Implementing the Spirit of SarbanesOxley at NotforProfit Organizations

About This Presentation

Title:

Implementing the Spirit of SarbanesOxley at NotforProfit Organizations

Description:

Accounting and reporting principles. Selection and control of External Auditors ... American Institute of Certified Public Accountants (AICPA) Non-profit toolkit ... – PowerPoint PPT presentation

Number of Views:79

Avg rating:3.0/5.0

Slides: 21

Provided by: iadf

Category:

more less

Transcript and Presenter's Notes

Title: Implementing the Spirit of SarbanesOxley at NotforProfit Organizations

1
Implementing the Spirit of Sarbanes-Oxley at
Not-for-Profit Organizations

Charles G. Chaffin
Chief Audit Executive and
System-wide Compliance Officer
The University of Texas System

2
What is Shaping the Landscape?

Federal Sentencing Guidelines for Organizations
(1987 amended 2004)
COSO Internal Control Framework (1992)
SAS 99 Fraud (1997)
Sarbanes Oxley Act of 2002
COSO ERM Framework (2004)

3
The Sarbanes-Oxley Act of 2002

Key Points for Not-for-Profits
Not required
Improved communications needed
Increasing accountability expectations
Reassess
Governance structure
Institutional roles and responsibilities
Internal controls
Risk

4
UT Systems ResponseThe Beginning 2003

Review of NACUBO White Paper on SOX and Higher
Education
Preparation of a UT discussion paper on
application of SOX
Appointment of Ad Hoc Committee to draft an
Action Plan to Implement the Spirit of SOX in the
UT System
Adoption of Action Plan by the Audit, Compliance
and Management Review Committee of the Board of
Regents

5
UT System SOX Goals

Strengthen Governance
Increase the Accountability for Published
Financial Information
Provide On-going Assurance

6
Strengthen Governance (with applicable SOX
section numbers)

Adopted a SOX-based charter for the Audit
Committee or its equivalent (Sec 301 407)
Implemented a policy on relations with all
external audit organizations (Sec 201-204, 206)
Contracted for the first comprehensive annual
financial statement audit of the UT System
financial statements

7
Strengthen Governance (with applicable SOX
section numbers)

Adopted a code of conduct or code of ethics for
all management involved in the preparation of the
financial statements (Sec 406)
Established a system-wide confidential reporting
mechanism with access to the Audit Committee
and strengthened the whistleblower policy (Sec
301 806)

8
Audit Committee

Independent members
Financial expert
Control of external auditors
Increase oversight
Confidential reporting mechanism activity
Risk Management activities
Management Override
Accounting and reporting principles
Selection and control of External Auditors

9
Audit Committee Relations withExternal Auditors

Hired by Audit Committee
Reports directly and independently to Audit
Committee
Approves all services provided by external
auditors

10
Audit Committee Policy Statements

Code of Conduct for management involved in
preparation of financial statements (Exhibit 3)
Whistleblower policy and confidential reporting
mechanism (Exhibit 4)
Relations with external auditor

11
Increase Accountability for Published Financial
Information(with applicable SOX section numbers)

Designated a responsible party for financial
reporting (Sec 302)
Adopted policies and procedures for the
preparation of financial statements, including
certification by the chief administrator and
chief financial officer (Sec 302)
Obtained management certification of the
financial statements (Sec 302)
Establish a policy concerning off-balance sheet
items (Sec 401)

12
Section 302 CEO and CFO Certification

No material misrepresentation of Financial
Statement (F/S) by inclusion or exclusion of
information
In all material respects F/S presents the true
financial condition and results of operations
Responsible for, have established, have
evaluated, and have presented their conclusions
about effectiveness of internal control

13
Section 302 CEO and CFO Certification (contd)

Disclosed to audit committee and external
auditors any significant and material weaknesses
in internal control
Indicated in the annual report any significant
changes in internal controls since the date of
their evaluation

14
Certification Strategy

Each budget manager certifies about
Omissions
Misstatements
Known Fraud
Roll-up certifications to support CFO and CEO
certification which is
Positive assurance about
Material misstatements
False information
Known Fraud

15
Provide On-going Assurance (with applicable
SOX section number)

Establish a model for management use to document
and report on the efficiency and effectiveness of
the internal control structure for financial
reporting (Sec 404)

16
Documentation Model

The Spirit of SOX applied, not the letter
Processes documented determined in conjunction
with external auditor and specific to each
institution within system
Relates to 2005 year audit of financial statements

17
Progress in the Three Years

Year One 2003
Audit Committee
Policies
Year Two 2004
Financial Reporting Responsibilities and
Certification
Initiate first external financial audit
Year Three 2005
Documenting Internal Controls to support
financial audit

18
What Should You Do About SOX?

Determine which sections would be applicable for
your organization
Decide to implement the Spirit of SOX
Develop an Action Plan for implementation

19
What is Internal Audits Role in a SOX
Implementation?

Gather information on SOX and its application to
the organization and provide support for
implementation
Serve as a resource to implementation team
Assist in drafting documents
Be the catalyst for establishing an appropriate
method for
documenting the antifraud programs and controls,
and
providing evidence, for use in certification,
that they are operating as designed
Gather information to
document the Antifraud Programs and Controls and
validate the certifications of the CEO and CFO
and of supporting levels of certification