Texas A - PowerPoint PPT Presentation

1 / 42
About This Presentation
Title:

Texas A

Description:

List of Proposed Audits is Provided to CEOs for feedback. Committee on Audit Provides Feedback ... Unlocked server closets and offices. Disaster Recovery and Back-ups ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 43
Provided by: lessiek
Category:
Tags: closets | texas

less

Transcript and Presenter's Notes

Title: Texas A


1
Texas AM UniversityCouncil of Senior
BusinessAdministrators (CSBA)WorkshopCommon
Internal Audit Results
  • May 20, 2003

2
(No Transcript)
3
(No Transcript)
4
How Are Audits Selected?
5
Audit Selection
  • Auditable Units
  • Risk Factors
  • Rankings and Selections
  • Annual Audit Plan

6
Typical Auditable Units
  • Academic Colleges
  • Business Functions
  • Information Technology
  • Human Resources
  • Auxiliary Enterprises
  • Student Financial Aid

7
Audit Selection
  • Auditable Units
  • Risk Factors
  • Rankings and Selections
  • Annual Audit Plan

8
Risk Factors(High, Medium, or Low)
  • Funding Source
  • Prior Audit Results
  • Complexity
  • Joint Appointments
  • Change In Mission and/or Management
  • Management Expressed Concern

9
Audit Selection
  • Auditable Units
  • Risk Factors
  • Rankings and Selections
  • Annual Audit Plan

10
Audit Selection
  • Auditable Units
  • Risk Factors
  • Rankings and Selections
  • Annual Audit Plan

11
Annual Audit Plan
  • List of Proposed Audits is Provided to CEOs for
    feedback
  • Committee on Audit Provides Feedback
  • Audit Plan Approved by the BOR
  • http//sago.tamu.edu/iaudit/

12
What Governs How Auditors Conduct Their Work?
13
Texas Internal Auditing Act(Government Code 2102)
  • Every State Agency must have a program of
    internal auditing
  • Internal Audit must answer directly to the Board
  • Requires annual audit plan
  • Annual summarized report to the Governors Office
  • Distribution of individual audit reports
  • Adherence to industry and government auditing
    standards

14
Auditing Standards Guidelines
  • The Institute of Internal Auditors Standards for
    the Professional Practice of Internal Auditing
  • United States General Accounting Office
    Government Auditing Standards
  • System Policy Regulation Manual
  • University Rules Standard Administrative
    Procedures
  • Committee of Sponsoring Organizations (COSO) of
    the Treadway Commission Internal Control
    Integrated Framework

15
Common Themes From Recent Audits
  • Human Resources
  • Revenue and Cash Handling
  • Information Technology
  • Procurement and Disbursements

16
Information TechnologyLaws and Regulations
  • State Department of Information Resources (DIR)
  • Texas Administrative Code Title 1 Part 10 Chapter
    202 (TAC 202)
  • University Rule 24.99.99.M1

17
Risk Assessment
  • Departmental level
  • ISAAC (Information Security Assessment,
    Awareness, and Compliance) developed by TAMU CIS
    Department
  • Annual Requirement

18
Security Program
  • Departmental level
  • Based on Departmental Risk Assessment
  • Must comply with DIR Security Standards
  • Logical and physical security
  • Disaster recovery and backups
  • Monitoring

19
Logical Security
  • Unauthorized users.
  • Users access not removed upon termination.
  • No required password changes.
  • Password length less than 6 characters.
  • Login attempts not limited.
  • Grace logins not limited.
  • Inactive workstations not locked.

20
Physical Security
  • Lack of adequate environmental Controls.
  • Unlocked server closets and offices.

21
Disaster Recovery and Back-ups
  • No documented disaster recovery plan.
  • No evidence that the plan has been tested.
  • No regular backup of data.
  • No Off-site storage of data.

22
Monitoring
  • The following areas are not being monitored
  • Unsuccessful login attempts
  • Attempted hacks viruses
  • Security patches
  • Virus Scanner Signature Definitions

23
Procurement and Disbursements
24
Purchasing/Procurement
  • Contracting through Purchasing Services
    Department
  • Limited Purchases
  • Exempt purchases

25
Pre-Approval for Travel
  • Foreign
  • Washington, D.C

26
Purchase Vouchers
  • Timeliness of payment
  • Reconciliations

27
Procurement Cards
  • Quantity
  • Vendor Charge Accounts/Cards
  • Segregation of Duties
  • Custody
  • Transaction Log
  • Receipts
  • Cancellation
  • Allowability of Charges

28
Human Resources
29
Personnel Files
  • Confidential Medical Info
  • Position Descriptions
  • Performance Evaluations
  • Probationary Evaluations
  • File Security

30
Leave Records
  • Accuracy
  • Approval
  • Deficit Balances
  • Nine-Month Appointments
  • Compensatory Leave
  • Flex Schedules

31
Payroll
  • Timesheets
  • Manual Checks
  • Terminations
  • Contracts for Services

32
Miscellaneous
  • Hiring Practices
  • Segregation of Duties

33
Revenues and Cash Handling
34
Common Observations
  • Cash Handling Procedures
  • Accounts Receivable
  • Segregation of Duties

35
Cash Handling Procedures
  • System Policy 21.01.02, Receipt, Custody, and
    Deposit of Revenues
  • If you handle funds, you need to be
    familiar with this policy!
  • Another name for cash ---
  • "Now You See It - Now You Don't!!!

36
Cash Handling Procedures
  • Funds subject to unannounced count by auditors
    at any time
  • Ask auditor for identification
  • Remain present while funds are counted
  • Fund custodian records not current

37
Cash Handling Procedures
  • Receipting
  • Receipts not issued
  • Not official pre-numbered receipts
  • Pre-numbered receipts not tracked/monitored
  • Checks not restrictively endorsed
    immediately upon receipt

38
Cash Handling Procedures
  • Safeguarding
  • Funds not in a secure location
  • Combinations not changed when there is a
    change in personnel
  • Keys not secured
  • Access to funds is not limited to two
    individuals

39
Cash Handling Procedures
  • Transfer of funds between individuals not
    documented to maintain individual accountability
  • Deposits not made in a made timely
  • When the amount on hand reaches 200 or at
    least once every three business days
    regardless of amount

40
Accounts Receivable
  • System Policy 21.01.04, Extension of Credit
  • Reconciliations
  • All differences should be explained
  • Timely resolution of reconciling items
  • Signed and dated by preparer
  • Signed and dated by reviewer

41
Segregation of Duties
  • Receipting, Depositing, Recording
  • Back-up duties

42
How to Contact SIAD
  • Phone 979/845-3476
  • Fax 979/845-6536
  • Web http//sago.tamu.edu/iaudit/
  • Hotline 800-501-3850
  • Charlie Hrncir chrncir_at_tamu.edu
  • Bob Cates robert-w-cates_at_tamu.edu
  • Amanda Dotson adotson_at_tamu.edu
  • David Maggard dmaggard_at_tamu.edu
  • Sandy Ordner sordner_at_tamu.edu
Write a Comment
User Comments (0)
About PowerShow.com