1 / 25

MIT Audit Environment

MIT Audit Environment. John P. Donahue Associate Director, Office of Sponsored Programs Tim Gordon Associate Audit Director – Risk and Compliance MIT Audit Division. Goals of the Presentation. Discuss Institute’s audit environment

gayle
Download Presentation

MIT Audit Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. MIT Audit Environment John P. Donahue Associate Director, Office of Sponsored Programs Tim Gordon Associate Audit Director – Risk and Compliance MIT Audit Division

  2. Goals of the Presentation • Discuss Institute’s audit environment • Internal and external auditors, their roles and scope of work • The impact of audits on DLCs • Describe roles and scope of MIT Audit Services • internal controls at MIT and in DLCs • Common issues and findings

  3. What is the definition of “audit”? • Professional, independent inspection / examination / review / verification to evaluate one or more of the following: • Financial statement representation • Compliance • Soundness and integrity of financial and operational internal control environment • System controls • Efficiency and effectiveness • Audit work is conducted against an appropriate set of standards (e.g. GAAP, OMB A-133, A-21)

  4. What groups perform audits at MIT?

  5. Areas of Audit Emphasis (External Audits) • Institute Financial Statements Audit: Focus is the entire Institute. Main offices involved outside of VPF include MITIMCo, Lincoln Lab, and the Recording Secretary’s Office • Benefit Plan Financial Statements Audits: Focus is on the reported assets and liabilities of the plans and participant contributions and benefit payouts • A-133 Audit: Focus is on compliance with regulations regarding federal funding, mainly for research (e.g. cost allowability) and student financial aid (e.g. eligibility) • Indirect Cost Rates Audit: Focus is on the Institute’s F&A, EB, and Vacation Accrual rates • Program Audits: Focus is on compliance with program specific requirements and provisions

  6. External Auditors and the DLCs • External auditors’ interaction with DLCs is primarily related to direct research charges on Federal awards. • Transaction level supporting documentation/explanations • PI or staff interviews • Materials/Equipment Verification • Site visits/space reviews • OSP & VPF buffer audit requests as much as possible • Contact OSP if you receive audit requests directly

  7. MIT Audit Division Mission, Scope, and Guidance • Independent and objective assurance consulting activity • Responsible for ensuring adequacy of controls over financial operations, safeguarding of assets, and compliance with laws and regulations • Guided by philosophy of ensuring achievement of the Institute’s business objectives and adding value to improve the Institute’s operations • Subject to International Standards for the Professional Practice of Internal Auditing • MIT Audit Division consists of 16 Staff members (Deb Fisher is the Institute Auditor)

  8. MIT Internal Audit Services • Traditional Audits (Assurance engagements) • Business process reviews • Targeted reviews • Advisory services • Non-attestation (no audit opinion) • Advice and guidance on strong controls; assist management in decision making • Largely research admin. compliance & construction contract reviews • DLC Site Visits • Advisory based internal audits designed to monitor sponsored research • Central focus of our Research Administration Compliance Program

  9. Internal Controls • A process designed by an organization, to provide reasonable assurance regarding the achievement of objectives in the following areas: • Reliability and accuracy of financial reporting • Compliance with applicable laws, regulations and policy • Effectiveness and Efficiency of operations • Internal Controls help manage risk (Financial, operational, compliance, legal, technology, reputation) People are not controls

  10. Components of Internal Control Framework Monitoring: Periodic review of activities Control Activities: Policies, procedures Processes, monitoring, guidance, training, supervision, physical safeguards Risk Assessment: Policies, procedures Processes, monitoring, guidance, training, supervision, physical safeguards Control Environment: Ethical values, incentives, management philosophy

  11. Internal Controls at MIT • MIT has an Institute-level Control Structure, with multiple systems of internal controls • DLCs carry out control activities prescribed by MIT’s policies and procedures • DLCs have department-level Internal Control structures All levels of management at MIT (Board, Central Admin, DLCs) are responsible for establishing internal control processes to meet operational, financial and compliance objectives

  12. Internal Controls in DLCs • Salary certification • Requisition approval • Credit Card Verification • Travel voucher preparation and approval • Statement Review • Assigning authorizations • Password controls • Training: EHS, human subject research, research administration • Budget projections Consistency and application are critical to the effectiveness of controls

  13. Review of Cost Allowability Allowable Cost Consistency Allocable Conforms with Award Reasonable

  14. Salary Certification • Certification – “invoice” for labor costs - majority of sponsored research costs • Quarterly Certification (eDACCA, eSDS) - new policies for non-compliance • Certification by proxy should be supported • PI determines level of effort to be committed by personnel • Salaries charged should be consistent with effort

  15. Cost Transfers: Why are they problematic? • Assumption: transaction was not handled properly initially • Frequent and poorly documented cost transfers may be indication of underlying control problems • Federal auditors scrutinize more closely for allowability • Should be exception not routine • Means to relieve Overrun or potential overrun • Timeliness • Demanding Documentation Standard/Requirement

  16. Cost Transfer Documentation • Cost transfer JVs must contain clear justification: • Benefit to the receiving project • Allowability to the new sponsored project • Reason for transfer • Reason for any delay in processing of the transfer (over 90 days) • It was reviewed by a knowledgeable person (PI) • Who, What, Where, Why and How? A good justification will allow anyone reviewing the cost transfer to understand how the expense benefits the receiving sponsored project

  17. Allocability of Costs • A cost can be allocated to a project if the goods or services involved are chargeable or assignable to the project in accordance with relative benefits received or other equitable relationship (OMB A-21, C-4) • Cost Transfers • Equipment • Costs Outside Period of Performance • Reasonable estimates

  18. Potential Allocation Issues • Equipment bought at end of period • Equipment being used by multiple projects • Animals charged to awards without protocols • Travel costs for individuals whose efforts are not charged to the project • Costs incurred outside the “period of availability”

  19. Monthly Statement Review • Based on Financial Review and Control Guidelines (FRC) • Monthly Transaction Reports should be reviewed to ensure that: • Improper costs are not charged • Costs which should be charged are reflected • Charges are consistent with PI's expectations • Overall financial status of project is understood • Significant variances from budget are identified • Critical Internal Control • Prompt follow-up on open items/corrections • Document review • Should be done within 30 days after month close

  20. Monthly Statement Review • Methodology – How do you do it? (Sample vs. 100% review) • Evidence of Review – Tickmarks, sign-off, notes, etc • Sign (or initial) and date review • Correction of errors and follow-up on outstanding support • Electronic vs. Paper Review • Goal: Ensure all costs are reasonable and applicable to the account

  21. Key Points • Obtain clear instructions on allocations from PIs • Review project status with PIs periodically • Ensure allocation decisions are based on benefit/equity not availability of funds • Don't park expenses in project account only to be transferred at a later date • Ensure discrepancies are promptly resolved and corrected • Review final reconciliation of project closeout

  22. Common Issues (MIT Audit Division) • Undocumented Statement Review • Poorly documented Cost Transfers • Questionable costs on research accounts • Lack of segregation of duties • Salary certification by proxy without signed DACCA • Service Center balances beyond 15% • Unfulfilled cost sharing requirements • P-Card issues • Outstanding travel advances over 90 days • Misclassification of expenses

  23. Common OIG Audit Findings • Salary charges that lack adequate documentation to support that the work performed was related to the award • Cost Transfers without adequate supportive documentation • Equipment charged at end of the award period • Salaries charged for administrative employees who had no direct relationship to the award • Failure to support cost sharing claimed

  24. Common OIG Audit Findings • Salaries for scientists who did not work on the award • Costs for meals, travel, supplies, etc. that were not adequately documented • Costs of supplies, equipment and animal charges incurred in connection with other projects unrelated to these awards • Submission of false information on annual progress report • Delinquent annual progress report Internal controls are designed to minimize or eliminate audit findings

  25. Questions?

More Related