Internal Audit Risk Assessment Process May 9, 2014



Similar documents
Adding Value to the UK Community

Annual Risk Assessment and Audit Plan Fiscal Year 2015/2016

FISCAL PLAN RESPONSE TO THE AUDITOR GENERAL

Unit Action Plan

Branch Human Resources

WESTERN NEVADA COLLEGE THEATER DEPARTMENT Internal Audit Report July 1, 2009 through January 31, 2011

RISK ASSESSMENT TOOL: Business Processes

September 28, Audit s Role in Governance, Risk Management and Internal Control

Impact of Control Self Assessment On Station Audit Scope and Work Programme

MSLA Course Descriptions

MPP Internal Benchmark Survey Job Descriptions by Job Title

Montgomery County, Maryland

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations

Management Services Organizations: Efficiency in Payer Engagement. Today s Discussion

The University of Texas at Tyler. Audit of Compliance with Texas Administrative Code 202

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS

Brokers Expand your Horizon

MAC McCallick Accounting & Consulting 650 North Rose Drive #175 Placentia, Ca

Crosswalk Between Current and New PMP Task Classifications

Enterprise Risk Management Panel Discussion

THE ABC S OF DATA ANALYTICS

Information Security Program

PROFESSIONAL EXPERIENCE. Illinois Board of Higher Education State of Illinois - Springfield, IL 2013-Present

UNIVERSITY OF NEVADA, RENO PARKING AND TRANSPORTATION SERVICES Internal Audit Report July 1, 2011 through June 30, 2013

Report to the Audit Committee

ID Task Name Time Pred

Capital Area Council of Governments FY 2015 Cost Allocation Plan

STRATEGIC FINANCIAL PLANNING SANTA CLARA UNIVERSITY GUIDELINES FOR BUDGETING AND FINANCIAL MANAGEMENT OF CURRENT OPERATIONS

Internal Audit RFP 2013 Questions and Answers

UMUC FED Program. Online Open House July 22, 2015

A FRAMEWORK FOR SUCCESS

Idaho State University Strategic Plan. Mapping Our Future: Leading in Opportunity and Innovation Executive Summary

Revenue Cycle Assessment

HR Technology Trends By Wilson Ten SandFil International Right Talents, Right Results

Central Kentucky Management Services, Inc.

HR WSQ Qualifications. Certified HR Professional Programmes

Appendix A - Charter of the Academic and Student Affairs Committee

SCHOOL DISTRICT BUSINESS LEADER

Joint Audit Report for South Lakeland District Council. & Eden District Council

KRONOS Workforce Central Timekeeping System Policy Manual A Guide for Employees, Timekeepers and Approvers

Order of Saint Benedict/College of Saint Benedict Cell Phone Policy

California State University

Helping Midsize Businesses Grow Through HR Technology

5. The administration of the school shall decide how to use student-generated funds to benefit the student body.

Elements of Local School Accounting II

New York State University of Academic Majors and Undergraduate Programs

Released December 18 th, 2007

Project Management Professional (PMP ) Exam Preparation

Human Resources: Training/Development

City of Houston Citywide ARC Project. Finance Department. Budget & Fiscal Affairs Committee

PROFESSIONAL MASTERS

Jackson Health System Observations and Recommendations. Duane J. Fitch, CPA, MBA President March 15, 2010

Office of Internal Audit. Activity Report. For the period from March 16, 2014 to August 8, Internal Audit Team

SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID

SAFEGUARDS FOR PROTECTING PRIVATE DATA - SERVICE PROVIDERS AND CONTRACTORS

Treasury Inspector General Tax Administration (TIGTA)

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004

2016 Home and Community-Based Services (HCBS) Scholarship Grant Program

How To Plan Out A University Pension Plan

HBR Consulting Data Center Service Offerings

General Ledger Chart of Accounts

Human Resources Annual Report

Enterprise Risk Management VCU Process

Transcription:

Internal Audit Risk Assessment Process May 9, 2014 1. Purpose 2. Timeline 3. Framework 4. Analysis and Computations 5. Next Steps

Risk Assessment Purpose To prioritize FY15 activities for reasonable assurance regarding: Financial Reporting Operations Information Systems and Security Compliance Strategic Alliance The work plan will be risk based in consideration of all UK units, processes and applications. The work plan aligns with UKIA skill sets, emerging risks and UK Objectives. Resources utilized to perform these tasks include: Collaborations / Partnerships Information Technology Tools The outcome will be a risk based work plan for fiscal year 2015

Risk Assessment Timeline The risk assessment is dynamic throughout each fiscal year. The timeline for FY 15 risk assessment includes: On going: March 2014: Feb April 2014: April 2014: May 2014: June 2014: Populating Database (Audit Universe) Comply Line Review Information Gathering Risk Assessment Analysis ACS Risk Assessment Review ACS Work Plan Review and Approval

Risk Assessment Framework Audit Universe Risk Factors Risk Scoring Audit Trending

Audit Universe Database containing information from various sources: Risk Assessment Interviews (RAI) Annual interviews focusing on relevant events and industry concerns Previous Audit Work (PAW) UKIA end of audit process used to document out of scope concerns UKIA Workshops (WKS) Documenting participants attendance and concerns raised during seminar ACUA Risk Dictionary (ARD) Database used by auditor association to document higher education trends Comply Line (CPL) Documenting information by unit and process Other Unsolicited Information (OUI) Documenting information directed to UKIA from emails, calls and website

Audit Universe 10 examples from each category Units (500+) 1. Office of Sponsor Project Administration 2. Sponsored Project Accounting 3. Benefits 4. Motor Pool 5. Mailroom 6. Office of International Affairs 7. Public Relations 8. Mining Engineering Foundation 9. Ophthalmology 10. College of Public Health Processes (300+) 1. Software Licensing 2. Cash Handling 3. Procurement Cards 4. Scholarships 5. Payroll 6. Construction Projects 7. Grants 8. Student Registration 9. Property Leasing 10. Accounts Receivable Applications (900+) 1. Kronos 2. ProSam 3. Online Employment System 4. HealthQuest 5. Sunrise Clinical Manager 6. Thriva 7. CS Gold 8. Axium 9. Millennium 10. Blackboard Internal Audit UKIA Risk Assessment Continuous Audits Continuous Auditing Auto Audit Audit Command Language ARUBA Database

Audit Universe Enterprise Division Division Unit Process Process Owner Examples of Possible Concern(s) Event Date Source Affiliates CKMS Call Center Compensation HR Compensation Required lunch breaks 07.22.10 PAW Campus Libraries University Press Compensation HR Compensation Nonexempt travel compensation 06.13.11 PAW HealthCare Chandler Therapeutic Services Compensation HR Compensation Timekeeping adjustment 12.03.12 CPL Finance and Administration Human Resources HR Compensation Compensation HR Compensation Nonexempt overtime compensation Timekeeping practices 03.21.13 RAI Campus Enrollment Management Student Financial Aid Scholarships Student Financial Aid Vendor and end user access (ProSam) 03.31.09 PAW Academics College of Fine Arts School of Music Scholarships Student Financial Aid Eligibility 03.20.14 OUI Academics College of Public Health Donovan Fellowship Office Scholarships Student Financial Aid Refunds 04.08.14 OUI

Risk Factors Risk Factor Definition / Measurement Criteria Public Exposure Media coverage intensity and type of clientele 1. Media Coverage 2. Customer Type 3. Current Affairs Control Environment Rank and file workplace practices 1. IS Applications 2. Key Position Turnover Rate 3. Employee Relations 4. Event Identification External Regulation Unit or process compliance 1. Industry Compliance 2. Federal Regulations 3. State Regulations Materiality Dollar significance or transaction volume 1. Sources of Revenue 2. Transaction Volume 3. Budget breakdown 4. Transaction Complexity Last Audit Duration since last external or internal review 1. Internal Auditor 2. External Auditor 3. Other Audits

Scoring Risk Assessment Calculation Enterprise Division Division Unit Process Process Owner Examples of Possible Concern(s) Event Date Source Campus Enrollment Management Student Financial Aid Scholarships Student Financial Aid Vendor and end user access (ProSam) 03.31.09 PAW Academics College of Fine Arts School of Music Scholarships Student Financial Aid Eligibility 03.20.14 OUI Academics College of Public Health Donovan Fellowship Office Scholarships Student Financial Aid Refunds 04.08.14 OUI Enterprise Division Unit or Process Public Exposure Last Audit Media Customer Current Affairs Score Internal External Other Score Total Score Campus Campus Academics Academics Scholarships Student Financial Aid School of Music Donovan Fellowship Office Steps after Risk Assessment Calculations 1. Units and Processes are sorted in descending order 2. Concerns from high risk areas are reviewed for trending

FY15 Audit Focus Trending Concerns Business Operations Grants Compensation Procurement Ancillary Units Student Financial Aid Cash Operations Business Continuity Information Systems Information Security BYOD Application Configuration Regulatory Compliance Ancillary Systems Data Analytics Disaster Recovery

Next Step is Work Plan Creation Work Plan Content Compliance Program Continuous Audits & Auditing Regulatory Risk and Audit Coverage Business / Operations Comprehensive & Assessments Financial and Operational Risk Information Technology Data Centers & Applications Information Security and Data Integrity Unplanned Activities Consultations & Inquires/Investigations Red Flags Management Concerns Work Plan Considerations UKIA Skill Set Business Operations Information Technology Available Hours Auditor Productivity Goal @ 75% Excludes UKIA Support Staff Audit Commitments Audit Follow up Audit Cycle Other Resources Collaborations / Partnerships Co sourcing / Outsourcing Information Technology Tools

2333 Alumni Park Plaza Lexington, KY 40517 Phone: 859.257.3126 Fax: 859.257.3566 http://www.uky.edu/internalaudit/

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information