Internal Audit Report. Post-Implementation Review PeopleSoft - Purchasing TxDOT Internal Audit Division
|
|
- Kelly Adele Harrison
- 7 years ago
- Views:
Transcription
1 Internal Audit Report Post-Implementation Review PeopleSoft - Purchasing TxDOT Internal Audit Division
2 Objective To determine if the Oracle PeopleSoft ( PeopleSoft ) Purchasing (Financials and Supply Chain Management) module is providing for effective and efficient business operations. Opinion Based on the audit scope areas reviewed, control mechanisms require improvement and only partially address risk factors and exposures considered significant relative to impacting reporting reliability, operational execution, and compliance. The organization's system of internal controls requires improvement in order to provide reasonable assurance that key goals and objectives will be achieved. Significant improvements are required to correct control gaps and mitigate residual risk that may result in potentially significant negative impacts to the organization including the achievement of the organization's business/control objectives. Overall Engagement Assessment Needs Improvement Title Findings Control Design Operating Effectiveness Rating Finding 1 PeopleSoft Requisitions x x Unsatisfactory Finding 2 Access Roles x x Needs Improvement Finding 3 Data Reporting x Needs Improvement Management concurs with the above findings and prepared management action plans to address deficiencies. Control Environment When TxDOT implemented the PeopleSoft Purchasing module, customized automations that would have driven more purchasing efficiencies were not implemented. In addition, the division continues to rely on numerous manual inputs to help ensure that they are entering all needed and accurate information into the system. Although steps were taken to ensure the manual inputs were complete and accurate, they did not always work. As a result, the PeopleSoft implementation did not drive the efficiencies the procurement process was looking to achieve and subsequently increased the amount of time to purchase items. The Purchasing module is supported by TxDOT employees, as well as, a third party vendor. The third party vendor supporting the PeopleSoft application software is also responsible for correcting module issues and has been developing query reports for TxDOT users; TxDOT system administrators for the module approve and review changes completed by the third party. June
3 Summary Results Finding Scope Area Evidence Data reliability and defined user roles were evaluated in the Procurement module to assess their effectiveness and impact on the procurement process. Goods and services that required an approval and were purchased from October 2014 to January 2016 were evaluated and the following was noted: Modifications to requisitions after Purchase Order (PO) issuance 991 POs had a requisition approval date after the PO date. There was no inappropriate activity identified. 1 Data Reliability User Roles Self-approved Requisitions 441 requisitions totaling $2.7 million were selfapproved. Although detailed testing was not performed to test specifically for fraud, a cursory review did not indicate any reason to believe inappropriate activity occurred. This information was referred to the Compliance Division for further review. Requisitions processed to POs without approvals 3,086 non-inventory requisitions were processed without requisition approvals in the system. Although detailed testing was not performed to test specifically for fraud, a cursory review did not indicate any reason to believe inappropriate activity occurred. This information was referred to the Compliance Division for further review. Users that had purchasing roles (e.g. request, approve, purchase, receive) from September 24, 2014 to January 4, 2016 were evaluated and the following was noted: 2 User Roles Incompatible Roles 120 of 3,154 (4%) employees were identified with ability to request and approve purchase orders. o 3 of the 120 employees executed both roles on three different requisitions for a total of $46,787 of goods and services being approved. Non-Procurement Employee Purchasers 5 non-procurement employees were granted incorrect system permissions and executed 31 purchase releases. June
4 Unused Roles 12 of 15 (80%) employees sampled with incompatible roles (e.g. user had more than one of the following roles: requester, approver, purchaser) did not use at least one assigned role in over a year. o 9 of the 12 were non-procurement employees Queries (i.e., Performance Dashboard and Purchase Order report) written from the Procurement module had missing and/or inaccurate information and contributed to incorrect output: Structured Query Language (SQL) Logic Query script did not account for requisition approvals that were not required and data tables were joined incorrectly for Purchase Order Audit Report. Query script did not account for data anomalies (e.g., after-fact purchases, blank fields, approvals after PO issuance) when calculating the requisition approval date for Performance Dashboard Report that is used by management to monitor the timeliness of the procurement process. 3 Data Reliability Efficiency of Process As a result of these SQL errors, the following reporting issues occurred: Voucher Amounts Purchase Order Audit Report, which is used to report all purchasing transactions from requisition to receipt, showed 34,865 instances where voucher amounts exceeded PO authorization. Auditors selected 10 largest POs to review in the system and noted all 10 did not exceed voucher information in the system. Approval Information Purchase Order Audit Report contained 15,093 requisitions where the requester was the same as the approver. Auditors sampled 10 items to review in the system and noted the following: 2 showed the requisition approver was someone different than noted in the report. 6 showed the requisition approval not being needed in the PeopleSoft system. 2 showed self-approval of the requisition in PeopleSoft. Audit Scope The scope of the audit work focused on activities in the PeopleSoft system during the Procurement process, including the requisition, approval, purchasing, and receiving of goods June
5 and services since implementation (October 2014) through March These activities were reviewed to assess the PeopleSoft system functionality, efficiency of the procurement process, and evaluation of reporting and monitoring functions. Payment cards and inventory purchases were not reviewed. Further, purchasing roles (e.g., requester, approver, purchaser, and receiver) in the purchasing module were evaluated for appropriate segregation of duty. The roles were reviewed as of October The audit was performed by Jessica Esqueda, Monica Washington, Christopher Williams, and Karen Henry (Engagement Lead). The audit was conducted during the period from December 14, 2015 to March 15, Methodology The methodology used to complete the objectives of this audit included: Reviewed TxDOT internal documents, including procurement policy and procedure manuals, organization charts, process maps, and management reports Reviewed state codes and manuals, including State of Texas Procurement manual, Texas Government Code, and Texas Administrative Code sections for purchase rules Reviewed prior audit reports from TxDOT s Internal Audit Division and Texas State Auditor s Office Evaluated control design and operating effectiveness of the procurement system Sample tested purchase order (PO) data (e.g. dates, amounts, purchase types) converted from the Automated Purchasing System (APS) to PeopleSoft Reviewed the Financials and Supply Chain Management (FSCM) functional roles and responsibilities for purchasing (e.g., requester, approver, purchaser, and receiver), which was used as the criteria for access security policy Reviewed employees assigned FSCM purchasing roles, to validate access was in accordance with security policy and best practice Interviewed key stakeholders, including staff and management, from Information Management Division (IMD) Enterprise Resource Planning Section, Contracts and Purchasing Division (formerly Procurement Division), and contracted third party vendor for PeopleSoft implementation and maintenance support Through data analysis and sampling in production environment: o Tested for instances where requisitions were approved after purchase order issuance o Tested for instances where requisitions had same requester and approver o Tested for instances of missing required information Reviewed Structured Query Language (SQL) logic for two reports utilized by Contracts and Purchasing Division (formerly Procurement Division) Reviewed communication and management philosophy of overall organizational tone Performed risk assessment of requisition and purchasing functions within PeopleSoft These procedures were applied as necessary to perform the audit fieldwork. June
6 Background This report is prepared for the Texas Transportation Commission and for the Administration and Management of TxDOT. The report presents the results of the Post-Implementation Review PeopleSoft - Purchasing audit, which was conducted as part of the Fiscal Year 2016 Audit Plan. TxDOT implemented a new Oracle PeopleSoft system in October PeopleSoft is an integrated suite of software, which provides a common technology platform across core business areas of human resources, finance, supply chain, and payroll. The TxDOT PeopleSoft system replaced over 20 mainframe and legacy systems in Finance, Human Resources, and General Services. The new PeopleSoft consists of three main applications: Financials and Supply Chain Management (FSCM), Enterprise Learning Management (ELM), and Human Capital Management (HCM). The FSCM application includes procurement, contracts and purchasing, as well as general finance functions (e.g. accounts payable, asset management, billing, general ledger, inventory, and project costing). The purchasing functions in the FSCM module were reviewed for this audit. In the FSCM module, purchase orders are generated to procure goods and services. For a purchase order to be complete, it must include the type of purchase, the cost, quantity, who is requesting it, and who is approving it. This information allows the purchaser to buy the item. Only employees in the Contracts and Purchasing Division are authorized to purchase items on behalf of TxDOT. To implement PeopleSoft, TxDOT had a designated team consisting of TxDOT employees and third party vendors. TxDOT also established an Executive Steering Committee and a separate Enterprise Resource Planning Section dedicated to managing the PeopleSoft implementation. In addition, TxDOT employees from key program areas, also known as subject matter experts (SMEs), were used to help identify gaps in the legacy systems and identify areas of improvement. Third party vendors were used as the PeopleSoft System Integrators and to provide program quality management and oversight. Third party vendors within the designated team were responsible for coding the system, conducting gap analysis, testing the functionality of the code, ensuring the system functions worked properly, and giving proper access levels and roles to employees. Implementation problems or issues are communicated and addressed through TxDOT s information management ticket system, TxDOTNow. These tickets are to be addressed by a third party vendor or the Information Management Division (IMD) ERP Section. The primary vendor used to design and implement PeopleSoft was retained to provide ongoing maintenance support. We conducted this performance audit in accordance with Generally Accepted Government Auditing Standards and in conformance with the International Standards for the Professional Practice of Internal Auditing. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. Recommendations to mitigate risks identified were provided to management during the engagement to assist in the formulation of the management action plans included in this report. The Internal Audit Division uses the June
7 Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control Integrated Framework version A defined set of control objectives was utilized to focus on reporting, operational, and compliance goals for the identified scope areas. Our audit opinion is an assessment of the health of the overall control environment based on (1) the effectiveness of the enterprise risk management activities throughout the audit period and (2) the degree to which the defined control objectives were being met. Our audit opinion is not a guarantee against reporting misstatement and reliability, operational sub-optimization, or non-compliance, particularly in areas not included in the scope of this audit. June
8 Detailed Findings and Management Action Plans (MAP) Finding No. 1: PeopleSoft Requisitions Condition The PeopleSoft Financials and Supply Chain Management (FSCM) module allowed employees to modify requisitions after purchase orders (PO) had been issued. In addition, necessary information related to the item code to identify the good or service was missing from processed requisitions. The FSCM module also allowed non-inventory requisitions to be approved by the same employee submitting the requisition and allowed non-inventory requisitions to be processed without the required approval. Effect/Potential Impact Requisition modifications made after PO issuance or requisitions having missing information may lead to delayed or improper procurement methods or approvals. Improper access controls within the purchasing function can increase the susceptibility to fraudulent or inappropriate actions. Criteria The TxDOT Requirements Traceability Matrix (e.g., PeopleSoft system design and configuration) states that the system should not have the ability to change a requisition once a PO has been issued. The Matrix further discusses that requisitions should not be self-approved if the requester is also an approver. Further, the TxDOT Purchasing Manual Chapter 1 requires separation of duties between employees authorized to request and approve purchases. The National Institute of Government Purchasing (NIGP) Commodity/Services Code is a coding structure for standardizing purchasing that brings order and consistency for efficiency and economy. Agencies use the - item code numbering and descriptions found to properly code products or services on requisitions and purchases so informal and formal invitations for bid will reach vendors that have indicated they are capable of furnishing the required materials, equipment, supplies, and services. It is also important to both agencies and potential bidders that bidder class-item selections are correct. Cause No preventive or detective control exists that requires requisitions to be identified and reviewed independently if same person was the requester and approver prior to PO issuance. Additionally, no monitoring existed to ensure all necessary requisition fields were completed, including the correct item code. An issue exists in the system that allows for some requisitions to be self-approved or not require an approval. June
9 It was also understood that NIGP/Item Identification (ID) Codes were left blank due to requesters selecting inactive or unavailable items from the FSCM module. Evidence Goods and services that required an approval and were purchased from October 2014 to January 2016 were reviewed and the following was noted: System allowed requisitions to be modified after PO issued: 991 POs totaling $10.7 million had requisition approval date after the PO date. Although 99% of these were due to requisition or purchase order line cancellations causing re-routing of the approval workflow, an issue still remains in the system that allows them to occur. There was no inappropriate activity identified. System allowed requisitions to be self-approved by the requester: 441 requisitions were self-approved by 241 employees. These requisitions totaled $2.7 million. Although detailed testing was not performed to test specifically for fraud, a cursory review performed did not indicate any reason to believe inappropriate activity occurred. This information was referred to the Compliance Division for further review. System allowed requisitions without approvals: 3,086 non-inventory items did not have requisition approvals in the system. Although 95% of these were due to requisition cancellations causing re-routing of the approval workflow, an issue still remains in the system that allows them to occur. Although detailed testing was not performed to test specifically for fraud, a cursory review performed did not indicate any reason to believe inappropriate activity occurred. This information was referred to the Compliance Division for further review. National Institute of Government Purchasing (NIGP)/Item Identification (ID) Codes The Purchase Order Audit report provided showed 72 instances where an NIGP/Item ID code was missing. These codes are required for processing purchases. Auditors judgmentally selected 10 of the POs to determine whether a code was entered into the system. All 10 POs reviewed that did not have an NIGP/Item ID Code in the report received also did not have a code assigned in PeopleSoft Management Action Plans (MAP): MAP Owner: Teri Augustine, Project Manager, Information Management Division - Enterprise Resource Planning Section MAP 1.1: Information Management Division will create tickets requesting TxDOT s third party contracted support team to remedy the issue related to the system allowing requisitions to be modified after Purchase Order issuance (Note: as of March 31, 2016, this has been done and the updated process is being tested by the business area). June
10 Information Management Division will create tickets for analysis of all requisitions without approvals and take corrective action. In addition, the Enterprise Resource Planning system will analyze the contract specialist role to ensure the appropriateness of its function and permissions are correct within non-601ct business units. Once a solution is determined for bullets 1 and 2 above, including the level of effort and a completion date, Information Management Division will submit an update to the Internal Audit Division indicating whether the identified, August 15, 2016, management action plan completion date is feasible. notification will be provided to support completion of this portion of the management action plan. Information Management Division will implement a new process and reporting cycle to monitor the TxDOT Now system for tickets relating to this issue and will collaborate with Contracts and Purchasing Division to resolve them within 45 days. A process document and example report will be provided to support completion of this portion of the management action plan. August 15, 2016 MAP Owner: Dee Dee Evans, Purchase Order Module Systems Administrator, Contracts and Purchasing Division MAP 1.2: Contracts and Purchasing Division will test the patch that will address the issue related to the system allowing requisition to be modified after Purchase Order issuance in the testing environment prior to being applied to the production environment. Testing documentation will be retained and provided to support completion of all new patch testing performed. August 15, 2016 MAP 1.3: Contracts and Purchasing Division (CPD) will perform 3 monthly reviews after patches are applied to determine that there are no instances of Purchase Orders being issued after requisition lines are modified. In addition, CPD will develop procedures to require data monitoring on an annual basis. December 15, 2016 June
11 MAP 1.4: National Institute of Government Purchasing (NIGP)/Item Identification (ID) codes are blank due to requester selecting inactive/unavailable items. Contracts and Purchasing Division will add the word inactive to the item description in the system to provide a visual for the end users who are requesting the inactive items as well as the purchaser who is processing them. This will help prevent staff selecting inactive codes. Documentation of the testing will be documented. Contracts and Purchasing Division will develop procedures to continue to monitor the Purchase Orders (POs) being created with no Item IDs and create tickets to have a Structured Query Language (SQL) update ran to update the POs with the applicable Item Identification (ID) Codes. The procedures will call for monitoring to be performed by running reports and filtering for blank Item IDs and to be performed annually. December 15, 2016 June
12 Finding No. 2: Access Roles Condition Access controls do not provide proper segregation of duties for requesting, approving, purchasing, and receiving goods and services. In addition, access controls do not ensure that only authorized Contracts and Purchasing Division employees can execute purchases in PeopleSoft s Financials and Supply Chain Management (FSCM) module. There were 12 employees identified with assigned purchasing roles that were determined to be unnecessary as those roles were not used in over a year. Additionally, three system administrator roles (i.e. super user access) were identified where their actions and edits were not monitored as a detective control. Effect/Potential Impact Improper and unnecessary access controls within the purchasing system can lead to increased susceptibility to fraud or inappropriate actions. Criteria TxDOT Functional Roles and Descriptions document does not permit any individual to have both a requester and an approver role. The TxDOT Purchasing Manual Chapter 1 also requires adequate segregation of duties between employees authorized to request, approve a purchase, receive, and initiate payments. The Purchasing Manual further defines that a purchaser can only be an employee from a procurement function. In addition, the National Institute of Standards and Technology (NIST) suggest users should only be granted access for the resources they need to perform their official functions and that audit trails should be reviewed periodically to changes made to the system. Cause Access to the procurement roles and user permissions are provided by the Information Management Division (IMD) through a manual process. Once roles are granted, there is no ongoing review of assigned roles by those in the Contracts and Purchasing Division to determine appropriateness. In addition, there has not been an established timeframe for when users should be removed after a specified period of non-usage. Finally, detective controls have not been established to properly monitor activity by system administrator roles that have far reaching access to procurement transactions. Evidence Auditors obtained user access information for purchasing roles (e.g., requester, approver, purchaser, or receiver) and Procurement module system administrator role and identified the following: Requester and Approval Role 120 of 3,154 (4%) employees had an approval and requester role o 3 of 120 (3%) employees executed requisitions of $46,787 of goods and services that they also approved June
13 3 of 3,154 (1%) had requester, approval, purchaser, and receiver roles. The same employees also had the system administrator role (i.e. super user) that also provides them the ability to access and edit purchasing transactions without any independent review being performed. Further assessment could not be performed due to no system administrator activity logs and reports providing incorrect outputs. Unused Incompatible Roles 12 of 15 (80%) employees sampled with incompatible roles (e.g. user had more than one of the following roles: requester, approver, purchaser) did not use at least one assigned role in over a year o 9 of the 12 were non-procurement employees Non-Procurement Employee Purchasers 5 non-procurement employees, who had purchasing roles from September 24, 2014 to January 4, 2016, were granted incorrect system permissions and executed 31 purchase order releases for goods and services. Management Action Plan (MAP): MAP Owner: Teri Augustine, Project Manager, Information Management Division Enterprise Resource Planning Section MAP 2.1: Roles and permissions due to change in position were removed when the PeopleSoft Employee Transfer Security Process was fully implemented on March 15, The PeopleSoft Employee Transfer Security Process requires TxDOT s third party contracted support team to create daily reports to be submitted to Information Management Division (IMD) for internally transferred employees. Upon receipt of the daily report, IMD will clear the employees user profiles and re-establish basic new hire permissions. The employee s new manager will be required to submit requests for all required new roles. This new process went into effect in March July 15, 2016 MAP 2.2: The 120 employees identified with incompatible roles and the 5 employees with incorrect permissions were corrected. Role review by Contracts and Purchasing Division and subsequent removal by Information Management Division PeopleSoft Security began in March 2016 with the implementation of the Oracle PeopleSoft Security Audit Process. July 15, 2016 June
14 MAP 2.3: Information Management Division will work with Contracts and Purchasing Division to update role description and constraint language used by users and the Security Team in determining and provisioning roles for non-procurement employees that obtain Procurement roles. Updated constraints will be used by the security team and will be available on SharePoint. The modified role description and constraint language was fully implemented on March 15, July 15, 2016 MAP 2.4: Segregation of duties responsibilities are accomplished manually through the Oracle PeopleSoft Annual Manager Access Approval process, for all Enterprise Resource Planning modules. A request for funding for purchase and implementation of an automation software process will be developed in September September 15, 2016 MAP Owner: Dee Dee Evans, Purchase Order Module Systems Administrator, Contracts and Purchasing Division MAP 2.5: CPD will develop procedures to address the situation when CPD purchasing buyers leave TxDOT or CPD Division. The procedures will call for a PeopleSoft role ticket to be created to request the removal of the no longer applicable PO module roles. CPD will add constraints to the security access criteria for the PO module update roles to be removed if not utilized in the system for over 6 months. CPD will develop procedures to obtain a report from IMD security annually showing any employee with procurement roles not using the roles in over 6 months. The procedures will call for any exceptions (e.g. users not using roles in over 6 months) to be routed to IMD for corrective action. July 15, 2016 MAP 2.6: Contracts and Purchasing Division (CPD) will develop procedures to acquire system activity logs from Information Management Division for CPD staff with system administrator roles and monitor for unusual activity on a semi-annual basis. The review will include looking for transactions/roles performed by the individuals (requester, approver, buyer, vendor changes, payment functions) and documenting exceptions outside the defined user roles for the activities performed. July 15, 2016 June
15 Finding No. 3: Data Reporting Condition The Purchase Order Audit Report and the Purchase Order Mean and Median Average Processing Time Report from the Procurement module had missing and erroneous information which caused validity issues related to internal metrics and monitoring. Examples of missing and erroneous information noted in the report included the following: incorrect voucher amounts, missing Purchase Order (PO) numbers, and incorrect approver information. Effect/Potential Impact Inaccurate reporting can hinder the TxDOT s ability to monitor the procurement process to ensure it is working as intended. Inaccurate reporting can also provide false assurance and/or result in unnecessary activities being performed to address perceived issues. Further, timeliness reports were found to overstate how long it was taking to procure goods and services which could impact the ability to properly identify inefficient processes. Criteria Control Objectives for Information and Related Technology (COBIT) suggests that organizations ensure that reporting is complete, timely, and accurate to provide program owners the necessary information to monitor and review program objectives and goals to assure program success. Cause Structured Query Language (SQL) logic to obtain information from the database did not accurately reflect the current TxDOT Procurement Process (e.g., after-fact purchases, blank fields, approval information). SQL logic presented also allowed for incorrect PO amounts to appear due to the receipt/voucher distribution. Evidence Review of the Purchase Order Audit and the Purchase Order Mean and Median Average Processing Time Reports showed the following: SQL Logic Query script did not account for items that did not require requisition approvals (per TxDOT policy) and data tables were joined incorrectly for Purchase Order Audit Report. The Purchase Order Mean and Median Average Processing Time Report scripts did not account for data anomalies (e.g., after-fact purchases, blank fields, approvals after PO issuance) when calculating the requisition approval date for Performance Dashboard Report that is used by management to monitor the timeliness of the procurement process. Auditors performed further assessment to determine the root cause of missing or incorrect data for the Purchase Order Audit Report and the Performance Dashboard Report and identified the following: June
16 Voucher Amounts The Purchase Order Audit Report, which is used to report all purchasing transactions from requisition to receipt, received by auditors showed 34,865 instances where voucher amounts exceeded PO authorization. Auditors judgmentally selected 10 largest POs issued from October 2014 to September 2016 to review in the system: It was determined the 10 POs sampled did not exceed voucher information in the system. PO Numbering Gaps The Purchase Order Audit Report received by auditors contained 1,623 gaps in the PO numbering convention. Auditors randomly selected 11 PO number gaps to further assess their existence. Auditors were able to locate PO data for 9 of the identified missing PO numbers from the report within the PeopleSoft application. The other 2 POs did not exist in PeopleSoft and therefore were accurately reflected as gaps in sequence. These 2 POS were missing due to reasonable system issues. Approval Information The Purchase Order Audit Report received by auditors contained 15,093 requisitions where the requester was the same as the approver. Auditors randomly selected requisition line items from 10 requisitions to verify the data from the report and noted the following: 2 showed the requisition approver was someone different than noted in the report. This was identified as a SQL issue. 6 showed the requisition approval not being needed in the PeopleSoft system. This erroneous notation was identified as a system issue in Finding No. 1 and also identified as a SQL issue. 2 showed self-approval of the requisition in PeopleSoft. This was identified as a system issue in Finding No. 1. Management Action Plan (MAP): MAP Owner: Dee Dee Evans, Purchase Order Module Systems Administrator, Contracts and Purchasing Division MAP 3.1: Contracts and Purchasing Division (CPD) will create TxDOT Now tickets to request logic changes to be made to the Purchase Order (PO) Audit Report and the PO Mean and Median Average Processing time reports to ensure Structured Query Language (SQL) logic is corrected and anomalies identified in the finding no longer exist. CPD will continue to test and validate reports by reviewing for blank fields, same employee ID within both requester and approver fields, voucher amounts exceeding PO authorization, and approval dates occurring after PO issuance dates. CPD will perform 3 monthly reviews after SQL logic is corrected and the data will also be reviewed on an annual basis to monitor exceptions. December 15, 2016 June
17 MAP 3.2: Contracts and Purchasing Division (CPD) will develop procedures to utilize the Purchase Order Audit Report, once report logic has been updated, to identify and correct the following on a quarterly basis: Any requisitions that needed approval but were not obtained Requisitions being approved by same person as requester, and Purchase Order dates prior to requisition approval dates. The CPD procedure will require a query from Information Management Division (IMD) to show any gaps in requisition ID numbers and if any of those skipped requisition numbers result in a PO being associated with them. December 15, 2016 MAP Owner: Teri Augustine, Project Manager, Information Management Division Enterprise Resource Planning Section MAP 3.3: Information Management Division will provide the Contracts and Purchasing Division with assistance on the Structured Query Language (SQL) for the Purchase Order Audit and Performance Dashboard Reports as needed. IMD will perform the following steps: Hire a SQL writer The SQL writer will review the Purchase Order Audit report and Performance Dashboard for modifications Problem solve the issues and create a solution Perform testing on the solution Implement the solution December 15, 2016 June
18 Summary Results Based on Enterprise Risk Management Framework Closing Comments The results of this audit were discussed with the Director of Contracts and Purchasing Division, Purchasing Section Director, Interim Director of Information Management Division, and Management Action Plan Owners on May 16, We appreciate the assistance and cooperation received from the Contracts and Purchasing Division, Information Management Division (IMD), Enterprise Resource Planning Section of IMD, Human Resources Division, and Financial Management Division contacted during this audit. June
Internal Audit Report. Highway Condition Reporting TxDOT Office of Internal Audit
Internal Audit Report Highway Condition Reporting TxDOT Office of Internal Audit Objective To evaluate data integrity in the Highway Condition Report. Opinion Based on the audit scope areas reviewed, control
More informationInternal Audit Follow-Up Report. Inventory Management TxDOT Office of Internal Audit
Internal Audit Follow-Up Report Inventory Management TxDOT Office of Internal Audit Objective Assess the status of corrective actions for Management Action Plans (MAPs) previously communicated in the Inventory
More informationEnterprise Resource Planning (ERP) II Pre-System Implementation Interim Audit Report. Accounts Payable Module. December 5, 2014. Mayor.
Enterprise Resource Planning (ERP) II Pre-System Implementation Interim Audit Report Accounts Payable Module Mayor December 5, 2014 Betsy Price Council Members Sal Espino, District 2 W. B. Zimmerman, District
More informationInternal Audit Report. Toll Operations Contract Management TxDOT Office of Internal Audit
Internal Audit Report Toll Operations Contract Management TxDOT Office of Internal Audit Objective To determine whether the Toll Operations Division (TOD) contract management structure is designed and
More informationDepartment of Developmental Disabilities Accounts ReceivableAudit
Department of Developmental Disabilities Accounts Receivable Period: September 2015 through December 2015 Results Summary: Objective Accounts Receivable Creation Receipt of Payment Monitoring of Past Due
More informationOBSERVATIONS FROM 2010 INSPECTIONS OF DOMESTIC ANNUALLY INSPECTED FIRMS REGARDING DEFICIENCIES IN AUDITS OF INTERNAL CONTROL OVER FINANCIAL REPORTING
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org OBSERVATIONS FROM 2010 INSPECTIONS OF DOMESTIC ANNUALLY INSPECTED FIRMS REGARDING DEFICIENCIES
More informationMANAGEMENT AUDIT REPORT ACCOUNTS PAYABLE
MANAGEMENT AUDIT REPORT OF ACCOUNTS PAYABLE REPORT NO. 04-108 CITY OF ALBUQUERQUE OFFICE OF INTERNAL AUDIT AND INVESTIGATIONS of Accounts Payable Report No. 04-108 Executive Summary Background The Department
More informationAuditing for Value in the Procure to Pay Cycle Dallas IIA Chapter. October 1, 2009
Auditing for Value in the Procure to Pay Cycle Dallas IIA Chapter October 1, 2009 Supply Chain Risk Overview * Today s Focus * Includes Working Capital benefits 1 2009 Protiviti Inc. An Equal Opportunity
More informationAccounts Payable. Best Practices: Existing Control: Control Gap: Controls Evaluation and Gap Analysis. Purchasing
Accounts Payable Gap Analysis: POS identifies the following Best Practices as efficient and effective control processes for the above risk. Listed for comparison are the controls currently in place, if
More informationOracle PeopleSoft Security Audit Process for Payroll and TAM
Oracle PeopleSoft Security Audit Process for Payroll and TAM Version 1.5 Approved: December 2015 by Teri Augustine ERP Section, Information Technology Division Revision History The revision history identifies
More informationNASCIO. Improving State
NASCIO 2011 Nomination Submission Improving State Operations Initiative The State of Tennessee Project Edison, State of Tennessee s ERP solution Project Manager: Stephanie Dedmon 1 Executive Summary The
More informationCOSO s 2013 Internal Control Framework in Depth: Implementing the Enhanced Guidance for Internal Control over External Financial Reporting
in Depth: Implementing the Enhanced Guidance for Internal Control over External Financial Reporting Table of Contents EXECUTIVE SUMMARY... 3 BACKGROUND... 3 SIGNIFICANT CHANGES AFFECTING INTERNAL CONTROL
More informationInternal Controls, Fraud Detection and ERP
Internal Controls, Fraud Detection and ERP Recently the SEC adopted Section 404 of the Sarbanes Oxley Act. This law requires each annual report of a company to contain 1. A statement of management's responsibility
More informationCity of Berkeley. Accounts Payable Audit
City of Berkeley Accounts Payable Audit Prepared by: Ann-Marie Hogan, City Auditor, CIA, CGAP Teresa Berkeley-Simmons, Audit Manager, CIA, CGAP Frank Marietti, Senior Auditor, CIA, CGAP Presented to Council
More informationOffice of the State Controller. Self-Assessment of Internal Controls. Purchasing/Accounts Payable Cycle. Objectives and Risks
Office of the State Controller Self-Assessment of Internal Controls Purchasing/Accounts Payable Cycle Objectives and Risks Agency Year-End Objectives All requests for goods and services are initiated and
More informationOffice of the Auditor General Performance Audit Report. Statewide Oracle Database Controls Department of Technology, Management, and Budget
Office of the Auditor General Performance Audit Report Statewide Oracle Database Controls Department of Technology, Management, and Budget March 2015 071-0565-14 State of Michigan Auditor General Doug
More informationDepartment of Transportation Financial Management Information System Centralized Operations
Audit Report Department of Transportation Financial Management Information System Centralized Operations July 2001 This report and any related follow-up correspondence are available to the public and may
More informationIT Application Controls Questionnaire
IT Application Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks A1.a. MULTIPLE USER PROCESSING INPUT CONTROLS Input controls are the procedures and methods utilized by
More informationOFFICE OF THE CITY AUDITOR
OFFICE OF THE CITY AUDITOR PERFORMANCE AUDIT OF FUEL SERVICE CARDS Paul T. Garner Assistant City Auditor Prepared by: Theresa Hampden, CPA Audit Manager Regina Cannon Auditor October 29, 2004 Memorandum
More informationTable of Contents: Chapter 2 Internal Control
Table of Contents: Chapter 2 Chapter 2... 2 2.1 Establishing an Effective System... 2 2.1.1 Sample Plan Elements... 5 2.1.2 Limitations of... 7 2.2 Approvals... 7 2.3 PCard... 7 2.4 Payroll... 7 2.5 Reconciliation
More informationSeptember 2005 Report No. 06-009
An Audit Report on The Health and Human Services Commission s Consolidation of Administrative Support Functions Report No. 06-009 John Keel, CPA State Auditor An Audit Report on The Health and Human Services
More informationOffice of the Auditor General Performance Audit Report. Statewide UNIX Security Controls Department of Technology, Management, and Budget
Office of the Auditor General Performance Audit Report Statewide UNIX Security Controls Department of Technology, Management, and Budget December 2015 State of Michigan Auditor General Doug A. Ringler,
More informationInternal Audit Quarterly Report University of Missouri June 2014
Internal Audit Quarterly Report University of Missouri June 2014 Listed below are the internal audit reports that were issued since the April 2014 meeting of the Board of Curators. A summary of action
More informationOffice of Contracting & Procurement and Support Service Center Desk Reference
Oracle PeopleSoft Enterprise I m in. DETROIT PUBLIC SCHOOLS Office of Contracting & Procurement and Support Service Center Desk Reference Created by the Division of Finance Office of Strategic Management
More informationAccounts Payable Outsourcing Audit April 2014
Accounts Payable Outsourcing Audit April 2014 Craig Terrell, Interim City Auditor Lee Hagelstein, Internal Auditor Accounts Payable Outsourcing Audit Table of Contents Page Executive Summary...1 Audit
More informationStrategic Asset Management Program Controls Design Is Generally Sound, But Improvements Can Be Made. Final Audit Report No. 105-2010.
Strategic Asset Management Program Controls Design Is Generally Sound, But Final Audit January 14, 2011 Audit Report Issued By: NATIONAL RAILROAD PASSENGER CORPORATION OFFICE OF INSPECTOR GENERAL 10 G
More informationS24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma
S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to
More informationState and District Monitoring of School Improvement Grant Contractors in California FINAL AUDIT REPORT
State and District Monitoring of School Improvement Grant Contractors in California FINAL AUDIT REPORT ED-OIG/A09O0009 March 2016 Our mission is to promote the efficiency, effectiveness, and integrity
More informationTransmittal Letter... 1. Objectives and Scope... 2. Approach... 3-7. Financial System... 8. Permitting Application... 9
Internal Audit Committee of Information Technology Risk Assessment Public Report Prepared By: Internal Auditors of Brevard County September 30, 2009 Table of Contents Transmittal Letter... 1 Objectives
More informationCase Study Top-Down, Risk-Based Approach Purchase to Pay Process
Top-Down, Risk-Based Approach Purchase to Pay Process Overview This case study describes the flow of a Top-Down Risk, Based Approach for an example Purchase to Pay process. This case study is not all-inclusive
More informationDevelopment, Acquisition, Implementation, and Maintenance of Application Systems
Development, Acquisition, Implementation, and Maintenance of Application Systems Part of a series of notes to help Centers review their own Center internal management processes from the point of view of
More informationHow to improve account reconciliation activities*
PwC Advisory Viewpoint How to improve account reconciliation activities* Many common account reconciliation problems are preventable. Effective management of account reconciliation activities greatly increases
More informationOFFICE OF INSPECTOR GENERAL. Audit Report
OFFICE OF INSPECTOR GENERAL Audit Report Audit of the Data Management Application Controls and Selected General Controls in the Financial Management Integrated System Report No. 14-12 September 30, 2014
More informationSCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID
SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID State of New Jersey Department of Community Affairs Division of Local Government
More informationSolihull Metropolitan Borough Council. IT Audit Findings Report September 2015
Solihull Metropolitan Borough Council IT Audit Findings Report September 2015 Version: Responses v6.0 SMBC Management Response July 2015 Financial Year: 2014/2015 Key to assessment of internal control
More informationOFFICE OF AUDITS & ADVISORY SERVICES ACCOUNTS PAYABLE VENDOR MASTER FILE AUDIT FINAL REPORT
County of San Diego Auditor and Controller OFFICE OF AUDITS & ADVISORY SERVICES ACCOUNTS PAYABLE VENDOR MASTER FILE AUDIT FINAL REPORT Chief of Audits: Juan R. Perez Senior Audit Manager: Lynne Prizzia,
More informationOffice of the Auditor General. Audit of Accounts Payable. Tabled at Audit Committee November 26, 2015
Office of the Auditor General Audit of Accounts Payable Tabled at Audit Committee November 26, 2015 This page has been intentionally left blank Contents Executive Summary... 2 Introduction... 2 Background...
More informationCOSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP
COSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP Disclaimer The material appearing in this presentation is for informational purposes only and should not be construed
More informationFinal. Internal Audit Report. Creditors System
Final Internal Audit Report Creditors System Document Details: Reference: 1.2 / 2014-15 Senior Manager, Internal Audit & Assurance: David Jenkins ext 6567 Date: 7 th January 2015 This report is not for
More informationPerformance Audit. ERP Post-Implementation
Performance Audit ERP Post-Implementation August 2006 City Auditor s Office City of Kansas City, Missouri 04-2006 August 9, 2006 Honorable Mayor and Members of the City Council: We conducted this audit
More informationPerforming Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained
Performing Audit Procedures in Response to Assessed Risks 1781 AU Section 318 Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained (Supersedes SAS No. 55.)
More informationInformation Technology Auditing for Non-IT Specialist
Information Technology Auditing for Non-IT Specialist IIA Pittsburgh Chapter October 4, 2010 Agenda Introductions What are General Computer Controls? Auditing IT processes controls Understanding and evaluating
More informationPerformance Audit E-Service Systems Security
Performance Audit E-Service Systems Security October 2009 City Auditor s Office City of Kansas City, Missouri 15-2008 October 21, 2009 Honorable Mayor and Members of the City Council: This performance
More informationInternal Audit Report. Right of Way Acquisition TxDOT Office of Internal Audit
Internal Audit Report Right of Way Acquisition TxDOT Office of Internal Audit Objective Evaluate the right of way acquisition process for efficiency and compliance. Opinion Based on the audit scope areas
More informationMEMORANDUM. Municipal Officials. From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center
MEMORANDUM To: Municipal Officials From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center 89 Main Street, Suite 4 Montpelier, Vermont 05602-2948
More informationMICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL. Doug A. Ringler, C.P.A., C.I.A. AUDITOR GENERAL ENTERPRISE DATA WAREHOUSE
MICHIGAN OFFICE OF THE AUDITOR GENERAL AUDIT REPORT PERFORMANCE AUDIT OF THE ENTERPRISE DATA WAREHOUSE DEPARTMENT OF TECHNOLOGY, MANAGEMENT, AND BUDGET August 2014 Doug A. Ringler, C.P.A., C.I.A. AUDITOR
More informationINFORMATION TECHNOLOGY CONTROLS
CHAPTER 14 INFORMATION TECHNOLOGY CONTROLS SCOPE This chapter addresses requirements common to all financial accounting systems and is not limited to the statewide financial accounting system, ENCOMPASS,
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Management Oversight of the Small Business/Self-Employed Division s Fuel Compliance Fleet Card Program Should Be Strengthened September 27, 2011 Reference
More informationChapter 15 Auditing the Expenditure Cycle
Chapter 15 Auditing the Expenditure Cycle Expenditure cycle consists of activities related to the acquisition of and payment for plant assets and goods and services. Two major transaction classes: 1 purchases
More informationInternal Control Deliverables. For. System Development Projects
DIVISION OF AUDIT SERVICES Internal Control Deliverables For System Development Projects Table of Contents Introduction... 3 Process Flow... 3 Controls Objectives... 4 Environmental and General IT Controls...
More informationUsing Technology to Automate Fraud Detection Within Key Business Process Areas
Using Technology to Automate Fraud Detection Within Key Business Process Areas 2013 ACFE Canadian Fraud Conference September 10, 2013 John Verver, CA, CISA, CMA Vice President, Strategy ACL Services Ltd
More informationOFFICE OF INSPECTOR GENERAL. Audit Report
OFFICE OF INSPECTOR GENERAL Audit Report Select Financial Management Integrated System Business Process Controls Need Improvement Report No. 16-02 November 30, 2015 RAILROAD RETIREMENT BOARD EXECUTIVE
More informationAUDITOR GENERAL WILLIAM O. MONROE, CPA
AUDITOR GENERAL WILLIAM O. MONROE, CPA HILLSBOROUGH COUNTY DISTRICT SCHOOL BOARD LAWSON FINANCIALS MODULE Information Technology Audit SUMMARY To support its financial management needs, the Hillsborough
More informationLATE SUBMISSION OF TRAVEL EXPENSE CLAIMS, UNFILED TRAVEL EXPENSE REPORTS, AND RECONCILIATION OF PREPAID EXPENSES
Report Office of the General Auditor August 31, 2011 Internal Audit Report for August 2011 Summary Three reports were issued during the month: Employee and Director Expense Reports Audit Report Quarterly
More informationMD AOC Project Introduction to PeopleSoft
Insert Pictures that represent Customer on Master slide MD AOC Project Introduction to PeopleSoft PeopleSoft Vendor Management Agenda Introduction Session Objectives PeopleSoft Overview Key Features Business
More informationPurchasing Card Program
Purchasing Card Program User Guidelines University of North Alabama Procurement Department Created: March 2008 / Updated 7/16/2015 University of North Alabama Purchasing Card Program 1 Table of Contents
More informationACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances
ACL WHITEPAPER Automating Fraud Detection: The Essential Guide John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances Contents EXECUTIVE SUMMARY..................................................................3
More information9.2 PeopleSoft Upgrade New Features and Functionality. May 2015
9.2 PeopleSoft Upgrade New Features and Functionality May 2015 1 General Accounting 2 Project Overview» The PeopleSoft Finance/Supply Chain upgrade is scheduled for May 20 (at 5pm) thru May 25, 2015» Current
More informationOffice of Internal Audit The University of Texas Southwestern Medical Center Accounts Receivable Billing Edits University Hospitals
Office of Internal Audit The University of Texas Southwestern Medical Center Accounts Receivable Billing Edits University Hospitals Internal Audit Report 15:05B July 13, 2015 Table of Contents I. Executive
More information2015-16 Internal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 9, 2015 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org TABLE
More informationInformation Technology General Controls And Best Practices
Paul M. Perry, FHFMA, CITP, CPA Alabama CyberNow Conference April 5, 2016 Information Technology General Controls And Best Practices 1. IT General Controls - Why? 2. IT General Control Objectives 3. Documentation
More informationHOWARD UNIVERSITY POLICY
HOWARD UNIVERSITY POLICY Policy Number: 300-001 Policy Title: ACCOUNTS PAYABLE: PAYMENTS TO VENDORS Responsible Officer: Chief Financial Officer Responsible Office: Office of the Chief Financial Officer
More informationA REPORT BY THE NEW YORK STATE OFFICE OF THE STATE COMPTROLLER
A REPORT BY THE NEW YORK STATE OFFICE OF THE STATE COMPTROLLER Alan G. Hevesi COMPTROLLER NEW YORK CITY SCHOOL CONSTRUCTION AUTHORITY IMPLEMENTATION OF THE ENTERPRISE RESOURCE PLANNING SYSTEM 2002-N-6
More informationCITY OF BURLINGTON COSO FRAMEWORK & COMPLIANCE
CITY OF BURLINGTON COSO FRAMEWORK & COMPLIANCE Points of Focus Principle 1. The organization demonstrates a commitment to integrity and ethical values. Supporting Points of Focus:* Sets the tone at the
More informationLocation of the job: CFO Revenue Assurance
JOB PROFILE Title of position: Manager: Revenue Assurance Operations Number of subordinates: 5-10 Location of the job: CFO Revenue Assurance Level: 3 Position Code: Time span: 2-3 years Key Performance
More informationU.S. Department of Agriculture Office of Inspector General Financial and IT Operations Audit Report
U.S. Department of Agriculture Office of Inspector General Financial and IT Operations Audit Report FISCAL YEAR 2000 NATIONAL FINANCE CENTER REVIEW OF INTERNAL CONTROLS NAT Report No. 11401-7-FM June 2001
More informationBUSINESS PROCESS (SAS 112 Compliance)
Functional Area: Accounts Payable Name of Process: Payment of PO Invoices Purpose of Process: To liquidate encumbrances for purchase orders issued for goods and services on behalf Of the University. Primary
More informationSUBSIDIARY LEDGER MANAGEMENT AND INTERNAL CONTROLS
SUBSIDIARY LEDGER MANAGEMENT AND INTERNAL CONTROLS Introduction: A critical component of the University s internal control environment over financial transactions is the departmental subsidiary ledger
More informationState of Connecticut Core-CT Continuing Education Initiative. Introduction to eprocurement
State of Connecticut Core-CT Continuing Education Initiative Introduction to eprocurement 1 Handout The handout has the same screen shots as the in-class presentation, but has been designed as a Step by
More informationRISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide
RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation
More informationMANAGEMENT LETTER. Nassau Health Care Corporation and Subsidiaries Year Ended December 31, 2013. Ernst & Young LLP
MANAGEMENT LETTER Nassau Health Care Corporation and Subsidiaries Year Ended December 31, 2013 Ernst & Young LLP Ernst & Young LLP 5 Times Square New York, NY 10036-6530 Tel: +1 212 773 3000 Fax: +1 212
More informationCity of Berkeley. Prepared by:
City of Berkeley Berkeley Public Library Purchasing and Accounts Payable Audit Prepared by: Ann-Marie Hogan, City Auditor, CIA, CGAP Teresa Berkeley-Simmons, Audit Manager, CIA, CGAP Frank Marietti, Senior
More informationIndependent Auditors Report
KPMG LLP Suite 12000 1801 K Street, NW Washington, DC 20006 Independent Auditors Report Administrator and Acting Inspector General United States General Services Administration: Report on the Financial
More informationSkelta. Accounts Payable Solution. Business Process Management for All POWERED BY SKELTA BPM. www.skelta.com
Skelta Accounts Payable Solution POWERED BY SKELTA BPM Business Process Management for All www.skelta.com Overview Skelta Accounts Payable Solution is a completely web-based vendor invoice processing solution
More informationPalm Beach County Clerk & Comptroller s Office Contracting & Purchasing Review
Palm Beach County Clerk & Comptroller s Office Contracting & Purchasing Review SHARON R. BOCK Clerk & Comptroller Palm Beach County Audit Services Division September 18, 2008 Report 2008 03 September 18,
More informationOFFICE OF INSPECTOR GENERAL. Audit Report
OFFICE OF INSPECTOR GENERAL Audit Report Audit of Internal Control Over Accounts Payable Report No. 09-03 March 31, 2009 RAILROAD RETIREMENT BOARD INTRODUCTION This report presents the results of the Office
More informationEmployee Travel Expense (Concur) Process - Gap Analysis FY 2012
Employee Travel Expense (Concur) Process - Gap Analysis F 2012 Note: The responses below address Concur expense reports department IDs 921000, 921010, 921020, 921030, 921040, 921050, 921100, 921240, 921245,
More informationActivity Code 12500 Material Management and Accounting System (MMAS) Version 9.10, dated September 2015 B-1 Planning Considerations
Activity Code 12500 Material Management and Accounting System (MMAS) Version 9.10, dated September 2015 B-1 Planning Considerations Audit Specific Independence Determination Members of the audit team and
More informationINTERNAL AUDIT DIVISION AUDIT REPORT 2013/073
INTERNAL AUDIT DIVISION AUDIT REPORT 2013/073 Audit of maintenance and building services provided by the Office of Central Support Services at Headquarters Overall results relating to the Office of Central
More informationOBSERVATION, RECOMMENDATION, AND RESPONSE
PROJECT SUMMARY Processes and controls for procuring goods and services through the Department of Strategic Sourcing and Procurement Services (Procurement Services) at Texas A&M University provide reasonable
More informationAn Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements
Examination of an Entity s Internal Control 1403 AT Section 501 An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements Source:
More informationAUDIT REPORT PERFORMANCE AUDIT OF COMMUNITY HEALTH AUTOMATED MEDICAID PROCESSING SYSTEM (CHAMPS) CLAIMS EDITS
MICHIGAN OFFICE OF THE AUDITOR GENERAL AUDIT REPORT PERFORMANCE AUDIT OF COMMUNITY HEALTH AUTOMATED MEDICAID PROCESSING SYSTEM (CHAMPS) CLAIMS EDITS DEPARTMENT OF COMMUNITY HEALTH AND DEPARTMENT OF TECHNOLOGY,
More informationInform Upgrade Version 20.0.77.77. New Features Improved Google Calendar Synchronization
**The latest Inform upgrade includes features and fixes from all previous upgrades. Please review the upgrade notes for any additional versions that fall between your current version and this upgrade.**
More informationLEGAL SERVICES CORPORATION OFFICE OF INSPECTOR GENERAL FINAL REPORT ON SELECTED INTERNAL CONTROLS RHODE ISLAND LEGAL SERVICES, INC.
LEGAL SERVICES CORPORATION OFFICE OF INSPECTOR GENERAL FINAL REPORT ON SELECTED INTERNAL CONTROLS RHODE ISLAND LEGAL SERVICES, INC. RNO 140000 Report No. AU 16-05 March 2016 www.oig.lsc.gov TABLE OF CONTENTS
More informationArticle: Control Systems and Controls Testing: General Review
Article: Control Systems and Controls Testing: General Review By: Paul Lydon, BA, CPA, MBS (Hons), PGCLTHE, FHEA Current Examiner in P1 Auditing The main duty of auditors is to report to the members on
More informationACCOUNTS PAYABLE DEPARTMENT AUDIT OF SELECTED ACCOUNTING PROCESSES
ACCOUNTS PAYABLE DEPARTMENT AUDIT OF SELECTED ACCOUNTING PROCESSES THE UNIVERSITY OF NEW MEXICO September 3, 2009 J.E. Gene Gallegos, Chair Carolyn Abeita, Vice Chair James Koch Audit Committee Members
More informationCOSO Internal Control Integrated Framework (2013)
COSO Internal Control Integrated Framework (2013) The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated Internal Control Integrated Framework (2013 Framework)
More information1. FPO. Guide to the Sarbanes-Oxley Act: IT Risks and Controls. Second Edition
1. FPO Guide to the Sarbanes-Oxley Act: IT Risks and Controls Second Edition Table of Contents Introduction... 1 Overall IT Risk and Control Approach and Considerations When Complying with Sarbanes-Oxley...
More informationThe need for optimization: Getting the most from Microsoft Dynamics GP
The need for optimization: Getting the most from Microsoft Dynamics GP Prepared by: Hans Wulczyn, Director, RSM US LLP hans.wulczyn@rsmus.com, +1 717 901 8413 October 2013 Microsoft Dynamics GP is a powerful,
More informationMAXIMO 7 TRAINING GUIDE PURCHASING & RECEIVING FLORIDA INTERNATIONAL UNIVERSITY. P 202.262.2500 3451 NE 1 st Ave M1008 Miami, FL 33137
MAXIMO 7 TRAINING GUIDE PURCHASING & RECEIVING FLORIDA INTERNATIONAL UNIVERSITY P 202.262.2500 3451 NE 1 st Ave M1008 Miami, FL 33137 Table of Contents I CHAPTER 1 THE PURCHASING MODULES...5 1.1 Objectives...
More informationAccounts Payable Audit
Audit Report# 15-11 November 12, 2015 "Committed to Service, Independence and Quality" THE UNIVERSITY OF TEXAS AT EL PASO Office of Auditing and Consulting Services November 12, 2015 Dr. Diana Natalicio
More informationPatrice Randle, City Auditor Craig Terrell, Assistant City Auditor Roshan Jayawardene, Internal Auditor. CityNet (Lawson e-recruiting) January 2009
Patrice Randle, City Auditor Craig Terrell, Assistant City Auditor Roshan Jayawardene, Internal Auditor CityNet (Lawson e-recruiting) January 2009 CityNet (Lawson e-recruiting) Table of Contents Page Executive
More informationApril 2010. promoting efficient & effective local government
Department of Public Works and Environmental Services Department of Information Technology Fairfax Inspections Database Online (FIDO) Application Audit Final Report April 2010 promoting efficient & effective
More informationNavy s Contract/Vendor Pay Process Was Not Auditable
Inspector General U.S. Department of Defense Report No. DODIG-2015-142 JULY 1, 2015 Navy s Contract/Vendor Pay Process Was Not Auditable INTEGRITY EFFICIENCY ACCOUNTABILITY EXCELLENCE INTEGRITY EFFICIENCY
More informationDepartment of Public Utilities Customer Information System (BANNER)
REPORT # 2010-06 AUDIT of the Customer Information System (BANNER) January 2010 TABLE OF CONTENTS Executive Summary..... i Comprehensive List of Recommendations. iii Introduction, Objective, Methodology
More informationCHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS
11-1 CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION The State Board of Accounts, in accordance with State statutes and the Statements on Auditing Standards Numbers 78
More informationPROJECT MANAGEMENT PLAN CHECKLIST
PROJECT MANAGEMENT PLAN CHECKLIST The project management plan is a comprehensive document that defines each area of your project. The final document will contain all the required plans you need to manage,
More informationJuly 2012 Report No. 12-045. An Audit Report on The ReHabWorks System at the Department of Assistive and Rehabilitative Services
John Keel, CPA State Auditor The ReHabWorks System at the Department of Assistive and Rehabilitative Services Report No. 12-045 The ReHabWorks System at the Department of Assistive and Rehabilitative Services
More informationExhibit F. VA-130620-CAI - Staff Aug Job Titles and Descriptions Effective 2015
Applications... 3 1. Programmer Analyst... 3 2. Programmer... 5 3. Software Test Analyst... 6 4. Technical Writer... 9 5. Business Analyst... 10 6. System Analyst... 12 7. Software Solutions Architect...
More informationTxDOT Internal Audit Report Equipment Maintenance and Repair
TxDOT Internal Audit Report Equipment Maintenance and Repair Objective Determine if there are adequate policies, procedures, and practices for ensuring the adequate inspection, maintenance, and repair
More information