The New Audit Risk Assessment Standards: Whats the Impact

1
The New Audit Risk Assessment Standards Whats
the Impact
2
Why New Auditing Standards?

• Auditing profession continually reviews practices
  and makes necessary improvements
• Post Enron and Sarbanes-Oxley
• Higher expectations of auditors
• Need to maintain audit quality in changing
  business environment

3
Objectives of the Risk Assessment Auditing
Standards

• Obtain more detailed information about the
  entitys operations, business objectives and
  strategies and the risks to achieving these
  objectives

4
Continued

• Gain a more thorough understanding of the
  entitys internal control
• Ensure entity management clearly accepts
  responsibility for all financial information and
  the financial statements

5
What Must Your Auditor Understand About the
Governmental Entity?

• Industry, regulatory, other external factors
• Nature of the government
• Objectives, strategies and related business risks
• Measurement of financial performance
• Internal control

6
Purpose

• Provide effectiveness and efficiency in
  operations
• Ensure reliable financial reporting
• Comply with laws and regulations

7
What Must Your Auditor Understand About Your
Internal Controls?

• COSO elements
• Information Technology
• Information system
• Initiation through reporting, including the
  financial reporting process
• For the significant classes of transactions

8
Continued

• Control Activities
• Authorization
• Segregation of duties
• Safeguarding of assets
• Reconciliations

9
Control Environment
Information Communication
Risk Assessment Control Activities Monitoring
10
COSO

• Committee of Sponsoring Organizations
• (of the Treadway Commission)
• Private sector initiative created to
• provide a common definition of internal control
• provide a framework against which internal
  control systems can be assessed and improved

11
Key Concepts of the COSO Framework

• Internal Control
• Is a process
• Affected by people
• Provides only Reasonable Assurance
• Geared towards the achievement of objectives

12
Internal Control Defined Per COSO

• Provide reasonable assurance to achieve
  objectives in
• Effectiveness/efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations

13
Five Key Elements of Internal Control

• Control environment
• Risk Assessment
• Control Activities
• Information and Communication
• Monitoring

14
Control Environment

• Foundation for other components
• Tone at the Top
• Influences the control consciousness of its
  people
• Provides discipline and structure

15
Risk AssessmentManaging Change

• Changes in governmental operations
• New personnel
• New or revised information systems
• Rapid growth
• Incorporating new technologies
• Restructurings
• Accounting changes (new accounting
  pronouncements)

16
Control Activities

• What could go wrong?
• What do we need to protect?

17
Control ActivitiesEstablishing Control Objectives

• Structural plan
• Provides the framework
• Accounting system
• Designed to measure results
• Personnel policies
• Designed to employ, train, evaluate

18
Control ActivitiesLets Dig Deeper

• Authorization ensuring that all transactions
  are approved by mgmt
• Validation- ensuring that recorded transactions
  represent real transactions
• Capture- ensuring that all transactions are
  recorded
• Valuation- Ensuring that all amounts recorded for
  transactions are accurate

19
Control ActivitiesAnd Just a Little More

• Classification ensuring that all transactions
  recorded are assigned to the proper categories
• Cut-off ensuring that transactions are recorded
  in the proper accounting period
• Access ensuring that only authorized
  individuals consistent with their job
  responsibilities have appropriate access to assets

20
Information and Communication

• What information do people need to do their jobs?
• What is the best source for this information?
• Is information communicated accurately? Timely?
• Biggest problem Ineffective communication
  between departments

21
Monitoring

• On-going process
• Occurs as part of normal operations
• Approvals
• Reconciliations
• Progress reports
• Budget tracking

22
Monitoring Annual Review

• NRS 353A.025 (1)
• Annually Each Agency is Required to
• Evaluate Actual Procedures Using SAQ
• Evaluate Written Procedures Using SAQ
• Transaction Testing Using T of T
• SAQ Self Assessment Questionnaire
• T of T - Testing of Transactions Checklist
• Both Available on Our Website

23
Monitoring Biennial Report

• NRS 353A.025 (2)
• Report on Internal Controls
• Due by July 1 (even years)
• States if Written Procedures and Actual
  Procedures are Adequate
• Use SAQ and T of T completed during Annual Review
• More Info on Our Website

24
Tone at the TOP

• Ethics Seminar on
• The Anatomy of Ethical Slips in Government
• May 14th
• 1100 100
• Carson City Las Vegas

25
Questionnaire

• Answer honest and objectively
• Return to Internal Audit by May 9th
• Internal Audit and Controllers Office will be
  helping you to fix any areas of concern

26
Why This Is Important

• Keeps audit fees down
• Any error or adjustment must be reported
• Keeps your agency out of the CAFR and the press