Audit Readiness Under Auditor's Lens (USACE) Audit

1
Through the Looking Glass  Real Audit Readiness
Under the Auditor's Lens
American Society of Military
ComptrollersWashington Chapter June 2007
Luncheon
PwC
2
DoD Audit Readinessand Audit Process
Communication Coordination
Inspector General
DoD Components
Discovery Correction Phase
AssessmentPhase
ValidationPhase
RecommendationsforImprovement
Audit Phase
OR
SustainableProcesses
AssertionPhase
DCFO Evaluation of Assertion Executive Steering
Committee Endorsement
3
Road to ReadinessKey Milestones

• 1988 USACE begins CEFMS development
• 1993-1998 CEFMS deployed
• 1993-2001 AAA performs initial CFO audits
• 2002-2005 DoD OIG audits with heavy focus on
  PPE
• June 2004 DoD OIG USACE Memorandum of
  Agreement on PPE
• April 2005 Chief of Engineers issues Get Well
  Plan
• Oct 2005 All Districts assert audit readiness
• Nov 2005 AAA completes validation review
• Dec 2005 USACE asserts readiness to ESC
• March 2006 ESC affirms USACE assertion
• April 2006 Contract awarded to PwC
• May 2006 Audit entrance conference held
• SOURCE DRM, US Army Corps of Engineers 

4
Big PictureLessons Learned

• Start very early to avoid an impractical
  timeline
• Fully mine and bank the value of prior audits
• Enhance readiness expectations and processes,
  using the auditors lens
• Enable effective advance scoping by auditors
• Size and sequence audit scope for practicality
  and optimum results
• Precisely define audit scope, roles and
  expectations from the start
• Stay poised for continuous learning, teamwork,
  flexibility and agility

5
Managements ControlsThrough the Auditors Lens

• Control Environment
• IT Controls
• Manual Controls

• Control Environment
• IT Controls
• Manual Controls

Little or No Controls Reliability
Significant Controls Reliability
6
Common Perspectivesvs. The Auditors Lens
Common Perspectives Auditors Lens
Its the what of control activities that is most important Who performs the control activities and enterprise-wide consistency are also key
Defense Departmental Reporting System (DDRS) reporting template routinely followed Non-routine matters may require disclosure considerations beyond DDRS template
Local managers perform validations via a few spot checks at a few locations Rigorous enterprise-wide validations performed by independent parties using representative samples
Focus is on routine transaction cycles Non-routine cycles are also key
Only financial transaction processing systems posting to the General Ledger are in scope Any systems that significantly impact key assertions and control activities are in scope
7
IT Systems Significantto Financial Reporting
System A Traditional transaction processing
feeder system System B Ancillary system
affecting key financial reporting
objectives Impact IT general application
controls for both systems may need to be tested
to support audit conclusions and optimum audit
approach.
8
Questions?
Questions?
PwC