1 The Auditor’s Perspective Division of Sponsored Research Research Administration Training Series...
-
Upload
laurel-mitchell -
Category
Documents
-
view
214 -
download
0
Transcript of 1 The Auditor’s Perspective Division of Sponsored Research Research Administration Training Series...
1
The Auditor’s Perspective
Division of Sponsored Research
Research Administration
Training Series
Presented by:
Joe Cannella ([email protected])
Audit Manager, Office of Audit Compliance & Review
June 19, 2007
2
AGENDA• Session Objectives• Research Environment at the University of
Florida• Auditors and the Office of Audit &
Compliance Review (OACR)• Research Risks (Operational, Compliance,
Financial) • Auditor’s Perspective • Questions?
3
Session Objectives• Auditor: a friend or a foe? Find out what your
university auditors consider to be high-risk issues in sponsored research administration and accounting. There will be a discussion of audits performed, summary of common issues and findings and proactive best practices in higher education.
• Auditor’s role and how you can be prepared?• Joining forces for educational, and compliance
oversight activities involving research administration?
4
University of FloridaThe Environment
• An AAU public university with thousands of research faculty• 2005-2006 research awards over $500 million• University’s Strategic Goal is to be a “Top 10 Research University”
Research Awards by Sponsor
$494$470$458$437
$380$339
$518
0
100
200
300
400
500
600
00 01 02 03 04 05 06
Fiscal Year
Do
llars
(m
illio
ns)
Federal
Other
5
University of FloridaThe Environment
• NIH is the largest source of external research funding• Royalty and licensing income generated from intellectual
property continually support the University
Federal Awards by Agency
Fiscal Year Ended
00 01 02 03 04 05 06
NIH $ 69.7 $ 93.5 $ 103.9 $ 104.4 $ 113.2 $ 130.4 $ 143.8
NSF 20.7 28.2 39.2 40.7 42.4 46.6 39.6
USDA 13.3 30.6 27.1 26.3 29.2 31.4 33.3
DOD 12.1 14.7 24.6 24.2 21.2 22.4 23.1
HHS 1.0 0.7 3.4 23.3 14.3 14.3 13.6
Other 58.3 59.4 69.9 69.6 65.4 71.5 71.0
Total $ 175.1 $ 227.1 $ 268.1 $ 288.5 $ 285.7 $ 316.6 $ 324.4
6
University of Florida The Environment
• Decentralized organizational structure• Three centralized offices overseeing some aspects
of research administration• Office of Audit & Compliance Review performs
risk analysis-research administration subjects may be categorized as high compliance risk areas
7
Who are the Auditors• Office of Audit & Compliance Review (OACR)
– Large audit universe with the associated risk impacting the scope and emphasis of engagements. Audits and reviews may be related to financial, operational, or compliance objectives.
– Emphasis on assisting management with improving internal controls and mitigating risk. OACR is not the owner or manager of the controls.
– Assist with spread of information and communication across the University
– Reports directly to the Audit Committee of the Board of Trustees• State of Florida Auditor General
– Annual Audit of Compliance and Internal Controls Over Financial Reporting and Federal Awards (A-133)
– Other Audits• Other Offices for Federal Cognizant Agencies
– Audits may be subcontracted to external parties– Scope can vary greatly
8
Research Risks• Various types of risk (Financial, Operational, or
Compliance)– Research administration risks generally involve a heavy
compliance element• External audit findings or lack of institutional controls can
impact public perception and/or future funding• How to manage or mitigate risks (Control, Avoid)
– Operating controls, monitoring controls, oversight, and auditing– Controls can be preventative (most effective) or detective– Controls at institutional and unit levels are expected by Sponsors– If controls are working they should identify issues– Danger is not taking action when you notice a problem
9
Audit and Risk Areas Involving Sponsored Research
• Administrative and Clerical Salaries *• Animal Care and Resources• Billing• Biosafety and controlled substances (accounting and security) *• Clinical Trials• Compensation and kickbacks• Conflict of Interest (financial or technical) *• Contract and Grant Accounting (properly allocating charges) • Costs and Budget Transfers *• Cost Sharing, Indirect cost accounting• Effort Reporting , Level of Commitment *• Foreign / Export Controls• Funding and various sources of financial support
10
Audit and Risk Areas Involving Sponsored Research
• Graduate student compensation *• HIPAA / Privacy of Information• Human Subject Research• Intellectual Property• Institutional Review Boards• Reporting• Research Centers• Research Integrity• Research Laboratories• Royalty Revenues and Technology Licensing• Subcontract Monitoring
* Identified in recent DHHS OIG 2007 Work Plan
11
Current OACR Audit Focus and Issues
• Contracts and Grant Accounting- Implementation of PeopleSoft- The new environment
• Time and Effort Reporting- Purpose of effort reporting- Changes and best practices
• Subcontract Monitoring• Indirect Costs• Research Compliance Committee• University-wide system audits• Control Self Assessment
12
"No" Responses per Category
14%
Control Environment
18%
Information Technology
17%
Purchasing16% 5%
3%13%9%
Research 5%
Control EnvironmentBudgeting, Accounting, and Financial ReportingCollections, Deposits, and Cash FundsAsset ManagementPayrollHuman Resource ManagementPurchasing and DisbursementResearch Management and SupportInformation Technology
Control Self Assessment Results
13
Other Factors Impacting Risks at our Institution
• Institutional Culture• Organizational Structure• Policies and Procedures• Information Support Systems• Resources Committed• Educational Activities
14
Auditor’s Perspective• Auditor’s perspective should be one of “fact
finding”• Should be independent and objective• An auditor is not a “compliance officer” or
business management• Scope and objectives are important (investigation
– audit – review)• Documentation is key – especially for “red flag
areas” or unusual transactions• Audit reports and communication
15
Internal Audit’s role in coordinating Federal or State Agency audits
• What is expected from you as a research administrator
• Assistance with information transmittal• Assurance for timely and complete
responses• Knowledge of Institution and its practices• Follow-up after audit is completed
16
What if you are audited? • Do it right the first time, rather than trying to make
corrections later.• Make sure proper people are involved• Confirm auditor/investigator’s authority• Maintain proper conduct. Make sure staff are informed and
professional• Don’t leave the investigator unattended, and make records
of what has been examined and copied• Don’t expand the scope• Follow-up after audit is completed
17
Questions?
• Contact Information:– Joe Cannella, Audit Manager – [email protected]– (352) 273-5087
• University of Florida OACR web site:– http://oacr.ufl.edu/