Uniform Guidance and Internal Controls: A Case Study

Similar documents
Policies and Procedures Under the Uniform Grant Guidance. Florida School Finance Officers Association November 10, 2016

Single Audit Entrance Conference Uniform Guidance Refresher

Uniform Guidance - Lessons Learned And To Be Learned

UNIFORM GUIDANCE IMPLEMENTATION

2 CFR Chapter II, Part 200 Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards For Auditees

Uniform Guidance Subpart D Administrative Requirements

OMB Uniform Guidance ( UG ) Briefing. ASRSP & OSR Brown Bag Tuesday, January 27 th

Office of Internal Audit

OMB Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards

Effective July 1, 2015 Revised (October 2016)

Navigating the New Uniform Grant Guidance. Jack Reagan, Audit Partner Grant Thornton LLP. Grant Thornton. All rights reserved.

Washington Metropolitan Area Transit Authority Board Action/Information Summary

Here Come the Feds! What a Sponsor Audit is Looking for and How to Prepare Your Institution

Template D Plain-crimson-dark 1

PROGRAM INSTRUCTION. Texas Department of Aging and Disability Services (DADS) Access and Intake Division

Uniform Grants Guidance. Colorado Charter School Institute Cassie Walgren, Controller

EMERGING ISSUES IN ASSET MANAGEMENT & FINANCIAL REPORTING

FAQ S FOR UNIFORM GUIDANCE

Grants Financial Procedures (Post-Award) v. 2.0

Uniform Guidance Subpart D Administrative Requirements. Why This Session Is Needed. Lesson Overview & Module Objectives

Uniform Guidance vs. OMB Circulars

An Exercise in Effort

Expense Review Process and Internal Controls for Award Closeout. Semi-annual Networking Event February 2017

Grants Management Workshop. Proposal and Award Management Support

CHAPTER 10 Grant Management

Roles & Responsibilities UR Office of Research and Project Administration

Department of Defense Education Activity (DoDEA) DIVISION I: AWARD COVER PAGES

Grants - Uniform Guidance/Tracking & Reporting. Presented by: Marc Grace, CPA, Partner Stephen Emery, CPA, Manager

UNDERSTANDING PHA OBLIGATIONS UNDER THE NEW UNIFORM RULE ON ADMINISTRATIVE REQUIREMENTS, COST PRINCIPLES AND AUDITS: WHAT S NEW AND WHAT S NOT

Grant Closeout Process

OUTGOING SUBAWARD GUIDE: INFORMATION FOR UWM PRINCIPAL INVESTIGATORS VERSION 1, JULY 2015

Felipe Lopez, Vavrinek, Trine, Day & Co., LLP

Uniform Guidance Sponsored Projects Services

NECA Update The New Uniform Guidance 2 CFR 200

Terms of Reference. Type of Expert: Long Term Key Expert. Name of expert Aim of this assignment

MONTGOMERY COUNTY INTERMEDIATE UNIT #23

Implementing the OMB s Super Circular (aka UGG) Presented by: Anne Fritz, Finance Director, City of St. Petersburg, Florida

HAVA GRANTS AND MONITORING. Presented by: Dan Glotzer, Election Funds Manager and Venessa Miller, HAVA Grant Monitor

Johns Hopkins University Research Administration (JHURA) Fall 2015

Florida MIECHV Initiative Provider Quality Assurance Monitoring Procedure Manual

Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. AUSPAN Martha Taylor

University of Pittsburgh SPONSORED PROJECT FINANCIAL GUIDELINE Subject: SUBRECIPIENT MONITORING

Internal Audit Report. Public Transportation Grant Management TxDOT Office of Internal Audit

Hello. National Grants Management Association Monthly Training November 16, Eric J. Russell, CIA, CGAP, CGMS, MPA Crowe Horwath LLP

Ramp up and Wrap up projects. Riding the Wave to Close Out

Presenter. Changes to Federal Programs & Single Audits (A-87, A-21, A-122, A-102, A-110, A-89, A-133 & A-50) The New OMB Uniform Guidance

OMB Uniform Guidance: Cost Principles, Audit, and Administrative Requirements for Federal Awards

GATA GRANT ACCOUNTABILITY AND TRANSPARENCY ACT OVERVIEW T.H.E. CONFERENCE

Emory Research A to Z ERAZ

Something for Everyone: Adjusting to the OMB s Super Circular May 25, :30 10:10 am 2 CPE

Advancing Accountability

Match and Leveraged Resources

AGENDA Audits and Investigations Committee December 1, :00 a.m. V. Information Item A. Financial Management Overview Update (E.

Performance and Financial Monitoring and Reporting

Texas Association of County Auditors

Michigan Department of Education Guidance on Federal Grant Programs May 26, 2016

30. GRANTS AND FUNDING ASSISTANCE POLICY

How to Draft New & Update Old Policies and Procedures. Agenda. Why?

Federal Grant Guidance Compliance

The Association of Universities for Research in Astronomy. Award Management Policies Manual

AUXILIARY ORGANIZATIONS

Uniform Guidance. Overview and Implementation Plan. November 21, 2014

Monitoring Local Providers

HEA Procurement Practices Review 2016 HEA Procurement Summit

U.S. Department of Housing and Urban Development Office of Housing Counseling

Are You Ready for This? The New Uniform Guidance 2 CFR 200

Post Uniform Grant Guidance implementation from an auditor perspective

Cancer Prevention & Research Institute of Texas

Federal Grant Policies and

The purpose of this survey

AUDIT OF THE OFFICE OF COMMUNITY ORIENTED POLICING SERVICES AND OFFICE OF JUSTICE PROGRAMS GRANTS AWARDED TO THE CITY OF BOSTON, MASSACHUSETTS

Grants Administration 101 Capacity and Competitive. Session 21 April 24, 2018 Presenter: Maggie Ewell Senior Policy Advisor, OGFM

WHAT LAWS APPLY TO FEDERAL GRANTS: A HISTORICAL PERSPECTIVE

Subrecipient Risk Assessment and Monitoring of Northeastern University Issued Subawards

FDP Subaward Forms Frequently Asked Questions Check back frequently for updates!

Federal Government Grants:

Texas Department of Transportation Page 1 of 19 Public Transportation. (a) Purpose. Title 49 U.S.C. 5329, authorizes the

Overview of the New EDGAR (formerly the Uniform Grants Guidance)

Match, Leveraged Resources and Program Income

Georgia Department of Education 7/19/2016

Sponsored Programs Roles & Responsibilities

PS Operations & Management The Future of Grants Management

Graduate Grantsmanship Certificate Series Jo Ann Smith, Ph.D., CRA Joshua Roney, M.A.

To the Board of Overseers of Harvard College:

Research Administration Forum. September 22, 2015

Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards

Sponsored Programs Roles & Responsibilities

ROLES AND RESPONSIBILITIES* FOR EXTERNAL AWARDS MADE TO DAVIDSON COLLEGE

University of San Francisco Office of Contracts and Grants Subaward Policy and Procedures

TRUCKEE MEADOWS COMMUNITY COLLEGE GRANTS AND CONTRACTS Internal Audit Report July 1, 2013 through June 30, 2014

U.S. Department of Justice 42 U.S.C (a) N.C. Department of Public Safety

2012 OMB Circular A-133 Compliance Supplement

Playing by the Rules

Using Internal Audits for Successful Grant Administration

Safeguarding Federal Funds

Subrecipient Profile Questionnaire

Texas Education Agency. Division of Federal Fiscal Monitoring

The Uniform Guidance 2 CFR 200 A Guide to Risk-Based Grants Management

WIOA SEC Administrative Provisions. Subparts: A - H. Presented by: 11/ 16/2016. Office of Grants Management

Finishing Your TAACCCT Grant Successfully

Transcription:

Uniform Guidance and Internal Controls: A Case Study Rick Moyer, Stanford University Kim Ginn, Baker Tilly Ashley Deihr, Baker Tilly Expected outcomes from this session: Translate university expectations and approaches to complying with the internal controls provisions of the Uniform Guidance. Understand a comprehensive approach to Uniform Guidance compliance, including roles, timeline, and challenges (Stanford University case study). Identify best practices in addressing Uniform Guidance internal controls requirements. 1

CFR 200.303 Internal Controls The non-federal entity (i.e. University or College) must: (a) Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in "Standards for Internal Control in the Federal Government" issued by the Comptroller General of the United States and the "Internal Control Integrated Framework", issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). (b) Comply with Federal statutes, regulations, and the terms and conditions of the Federal awards. (c) Evaluate and monitor the non-federal entity's compliance with statute, regulations and the terms and conditions of Federal awards. (d) Take prompt action when instances of noncompliance are identified including noncompliance identified in audit findings. (e) Take reasonable measures to safeguard protected personally identifiable information and other information the Federal awarding agency or pass-through entity designates as sensitive or the non-federal entity considers sensitive consistent with applicable Federal, state and local laws regarding privacy and obligations of confidentiality. What does Single Audit (previously A-133) guidance say? 1. Transactions are properly recorded and accounted for in order to: Permit the preparation of reliable financial statements and Federal reports; Maintain accountability over assets; and Demonstrate compliance with Federal statutes, regulations, and the terms and conditions of the Federal award; 2. Transactions are executed in compliance with: Federal statutes, regulations, and the terms and conditions of the Federal award that could have a direct and material effect on a Federal program; and Any other Federal statutes and regulations that are identified in the Compliance Supplement; and 3. Funds, property, and other assets are safeguarded against loss from unauthorized use or disposition. 2

Discussion Time How has your institution addressed the emphasis on internal controls? Case Study Stanford University One of the advantages of being disorganized is that one is always having surprising discoveries. A.A. Milne/Winnie the Pooh 3

Pooh also said this. It is more fun to talk with someone who doesn't use long, difficult words but rather short, easy words like "What about lunch? Value Add of Stanford Sponsored Research Project Developed a sustainable model of reviewing and updating process documentation and testing internal controls for sponsored research and financial reporting processes. Provided guidance on technical matters related to interpretation of Uniform Guidance Created a central repository to store all COSO Internal Controls documentation (e.g., process narratives, RCMs, and Master RCM), controls review documentation (e.g., testing workpapers, samples, populations), and resources (e.g. trainings, templates, emails). Coordinated drafting of Financial Reporting key control test plans and reviewed draft test plans. Held monthly status meetings with the COSO Steering Committee to discuss progress of the review Provided insights on revising account reconciliation controls and review processes. 4

Governance Structure of Sponsored Research Internal Controls Project Stanford s project was governed by the following groups: Sponsored Research IC Executive Steering Committee Members Rick Moyer, Senior AVP for Audit, Compliance, Risk and Privacy Susan Calandra, Senior AVP for Finance Frequency of meeting- Quarterly Sponsored Research IC Steering Committee Members Henry Gusman, Senior Director of Internal Audit Ken Schulz, AVP for Research Financial Compliance & Services Russell Brewer, AVP of the Office of Sponsored Research Sue Schmitt, University Controller Frequency of meeting- Every 1-2 months Weekly meetings between Project Director, Stanford Internal Audit Services, and Baker Tilly Considerations for Successful Implementation of a Sponsored Research Internal Controls Project Obtain initial buy-in from senior leadership. Begin the project on a pilot basis to gain an understanding of the most effective approach, appropriate roles, and effort expectations. Stanford performed pilot controls documentation on two business processes, Subrecipient Monitoring and Property Management Hold orientation and training sessions with relevant process owners to disseminate broader university knowledge of the Uniform Guidance. Hold ongoing status meetings or updates with the COSO Steering Committee and Executive Steering Committee. 5

Tools Includes project management tools for your perusal. Summary Level Project Approach 6

On-Site: Summary Level Project Timeline FY15 Single Audit (A-133) Single Audit (UG) P2P Testing Walkthroughs Financial Audit Walk - throughs FY15 A M F M F J F M J J A S O N D J A M J J A S O N D J M A M J J A 2015 2016 2017 Stanford Internal Activities: Phase 1 Docs Process Stanford Documentation of Internal Controls to Mgmt Leads Update Docs scoping Documentation to meeting Stanford Internal Controls Testing (sample selection from same FY) Stanford Internal Controls Testing (sample selection from same FY) FY 16 Phase II FR, Entity Level, IT, PII, Indirect Cost Pools, and Fin Aid Phase I Status (Controls Documentation): as of February 2016 1 Two P2P sub-processes sent to Steering Committee week of 2/8/16. Comments due week of 2/22/16 Remaining five P2P sub-processes to be sent to Steering Committee week of 3/7/16. Comments due week of 3/21/16. 7

Phase I Status (Controls Review): as of February 2016 Business Process Percent Complete Date to Steering Committee Subrecipient Monitoring 100% 10/28/2015 Property Management (PMO) 100% 10/28/2015 Award Setup and Maintenance 70% 3/31/2016 Financial Reporting and Award Closeout 70% 3/31/2016 Cost Transfers 70% 3/31/2016 Burdening 70% 3/31/2016 Quarterly PI Review 25% 3/31/2016 Labor Charging 25% 3/31/2016 Sponsored Receivables Management 70% 3/31/2016 Procurement-to-Payment Slated to begin May 2016 June 2016 Capital Accounting TBD TBD Service Centers TBD TBD Expenditure Allocation PTAs TBD TBD Phase I Status: as of May 2016 Process Documentation Steering Committee Review and Incorporation of Comments Testing PTA Setup and Maintenance Completed Completed Completed Labor Charging Completed Completed Completed Procurement-to-Payment Completed Completed June 2016 Cost Transfers Completed Completed Completed Property Management Completed Completed Completed Capital Accounting* Completed Completed FY 2017 Subrecipient Monitoring Completed Completed Completed Service Centers* Completed Completed FY 2017 Expenditure Allocation PTAs* Completed Completed FY 2017 Burdening Completed Completed Completed Sponsored Receivables Management Completed Completed Completed Quarterly PI Certification and Revenue Review and Monitoring Completed Completed Completed Federal Financial Reporting and Award Closeout Completed Completed Completed 8

Phase I Controls Review: Dashboard and Observations Key Controls Documented 107 13 processes Key Controls Tested 62 tested - 9 processes 34 in process 1 process (P2P) 11 to be tested - 3 processes** Key Controls Functioning as Intended Key Controls with Exceptions Remediatio n Plans Submitted Key Controls Retested Remaining Exceptions 55 7 7 6 1 Cost Transfers Of the 7 Key Controls with Exceptions: 2 Key Controls (1 remaining exception) - Process documentation (i.e., narrative and RCM) was not consistent with the design of the control or how the control is executed in practice. 3 Key Controls - Evidence of approval was not available. 2 Key Controls - Issue resolution or escalation was not documented. Resolution of Remaining Exception: OSR has updated the Cost Transfer policy and it is under review by the Research Policy Working Group. * See Appendix Phase I Controls Review: Exception and Remediation Plan Details (slides 9-11). ** 11 key controls to be tested in includes Capital Accounting, Service Centers, and Expenditure Allocation PTAs key controls and 6 key controls from P2P and Burdening that were not applicable to. Phase I Controls Review: Pilot Controls Review Outcomes Property Management Office Key controls tested 11 Key controls functioning as intended 7 Key controls pending testing 4 Key controls with observations 1 KC-06.01: This control is functioning as intended. However, the Fabrication Request Form contains some inconsistencies as to whether the PI or a designee must approve a new fabrication. Subrecipient Monitoring Key controls tested 6 Key controls functioning as intended 5 Key controls with observations 1 KC-02.01: Invoices were not always signed by the Principal Investigator as required by SU subaward monitoring policy. KC-02.01: The level of detail included on certain Subrecipient invoices was not sufficient to understand the costs. 9

Phase I Controls Review: Exception and Remediation Plan Details Process PMO Subrecipient Monitoring Key Control KC- 07.01 KC- 02.01 Exception Remediation Plan Remediation Plan Status An error in the award name was noted in the PMO Sponsored Agreement Access Database, but there was not evidence of the error being corrected. Invoices were not always signed by the Principal Investigator as required by SU subaward monitoring policy. The level of detail included on certain Subrecipient invoices was not sufficient to understand the costs. Correct award name in the PMO Sponsored Agreement Access Database. Remediation plan is documented and monitored by Internal Audit Management Action Plans. Closed Closed Scope Area Approach Process Owner Percent Complete Internal Controls over Financial Reporting Entity Level Controls IT Controls Phase II Status: as of February 2016 Consolidate sponsored research processes RCMs with Financial Reporting RCM To be completed per PwC entity level controls template Collate existing documentation on IT Controls relevant to sponsored research COSO Sponsored Research Steering Committee COSO Sponsored Research Steering Committee IT; COSO Sponsored Research Steering Committee 30% 3/15/2016 70% 3/15/2016 20% 3/15/2016 Date to Steering Committee Personally Identifiable Information (PII) Collate existing documentation on PII relevant to sponsored research Stanford University Privacy Office Coordinating with Office of Compliance and Privacy NA Indirect Cost Pools To be modeled after other business process documentation RFCS CMA Slated to begin May 2016 NA Financial Aid To be modeled after other business process documentation Financial Aid Initial meeting with Karen Cooper held 2/23 NA 10

Phase II Status: as of May 2016 Process Documentatio n Steering Committee Review and Incorporation of Comments Testing Sustainability Framework for COSO Internal Controls Completed Completed N/A Entity Level Controls Completed Completed Complete d IT General Controls In process July 2016 July 2016 Personally Identifiable Information In process July 2016 July 2016 Indirect Cost Pools In process July 2016 FY 2017 Financial Aid In process July 2016 FY 2017 Sustainability Phase Considerations Upon completion of Phases I and II, Stanford will have a comprehensive set of sponsored research internal controls documentation Considerations for sustainability Regular scheduled updates to documentation performed by process owners (e.g., annually prior to A-133 audit fieldwork) Ongoing process and controls enhancement Ongoing controls review to assess operational effectiveness of controls (e.g., round robin testing or Internal Audit testing) Development and maintenance of a comprehensive controls repository Proposed approach to be discussed at next Executive Sponsor meeting 11

Proposed Sustainability Framework for and Beyond Proposed Sustainability Framework for and Beyond Responsible Party FMS Quality Project Months Project Phases Internal Audit Process Owner Manager Steering Committee September Management Scoping for Current FY Audit October November Update Current FY Process Documentation (Phase I) December (review only) January February Current FY Internal Controls Review/ Testing (Phase II) March (review only) April Send Current FY Process Documentation to (Phase III) May June Ad Hoc Updates to Current FY Process Documentation (Phase IV) July August * Green check marks indicate the project phases leading responsible party. Summary Level Project Timeline: Next Steps Financial Audit Single Audit (UG) Walk - throughs M J J A S O N D J F M A M J J A 2016 2017 Mgmt scoping and testing planning Process Leads Update Documentation Docs to Stanford Internal Controls Testing 12

Questions? Contact us: Rick Moyer, rick.moyer@stanford.edu Kim Ginn, kim.ginn@bakertilly.com Ashley Deihr, ashley.deihr@bakertilly.com 13

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback