Title: Audit Readiness Under Auditor's Lens (USACE) Audit
1Through the Looking Glass Real Audit Readiness
Under the Auditor's Lens
American Society of Military
ComptrollersWashington Chapter June 2007
Luncheon
PwC
2DoD Audit Readinessand Audit Process
Communication Coordination
Inspector General
DoD Components
Discovery Correction Phase
AssessmentPhase
ValidationPhase
RecommendationsforImprovement
Audit Phase
OR
SustainableProcesses
AssertionPhase
DCFO Evaluation of Assertion Executive Steering
Committee Endorsement
3Road to ReadinessKey Milestones
- 1988 USACE begins CEFMS development
- 1993-1998 CEFMS deployed
- 1993-2001 AAA performs initial CFO audits
- 2002-2005 DoD OIG audits with heavy focus on
PPE - June 2004 DoD OIG USACE Memorandum of
Agreement on PPE - April 2005 Chief of Engineers issues Get Well
Plan - Oct 2005 All Districts assert audit readiness
- Nov 2005 AAA completes validation review
- Dec 2005 USACE asserts readiness to ESC
- March 2006 ESC affirms USACE assertion
- April 2006 Contract awarded to PwC
- May 2006 Audit entrance conference held
- SOURCE DRM, US Army Corps of Engineers
4Big PictureLessons Learned
- Start very early to avoid an impractical
timeline - Fully mine and bank the value of prior audits
- Enhance readiness expectations and processes,
using the auditors lens - Enable effective advance scoping by auditors
- Size and sequence audit scope for practicality
and optimum results - Precisely define audit scope, roles and
expectations from the start - Stay poised for continuous learning, teamwork,
flexibility and agility
5Managements ControlsThrough the Auditors Lens
- Control Environment
- IT Controls
- Manual Controls
- Control Environment
- IT Controls
- Manual Controls
Little or No Controls Reliability
Significant Controls Reliability
6Common Perspectivesvs. The Auditors Lens
Common Perspectives Auditors Lens
Its the what of control activities that is most important Who performs the control activities and enterprise-wide consistency are also key
Defense Departmental Reporting System (DDRS) reporting template routinely followed Non-routine matters may require disclosure considerations beyond DDRS template
Local managers perform validations via a few spot checks at a few locations Rigorous enterprise-wide validations performed by independent parties using representative samples
Focus is on routine transaction cycles Non-routine cycles are also key
Only financial transaction processing systems posting to the General Ledger are in scope Any systems that significantly impact key assertions and control activities are in scope
7IT Systems Significantto Financial Reporting
System A Traditional transaction processing
feeder system System B Ancillary system
affecting key financial reporting
objectives Impact IT general application
controls for both systems may need to be tested
to support audit conclusions and optimum audit
approach.
8Questions?
Questions?
PwC