Audit Absolutes DHS/USCG Perspectives. Jeff Bobich DHS Director of Financial Management Mark Rose USCG Comptroller 10 March 2016
|
|
- Gyles Dixon
- 6 years ago
- Views:
Transcription
1 Audit Absolutes DHS/USCG Perspectives Jeff Bobich DHS Director of Financial Management Mark Rose USCG Comptroller 10 March
2 DHS Audit Requirements & Overview 2
3 DHS Audit Requirements Chief Financial Officers Act of requires all Federal agencies to undergo an annual audit of their financial statements DHS Audit Requirement Target Act of 2012 (DART Act) - requires the Department to obtain an unqualified (clean) opinion on the full set of financial statements in fiscal year 2013, and each fiscal year thereafter. DHS Financial Accountability Act of requires DHS to undergo an annual audit of internal controls over financial reporting. o DHS is the only cabinet level agency subject to this requirement 3
4 DHS Financial Management Scope 15 Component Bureaus 8 Different G/L Systems, Hundreds of Feeders Variety of Business Lines with Complex Accounting Insurance, Direct Loans, Borrowing Authority & Debt, Grants, Trust Funds, Pensions and Health Care, Custodial Revenue (Customs), Large Fee Programs (Aviation & Immigration), Seizures (Property, Drugs, and Currency), OM&S, PP&E, Environmental Liabilities FY 2015: $96b assets, $97b liabilities, $63b gross cost, $53b net cost, $64b enacted BA Consolidated department-wide audit, plus standalone audit opinion for Customs & Border Protection. 4
5 DHS Audit History FY 2003 DHS stood up starts with 30 inherited deficiencies, 18 of those material weaknesses. FY One DHS financial statement audited: the Balance Sheet resulting in disclaimer of opinion with 10 DHS-wide material weaknesses and two significant deficiencies. FY 2011 Year of the Opinion - Qualified due to the USCG s general property, plant and equipment (PP&E). FY 2013 Clean (unmodified) opinion sustained through FY 2015 and beyond. 5
6 DHS Audit History FY 2015 three remaining material weaknesses 6
7 How we got to clean Commit Collaborate & Communicate Continuous Monitoring Plan Believe! 7
8 Keys to Success Audit Management Well defined, mutually agreed upon audit calendar Effective liaison get them what they need! Regular status checks at all levels Leadership Support Accountability Moving Roadblocks Risk Assessments (Business Impacts) Structured Internal Control Testing Continuous / Routine Monitoring Validation and Verification of Remediation 8
9 Why USCG is Significant USCG makes up a large part of the DHS Financial Statements (FY15): 27% of assets 53% of liabilities 28% of net cost Due to its size and complexity, USCG is a contributing factor in all three of the DHS Material Weaknesses reported by the auditors in FY15. Financial Reporting PP&E Information Technology Controls 9
10 USCG Audit Experience 10
11 Financial Statement Audit History Year Dept Auditor Scope Opinion Through 2002 DOT DOT IG Full Scope Unqualified 2003 DHS KPMG Balance Sheet Qualified DHS KPMG Balance Sheet Disclaimer 2011 DHS KPMG Balance Sheet Qualified 2012 DHS KPMG Full Scope Qualified 2013 DHS KPMG Full Scope Unmodified 2014 DHS KPMG Full Scope Unmodified 2015 DHS KPMG Full Scope Unmodified FY03: Coast Guard joined DHS. DHS receives Qualified audit opinion on its balance sheet FY11: Received first Qualified audit opinion on its balance sheet and statement of custodial activity FY13: Received first unmodified (unqualified) audit opinion on its financial statements since DHS was formed in 2003 FY14 & FY15: Received unmodified audit opinion on its financial At DOT - Thru 2002 At DHS Onward 11 statements
12 FY 2015 Audit Results Coast Guard drives DHS audit results due to size Financial Statement: Unmodified (clean) Internal Controls over Financial Reporting: Adverse DHS Significant Deficiencies considered to be were over: Financial Reporting (FR) IT General Controls (ITGC) Property, Plant & Equipment (PP&E) The CG was a major contributor to DHS' Material Weakness over FR & PP&E and to a considerable, but lesser extent, to the Material Weakness over ITGC. Other DHS were over: Budgetary Accounting, Grants Management & Custodial Activity. 12
13 USCG Audit PBC/NFR Process NOTE: KPMG, Audit Coordination Team (ACT) and USCG POCs use SharePoint and Shared folders for PBC/NFR requests 13
14 Internal Controls Cycle 12) Statement of Assurance 1) Determine Scope 2) Perform Materiality Assessment 11) Roll Forward and Monitoring 3) Perform Risk Assessment 10) Create Corrective Action Plan 4) Document Process and Procedures 9) Report Results to Management 5) Develop Testing Plan 8) Evaluate Test Results 7) Perform Test of Effectiveness 6) Perform Test of Design 14
15 USCG Statement Of Assurance Coast Guard Commandant s Assurance Statement Assessable Organizational Elements (AOE) Assurance Statements (HQ PMs/Area CDRs) CIO CFO Government Performance and Results Act Reporting (Operations) Information Technology General Controls (CIO) Internal Controls Over Operations (AOE) Internal Controls Over Financial Reporting (CFO) Effective and Efficient Operations Compliance with Laws and Regulations Reliable Reports Programs Resources Risks External Oversight 15
16 USCG Executive Focus The unmodified Financial Statement Audit Opinion was earned through hard work and significant manpower.but it requires continued executive focus to sustain the opinion. EMC-ICARB: Executive Management Council Internal Controls/Audit Readiness Board Oversees the coordination of annual financial statement audit activities. Validates, verifies, and reports to the Commandant as to when sufficient action has been taken to declare that a material weakness and/or reportable condition has been corrected. SAT: Senior Assessment Team Assists the EMC-ICARB in overseeing and coordinating the annual financial statement audit. Reports remediation effort progress to the EMC-ICARB. MAP: Mission Action Plan Develops the corrective actions to address significant deficiencies and material weaknesses. Coordinates and executes the planned remediation efforts. ICWG: Internal Control Working Group Promotes the importance and value of internal control and accountability throughout the Coast Guard. Facilitates effective communication, coordination, monitoring, and execution of internal control initiatives, including risk assessments. 16
17 Questions? 17
DHS Overview of Sustainability and Environmental Programs. Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs
DHS Overview of Sustainability and Environmental Programs Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs DHS Mission DHS Organization Getting to Know DHS Mission: Secure
More informationFIRST NATIONS FINANCIAL MANAGEMENT BOARD. FMB Certification: What Auditors Need to Know March 16, 2017
FIRST NATIONS FINANCIAL MANAGEMENT BOARD FMB Certification: What Auditors Need to Know March 16, 2017 Presenter Introductions Scott Munro, CPA, CA, CAFM Director, Standards and Certification Lee Fulla,
More informationVirginia State University Policies Manual. Title: Information Security Program Policy: 6110
Purpose Virginia State University (VSU) uses information to perform the business services and functions necessary to fulfill its mission. VSU information is contained in many different mediums including
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationCHARTER OUR MISSION OUR OBJECTIVES OUR GUIDING PRINCIPLES
OUR MISSION Promote the highest level of safety for the U.S. offshore oil and natural gas industry through effective leadership, communication, teamwork, utilization of disciplined management systems and
More informationMitigation Framework Leadership Group (MitFLG) Charter DRAFT
Mitigation Framework Leadership Group (MitFLG) Charter DRAFT October 28, 2013 1.0 Authorities and Oversight The Mitigation Framework Leadership Group (MitFLG) is hereby established in support of and consistent
More informationSTAFF REPORT. January 26, Audit Committee. Information Security Framework. Purpose:
STAFF REPORT January 26, 2001 To: From: Subject: Audit Committee City Auditor Information Security Framework Purpose: To review the adequacy of the Information Security Framework governing the security
More informationMetricStream GRC Summit 2013: Case Study
W E L C O M E MetricStream GRC Summit 2013: Case Study Angela Hoon Principal KPMG LLP Lisa Rawls Director KPMG LLP Supradeep Appikonda Director MetricStream Cutting through Complexity During Your GRC Journey
More informationStudio Guggino and Newtonpartner S.r.l. a team of professionals at the service of your Company
Studio Guggino and Newtonpartner S.r.l. a team of professionals at the service of your Company To get where the others fail, we have to achieve even higher goals www.sas70.it MISSION Our Mission consists
More informationLIST OF SUBSTANTIVE CHANGES AND ADDITIONS. PPC's Guide to Audits of Local Governments. Thirty first Edition (February 2016)
Route To: Partners Managers Staff File LIST OF SUBSTANTIVE CHANGES AND ADDITIONS PPC's Guide to Audits of Local Governments Thirty first Edition (February 2016) Highlights of This Edition The following
More informationREVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009
APPENDIX 1 REVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto
More informationMNsure Privacy Program Strategic Plan FY
MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term
More informationExam Questions IIA-CGAP
Exam Questions IIA-CGAP Certified Government Auditing Professional https://www.2passeasy.com/dumps/iia-cgap/ 1. Help define the role and responsibilities of auditors to internal and external entities.
More informationMANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors
Page 1 of 6 Applies to: faculty staff students student employees visitors contractors Effective Date of This Revision: June 1, 2018 Contact for More Information: HIPAA Privacy Officer Board Policy Administrative
More informationSCO Audit Tales. Chapter II Sonoma State University
SCO Audit Tales Chapter II Sonoma State University Agenda Why?? Timeline Scope Preparation Defining Parameters Audit Team Areas of SCO Interest Areas of Campus Concern Current Status Lessons Learned Why??
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationArticle II - Standards Section V - Continuing Education Requirements
Article II - Standards Section V - Continuing Education Requirements 2.5.1 CONTINUING PROFESSIONAL EDUCATION Internal auditors are responsible for maintaining their knowledge and skills. They should update
More informationSAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION
SAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION POSITION: CHIEF OPERATING OFFICER FUNCTION: Responsible for all aspects of the SLV POA day-to-day operations. In this capacity,
More informationAUDIT REPORT. Network Assessment Audit Audit Opinion: Needs Improvement. Date: December 15, Report Number: 2014-IT-03
AUDIT REPORT Network Assessment Audit Audit Opinion: Needs Improvement Date: December 15, 2014 Report Number: 2014-IT-03 Table of Contents: Page Executive Summary Background 1 Audit Objectives and Scope
More informationDHS Systems Engineering Acquisition Challenges and Issues
DHS SCIENCE AND TECHNOLOGY DHS Systems Engineering Acquisition Challenges and Issues NDIA 20 th Annual National SE Conference October 25, 2017 James D. Tuttle Chief Systems Engineer Science and Technology
More informationGovernance, Risk & Compliance - Management Commitment; Building a GRC Aware Culture.
Governance, Risk & Compliance - Management Commitment; Building a GRC Aware Culture. Natasak Rodjanapiches, Managing Director, Oracle Corporation (Thailand) 1 Governance, Risk, and Compliance (GRC) Natasak
More informationArticle I - Administrative Bylaws Section IV - Coordinator Assignments
3 Article I - Administrative Bylaws Section IV - Coordinator Assignments 1.4.1 ASSIGNMENT OF COORDINATORS To fulfill the duties of the Fiscal Control and Internal Auditing Act (30 ILCS 10/2005), the Board
More informationFederal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011
Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011 Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case
More informationPutting It All Together:
Putting It All Together: The Interplay of Privacy & Security Regina Verde, MS, MBA, CHC Chief Corporate Compliance & Privacy Officer University of Virginia Health System 2017 ISPRO Conference October 24,
More informationBirmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018
1.0 Executive Summary Birmingham Community Healthcare NHS Foundation Trust 2017/17 Data Security and Protection Requirements March 2018 The Trust has received a request from NHS Improvement (NHSI) to self-assess
More informationSystem Chief Business Officer - B. J. Crain The Texas A&M University System Position Description--January 13, 2010
System Chief Business Officer - B. J. Crain Position Description--January 13, 2010 Dual reporting to the Chancellor and President of Texas A&M University with consideration to an executive oversight committee*
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationPolicies and Procedures Date: February 28, 2012
No. 5200 Rev.: 1 Policies and Procedures Date: February 28, 2012 Subject: Information Technology Security Program 1. Purpose... 1 2. Policy... 1 2.1. Program Elements... 1 2.2. Applicability and Scope...
More informationProgress of the UAE Nuclear Power Program -Regulator s Perspective
Progress of the UAE Nuclear Power Program -Regulator s Perspective INTERNATIONAL FRAMEWORK FOR NUCLEAR ENERGY COOPERATION INFRASTRUCTURE DEVELOPMENT WORKING GROUP WORKSHOP ON NEW CHALLENGES FACING NUCLEAR
More informationIIA EXAM - IIA-CGAP. Certified Government Auditing Professional. Buy Full Product.
IIA EXAM - IIA-CGAP Certified Government Auditing Professional Buy Full Product http://www.examskey.com/iia-cgap.html Examskey IIA IIA-CGAP exam demo product is here for you to test the quality of the
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationInformation for entity management. April 2018
Information for entity management April 2018 Note to readers: The purpose of this document is to assist management with understanding the cybersecurity risk management examination that can be performed
More informationCybersecurity Assessment Tool
FederalDepasitlnsuranceCarparation ~~d 1~~i 5yreet ~lw,uuashinyoon, D.C.2d42~-990 Financial Institution Letter FIL-28-2015 JUIy 2, 2015 Cybersecurity Assessment Tool Summary: The FDIC, in coordination
More informationApril 5, Subject: DHS Multi-Agency Operation Centers Would Benefit from Taking Further Steps to Enhance Collaboration and Coordination
United States Government Accountability Office Washington, DC 20548 April 5, 2007 The Honorable Robert C. Byrd Chairman The Honorable Thad Cochran Ranking Member Subcommittee on Homeland Security Committee
More informationBPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.
BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationNEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE
COMPLIANCE ADVISOR NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE A PUBLICATION BY THE EXCESS LINE ASSOCIATION OF NEW YORK One Exchange Plaza 55 Broadway 29th Floor New York, New York 10006-3728 Telephone:
More informationMemorandum of Agreement
Memorandum of Agreement I. Parties This agreement is entered into between the Disaster Management Electronic Government Initiative (DM Egov) in the Department of Homeland Security (DHS), and the Emergency
More informationSTRATEGIC PLAN. USF Emergency Management
2016-2020 STRATEGIC PLAN USF Emergency Management This page intentionally left blank. Organization Overview The Department of Emergency Management (EM) is a USF System-wide function based out of the Tampa
More informationVII. GUIDE TO AGENCY PROGRAMS
VII. GUIDE TO AGENCY PROGRAMS Executive Offices and Centers David L. Lakey, M.D., Commissioner Kirk Cole, Associate Commissioner Luanne Southern, Deputy Commissioner FTEs: 71.1 Commissioner FTEs: 1.5 The
More informationAuditing and Monitoring in an Effective Institutional Compliance Program
Auditing and Monitoring in an Effective Institutional Compliance Program 6 th Conference for Effective Compliance Systems in Higher Education Presented by David B. Crawford, Audit Manager Emeritus The
More informationMaryland Health Care Commission
Special Review Maryland Health Care Commission Security Monitoring of Patient Information Maintained by the State-Designated Health Information Exchange September 2017 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT
More informationOutline. Other Considerations Q & A. Physical Electronic
June 2018 Outline What is CUI? CUI Program Implementation of the CUI Program NIST SP 800-171A (Draft) Federal Acquisition Regulation update Basic and Specified CUI Marking Destruction Controlled Environments
More informationRisk-based security in practice Turning information into smart screening. October 2014
Risk-based security in practice Turning information into smart screening October 2014 Organizations charged with securing our society s vital functions transit, commerce, communication have expansive missions
More informationData Governance Central to Data Management Success
Data Governance Central to Data Success International Anne Marie Smith, Ph.D. DAMA International DMBOK Editorial Review Board Primary Contributor EWSolutions, Inc Principal Consultant and Director of Education
More informationART CENTER AND SATELLITE PLANT
CSU The California State University Office of Audit and Advisory Services CONSTRUCTION California State University, Bakersfield ART CENTER AND SATELLITE PLANT Audit Report 15-09 May 7, 2015 EXECUTIVE SUMMARY
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationDoes a SAS 70 Audit Leave you at Risk of a Security Exposure or Failure to Comply with FISMA?
Does a SAS 70 Audit Leave you at Risk of a Security Exposure or Failure to Comply with FISMA? A brief overview of security requirements for Federal government agencies applicable to contracted IT services,
More informationIT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive
IT Governance ISO/IEC 27001:2013 ISMS Implementation Service description Protect Comply Thrive 100% guaranteed ISO 27001 certification with the global experts With the IT Governance ISO 27001 Implementation
More informationUNCONTROLLED IF PRINTED
161Thorn Hill Road Warrendale, PA 15086-7527 1. Scope 2. Definitions PROGRAM DOCUMENT PD 1000 Issue Date: 19-Apr-2015 Revision Date: 26-May-2015 INDUSTRY MANAGED ACCREDITATION PROGRAM DOCUMENT Table of
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationU.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan
U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders
More informationUNIVERSITY OF VIRGINIA BOARD OF VISITORS MEETING OF THE AUDIT, COMPLIANCE, AND RISK COMMITTEE DECEMBER 9, 2016
UNIVERSITY OF VIRGINIA BOARD OF VISITORS MEETING OF THE AUDIT, COMPLIANCE, AND RISK COMMITTEE DECEMBER 9, 2016 AUDIT, COMPLIANCE, AND RISK COMMITTEE (Open Session) Friday, December 9, 2016 12:45-1:45 p.m.
More informationPostal Inspection Service Mail Covers Program
Postal Inspection Service Mail Covers Program May 28, 2014 AUDIT REPORT Report Number HIGHLIGHTS BACKGROUND: In fiscal year 2013, the U.S. Postal Inspection Service processed about 49,000 mail covers.
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationOTA Strategic Update Building & Amplifying April 5, 2017
OTA Strategic Update Building & Amplifying April 5, 2017 Reminders OTA Members Only Chatham House Rules Will be Recorded for Member Access Updated 4/7/17 OTA Strategic Update Building & Amplifying Craig
More informationBENEFITS of MEMBERSHIP FOR YOUR INSTITUTION
PROFILE The Fiduciary and Investment Risk Management Association, Inc. (FIRMA ) is the leading provider of fiduciary and investment risk management education and networking to the fiduciary and investment
More informationGuelph Police Service
Guelph Police Service The Guelph Police Service provides policing services to the City of Guelph and has an authorized complement of 196.5 police officers and 89.42 civilians. We serve our community by
More informationIsaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.
Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This
More informationOffice of MN.IT Services Data Centers
Office of MN.IT Services Data Centers Information Technology Controls and Compliance Audit As of November 2016 March 2, 2017 REPORT 17-06 Financial Audit Division Office of the Legislative Auditor State
More informationThe Office of Infrastructure Protection
The Office of Infrastructure Protection National Protection and Programs Directorate Department of Homeland Security Working Together How Federal Agencies Coordinate Security Across All Disciplines: The
More informationGOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI
GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI CONTENTS Overview Conceptual Definition Implementation of Strategic Risk Governance Success Factors Changing Internal Audit Roles
More informationA checklist for the new 990 requirements:
A checklist for the new 990 requirements: 1.) a mission statement or a description of the organizations most significant activities: 2.) the number of voting members in the organization s governing body
More informationMEETING: DATE: TYPE OF ACTION: STAFF CONTACT: PHONE:
MOTION NO. M2014-04 Contract for On-call Sustainability Consulting Services MEETING: DATE: TYPE OF ACTION: STAFF CONTACT: PHONE: Operations and Administration Committee PROPOSED ACTION 03/06/14 Final Action
More informationWorkshop 71: Is Your Financial System Ready? An Overview of Effective Federal Information System Controls Audit Manual (FISCAM) Assessments
Workshop 71: Is Your Financial System Ready? An Overview of Effective Federal Information System Controls Audit Manual (FISCAM) Assessments ASMC PDI 2015 New Orleans, LA May 28, 2015 Workshop 71: Agenda
More informationExam4Tests. Latest exam questions & answers help you to pass IT exam test easily
Exam4Tests http://www.exam4tests.com Latest exam questions & answers help you to pass IT exam test easily Exam : CISM Title : Certified Information Security Manager Vendor : ISACA Version : DEMO 1 / 10
More informationInformation Security Continuous Monitoring (ISCM) Program Evaluation
Information Security Continuous Monitoring (ISCM) Program Evaluation Cybersecurity Assurance Branch Federal Network Resilience Division Chad J. Baer FNR Program Manager Chief Operational Assurance Agenda
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationInspector General. Report on the Peace Corps Information Security Program. Peace Corps Office of. Background FISCAL YEAR 2017
Peace Corps Office of Inspector General Our Mission: Through audits, evaluations, and investigations, the Office of Inspector General provides independent oversight of agency programs and operations in
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationAnnual Report for the Utility Savings Initiative
Report to the North Carolina General Assembly Annual Report for the Utility Savings Initiative July 1, 2016 June 30, 2017 NORTH CAROLINA DEPARTMENT OF ENVIRONMENTAL QUALITY http://portal.ncdenr.org Page
More informationInternal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit
Internal Audit Report Electronic Bidding and Contract Letting TxDOT Office of Internal Audit Objective Review of process controls and service delivery of the TxDOT electronic bidding process. Opinion Based
More informationCompetency Definition
Adult Children's Outreach Technical Teen Acquisition Adaptability The ability to effectively process library material orders; knowledge of vendor software, processes, products, and updates x x The ability
More informationUNIVERSITY OF NORTH CAROLINA CHARLOTTE
STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA UNIVERSITY OF NORTH CAROLINA CHARLOTTE INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT JULY 2017 EXECUTIVE SUMMARY
More informationUnit Compliance to the HIPAA Security Rule
HIPAA Risk Analysis Unit Compliance to the HIPAA Security Rule OIT Security Risk and Compliance PURPOSE The purpose of this document is to provide guidance for units on how to perform a Risk Analysis of
More informationWeighing in on the Benefits of a SAS 70 Audit for Third Party Administrators
Weighing in on the Benefits of a SAS 70 Audit for Third Party Administrators With increasing oversight and growing demands for industry regulations, third party assurance has never been under a keener
More informationDATA CENTER OPERATIONS CALIFORNIA STATE UNIVERSITY, DOMINGUEZ HILLS. Audit Report June 15, 2012
DATA CENTER OPERATIONS CALIFORNIA STATE UNIVERSITY, DOMINGUEZ HILLS Audit Report 12-31 June 15, 2012 Henry Mendoza, Chair William Hauck Steven M. Glazer Glen O. Toney Members, Committee on Audit University
More informationTX CIO Leadership Journey Texas CIOs Bowden Hight Texas Health and Human Services Commission Tim Jennings Texas Department of Transportation Mark
TX CIO Leadership Journey Texas CIOs Bowden Hight Texas Health and Human Services Commission Tim Jennings Texas Department of Transportation Mark Stone Texas A&M University System Moderator Anh Selissen
More informationDEPARTMENT OF HEALTH and HUMAN SERVICES. HANDBOOK for
DEPARTMENT OF HEALTH and HUMAN SERVICES HANDBOOK for FEDERAL ACQUISITION CERTIFICATION PROGRAM/PROJECT MANAGERS Issuer Office of the Secretary Office of the Assistant Secretary for Financial Resources
More informationFailing Systems: Desperate Measures for Desperate Times. Department of Environmental Quality
Failing Systems: Desperate Measures for Desperate Times Department of Environmental Quality Desperate Measures for Desperate Times Kim Colson, Division of Water Infrastructure, NC Department of Environmental
More informationDISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY DEPARTMENT OF PROCUREMENT
DISTRICT OF COLUMBIA WATER AND SEWER AUTHORITY DEPARTMENT OF PROCUREMENT REQUEST FOR PROPOSALS (RFP) for An Independent Review of Architectural and Engineering Consultant Overhead Rates RFP NUMBER: 17-PR-DETS-45
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationWorking Together to Create Sustainable Success. APICS Board of Directors Meeting Update April 2012
Working Together to Create Sustainable Success APICS Board of Directors Meeting Update April 2012 APICS Mission APICS builds and validates knowledge in supply ppy chain and operations management. We enable
More informationActivities of the Second Quarter 2018
Activities of the Second Quarter 2018 1. ORDINARY GENERAL MEETING: UBF Annual General Assembly meeting convened where members reviewed and approved the action plan for 2018, Financial Statements and Auditors
More informationManager, Infrastructure Services. Position Number Community Division/Region Yellowknife Technology Service Centre
IDENTIFICATION Department Position Title Infrastructure Manager, Infrastructure Services Position Number Community Division/Region 32-11488 Yellowknife Technology Service Centre PURPOSE OF THE POSITION
More informationB. To ensure compliance with federal and state laws, rules, and regulations, including, but not limited to:
Executive Policy, EP 2.215 Institutional Data Governance Page 1 of 14 Executive Policy Chapter 2, Administration Executive Policy EP 2.215, Institutional Data Governance Effective Date: xxxx 2017 Prior
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationOFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE INTELLIGENCE COMMUNITY POLICY MEMORANDUM NUMBER
OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE INTELLIGENCE COMMUNITY POLICY MEMORANDUM NUMBER 2007-500-3 SUBJECT: (U) INTELLIGENCE INFORMATION SHARING A. AUTHORITY: The National Security Act of 1947,
More informationDecentralized IT General Controls Review: Student Affairs Systems Group
Review: Student Affairs Systems Group December 2015 FY15 - #13 Submitted to: Kasandra Kay Urquidez, Vice President, Enrollment Management/Student Affairs Advancement and Dean, Undergraduate Admissions
More informationIndependent Assurance Statement
Independent Assurance Statement Scope and Objectives DNV GL Business Assurance USA, Inc. (DNV GL) was commissioned by Lockheed Martin Corporation (Lockheed Martin) to conduct independent assurance of its
More informationPost ECC EIA Process. Orientation/Training on the Philippine Environmental Impact Statement System (PEISS) for LGUs Davao City 28 October 2015
Post ECC EIA Process Orientation/Training on the Philippine Environmental Impact Statement System (PEISS) for LGUs Davao City 28 October 2015 The EIA Process and the Project Cycle Findings and recommendations
More informationAudit and Compliance Committee - Agenda
Audit and Compliance Committee - Agenda Board of Trustees Audit and Compliance Committee April 17, 2018, 1:30 2:30 p.m. President s Board Room Conference Call-In Phone #1-800-442-5794, passcode 463796
More informationSTATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY
STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA FAYETTEVILLE STATE UNIVERSITY INFORMATION TECHNOLOGY GENERAL CONTROLS INFORMATION SYSTEMS AUDIT JANUARY 2016 EXECUTIVE SUMMARY PURPOSE
More informationFrequently Asked Question Regarding 201 CMR 17.00
Frequently Asked Question Regarding 201 CMR 17.00 What are the differences between this version of 201 CMR 17.00 and the version issued in February of 2009? There are some important differences in the
More informationNotification of Issuance of Binding Operational Directive and Establishment of. AGENCY: National Protection and Programs Directorate, DHS.
This document is scheduled to be published in the Federal Register on 09/19/2017 and available online at https://federalregister.gov/d/2017-19838, and on FDsys.gov 9110-9P-P DEPARTMENT OF HOMELAND SECURITY
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationIllustrative cybersecurity risk management report. April 2018
Illustrative cybersecurity risk management report April 2018 Note to readers: Although the AICPA Guide Reporting on an Entity s Cybersecurity Risk Management Program and Controls describes the components
More information