Sneak Preview: Having Proactive Internal Controls Can Help Address Weaknesses

August 9, 2013 | By Jerry Ashworth | Post a Comment

xsass_bookshot(The following was excerpted from an article in the Single Audit Information Service.) Recipients of federal awards should be aware of certain organizational weaknesses that could increase their risks and, therefore, should develop internal control processes to safeguard the integrity of their programs, Tiffany Winters, Esq., partner with Brustein & Manasevit recently told attendees at the National Grants Management’s annual training conference.

“You don’t want [an auditor] to pause,” Winters said. “You want [the auditor] to keep going, because if [he or she] pauses, that means something is not right. Implementing internal controls is all about thinking outside the box — what can you do to change your systems and make them stronger and more efficient to reduce fraud, waste and abuse?”

Winters discussed three general types of internal controls. They are:

  • preventative controls — designed to discourage errors or irregularities (e.g., documenting policies and procedures; hiring trained, trustworthy personnel; developing processes for approvals and authorizations);
  • detective controls — designed to identify an error or irregularity after it has occurred (e.g., monitoring transactions; conducting audits, reconciliations and reviews); and
  • corrective controls — designed to detect if a risk has been realized and establish ways to react to the risk (e.g., an automated financial management system that automatically rejects a transaction that has no paper approvals).

Winters addressed the five internal control components established by the Committee of Sponsoring Organizations of the Treadway Commission. These are control environment, risk assessment, control activities, information and communication, and monitoring. “An audit that goes through these components is cross-cutting, meaning it’s going to affect every single federal grant you have with an agency,” Winters said. “Components of internal controls deal with systemic problems, which means if you are not tracking time and effort for example, you are not tracking it for any federal program that you have. What will happen is that the auditor can take every salary and wages cost from every program you have and make a finding that it is unallowable. If you are not keeping [time and effort documentation] from one program, [the auditor] will assume you are not keeping it for other programs.”

LinkedInShare

Post a Comment

Your email is never shared. Required fields are marked *

*
*