Embed Size (px)
Citation preview
1/12/2011
1
IFTA - IRP AUDITSEVALUATION OF INTERNAL
CONTROLS
Webinar
1
FACILITATORS
• Rick LaRose– Tax Unit Assistant Manager, CT DRS Excise Unit– Asst. IFTA Commissioner Connecticut– Chair, IFTA Dispute Resolution Committee– Former IFTA Audit Committee Chair
• Dawn Lietz– Audit Manager, Nevada DMV Motor Carrier
Services– Vice-Chair, IFTA Audit Committee– IRP, Dispute Resolution Committee
2
Webinar Logistics
• Presentation will run for approximately one hour– 40 minutes of presentation
– 20 minutes of “Q&A”
• Questions and comments can be sent• Questions and comments can be sent to the facilitators during the Webinar.– Click the “raise hand” icon in the upper
right hand side of the screen
– Type in question/comment
3
1/12/2011
2
INTERNAL CONTROLS
• Definition– Wikipedia defines Internal Controls as:– “A process effected by an organization’s structure,
work and authority flows, people and management information systems, designed to help the y gorganization accomplish specific goals or objectives.”
– Internal Controls are further defined as “a means by which an organization’s resources are directed, monitored, and measured.”
4
INTERNAL CONTROLS
• Internal Control Objectives (General)– Reliability of financial reporting
– Timely feedback on the achievement of operational or strategic goalsoperational or strategic goals
– Compliance with laws and regulations
5
INTERNAL CONTROLS
• Internal Control Objectives (Specific)– Existence (Validity)
– Occurrence (Cutoff)
– Completeness
– Valuation
– Rights and Obligations
– Presentation and Disclosure
– Reasonableness
6
1/12/2011
3
INTERNAL CONTROLS
• Control Activities– Segregation of duties– Authorization of transactions– Retention of records– Supervision or monitoring of operations– Physical safeguards– Top level reviews– IT security– Controls over information processing
7
INTERNAL CONTROLS
• What do IFTA and IRP say?– IFTA (IFTA Audit Manual Section A640)
• Several identifiable phases– Review and Documentation (.100)– Preliminary Evaluation (.200)y ( )– Test of Compliance (.300)– Report on Weaknesses (.400)
– IRP (IRP APM Section 702)• Three identifiable phases
– Review and Documentation (a)(i)– Tests of Compliance (a)(ii)– Report on Weaknesses (a)(iii)
8
INTERNAL CONTROLS
• Review and Documentation– Information gathering
• Determine if changes occurred in accounting procedures, system or operations
• Identify records maintained to support the tax return (IFTA) or the registration application (IRP)
• Confirm whether a review of such documentation occurs prior to data entry
9
1/12/2011
4
INTERNAL CONTROLS
• Review and Documentation (cont’d)– Document your understanding of the system
• Internal Control Questionnaires
• Flow Charts/Diagrams
• Narratives
– Clarification• How to test and trace transactions to evaluate the system
10
INTERNAL CONTROLS
• Preliminary Evaluation– Review documentation obtained during
pre-audit and opening conferencep p g
– Note any areas of possible weakness
– Discuss potential weaknesses with the licensee/registrant (seek clarification)
– Test validity of weaknesses noted
11
INTERNAL CONTROLS
• Tests of Compliance– Reliability based on the review and
documentation of the existing controls– If reliable:
• No further tests may be needed and the audit can proceed as planned
– If not reliable:• More extensive tests may be needed. If weaknesses
were detected, the types of tests may vary and be expanded
12
1/12/2011
5
INTERNAL CONTROLS
• Report on Weaknesses– A matter of auditor judgment
• Weaknesses must be reported to the licensee/registrant (IFTA Audit Manual A640 400 IRP APM S ti 702 ( ))A640.400, IRP APM Section 702 (g))
• Weaknesses documented in the audit file (“shall” per IRP APM Section 702(g))
13
INTERNAL CONTROLS
• What parts of the audit scope could be affected by an Evaluation of Internal Controls?– Sample size
Sample periods– Sample periods
– How errors are treated
– Whether third party verification is needed
– Interviews with key personnel
14
INTERNAL CONTROLS
• Concerns– Large Company = Greater Controls
• But???– Are procedures being followed– Are security measures in place
– Small Company = Few Controls• Trip information on napkins or calendars• Paper records
– Both examples can be problematic without proper oversight and communication.
15
1/12/2011
6
INTERNAL CONTROLS
• Examples of Internal Controls objectives examined:– Existence (Validity): Only valid transactions are
processed. Occurrence (Cutoff): Transactions occurred during– Occurrence (Cutoff): Transactions occurred during the correct period or were processed timely. Will distance or fuel from one period be reported in the subsequent period? If so, is it consistently reported in this manner? IE: End of trip, not end of qtr.
16
– Completeness: All transactions are processed that should be; no omissions.
INTERNAL CONTROLS
– Valuation: Transactions are calculated using an appropriate methodology or are computed correctly.
17
– Rights and Obligations: Assets and liabilities as of a given date.
INTERNAL CONTROLS
– Presentation and Disclosure: Components of financial statements are properly classified and described.
18
1/12/2011
7
– Reasonableness: Transactions or results appear reasonable.
INTERNAL CONTROLS
– Segregation of duties. Who is responsible for what duties?
19
INTERNAL CONTROLS
– Authorization of transactions. Who authorizes action items?
– Retention of records. Do they have a valid retention period in place?retention period in place?
20
– Supervision or monitoring of operations. Are the operations monitored? By whom?
INTERNAL CONTROLS
– Physical safeguards. Are assets monitored?
21
1/12/2011
8
– Top level reviews. Who ensures the operations are above board?
IT it Wh / h t d t
INTERNAL CONTROLS
– IT security. Who/what ensures data integrity?
– Controls over information processing. Is data reviewed to ensure accurate capture and reporting of transactions?
22
REVIEW
• Evaluating the Internal Controls
• Several key phases to the reviewSize will determine the number of phases– Size will determine the number of phases
23
REVIEW
• Identifying the Strengths and Weaknesses– Many Strengths – less intensive testsMany Strengths less intensive tests
– Many Weaknesses – more intensive tests and sampling.
24
1/12/2011
9
REVIEW
• A thorough review is time well spent• Allows the auditor to analyze the
operations and form an audit plan p pbased on the reliability of the recordkeeping.
• Assists with other decisions such as projecting error rates, sampling, and identifying outliers.
25
FINAL THOUGHTS
• A thorough and complete Evaluation of Internal Controls – benefits the auditor as well as the auditee. – discovery and disclosure of deficiencies in the
recordkeeping system provides valuablerecordkeeping system provides valuable information.
– understanding the potential flaws in the system may lead to the discovery of any errors.
– results in a more efficient, expedient, and equitably conducted audit examination.
26
FACILITATORS Contact Information
• Rick LaRose• [email protected]
• Dawn Lietz• [email protected]
27
1/12/2011
10
28
