Internal Controls Game Show
Kelsey Vatsaas, CPA, MBA
Managing Consultant ‐ Nonprofits
Internal Controls Game Show
Learning Objectives:
 Identify the benefits of having strong, well documented internal controls.
 Understand the frameworks that underlie internal controls and risk assessments.
 Learn policies and procedures changes you could make to support your organization.
History and Background
Risks
Segregation of Duties
Policies and Procedures
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
10 points
History and Background
What is the name of the international framework used to design internal controls?
Return to Main Board
Answer
Nuances within
Financial Statements
History and Background
COSO Framework
Return to Main Board
Nuances within
Financial Statements
History and Background
Which came first – Sarbanes Oxley or the COSO Framework?
Return to Main Board
Answer
History and Background
COSO Framework
Return to Main Board
History and Background
Name one of the five “sponsoring organizations” of COSO. (Hint: all 5 are professional associations)
Return to Main Board
Answer
History and Background
American Accounting Association (AAA)
• American Institute of CPA (AICPA)
• Financial Executives International (FEI)
• Institute of Internal Auditors (IIA)
• National Association of Accountants (now the Institute of Management Accountants‐
IMA)
•
Return to Main Board
History and Background
Name one purpose for internal controls.
Return to Main Board
Answer
History and Background
• To safeguard assets
• To produce accurate accounting data
• To contribute to efficient operations
• To promote compliance with policies or requirements
• OR Other reasonable answer
Return to Main Board
Risks
What kind of assurance do good internal controls provide?
a. None
b. Reasonable
c. Absolute
Return to Main Board
Answer
Risks
b. Reasonable Assurance
Return to Main Board
Risks
Name one of the three components of the fraud triangle.
Return to Main Board
Answer
Risks
• Rationalization
• Opportunity
• Motivation
Return to Main Board
Risks
According to current industry best practice, how often should your system passwords expire?
Return to Main Board
Answer
Risks
Every 90 days
Return to Main Board
Risks
In 2014, What percent of global fraud occurred at nonprofits (by # incidents)? [closest without going over]
Return to Main Board
Answer
Risks
11% of total frauds
Median loss was $108,000 per incident.
Return to Main Board
Segregation of Duties
Name at least one indicator of a strong control environment:
Return to Main Board
Answer
Segregation of Duties
• Clear lines of authority
• Public code of conduct
• Formal budget process
• Low staff turnover
• Effective board involvement
• Internal audit functions
Return to Main Board
Segregation of Duties
Fill in the blanks:
In strong internal controls, no one person can control a transaction from _________ to _________.
Return to Main Board
Answer
Segregation of Duties
In strong internal controls, no one person can control a transaction from START to FINISH.
Return to Main Board
Segregation of Duties
Fill in the blanks:
Regardless of the size of your organization, the same person should not be able to ______ checks, _______ checks, and ___________.
Return to Main Board
Answer
Segregation of Duties
Regardless of the size of your organization, the same person should not be able to write
checks, sign checks, and reconcile the bank statement.
Return to Main Board
Segregation of Duties
Who should NOT have the ability to create or edit vendors in the GL software?
Return to Main Board
Answer
Segregation of Duties
Individual with the ability to print checks and reconcile bank accounts.
Return to Main Board
Policies and Procedures
What makes a written Policy/Procedure “strong”?
Return to Main Board
Answer
Lobbying and Politics
Policies and Procedures
•
• Succinct
• Relevant to audience
• Aligned to business needs
In compliance with regulatory or funder requirements
• Specific roles identified
Return to Main Board
Policies and Procedures
Name at least one thing that should be addressed in an IT policy/procedures manual.
Return to Main Board
Answer
Policies and Procedures
• Access controls
• Change controls
• Backup/contingency
• Password requirements
Return to Main Board
Policies and Procedures
For most federal grants, organizations have to follow specific procurement guidelines, which changed with the “new” uniform guidance. Name one of the five levels of procurement in the “Procurement Claw”
Return to Main Board
Answer
Policies and Procedures
1. Micro‐purchases
2. Small purchases
3. Sealed bids
4. Competitive proposals
5. Sole source
Return to Main Board
Policies and Procedures
Name one development‐related policy/procedures that is important to include in your finance P&P manual.
Return to Main Board
Answer
Policies and Procedures
• Gift acceptance
• Acknowledgement
• Donor database and GL reconciliation process
• Other reasonable policy.
Return to Main Board
©2016 CliftonLarsonAllen LLP
Questions? Kelsey Vatsaas
Managing Consultant
612‐376‐4657
[email protected] For future events, visit our website at CLAconnect.com/events CLAconnect.com
linkedin.com/company/
cliftonlarsonallen
facebook.com/
cliftonlarsonallen
twitter.com/CLAconnect
36
How to use this Template
This template is set up using hyperlinks which jump from slide to slide. Each panel is linked to a corresponding Question slide which has a panel where you can edit the text and type in your own Question.
Under each Question Slide is an Answer Slide which you can type the answer to your Question.
Here is the Question Slide that contains an area to type your question.
Click the Answer button to jump to that Questions Answer Slide which is the slide directly below.
Here is the Answer Slide that is directly below the Question Slide.
*note* You can access Slide Show Mode by hitting the F5 key on your keyboard or going to the Slide Show tab in your top menu and selecting From Current Slide. You can also click the Return to Main Board button if you choose not to reveal the answer.
On the Answer Slide click the Return to Main Board button to return to the main Category Board. Making Panels Inactive
You can make panels inactive simply by selecting the TEXT and hitting delete which will leave the panel blank.
Once you have deleted the Panels you want you will want to go delete the corresponding Question and Answer Slides.
Example: If were deleted the text on these panels.
We would then need to go delete the corresponding Question and Answer Slides for Category4 $500, Category5 $500, Category6 $500.
*note*You can multiple slide at once by holding Shift while selecting slides.
Say if you wanted to delete all of Category6 Question & Answer slides you click the top slide you want to delete and hold shift and click the bottom slide and all the slides in between will be selected.
Making Panels Inactive Alternative
If you do not want to delete any of your slides Question and Answer Slides and just want to make those panels on the main board inactive, you can right click on the panel and select Remove Hyperlink. For 2003 users you will need to double right click to find this option.
This will remove the link to the Corresponding Question Slide.