GUMC & Internal Audit
4 Pages
English

GUMC & Internal Audit

-

Downloading requires you to have access to the YouScribe library
Learn all about the services we offer

Description

FY2011 Internal Audit Plan Georgetown (Updated May 2010) UNIVERSITY Internal Audit 30 PROPOSED AUDIT SUBJECTS • Within each source (see Internal Audit Plan FY2010 – FY2012), audit subjects were prioritized on a scale from 5 (highest) to 1 (lowest). Priority determined using: ProCard data, historic compliance events, priority assigned in reports such as the Huron report, and judgment. • All audit subjects were relative ranked to the average priority for all audit subjects across all sources. The result was a prioritized list of audit subjects from P5 (highest) to P1 (lowest). Audit Subject Audit Subject Priority-5 Priority-3 Documentation of controls over Financial Statement Reporting Cost Sharing BGRO - Biomedical Graduate Research Organization CSJR - Center for Social Justice Research, Teaching & Service LCCC - Lombardi Comprehensive Cancer Center KIE - Kennedy Institute of Ethics Other Support YATE - Yates Field HousePRES - Central Administrative Units, e.g., President's Office, Anti-Fraud - PayrollAthletics, etc. OAUR - Advancement ERM Portfolio Anti-Fraud - Purchasing & Related Activities Priority-2 Anti-Fraud - Billing (Personal Use / Vendors) Invention Disclosure & Reporting Control Weakness - Internal Controls OSFS - Student Financial Services REG - University RegistrarPriority-4 Change in Business - New Venture Emergency Management Program Effort Reporting Data Integrity & Security IT Applications Research & Regulatory IT Systems ...

Subjects

Informations

Published by
Reads 23
Language English

FY2011 Internal Audit Plan Georgetown (Updated May 2010) UNIVERSITY
Internal Audit

30 PROPOSED AUDIT SUBJECTS
• Within each source (see Internal Audit Plan FY2010 – FY2012), audit subjects were prioritized on a scale from 5 (highest) to 1
(lowest). Priority determined using: ProCard data, historic compliance events, priority assigned in reports such as the Huron
report, and judgment.
• All audit subjects were relative ranked to the average priority for all audit subjects across all sources. The result was a prioritized
list of audit subjects from P5 (highest) to P1 (lowest).

Audit Subject Audit Subject
Priority-5 Priority-3
Documentation of controls over Financial Statement Reporting Cost Sharing
BGRO - Biomedical Graduate Research Organization CSJR - Center for Social Justice Research, Teaching & Service
LCCC - Lombardi Comprehensive Cancer Center KIE - Kennedy Institute of Ethics
Other Support YATE - Yates Field House
PRES - Central Administrative Units, e.g., President's Office, Anti-Fraud - PayrollAthletics, etc.
OAUR - Advancement ERM Portfolio
Anti-Fraud - Purchasing & Related Activities Priority-2
Anti-Fraud - Billing (Personal Use / Vendors) Invention Disclosure & Reporting
Control Weakness - Internal Controls OSFS - Student Financial Services
REG - University RegistrarPriority-4
Change in Business - New Venture Emergency Management Program
Effort Reporting Data Integrity & Security
IT Applications Research & Regulatory IT Systems Continuity & Disaster Recovery Program
IT Applications Scholarly Systems Priority-1
MSB - McDonough School of Business AEVN - Academic Events
LAW - Georgetown Law Center Anti-Fraud- Financial Statements
Control Weakness - Override Existing Controls Anti-Fraud - Cash on HandFY2011 Internal Audit Plan Georgetown (Updated May 2010) UNIVERSITY
Internal Audit

FY2010 – FY2012 AUDIT SUBJECTS UPDATED WI TH FY2010 RESUL TS


Audit Subject Audit Subject
Priority-5 Priority-3
Documentation of Controls Over Financial Statement
Cost SharingReporting
CSJR - Center for Social Justice Research, Teaching & BGRO - Biomedical Graduate Research Organization Service
LCCC - Lombardi Comprehensive Cancer Center KIE - Kennedy Institute of Ethics
Other Support YATE - Yates Field House
PRES - Central Administrative Units, e.g., President's Anti-Fraud - PayrollOffice, Athletics, etc.
OAUR - Advancement ERM Portfolio
Anti-Fraud - Purchasing & Related Activities Priority-2
Anti-Fraud - Billing (Personal Use / Vendors) Invention Disclosure & Reporting
Control Weakness - Internal Controls OSFS - Student Financial Services
Priority-4 REG - University Registrar
Change in Business - New Venture Emergency Management Program
Effort Reporting Data Integrity & Security
IT Applications Research & Regulatory IT Systems Continuity & Disaster Recovery Program
IT Applications Scholarly Systems Priority-1
MSB - McDonough School of Business AEVN - Academic Events
LAW - Georgetown Law Center Anti-Fraud- Financial Statements
Control Weakness - Override Existing Controls Anti-Fraud - Cash on Hand
Project PostponedFY2010 Project
New Project in FY2011 for the Audit SubjectContinuous Monitoring Activity in FY2010FY2011 Internal Audit Plan Georgetown (Updated May 2010) UNIVERSITY
Internal Audit

Seven proj ects sel ected f rom the three-year plan across all five priority areas. New Audit Subjects included in FY2011 include: Data
Integrity & Security, Anti-Fraud Billing (personal use / vendors), and Cost Sharing.

Audit University Project Primary Subject Related SubjectService
Compliance Review Continuous Monitoring - IT General & Application Controls Control Weakness - Internal Controls
1
Periodically evaluate key IT controls such as: security, error processing, alignment of IT and business services, and change control management. Scope of work to
include UIS and non-UIS infrastructure, such as Libraries, MSB, Law Center.
Compliance Audit Effort Report Verification Control Weakness - Internal Controls Effort Reporting
2
Follow-on to FY2010 review of the effort certification system. Assess compliance risk based on the controls over the reliability of effort documentation and the
University's cost share policy. Assessment will include a broad sample of departments performing research at the University.
Compliance Audit Subrecipient Payment Controls Control Weakness - Internal Controls
3
Test documentation for the certification of subrecipient payments and the quality of control procedures designed to provide assurance that monitoring is timely and
adequate.
Control Weakness - Override Operations Review Data Security Task Force Review Data Integrity & Security Existing Controls
4
Assess the status of the data security enhancements led by the Data Security Taskforce. Test compliance with policies and standards, and evaluate user security
awareness since the inception of the Data Security Taskforce.






FY2011 Internal Audit Plan Georgetown (Updated May 2010) UNIVERSITY
Internal Audit


Audit University Project Primary Subject Related SubjectService
A revolving sample of control Sample of University Operations Audit Department-level Control Activities activities and suspected control departments and programsweaknesses
5 A year-long, enhanced continuous monitoring project. Utilize historical audit results and Management requests to assess control activities such as CSR
reconciliation and implementation of University policy and procedures for financial and administrative activities. Identify units and processes operating at less than
the desired capacity for the selected control activities. Assist Management with streamlining GU policies and procedures in order to support efficient and effective
business processes and controls flowing from policy and procedures that are well organized, communicated, and understood by the GU community.
Operations Review N/A - Select Management RequestsRequests for Support and Analysis
6
Ad hoc projects to support Management with analysis of processes, controls, or policy design intended to enhance operating efficiency and effectiveness.
Documentation of Controls Over Reporting Review Internal Control Documentation for Financial Reporting Financial Statement Reporting7
Continuation of the postponed FY2010 project. Assist Management with creating documentation of select financial reporting controls.