PSEG SarbanesOxley 404 - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

PSEG SarbanesOxley 404

Description:

Executive Sponsor Chief Financial Officer ... 'Secondary testing role' - conduct independent testing for processes included in ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 20
Provided by: IAA3
Category:

less

Transcript and Presenter's Notes

Title: PSEG SarbanesOxley 404


1
PSEG - Sarbanes-Oxley 404
  • Information Systems Audit and Control Association
  • March 25, 2004

2
Agenda
  • Project Objectives
  • Internal Controls Outside Section 404
  • Project Organization, Sponsorship and Resources
  • Roles and Responsibilities

3
Project Objectives
  • Design and implement a sustainable methodology
    and process to identify, document, and assess
    PSEGs internal controls over financial
    reporting.
  • Remediate identified internal control
    deficiencies and enhance internal control
    processes, where appropriate.

4
Project Objectives
  • Develop and implement grading/scoring system for
    PSEGs internal controls to help measure future
    improvements.
  • Assist Deloitte and Touche in completing their
    review of managements report on internal
    controls and procedures for financial reporting

5
Internal Controls Outside Section 404 is Still an
Urgent Issue
Internal Controls Considered Outside Section 404
Leading Practice Scope for Sarbanes-Oxley Section
404
Diagram based upon AICPA Auditing Standards AU319
Leading companies are using Section 404 as a
catalyst to review their entire risk framework
6
COBIT
  • Mission To research, develop, publicize and
    promote an authoritative, up-to-date,
    international set of generally accepted
    information technology control objectives for
    day-to-day use by business managers and auditors

7
COBIT
  • PSEGs Systems Team currently aligning efforts
    with COBIT processes
  • Planning and organization
  • Acquisition and implementation
  • Delivery and support
  • Monitoring

8
Project Organization, Sponsorship and Resources
  • Executive Sponsor Chief Financial Officer
  • High level Steering Committee (Operating
    Companies Services)
  • Full-time Project Manager
  • Full-time Core Advisory Team
  • 13 Process Teams Lead by Process Owners
  • Ongoing liaison with external auditor
  • Consultants
  • KPMG
  • Technical Writer

9
Project Sponsorship Organization
Executive Sponsor CFO
Steering Committee CFO
VPController VP
- IT Sr. Legal Counsel Chief Risk Officer
Director - IAS Pres - Services VP Treas
Power Gen Utility VP
Controller EH Legal Intl Ops
Project Manager Internal Resource
Core Advisory Team Hybrid Team internal and
external resources
Core Advisor
Core Advisor
Core Advisor
Core Advisor
Core Advisor
Core Advisor
Utility Revenue Team
ERM Team
Supply Chain Team
Treas/Debt/Equity/ Investments/ Leveraged Leases
Team
Payroll/HR Team
Fixed Assets
Global Team
Fuels/Emissions Team
System Controls
Tax Team
General Accounting/ Regulatory
Accounting/ Inter-Co Team
Power Revenue Trading Team
Expenditures Team
10
Roles Responsibilities
  • Steering Committee - Provide oversight and
    coordination of all Sarbanes-Oxley 404 activities
    across the Enterprise including Resource
    allocation Project funding Use of external
    resources and technologies Assign ongoing
    responsibilities

11
Roles Responsibilities
  • Process Teams - Identify, document and test
    internal controls Assess design and operating
    effectiveness Remediate gaps

12
Roles Responsibilities
  • Project Manager Core Advisory Team
  • Develop project plan scope
  • Actively manage resources
  • Track progress by process owners and report to
    Steering Committee
  • Establish risk and materiality thresholds
  • Documentation testing standards
  • Train process owners
  • Advise team leaders in identifying, documenting,
    testing internal controls, assessing design and
    operating effectiveness, and gap remediation
  • Assess completeness and accuracy of control
    documentation
  • Coordination with DT

13
Roles Responsibilities
  • Process Owners
  • Ownership and accountability for the entire
    process, including the authority to enforce and
    change the process itself.
  • Responsibility for clarification, explanation and
    overall process control sign-off for the
    Reporting Unit Owner
  • Responsibility for establishing and monitoring
    Policies and Procedures
  • Accountability for training control owners
  • Accountability for completing and maintaining the
    documentation and conducting testing
  • Responsibility for monitoring, reporting and
    remediating any identified gaps
  • Responsibility for continued improvement

14
Roles Responsibilities
  • Internal Auditing
  • Director - Instrumental in establishing
    Sarbanes-Oxley 404 project framework and
    identifying process teams
  • Director - Member of SarbOx 404 Steering
    Committee
  • 3 full-time resources dedicated to Core Advisory
    Team
  • Accountable for entity-level (COSO) assessment

15
Roles Responsibilities
  • Internal Auditing
  • IAS management provides ongoing
    interaction/support to each process team
  • Advisory services role to process owners -
    documentation update, prepare test plans, provide
    advise on test samples and results, and process
    improvement identification/ remediation, etc.
  • Secondary testing role - conduct independent
    testing for processes included in Audit Plan and
    selected higher risk processes.
  • Staff time as high as 40 (25 devoted to
    secondary testing role)
  • Conduct quarterly accounting controls assessment
    to support SarbOx 302 requirements

16
Roles Responsibilities
  • IT Audit Staff
  • Consults on the development of the SarbOx 404
    Systems risk assessment
  • Systems/interfaces considered in/out of scope
  • Assist in the development of system specific
    control matrix that include
  • Key systems
  • System controls and risks
  • Identification of key controls
  • Development of system test strategy for
  • General I/T controls
  • Application controls
  • Identification of process improvements/gaps

17
Roles Responsibilities
  • KPMG
  • Facilitate flowcharting
  • Identification of key controls
  • Subject matter experts assist in identification
    of process improvements/gaps
  • Technical Writer
  • Develop process team narratives

18
Project Management Tool(s)
Most companies are using off the shelf or in
house developed tool for documentation control,
control assessment, testing and to monitor 404
compliance
19
Project Plan - Sample
At a minimum each sub process should include the
follow tasks. What tool you use to build and
track the project and tasks are the Project
Managers option.
The challenge for most companies is the level of
consistency of the documentation and the
consistency of the testing.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "PSEG SarbanesOxley 404" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!