mso forum n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
MSO Forum PowerPoint Presentation
Download Presentation
MSO Forum

Loading in 2 Seconds...

play fullscreen
1 / 37

MSO Forum - PowerPoint PPT Presentation


  • 92 Views
  • Uploaded on

MSO Forum. September 13, 2004. Outline of Presentation. Context: Internal Controls – Shared Responsibility DaFIS Passwords & Security General Ledger Review Tools Purchasing & Business Contracts Business Process Improvement Initiative Travel & Entertainment Expense Reporting

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'MSO Forum' - teo


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
mso forum
MSO Forum

September 13, 2004

outline of presentation
Outline of Presentation
  • Context: Internal Controls – Shared Responsibility
  • DaFIS Passwords & Security
  • General Ledger Review Tools
  • Purchasing & Business Contracts
    • Business Process Improvement Initiative
  • Travel & Entertainment Expense Reporting
  • Research Compliance
  • Update Risks
  • Emerging Issues
  • Open Forum
overview of control responsibilities
Overview of Control Responsibilities

The Control Environment:

All academic and administrative employees are responsible for controls when

conducting University business.

Although specific responsibilities

between groups may vary, all

work toward the same goal

of ensuring an effective and

efficient control environment.

Academic and Administrative Management:

Responsible for developing, implementing

and maintaining controls to manage risks

and achieve objectives. Controller has primary responsibility for providing

campus leadership to establish

effective internal control and

accountability practices.

The Control Environment

Academic and

Administrative

Management

(Includes

Controller)

Faculty

and Staff

Audit and Advisory Services:

Assists management in their

oversight and operating

responsibilities through

independent audits and

consultations designed to evaluate

and promote the system of internal controls.

Audit and Advisory

Services

Faculty and Staff:

Responsible for applying

University values, policies, procedures and regulatory requirements to ensure

consistent operations.

What is Internal Control?

Internal control is an integral part of the University's operations. Internal control is broadly defined as a process, effected by our Board of Regents, faculty, and academic and administrative staff, designed to provide reasonable assurance regarding the achievement of instruction, research, patient care, and community service objectives, including:

Effectiveness and efficiency of operations.

Reliability of financial reporting.

Compliance with applicable laws and regulations.

five components of internal control
Five Components of Internal Control
  • Control Environment
    • Tone at the top, integrity, ethics, competence.
  • Risk Assessment
    • Evaluating risks to achieving objectives.
  • Control Activities
    • Mitigate risks and achieve objectives.
  • Information and Communication
    • Relevant, timely and accurate information to stakeholders.
  • Monitoring
    • Assessing the quality of the internal control system over time.
dafis passwords
DaFIS TP

Passwords do not expire

Same passwords since implementation

Does not use Kerberos

Oracle limitation

Password sharing?

DaFIS DS

Passwords do not expire

Same passwords since implementation

Can use Kerberos

But not required

DaFIS Passwords
dafis security
DaFIS Security
  • What can we do to improve security?
    • Begin password expiration for DaFIS TP
      • Expire every 6 months
    • Implement Kerberos only for DS
    • Monitor logins to identify unusual sessions
      • Help Desk to contact users
    • Eliminate password sharing
    • Change TP login…
accountability and dafis
Accountability and DaFIS
  • Role of DaFIS Account Manager
    • Approximately 470 unique Account Managers on active accounts
    • Over 130 different job titles
      • From “__” Assistant I to University Librarian
      • ~ 170 MSO’s
    • What training have they had?
      • Should training be required?
      • How much training can be web based?
accountability and dafis1
Accountability and DaFIS
  • Training for Account Managers
    • Complete online training module
      • Overview of FIS
      • Roles & Responsibilities
      • Appropriate Use
      • Accountability & Business Rules
    • Access would be granted/revoked based upon classes taken
      • Within defined time frame – 45 days
  • Who is reviewing the ledgers?
purchasing business contracts bpi
Purchasing/Business Contracts BPI
  • Business Process Improvement (BPI)
    • Began in the Fall of 2003 as OOA Initiative
    • Detailed analysis of Purchasing/BC Processes
      • Included departmental processes
    • Focus group input
      • OOA Users
      • Academic Dept’s
purchasing business contracts bpi1
Purchasing/Business Contracts BPI
  • Recommendations
    • People
      • Organizational structure
      • Staffing
      • Roles (ESS)
      • Communications
    • Systems
      • RFI/RFP
      • Contract Management
purchasing business contracts bpi2
Purchasing/Business Contracts BPI
  • Recommendations
    • DaFIS TP
      • Documents returned for correction
      • Commodity codes
      • Equipment management processes
      • VI Document
      • Receiving
    • Training
      • Internal
      • External
purchasing business contracts bpi3
Purchasing/Business Contracts BPI
  • Status
    • Implemented new organizational structure
    • Transition DaFIS Help Desk support for Purchasing/BC
    • Issue RFP for new RFX/Contract Management System
    • Developing communications protocols
      • Internal: Accounts Payable, Purchasing, BC, ESS
      • External users
    • DaFIS enhancements
      • Analysis/Requirements Definition
  • Financial support from Provost and VCA in place to fund strategic investments
t e expense reporting
T & E Expense Reporting
  • Current Approach
    • Dual processes
      • DaFIS Document (TEV, EEV)
        • 42,000 TEV’s
        • 19,000 EEV’s
      • Paper document
        • Approvals, supporting doc’s
    • Factors to Consider
      • Build or Buy?
        • TP2
        • Concur
      • Ability to adapt to new processes?
    • T&E Ranked 3rd on IT Projects Priority List
t e expense reporting1
T & E Expense Reporting
  • Gaps in the current system
    • Process delays due to lack of electronic routing of paper forms
    • Weak controls around approvals
      • Valid signatures?
    • No formal process for pre-travel authorization
    • No management data
    • Business rules are not integrated in the process
    • Inability to leverage US Bank Travel Card Program
t e expense reporting2
T & E Expense Reporting
  • Is Concur the solution?
    • Approval/review routed via email
    • Web based
      • Can complete reports off-line
    • Integration of business rules
      • System supports the process
    • Pre-travel authorization process
    • Integrated document management solution
    • Import US Bank Travel Card transactions directly into expense reports
  • Approach is different – is that a problem?
t e expense reporting3
T & E Expense Reporting
  • What’s next?
    • Complete requirements gathering and gap analysis
    • Validate system requirements and integration to DaFIS
    • Test scenarios with departments
    • Test ROI
      • ~ $75 to complete current processes
        • (62,000 TEV & EEV transactions)
      • Compare cost to estimated savings
      • Prove at the department level, not A&FS
  • Timeline
    • End of October to complete analysis
    • Present proposal
research compliance
Research Compliance
  • Is the number 1 risk to the University of California
    • Infrastructure must support the research enterprise
  • Develop and implement systems to provide support
    • Electronic Research Administration (ERA)
    • Effort Reporting System
      • PPS Enhancements
    • Cost Sharing & Tracking
  • Training
    • PI’s
    • Support staff
what is effort reporting
What is Effort Reporting?
  • Federal regulations require that the University certify effort devoted to sponsored projects including committed cost sharing effort
    • OMB Circular A-21
  • Since 1982 the University has used a paper based Personnel Activity Reporting System (PARS) to satisfy this requirement
    • UCD produces ~ 4,000 paper forms each quarter
  • PARS has become outdated from a technology perspective
    • Lacks the ability to meet changing regulations and conditions
why is effort reporting important
Why is Effort Reporting Important?
  • Volume of activity from grants and contracts for UC in FY 02-03:

Federal C&G $2.37 Billion

State Agencies $408 Million

Private $620 Million

Local Governments $131 Million

TOTAL $3.53 Billion 67%

why is effort reporting important1
Why is Effort Reporting Important?
  • Risk Exposure:
    • Northwestern University
      • Audit disallowances of $5.5 Million
        • C&G Base of $325 Million in FY01-02
    • University of South Florida
      • Returned $ 4.1 Million to the federal government to settle issues
    • UC paid a total of $2.1 Million to settle the NIH Salary Cap limitation disallowance
      • Period 7/1/95 - 6/30/02
    • Other recent cases involve:
      • Harvard, Johns Hopkins
why is effort reporting important2
Why is Effort Reporting Important?
  • Importance of Good Business Practices:
    • Meeting fiduciary and stewardship responsibilities
    • Encouraging active participation by faculty and staff required to complete an Effort Report
    • Facilitating user convenience and responsiveness
effort reporting initiative
Effort Reporting Initiative
  • Goal: Identify requirements for a new effort reporting system, including:
    • Online and fully distributed access
    • Web-based interface
    • Ability to interface with other existing enterprise systems to both gather and pass required information (e.g. Payroll, Cost Sharing, ERA)
    • On line editing and edit checks
    • Maintaining or importing campussecurity and access controls
    • Distributing reports and capturing certifications electronically
    • Providing ad hoc and management reporting capabilities
    • Maintaining historical information and audit trail
    • Web-based training/compliance component
effort reporting initiative1
Effort Reporting Initiative
  • Collaborative:
    • 5 Campuses and UCOP working together to develop specifications
      • UCB, UCD, UCLA, UCSD, UCSF
    • All participants have committed both time and direct financial support to the project
    • Task Force and Work Groups have included representatives from: Admin. Affairs; Budget and Finance; Research; Information Technology; and Campus Departments
effort reporting initiative2
Effort Reporting Initiative
  • Consultative:
    • Project staff and Task Force members have met with staff in departments and central units on all 5 campuses and UCOP to receive input and review draft documents
    • Consultation with key stakeholders including:
      • Council of Vice Chancellors Administration
      • COVC
      • VCs Research
      • Budget and Planning Officers
      • Controllers
      • IT Leadership Council
effort reporting initiative3
Effort Reporting Initiative
  • Comprehensive:
    • Project members have met with representatives of other institutions that are in the process of developing or implementing on line effort reporting systems
    • Task Force has identified both technical and cultural issues that must be addressed
effort reporting initiative4
Effort Reporting Initiative
  • Status:
    • Requirements document completed
      • January, 2004
    • Technical fit and cost estimates developed
    • Funding in place from all 5 Campuses and UCOP
      • Total projected development cost $2.1 million
        • Does not include local implementation costs
    • Development team is being assembled
      • Target implementation - Fall 2006
    • P&P and Training materials in development
      • Effort Reporting and Cost Sharing/Tracking
cost sharing
Cost Sharing
  • What is it?
    • Cost sharing represents the portion of a project’s direct or indirect costs that are not supported by the sponsor
      • Costs may be provided by the University or a 3rd party
      • When federally funded programs are involved, cost sharing represents contributions to a federal program
    • Recent changes to OMB Circular A-21, including Cost Accounting Standards, have created compliance risks for universities
cost sharing1
Cost Sharing
  • What is it?
    • OMB Circular A-110 defines cost sharing as “all contributions, including cash and third party in-kind” that meet seven criteria
  • Types of Cost Sharing
    • Mandatory
      • Represents contributions required by the sponsor
    • Voluntary Committed
      • Specified within the proposal
    • Voluntary Uncommitted
      • Not specified within the proposal
cost sharing2
Cost Sharing
  • Why do we have it?
    • Many PI’s volunteer it believing it makes their proposal more competitive – demonstrates institutional support for the project
      • Sources of actual funding are often difficult to identify
      • Departmental administrators and PI’s may not realize the consequences of voluntarily offering cost sharing
    • In most cases, sponsors do not require cost sharing
      • NSF 1% mandatory cost sharing on total awards
    • Some institutions, like MIT have adopted policies prohibiting voluntary cost sharing
      • UCD policies need to be updated to better address this issue
      • Can the PI decide or does the Dept. Head need to approve?
cost sharing3
Cost Sharing
  • UCD must implement a system to track voluntary cost sharing
    • HHS Division of Cost Allocation (DCA) has made it very clear that our last two F&A rate proposals were not in compliance with A-21 & A-110
      • DCA imputed a cost share amount based on the UC average of 5.2% or ~ $9 million for FY2002
        • (excludes F&A cost)
    • A&FS has developed a Cost Sharing & Tracking System that utilizes DaFIS DS
      • Based on the system used at UCI
emerging issues
Emerging Issues
  • Sarbanes-Oxley Act of 2002 and Federal Sentencing Guidelines
    • UC Regents have adopted standards
      • UCD Directives 02-130 & 03-016
    • Build up certification process for VC’s, Deans, other senior managers - Expands accountability
      • In support of management representation letter
      • University-wide Code of Ethics
  • Electronic Document Management System (EDMS)
  • Advisory Committee on Employee Systems (ACES)
slide37

Open Forum

Obtain a copy of this report at...

http://accounting.ucdavis.edu