Your SlideShare is downloading. ×
0
Implications of the Sarbanes-Oxley Act  on the Public Sector <ul><li>2005 NASACT Annual Conference </li></ul><ul><li>Augus...
Integrity and Trust in Government <ul><li>Without integrity and trust, governments, institutions and leaders cannot succee...
Current Government Environment  <ul><li>continually increasing demands for government effectiveness and accountability </l...
Sarbanes-Oxley Act of 2002   <ul><li>Instituted sweeping changes for accountability  profession and corporate governance i...
Sarbanes-Oxley Act of 2002   <ul><li>Instituted sweeping changes for accountability profession and corporate governance in...
Sarbanes-Oxley Act   Audit Profession Oversight <ul><li>Creation of Public Company Accounting Oversight Board (PCAOB).  Pr...
Sarbanes-Oxley Act   Impact on U.S. Auditing Standards <ul><li>Three US Auditing Standards-Setting Organizations   </li></...
Sarbanes-Oxley Act:   Impact on U.S. Auditing Standards <ul><li>Comptroller General established the  </li></ul><ul><li>“ U...
Sarbanes-Oxley Act   Impact on U.S. Auditing Standards <ul><li>Purpose of U.S. Auditing Standards Coordinating Forum </li>...
Sarbanes-Oxley Act   Auditor Independence <ul><li>It is now  unlawful  for a registered accounting firm to  provide   cert...
Sarbanes Oxley Act   Auditor Independence <ul><li>An accounting firm is not allowed to perform an audit of a registrant wh...
Auditor Independence   Implications for Government   <ul><li>Yellow Book independence standards became effective in 2003  ...
Sarbanes Oxley Act   Corporate Responsibility <ul><li>New Requirements for Audit Committees </li></ul><ul><li>Members must...
Sarbanes Oxley Act   Corporate Responsibility <ul><li>Other Corporate Responsibility Requirements </li></ul><ul><li>The CE...
Corporate Responsibility   Implications for Government   <ul><li>Auditors and financial professionals should evaluate whet...
Sarbanes-Oxley Act   Section 404:  Internal Control   <ul><li>Management is required to  establish and maintain adequate i...
Sarbanes-Oxley Act   Section 404:  Internal Control   <ul><li>PCAOB Auditing Standard No 2:  </li></ul><ul><li>“ Audit of ...
Sarbanes-Oxley Act   Section 404:  Internal Control <ul><li>PCAOB Auditing Standard No 2 (cont): </li></ul><ul><li>Require...
Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>Federal Financial Managers Financial Integrity Act of...
Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>Office of Management and Budget (OMB) Circular A-123,...
Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>December 2004, revised OMB Circular A-123 requires  <...
Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>GAO Identified six critical implementation issues </l...
Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>GAO Views on the next steps– auditor opinions on inte...
Internal Control Reporting Getting Started  <ul><li>Does management have a credible basis for a conclusion about the effec...
Internal Control Reporting Getting Started <ul><li>Level 1:  Unreliable </li></ul><ul><li>Unpredictable environment  </li>...
Sarbanes-Oxley Act Implementation: What We Have Learned and Future Directions <ul><li>The Sarbanes-Oxley Act reforms are s...
Sarbanes-Oxley Act Implementation: What We Have Learned and Future Directions <ul><li>GAO strongly supports the concepts b...
GAO Technical Assistance <ul><li>The Yellow Book is available on GAO’s website at : </li></ul><ul><li>www.gao.gov/govaud/y...
Contact Information <ul><li>Gail Flister Vallieres </li></ul><ul><li>Financial Management & Assurance </li></ul><ul><li>U....
Upcoming SlideShare
Loading in...5
×

P

694

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
694
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "P"

  1. 1. Implications of the Sarbanes-Oxley Act on the Public Sector <ul><li>2005 NASACT Annual Conference </li></ul><ul><li>August 15, 2005 </li></ul><ul><li>Gail Flister Vallieres </li></ul><ul><li>U.S. Government Accountability Office </li></ul>
  2. 2. Integrity and Trust in Government <ul><li>Without integrity and trust, governments, institutions and leaders cannot succeed. </li></ul><ul><li>With trust, governments, institutions and leaders can achieve great things. </li></ul><ul><li>“ Getting it right” with regard internal control and accountability will be critical to achieving and maintaining the public’s trust in government. </li></ul>
  3. 3. Current Government Environment <ul><li>continually increasing demands for government effectiveness and accountability </li></ul><ul><li>fiscal pressures, increasing costs, structural deficit </li></ul><ul><li>financial and performance reporting pressures and incentives </li></ul><ul><li>changing laws and regulations </li></ul><ul><li>changing demographics </li></ul><ul><li>ability to hire and retain skilled staff </li></ul><ul><li>control environment/ risk assessment </li></ul>
  4. 4. Sarbanes-Oxley Act of 2002 <ul><li>Instituted sweeping changes for accountability profession and corporate governance in the following areas: </li></ul><ul><ul><li>oversight of the auditing profession </li></ul></ul><ul><ul><li>auditor independence </li></ul></ul><ul><ul><li>corporate responsibility </li></ul></ul><ul><ul><li>enhanced financial disclosure requirements (including internal control reporting) </li></ul></ul>
  5. 5. Sarbanes-Oxley Act of 2002 <ul><li>Instituted sweeping changes for accountability profession and corporate governance in the following areas: </li></ul><ul><ul><li>oversight of the auditing profession </li></ul></ul><ul><ul><li>auditor independence </li></ul></ul><ul><ul><li>corporate responsibility </li></ul></ul><ul><ul><li>enhanced financial disclosure requirements (including internal control reporting) </li></ul></ul>
  6. 6. Sarbanes-Oxley Act Audit Profession Oversight <ul><li>Creation of Public Company Accounting Oversight Board (PCAOB). Principal duties: </li></ul><ul><li>establish or adopt standards for public company audits </li></ul><ul><li>enforce compliance with standards and the Act </li></ul><ul><li>inspect and register public accounting firms </li></ul><ul><li>conduct investigations of firms and disciplinary proceedings </li></ul><ul><li>impose sanctions </li></ul>
  7. 7. Sarbanes-Oxley Act Impact on U.S. Auditing Standards <ul><li>Three US Auditing Standards-Setting Organizations </li></ul><ul><li> Public Company Accounting Oversight Board (PCAOB) </li></ul><ul><ul><li>Audits of publicly traded companies </li></ul></ul><ul><ul><li>Auditing Standards Board (ASB) of the AICPA </li></ul></ul><ul><ul><li>Privately held companies </li></ul></ul><ul><ul><li>Not-for-profit organizations </li></ul></ul><ul><li> U.S. Government Accountability Office </li></ul><ul><ul><li>Federal, state, local governments </li></ul></ul><ul><ul><li>Not-for-profit organizations receiving federal funding </li></ul></ul>
  8. 8. Sarbanes-Oxley Act: Impact on U.S. Auditing Standards <ul><li>Comptroller General established the </li></ul><ul><li>“ U.S. Auditing Standards Coordinating Forum” </li></ul><ul><ul><li>PCAOB, GAO, ASB </li></ul></ul><ul><ul><li>Three principals meet several times a year. </li></ul></ul><ul><ul><li>Key staff coordinate regularly to implement agenda. </li></ul></ul><ul><ul><li>Rotating chair, based on who is hosting the meeting . </li></ul></ul><ul><ul><li>Still defining role for IAASB </li></ul></ul>
  9. 9. Sarbanes-Oxley Act Impact on U.S. Auditing Standards <ul><li>Purpose of U.S. Auditing Standards Coordinating Forum </li></ul><ul><li>maximize complementary standards-setting agendas </li></ul><ul><li>minimize duplicative or competing efforts </li></ul><ul><li>identify any significant gaps not being addressed </li></ul><ul><li>develop strategies for overcoming challenges and barriers to modernizing the auditing profession in the U.S. </li></ul><ul><li>assure consistency where appropriate for core auditing standards, while seeking to modernize those standards </li></ul>
  10. 10. Sarbanes-Oxley Act Auditor Independence <ul><li>It is now unlawful for a registered accounting firm to provide certain nonaudit services to audit clients , including: </li></ul><ul><ul><li>accounting and bookkeeping services </li></ul></ul><ul><ul><li>financial information systems design and implementation </li></ul></ul><ul><ul><li>appraisal, valuation, and actuarial services, </li></ul></ul><ul><ul><li>internal audit outsourcing services </li></ul></ul><ul><ul><li>management or human resources functions </li></ul></ul><ul><ul><li>All other nonaudit services provided to audit clients require prior audit committee approval </li></ul></ul>
  11. 11. Sarbanes Oxley Act Auditor Independence <ul><li>An accounting firm is not allowed to perform an audit of a registrant whose key financial or management personnel were employed by that accounting firm and participated in the audit within one year of the current audit. </li></ul><ul><li>The auditor must report to the audit committee all “critical accounting policies and practices” used in preparing financial statements </li></ul><ul><li>The lead audit, concurring and reviewing partners must rotate every 5 years. </li></ul>
  12. 12. Auditor Independence Implications for Government <ul><li>Yellow Book independence standards became effective in 2003 </li></ul><ul><li>Auditor communications with audit committees. </li></ul><ul><li>Audit Partner Rotation– no related government requirement. </li></ul><ul><li>Employment restrictions–watch for situations that could result in appearance of independence problems under current Yellow Book independence standards. </li></ul>
  13. 13. Sarbanes Oxley Act Corporate Responsibility <ul><li>New Requirements for Audit Committees </li></ul><ul><li>Members must be on the Board of Directors and be “independent” </li></ul><ul><li>Responsible for the appointment, compensation, and oversight of the auditor </li></ul><ul><li>The auditor must report to the audit committee all “critical accounting policies and practices” used in preparing financial statements </li></ul><ul><li>Must be appropriately funded by the company </li></ul>
  14. 14. Sarbanes Oxley Act Corporate Responsibility <ul><li>Other Corporate Responsibility Requirements </li></ul><ul><li>The CEO and CFO must certify that financial statements and disclosures are appropriate and fairly present, in all material respects, the operations and financial condition of the company. </li></ul><ul><li>Unlawful for officers and directors to “fraudulently influence, coerce, manipulate, or mislead” the auditor </li></ul>
  15. 15. Corporate Responsibility Implications for Government <ul><li>Auditors and financial professionals should evaluate whether implementing an audit committee or similar type of committee would enhance governance </li></ul><ul><li>Auditors should encourage good governance practices within the entities they audit. </li></ul><ul><li>CFO and CEO Certification of financial results—Does top management understand and care about what is in the financial statements? </li></ul><ul><li>Auditors: watch for reporting pressures and improper management on audit or reporting results. </li></ul>
  16. 16. Sarbanes-Oxley Act Section 404: Internal Control <ul><li>Management is required to establish and maintain adequate internal control structure and procedures for financial reporting </li></ul><ul><li>Include in the annual report a statement of management’s responsibility for and management’s assessment of the effectiveness of those controls. </li></ul><ul><li>The company’s auditors are required to attest to and report on management’s assessment of the effectiveness of internal control over financial reporting. </li></ul>
  17. 17. Sarbanes-Oxley Act Section 404: Internal Control <ul><li>PCAOB Auditing Standard No 2: </li></ul><ul><li>“ Audit of Internal Control over Financial Reporting in conjunction with Audit of Financial Statements” </li></ul><ul><ul><li>Requires auditor opinions on </li></ul></ul><ul><ul><li>internal control effectiveness </li></ul></ul><ul><ul><li>management’s assessment of internal control effectiveness </li></ul></ul><ul><ul><li>Internal control audit must be performed in conjunction with financial statement audit </li></ul></ul>
  18. 18. Sarbanes-Oxley Act Section 404: Internal Control <ul><li>PCAOB Auditing Standard No 2 (cont): </li></ul><ul><li>Requires walkthroughs for each major transaction class </li></ul><ul><li>Limits on rotation testing of controls </li></ul><ul><li>Limits on reliance on work of others </li></ul><ul><li>New, more rigorous definitions of material weakness and significant deficiency (formerly reportable condition) </li></ul>
  19. 19. Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>Federal Financial Managers Financial Integrity Act of 1982 (FMFIA) establishes overall requirements for internal control in federal agencies. The agency head must establish controls that reasonable ensure that </li></ul><ul><ul><li>Obligations and costs are in compliance with applicable law </li></ul></ul><ul><ul><li>Funds, property, and other assets are safeguarded against waste, loss, unauthorized use, or misappropriation, and </li></ul></ul><ul><ul><li>Revenues and expenditures applicable to agency operations are properly recorded and accounted for </li></ul></ul>
  20. 20. Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>Office of Management and Budget (OMB) Circular A-123, “Management Accountability and Control” </li></ul><ul><ul><li>Implements FMFIA </li></ul></ul><ul><ul><li>covers all aspects of an agencies operations (programmatic, financial, and compliance) </li></ul></ul><ul><li>Over the years, OMB Circular A-123, has broadened these requirements to include controls over all aspects of an agency’s operations. </li></ul><ul><li>Latest update (December 2004) provides updated internal control standards (incorporating the COSO elements) and new specific requirements for conducting management’s assessment of the effectiveness of internal control </li></ul>
  21. 21. Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>December 2004, revised OMB Circular A-123 requires </li></ul><ul><ul><li>annual management assurances on internal control in Performance and Accountability Report. </li></ul></ul><ul><ul><li>separate assurance on internal control over financial reporting using the COSO elements (for the 24 CFO-Act agencies) </li></ul></ul><ul><ul><li>identification of material weaknesses, non-conformances, and corrective actions. </li></ul></ul><ul><li>Revised A-123 does not require audit of internal control over financial reporting </li></ul><ul><li>GAO supported the revised A-123 in recent testimony before House Government Reform Subcommittee on Government Management. (GAO-05-321T, Feb. 16, 2005) </li></ul>
  22. 22. Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>GAO Identified six critical implementation issues </li></ul><ul><li>Need for supplemental guidance and implementation tools </li></ul><ul><li>The following objectives covered by the Circular will require special attention– (1) achieving effective and efficient operations, and (2) complying with laws and regulations. </li></ul><ul><li>Managers throughout an agency need to provide strong support for internal control. </li></ul><ul><li>Agencies need to strike a balance between costs and benefits, while achieving an appropriate level of internal control. </li></ul><ul><li>Management testing of controls is essential to determine their soundness, whether they are being adhered to, and whether corrective action is necessary. </li></ul><ul><li>Personal accountability will be essential, starting with top agency management and cascading throughout the organization. </li></ul>
  23. 23. Federal Gov’t Internal Control Requirements —FMFIA/OMB A-123 <ul><li>GAO Views on the next steps– auditor opinions on internal control-- </li></ul><ul><ul><li>Auditor opinions on internal control over financial reporting is an important component of monitoring risk management and accountability systems. </li></ul></ul><ul><ul><li>Need to determine if management has assessed internal control and has a firm basis for its assertion over effectiveness before attempting to audit internal control over financial reporting. </li></ul></ul>
  24. 24. Internal Control Reporting Getting Started <ul><li>Does management have a credible basis for a conclusion about the effectiveness of internal control over financial reporting? </li></ul><ul><li>What is the level of maturity of the internal control systems in place for financial reporting? </li></ul><ul><li>What are the associated risks? </li></ul><ul><li>What is the targeted level of maturity for internal controls? </li></ul><ul><ul><li>Small, simple entities vs. large, complex entities </li></ul></ul><ul><li>What are benefits and cost of an audit of internal control, given where the entity is in the process? </li></ul>
  25. 25. Internal Control Reporting Getting Started <ul><li>Level 1: Unreliable </li></ul><ul><li>Unpredictable environment </li></ul><ul><li>controls not designed, in place </li></ul><ul><li>  Level 2: Informal </li></ul><ul><li>controls designed, in place </li></ul><ul><li>not adequately documented </li></ul><ul><li>mostly dependent on the individuals doing the function </li></ul><ul><li>no formal training or communication of results </li></ul><ul><li>  </li></ul>Internal controls maturity framework: <ul><li>Level 3: Standardized </li></ul><ul><li>controls in place, documented, and communicated to employees </li></ul><ul><li>deviations may not be detected </li></ul><ul><li>Level 4: Monitored </li></ul><ul><li>standardized controls with periodic testing for effective design and operation, reporting to management </li></ul><ul><li>Level 5: Optimized </li></ul><ul><li>integrated internal control framework </li></ul><ul><li>real-time monitoring by management with continuous improvement </li></ul><ul><li>automation to support controls and make rapid changes to controls if needed </li></ul><ul><li>Source: Pricewaterhousecoopers, The Sarbanes-Oxley Act of 2002: Strategies for Meeting New Internal Control Reporting Challenges: A White Paper, 2002 </li></ul>
  26. 26. Sarbanes-Oxley Act Implementation: What We Have Learned and Future Directions <ul><li>The Sarbanes-Oxley Act reforms are sound and necessary </li></ul><ul><li>Reforms have improved governance and management, including the involvement of the board, audit committees, and top management in financial reporting and internal control issues. </li></ul><ul><li>Implementing section 404 has been challenging due to: </li></ul><ul><ul><li>The amount and nature of internal control work performed in the past </li></ul></ul><ul><ul><li>Extensive audit work being performed due to real and/or perceived lack of flexibility in PCAOB Auditing Standard No. 2 </li></ul></ul><ul><ul><li>Significant first-year implementation efforts </li></ul></ul>
  27. 27. Sarbanes-Oxley Act Implementation: What We Have Learned and Future Directions <ul><li>GAO strongly supports the concepts behind section 404. However, we believe that economies and efficiencies can be gained in the process through : </li></ul><ul><ul><li>Auditor and management efficiencies and streamlining in the second year and beyond. </li></ul></ul><ul><ul><li>Better integration of the financial and internal control audit. </li></ul></ul><ul><ul><li>Additional PCAOB and SEC guidance that provides for a risk-based approach using reasoned risk and experience-based auditor judgments in areas such as rotation of testing and additional flexibility in using the work of others (similar to the approach in GAO’s Financial Audit Manual). </li></ul></ul><ul><ul><li>Ongoing feedback from the PCAOB inspection process </li></ul></ul>
  28. 28. GAO Technical Assistance <ul><li>The Yellow Book is available on GAO’s website at : </li></ul><ul><li>www.gao.gov/govaud/ybk01.htm </li></ul><ul><li>For technical assistance, contact us at </li></ul><ul><li>[email_address] </li></ul>
  29. 29. Contact Information <ul><li>Gail Flister Vallieres </li></ul><ul><li>Financial Management & Assurance </li></ul><ul><li>U.S. Government Accountability Office </li></ul><ul><li>(202) 512-9370 vallieresg @gao.gov </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×