Documenting Internal Controls: Accounting and Information Systems - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Documenting Internal Controls: Accounting and Information Systems

Description:

... Internal Controls: Accounting and Information Systems. Erika Akers, CGAP NYS OSC. Gardner Gurney NYS Lottery. Jennifer Hallanan NYS OSC. IT VS ACCOUNTING ? ... – PowerPoint PPT presentation

Number of Views:201
Avg rating:3.0/5.0
Slides: 11
Provided by: ESka2
Category:

less

Transcript and Presenter's Notes

Title: Documenting Internal Controls: Accounting and Information Systems


1
Documenting Internal ControlsAccounting and
Information Systems
  • Erika Akers, CGAP NYS OSC
  • Gardner Gurney NYS Lottery
  • Jennifer Hallanan NYS OSC

2
IT VS ACCOUNTING ?
  • No - we're not in competition with one another.
  • We must recognize the inherent connection between
    accounting and IT business processes.

3
Elements of Internal Control
  • Control Environment
  • Risk Assessment
  • Control Activities
  • Monitoring
  • Information Communication

4
Control EnvironmentProgram Development
  • Management should approve new program and
    infrastructure developments based on input from
    IT personnel.
  • Program methodology should also be in line with
    management philosophy (e.g. Data Analysis
    Clementine)
  • Management should be aware of programs/
    applications moving to production and sign off
    on it.
  • Tone at the top

5
Risk AssessmentComputer Operations
  • Appropriate backup and recovery procedures should
    be established for financial reporting.
  • Effective procedures should be in place for
    periodic testing of backup and recovery systems
    (including media used).
  • Backup and recovery standards apply to the feeder
    systems and processes - not just to financial
    reporting.
  • Consider risk vs materiality

6
Control ActivitiesAccess to Programs and Data
  • Document procedures for adding, modifying or
    deleting user accounts.
  • Procedures should also document the timeliness
    of these activities to reduce risk.
  • Document segregation of duties within key
    processes.
  • Document the access to the IT system.
  • Dont just document it
  • Analyze those controls are they achieving
    control objectives efficiently?

7
Control ActivitiesProgram Changes
  • Document controls in place to ensure that changes
    to the system have been properly authorized.
  • Changes should be properly tested, validated and
    approved before being placed into production
  • Change authorization should be limited.

8
MonitoringComputer Operations
  • Procedures in place to ensure accuracy,
    completeness, and timely processing of system
    jobs (including batch jobs and interfaces) for
    financial reporting applications.

9
Information Communication
  • Adequate channels should be established to ensure
    timely resolution of incidents, problems and
    errors for systems and applications.
  • Inform and train end users of policies and
    procedures related to the system and
    applications.

10
Necessary For Success
  • Business process based
  • Supported
  • Best Practices
  • Risk based
  • Simple
  • Clarity
  • Training
  • Respect others responsibilities
Write a Comment
User Comments (0)
About PowerShow.com