Audit of the Financial Management Control Framework - Revenue



Similar documents
J u n e N a t i o n a l R e s e a r c h C o u n c i l C a n a d a. I n t e r n a l A u d i t, N R C. Audit of Risk Management.

Audit of Human Resources Management Planning

Audit of Occupational Safety and Health (OSH)

Audit of Construction Contracts

Internal Audit of the Sport Canada Hosting Program

Audit of the Policy on Internal Control Implementation

INTERNAL AUDIT MUNICIPAL RURAL INFRASTRUCTURE FUND (MRIF)

Audit of the Test of Design of Entity-Level Controls

Audit of Financial Reporting Controls

Audit of Accounts Receivable

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Audit of Internal Controls Over Financial Reporting.

PRIVY COUNCIL OFFICE. Audit of Compensation (Pay and Benefits) Final Report

Internal Audit Report. For the Fiscal Year. Prepared by CONSULTING AND AUDIT CANADA. on behalf of the

INTERNAL AUDIT REPORT ON THE FINANCIAL MANAGEMENT CONTROL FRAMEWORK FOR INITIATIVES RELATED TO CANADA S ECONOMIC ACTION PLAN (EAP) REPORT.

Audit of the Management of Projects within Employment and Social Development Canada

Final Report Audit of Vendor Performance and Corrective Measures. September 18, Office of Audit and Evaluation

NATIONAL CREDIT UNION ADMINISTRATION OFFICE OF INSPECTOR GENERAL

Final Audit Report. Audit of Data Integrity MCCS Feeder System Interfacing with SAP

ON RECOMMENDATIONS FROM THE 2008 AUDITS ON TRAVEL AND HOSPITALITY EXPENDITURES AND PROACTIVE DISCLOSURE ON TRAVEL AND HOSPITALITY EXPENSES

Internal Audit. Audit of HRIS: A Human Resources Management Enabler

Significant Revisions to OMB Circular A-127. Section Revision to A-127 Purpose of Revision Section 1. Purpose

Audit of Procurement Practices

PUBLIC SERVICE COMMISSION AUDIT REPORTS 2012

Audit of Project Management Governance. Audit Report

AUDIT OF MISSION HOSPITALITY EXPENDITURES

GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT. January 7, 2011

Auditor General s Office. Governance and Management of City Computer Software Needs Improvement

IT Outsourced Services. Preliminary Survey

Audit of Policy on Internal Control Information Technology General Controls (ITGCs) Audit

Final Audit Report. Audit of the Human Resources Management Information System. December Canada

Internal Audit. Audit of the Inventory Control Framework

Audit of Accounts Receivable. Internal Audit Report

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Prepared by: Audit and Assurance Services Branch.

Internal Audit Manual

Office of the Superintendent of Financial Institutions. Internal Audit Report on Regulation Sector: Private Pension Plans Division

Industry Services Quality Management System

Status Report of the Auditor General of Canada to the House of Commons

Internal Audit Quality Assessment. Presented To: World Intellectual Property Organization

IT Infrastructure Audit

Audit of Policy on Internal Controls: Selected Business Processes

AUDIT OF READINESS FOR THE IMPLEMENTATION OF THE POLICY ON INTERNAL CONTROL

MICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL. Doug A. Ringler, C.P.A., C.I.A. AUDITOR GENERAL ENTERPRISE DATA WAREHOUSE

Internal Audit FINAL INTERNAL AUDIT REPORT. Management Initiated Review of Child Support Master Program Payments

Larry Laine, Deputy Land Commissioner and Chief Clerk. Annual Report on the Internal Audit Quality Assurance and Improvement Program

CFPB Readiness Series: Compliant Vendor Management Overview

AUDIT OF PAY AND RELATED BENEFITS DEPARTMENT OF FINANCE CANADA FINAL AUDIT REPORT

Audit of IT Asset Management Report

Actuarial Standard of Practice No. 23. Data Quality. Revised Edition

NASA Financial Management Requirements Volume 9, Chapter 4 April 2005 CHAPTER 4 RISK ASSESSMENTS

How To Manage Risk At Atb Financial

Office of the Inspector General Department of Defense

Audit of Capital Assets Management. The Audit and Evaluation Branch

How To Maintain An Effective System Of Internal Control Over Financial Reporting

MARKET CONDUCT ASSESSMENT REPORT

Audit of the Canada Student Loans Program

AUDITOR GENERAL WILLIAM O. MONROE, CPA

Financial Management Information System Centralized Operations


OFFICE OF THE PRIVACY COMMISSIONER OF CANADA. Audit of Human Resource Management

Broker-Dealer and Investment Adviser Compliance Programs

NSERC SSHRC AUDIT OF IT SECURITY Corporate Internal Audit Division

CONTROL AND COMPLIANCE AUDITS

OFFICE OF INSPECTOR GENERAL. Audit Report

Ontario Health Insurance Plan

Audit of Mobile Telecommunication Devices

Canada Organic Regime Quality Management System Manual

EURIBOR - CODE OF OBLIGATIONS OF PANEL BANKS

REGULATORY IMPLICATIONS OF CLOUD COMPUTING. Stephen B. Kerr Partner Financial Institutions Group

462 IBN18 (MAURITIUS) LIMITED. IBN18 (Mauritius) Limited

Final Report. Audit of the Project Management Framework. December 2014

Audit of Financial Management Governance. Audit Report

Phase II of Compliance to the Policy on Internal Control: Audit of Entity-Level Controls

Performance Measures for Internal Auditing

INTERNATIONAL STANDARD ON REVIEW ENGAGEMENTS 2410 REVIEW OF INTERIM FINANCIAL INFORMATION PERFORMED BY THE INDEPENDENT AUDITOR OF THE ENTITY CONTENTS

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

Statement of Management Responsibility Including Internal Control Over Financial Reporting

Transcription:

N A T I O N A L R E S E A R C H C O U N C I L C A N A D A Audit of the Financial Management Control Framework - Revenue I n t e r n a l A u d i t, N R C N O V E M B E R 2011

1.0 Executive Summary and Conclusion Background This audit report presents the findings of the National Research Council (NRC) Canada s audit of the Financial Management Control Framework for Revenue. The decision to conduct this audit was approved by the President following the recommendation of the Senior Executive Committee and thereafter by the Departmental Audit Committee on April 21, 2009 as part of the NRC 2009-10 to 2011-12 Risk-Based Internal Audit Plan. Audit objective, scope and methodology The overall objective of this audit was to provide assurance that NRC s financial management control framework for revenue complies with Treasury Board and NRC financial management policies, directives and guidelines. The audit was conducted between October 2010 and May 2011 and examined the elements of the NRC control environment around financial management for revenue. Emphasis was placed on the financial management and control systems, processes and practices employed by NRC Finance Branch. However, key financial management practices were also examined within a random sample of fifty (50) revenue agreements administered by four research institutes and one business technology centre. The audit was conducted using a series of detailed audit criteria that addressed the audit objective against which we drew our observations, assessments and conclusions. These audit criteria, presented in Appendix A, were derived primarily from the Treasury Board Financial Management Policy Framework. Audit opinion and conclusion We found that NRC has established overall a good financial management control framework for revenue with some strong elements in that most of its control elements are compliant with Government of Canada policies and directives. However, a detailed review of fifty (50) revenue agreements demonstrated that the framework is November 2011 3

inconsistently applied across NRC resulting in an overall audit opinion of needs improvement. Significant strengths were found with respect to governance, financial signing authorities and the segregation of duties. Opportunities for further strengthening of the framework include: developing formal processes for financial risk management particularly with respect to credit, foreign exchange, liquidity, collection of long-term royalty rights and fraud; and establishing standardized practices for managing revenue which could include enhancing the use of existing SAP modules and / or replacing IBP-unique MS Excel-based reporting tools. This latter opportunity will also have the added benefit of providing senior management with more timely and accurate entity-wide revenue information necessary for effective decision making. Our review of the revenue agreements identified the following areas which could benefit from additional clarification and training: Reviews by corporate experts such as Sector Financial Services, Legal Services, and Central Business Services prior to signing income agreements; Authorization of other government departments and other types of agreements and amendments in accordance with NRC s financial signing authorities; Consistent costing and pricing practices that comply with Treasury Board and NRC policies; and Appropriate costing and timely billing reconciliation upon project completion. Recommendations 1. NRC should strengthen the revenue management control framework by identifying formal criteria under which conditions and when NRC should exercise its right of audit clauses included in technology licence agreements. [Moderate Priority] November 2011 4

Management Response: Finance Branch will work with CBS to document formal criteria under which NRC would exercise our audit rights under the audit clauses in NRC technology licence agreements by June 30, 2012. 2. (a) NRC should strengthen the revenue management control framework by developing formal financial risk management policies and procedures. (b) NRC should also clearly define roles and responsibilities as they pertain to OGD Financial Arrangements and developing OGD standard agreement templates. [Moderate Priority] Management Response: Finance Branch is currently in the process of reviewing and updating its suite of revenue related financial management policies which also includes finalizing its credit management policy. Finance Branch will ensure that business and financial risk management policy statements are included in the contracting-in policy by March 31, 2012. Finance Branch will work with CBS to incorporate the key concepts of the credit management policy in the overall contracting-in guidance and tools by March 31, 2012. The contracting-in guidance and tools include checklists with the purpose of assisting employees involved in the contracting-in process to ensure due diligence (assessment of business and financial risk) is exercised when developing an agreement with a client. Finance Branch will work with CBS to clarify policies for their applicability to OGD Financial Arrangements and to develop a standard approach or template for OGD agreements to ensure a more efficient and less administrative burdensome process by June 30, 2012. 3. NRC should examine the potential costs, benefits and feasibility of introducing November 2011 5

additional systems controls and better linking the different modules within SAP in order to ensure NRC financial systems are better leveraged and that the NRC financial management control framework for revenue is consistently applied across NRC. This should include a review of potentially strengthening SD systems controls to prevent inappropriate modifications of transaction terms. [High Priority] Management Response: In light of the initiative to implement the new NRC business model strategy which is currently underway for implementation by April 1, 2012, the NRC internal reporting requirements will mandate the use of the SAP Project Systems (PS) module for overall project management at NRC. The integration between the SAP PS and Sales and Distribution (SD) modules already exists but is underutilised. In order to address the issues related to revenue recognition and in support of the NRC internal reporting requirements, Finance Branch has identified in the project implementation work plan, the development and implementation of training strategies including the utilization of the integration between PS and SD by March 31, 2012. Finance Branch will review the feasibility of implementing system controls to prevent inappropriate modifications of transactions terms by June 30, 2012. Manual and detective compensatory controls have been in place since 2007 to review on a monthly basis the payment terms that deviate from the payment standard prior to the execution of the interest charging program. 4. NRC should strengthen the revenue management control framework through providing additional training, guidance and monitoring in order to ensure better understanding of the revenue management process and its more consistent application within NRC. This could include expanding the current training curriculum pertaining to revenue management by identifying minimum requirements by employee groups (including Project Managers, Business Development Officers and those with Contracting-in Authorities) and increasing their frequency. [High Priority] November 2011 6

Management Response: In order to address the issues related to revenue recognition and in support of the NRC business model strategy implementation project, Finance Branch has developed a detailed revenue management action plan that addressed policy, business processes, systems and training. Finance Branch is currently working with CBS to develop and implement policy changes, business process changes and training strategies pertaining to revenue management by March 31, 2012. Statement of assurance In my professional judgement as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed upon by management. The opinion is applicable only to the entity examined. Jayne Hinchliff-Milne, CMA, Chief Audit Executive NRC Audit Team Members: Irina Nikolova, F.C.C.A, CIA, CISA Allison Smith, BA November 2011 7

Appendix: Potential Overall Ratings Management Attention Required significant issues exist that require management s attention. Needs Improvement some areas of practices / processes are in compliance with Government of Canada and NRC laws, regulations, policies and directives pertaining to management of revenue but many deficiencies exist. Adequate most of the areas of practices / processes are in compliance with Government of Canada and NRC laws, regulations, policies and directives pertaining to management of revenue but there are opportunities for continuous improvement. Strong all areas of practices / processes are in compliance with Government of Canada and NRC laws, regulations, policies and directives pertaining to management of revenue. No areas for improvement were identified. November 2011 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information