close

Вход

Забыли?

вход по аккаунту

?

Green Book Update - Council of the Inspectors General on Integrity

код для вставкиСкачать
Green Book Update
Federal Audit Executive
Council (FAEC)
June 2012
Bi-Monthly Meeting
Heather I. Keister
Doris G. Yanger
June 14, 2012
Session Objectives
• Discuss update of The Committee of Sponsoring
Organizations of the Treadway Commission
(COSO) Internal Control-Integrated Framework
• Discuss GAO’s plan to update the Standards for
Internal Control in the Federal Government,
GAO/AIMD-00.21.3.1, November 1999 (Green
Book)
2
COSO’s Internal Control-Integrated
Framework
• COSO Framework first published in 1992
• Framework concepts timeless, but context needs
updating
• COSO released exposure draft for comment in
December 2011
• Deadline for submitting comments was March 31, 2012
• Draft available at www.ic.coso.org
3
Why update the COSO Internal
Control-Integrated Framework?
• Changes in operating environments
• Changes in business models
• Tight budget constraints
• Expectations for governance oversight
• Use and reliance on evolving technologies
• Expectations for preventing and detecting fraud
• Demands and complexities in laws, rules, regulations
and standards
4
Highlights of COSO’s Internal Control –
Integrated Framework Update
• Project goal is to “refresh” the Framework
• Update not intended to alter core concepts developed in
original Framework
• Additional focus on operational and compliance control
objectives
• Expands the reporting category of objectives
• Codification of five internal control components into
Principles and Attributes
5
What’s Not Changing?
• Definition and objectives of internal control
• Five components of internal control
• Criteria used to assess effectiveness of systems of
internal control
• Use of judgment in evaluating the effectiveness of
systems of internal control
6
Definition and Objectives of Internal
Controls Remain Unchanged
Definition
Internal control is a process, effected by an entity’s board of directors,
management and other personnel, designed to provide reasonable
assurance regarding the achievement of objectives.
Objectives
Operations: Effectiveness and efficiency of operations
Reporting: Reliability of reporting
Compliance: Compliance with applicable laws and regulations
7
Components of Internal Control
Remain Unchanged
Relationship of Objectives and Components
A direct relationship exists between objectives (which are
what an entity strives to achieve) and the components
(which represent what is needed to achieve the
objectives).
COSO depicts the
relationship in a form of a cube:
•
•
•
The three objectives are represented
by the columns.
The five components are represented
by the rows.
The entity’s organization structure is
represented by the third dimension.
8
What Changed in COSO
Exposure Draft?
• Update not intended to alter core concepts
developed in the original Framework
• Goal of the project is to “refresh objectives” of
the Framework
• Address significant changes to the business
environment and associated risks
• Codify criteria to use in the development and
assessment of systems of internal control
• Increase focus on operations, compliance, and nonfinancial reporting objectives
9
What Changed in COSO
Exposure Draft? (cont.)
• Expanded financial reporting objective to
address internal and external, financial and nonfinancial reporting objectives
• Enhanced internal control guidance over:
• Operations
• Compliance
• Information Technology
10
What Changed in COSO
Exposure Draft? (cont.)
• Codification of internal control concepts into
Principles and Attributes
• Represents the fundamental concepts associated with
each component
• Provides a basis for evaluating the effectiveness of
internal controls
• 17 Principles supported by related attributes that represent
characteristics associated with these principles
• Provides clarity in the design and development of internal
controls
• Supports assessment on the effectiveness of internal
controls
11
Codification of 17 Principles Embedded
in the Original Framework
Control Environment
1
2
3
4
5
Demonstrates commitment to integrity and ethical values
Exercises oversight responsibility
Establishes structure, authority and responsibility
Demonstrates commitment to competence
Enforces accountability
Risk Assessment
6
7
8
9
Specifies relevant objectives
Identifies and analyzes risk
Assesses fraud risk
Identifies and analyzes significant change
Control Activities
10 Selects and develops control activities
11 Selects and develops general controls over technology
12 Deploys through policies and procedures
Information &
Communication
13 Uses relevant information
13. Uses relevant
information
14 Communicates
internally
14. Communicates
internally
15 Communicates
externally
15. Communicates externally
Monitoring Activities 16 Conducts ongoing and/or separate evaluations
17 Evaluates and communicates deficiencies
12
GAO’s Responsibility for Issuing
Standards for Internal Control in the
Federal Government (Green Book)
• Federal Managers’ Financial Integrity Act of 1982
(FMFIA) requires GAO to issue standards for
internal control in the Federal government
• Provides an overall framework for establishing and
maintaining internal control in Federal agencies
• Existing Green Book utilizes COSO internal control
concepts
• Last revision issued November 1999
13
Why Revise the Green Book?
• General recognition of the need to update
• The COSO Internal Control Integrated-Framework is currently
being updated
• Consider the updated COSO Framework where applicable to
government and add additional areas of emphasis for
government
• Green Book will be updated and harmonized with the revised
COSO framework
• Revised Green Book will provide clarified standards and
attributes to assist:
• Management in developing internal control
• Auditors in auditing and reporting on internal control
14
Green Book Revision Process and Timing
• GAO will seek input from user groups
- Management
- IG and audit community
- OMB and other users
• A Green Book advisory council with crossrepresentation, similar to the Yellow Book
council, will be established
• An exposure draft will be available for comment
with a final version due later in the year
15
Green Book Revision Timeline
• Seek input from user groups - Ongoing
• Public Exposure Period – 2013
• 90 day comment period
• Finalize – 2013
16
Proposed Green Book Changes
• Expand discussion of the five components of
internal control
• Expand discussion of controls over information
technology
• Expand discussion on compliance with
applicable laws and regulations
17
Why are we here today?
• Outreach to the user community to obtain their
input on areas of interest related to internal
control in the Federal government
• Opportunity to discuss areas of interest,
concerns and other internal control related topics
18
Questions?
GAO Contact Information
Jim Dalkin, Director, (202) 512-3133, dalkinj@gao.gov
Heather Keister, Assistant Director, (202) 512-2943, keisterh@gao.gov
Doris Yanger, Senior Auditor, (202) 512-4819, yangerd@gao.gov
19
Документ
Категория
Презентации
Просмотров
5
Размер файла
1 014 Кб
Теги
1/--страниц
Пожаловаться на содержимое документа