented (External and GAA) • Compliance Audits – obtain reasonable assurance of compliance with state and local laws and regulations (Internal, External, GAA) Types of Audits • Single Audits – meet the needs of all federal grantor agencies (External, GAA) • Investigative – Fraud, whistleblower (Internal, GAA) • Performance - Coming soon? FREQUENCY OF AUDITS • CAHNRS – last six month period • Compliance audit – payroll, external auditor • Whistleblower CONSEQUENCES OF AUDIT FINDINGS • Financial Statement Audit: Restatement • Compliance Audit: • Implementation of Internal Controls to Avoid Future Findings; • Investigative • Repayment, dismissal, hard-time CONSEQUENCES OF AUDIT FINDINGS • Single Audit • Repay unallowed costs • Extrapolate to all of WSU • Performance • All Audits: Unwanted publicity, loss of respect and/or trust INTERNAL AUDITOR’S OFFICE • Presentation by Norm Coffman Internal Controls • Management process for keeping an entity on course in achieving it’s organizational objectives. • Provide reasonable assurance that entity objectives are being met. Entity Objectives • Compliance with state laws and regulations • Reliability of financial reporting • Effectiveness and efficiency of operations Internal Control System Requirements • Should provide reasonable assurance that an organization will accomplish its objectives • Reasonable assurance recognizes that cost of an internal control should not exceed the benefit derived therefrom Internal Control System Requirements • Management defines level of risk the organization is willing to accept and strives to maintain risk within those levels Types of Internal Controls • Control Environment – sets the tone of an organization, influences control consciousness of its people, foundation for all other components. TYPES OF INTERNAL CONTOLS • Risk Assessment – Identification and analysis of relevant risks to achieving the objectives Types of Internal Controls (cont) • Information and Communication – Pertinent information must be identified, captured and communicated in a form and time frame that enables people to carry out responsibilities. TYPES OF INTERNAL CONTOLS • Control Activities – Internal policies and procedures that help address the risks. TYPES OF INTERNAL CONTOLS • Monitoring – Assess quality of performance over time. SINGLE AUDIT ACT • Selected items specifically related to Sponsored Projects by Dorothy Heitter TEMPORARY EMPLOYMENT • Selected items specifically related to Temporary Employment by Trudy Kenny TRAVEL • Selected items specifically related to Travelling for WSU business by Michelle Ely. Cash Handling – Compliance and Investigative • Auditor’s check list for Cash Handling by Tucson Smith Purchasing – Compliance Audits • Do purchases meet local, WSU, state, guidelines for allowability? • Highest risk – purchases under $2,500 (k-orders, purchasing cards) • Internal controls • Communication – BPPM, training, BFO • Approval – somebody who has knowledge • Review Purchasing – Investigative Audits • Investigative Audit – Are state funds being used for personal gain? Examples (non-existent vendors, purchasing goods for self) • Counties and small departments – segregation of duties can be problematic. Purchasing – Investigative Audits • Internal Controls – local level highly important Authorization Review – purchases for authorization - budget statements for purchases Purchasing – Investigative Audits (cont) • Internal Controls Risk Assessment – is there adequate separation of duties? Control Activities – authorized signatures, review budget statements Monitoring – review orders for signature, sample orders from budget statements ASSET MONITORING - Audits • Compliance Audit: Are assets being used for mission of university? • Investigative Audit: personal gain? Are assets being used for ASSET MONITORING - Controls • Physical Safeguarding • Cash, mail meters • Written policies regarding usage • Challenge course equipment • Volunteers using assets ASSET MONITORING - Controls • Authorization codes • Phones, fax machines, • Review budget statements QUESTIONS? THE END • THANK YOU FOR JOINING US!