NYC Skyline BW

The GAO Green Book Compliance Academy

Monthly on Tuesday-Fridays at 10:00 a.m. Central Time in four four hour CPE events

A Practical Approach to A-123 Compliance Programs

Join us for a unique, interactive workshop that "walks you through" the latest update of The Green Book which now conforms to the Internal Control Integrated Framework (COSO 2013) from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This training is focused on the current Standards for Internal Control in the Federal Government as detailed in the GAO's Green Book.

This sixteen hour CPE course provides you with the tools to implement a compliance program that is consistent with The Green Book. This compliance workshop is focused on the needs of the government entity that has to comply with the Green Book.

This program covers the Who - What - Why - Where - How to Control. We look at the 17 principles-based approach presented in The Green Book. We make sure your program covers the 52 attributes concerning Green Book compliance.

Documentation is a necessary part of an effective internal control system and is required for the effective design, implementation, and operating effectiveness of the internal control system. To document an understanding of an entity's internal control, management may consider developing documents such as:
1. Policies and procedures manuals
2. Flowcharts
3. Narratives/Tables
4. Risk Control Matrices (RCM)
5. Establishing a Project Management Office (PMO).
6. Transitioning to Create Value Through Self-Assessment
7. Mapping the key controls library to the 17 principles and 52 attributes
8. Gap Analysis.

We present the roadmap to Green Book compliance and documentation based on textbook approaches and real-world guidance from our client engagements.

Relax, learn and enjoy expert instructor presentations, group discussions, role-playing, audit and compliance exercises, white-board diagramming and simulations.

This timely CPE event is designed for the CFO, Controller, CAO, internal control specialist, CFE, internal auditor and others who have to maintain an effective Green Book compliance program for a Federal agency.

 

The cost of this internal control  training course is $1,200.00 for the first attendee from a single organization.

Each attendee will receive 16 CPEs Hours (YB). A certificate of completion will be provided.

Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 16, based on 50 minutes of instruction per hour

CPE Event Highlights

The seminar reviews the following:

  • The Components of COSO

  • Logic presented by the COSO Components

  • The structure used to describe the COSO Framework as used in The Green Book

  • Principles present in The Green Book Framework

  • The "Attributes" in The Green Book vs the "Points of Focus" in COSO 2013

  • The importance of the "Attributes"

  • How to gage the effectiveness of internal controls

  • How to build a "Culture of Compliance

 

Learning Objectives

Attendees will learn how to:

  • Define the "internal control framework" within an organization

  • Describe The Green Book standard and its documents to management

  • Position themselves to plan their compliance for the next fiscal year

  • Work to be insync with Uniform Administrative Rules Section 200.303

  • Understand the gaps and shortcomings in Green Book compliance

 

Key Items on the Agenda

Introduction

  • Internal Control Tradecraft

  • Myths!

  • Integrated Internal Control

SECTION 1 - INTERNAL CONTROL CONCEPTS

  • The Green Book Context

  • How the World Works

  • Internal Control Concept

  • COSO 2013 to The Green Book

  • Quality Control Concept

  • The Big Three Connection

  • Understanding the "Real" Risks

  • Layers of "Cause"

  • Dr. Deming's 14 Quality Concepts

  • Enterprise Risk Management Concept

  • Understanding the "Real" Risks

  • Mission - Values - Business Model Concept

  • Humans and Internal Controls

  • Control Environment Concept

  • Four Stages of Competence

  • Human Communication Concepts

  • Dr. Kotter's Steps for Change

  • Program Management Concept

SECTION 2 -INTERNAL CONTROL AND ACCOUNTING FRAMEWORKS

  • SOX vs the Green Book

  • Financial Reporting Standards

  • Why Frameworks?

  • COSO ERM 2.0

  • COSO Internal Control Framework

  • The Green Book

  • Auditor's Summary of COSO 2013

  • The Green Book - Risk Assessment

  • The Green Book - Control Environment

  • The Green Book - Control Activities

  • The Green Book - Information & Communication

  • The Green Book - Monitoring Activities

SECTION 3 - INFORMATION TECHNOLOGY INTERNAL CONTROL CONCEPTS

  • What is "Moore's Law"?

  • Categories of IT Controls

  • What is IT all about?

  • Information Technology Frameworks

  • COBIT 5.0 Principles

  • COBIT Enterprise Enablers

  • COBIT Domains

  • COBIT Governance Domain

  • COBIT Align, Plan & Organize Domain

  • COBIT Build, Acquire & Implement Domain

  • COBIT Deliver, Service & Support Domain

  • COBIT Monitor, Evaluation & Assess Domain

  • COBIT Software Life Cycle Approach

SECTION 4 - MANAGEMENT'S APPROACH TO SETTING THE GREEN BOOK OBJECTIVES

  • Define Objectives and Risk Tolerances

  • Layer of Objectives

  • Categorizing Your Controls

  • Attribute Tracking of Internal Controls

  • Assessment of the "Big Three"

  • Elements of the Federal Enterprise Model

  • Six Business Model Elements

  • Entity Level Controls

  • Integration Mapping

  • Identify, Analyze, and Respond to Risks

  • Assess Fraud Risk

  • Identify, Analyze, and Respond to Change

SECTION 5 - MANAGEMENT'S APPROACH TO DOCUMENTATION

  • The Big Three Connection Concept

  • Management's layers of Risk Assessment

  • Inventory Your Controls

  • Policies vs Procedures

  • Maturity Model: Policy - Standard - Procedure

  • Concepts Behind Policy-Procedure Effectiveness

  • Ownership is Required

  • Current State and/or Benchmarking

  • Training

  • Mentoring - Coaching

  • Exception Handling

  • Continuous Improvement

  • Management by Walking Around

  • Proactive Root Cause Analyst

  • Control Self Assessments

  • Organizational Change Management

SECTION 6 - TOOLKIT FOR THE ASSESSOR OF INTERNAL CONTROLS

  • Competence

  • The Facts

  • Monitoring and Analytics

  • The Usual Suspects

  • Whistleblower Hotlines

  • Interviewing using the S.P.I.N. Methodology

  • Make the Management Action Plan SMART

  • Layers of Cause

  • Root Cause Analysis

  • Communication Challenges

  • Recognizing Different Personalities

  • Categories of Lies

  • What Deception Sounds Like

  • What Deception Looks Like

  • What do you tell the executive?

  • Input-Process-Output

  • Levels of Maturity

  • Internal Control Reliability Model

  • The Walk Through

  • Dr. Kotter's Steps for Change

SECTION 7 - INTERNAL CONTROL PROGRAM MANAGEMENT

  • Program Organization

  • How do we manage the program?

  • Green Book Program Management

  • Green Book Project Scope

  • Responsibilities of the Internal Control Team

  • Project Director

  • Scope Management

  • Project Management Killers

  • Project Planning Deliverables

SECTION 8 - ENTITY LEVEL ANNUAL INTERNAL CONTROL

  • Overall Assessment of a System of Internal Control

  • Points for Risk Management

  • Risk Management is not perfect

  • Green Book Risk Assessment

  • COSO Internal Control Integrated Framework

  • Defined "Entity Controls"

  • Characteristics of ELC Documentation

  • Better Policy Management

  • IT General Controls Risk Assessment

  • IT Risk Planning

  • IT General Controls Focus

  • Financial Statement Risk Assessment

  • ICFR Applications Risk Assessment

  • Have you defined deficiencies?

  • Categories of "Control Deficiencies"

  • Summary of Deficiencies

  • Defensive Strategy "Business Resilience"

SECTION 9 - PROCESS LEVEL INTERNAL CONTROL FUNCTIONS

  • Process & Activity Ownership

  • Business Cycles and Processes

  • Risks within the Process

  • Business Process Documentation

  • What are the assertions for key controls?

  • Segregation of Duties

  • Flowcharting

  • What about Spreadsheets?

  • Annual Assessment and "SSAE 18"

  • Control Self Assessment Program

  • Certification of "ICFR"

SECTION 10 - THE AGENCY INTERNAL AUDIT FUNCTION

  • Internal Audit Testing ICFR??

  • Internal Audit Charter

  • Internal Audit Coverage

  • Internal Audit Tactical Plan

  • External Audit Testing

  • Top Down Approach

  • Internal Control Group Testing

SECTION 11 - INTERNAL CONTROL TESTING

  • Remediate and Re-Test

  • Types of Testing

  • Evaluate the Stages of "Control Effectiveness"

  • Sample Selection

  • Sample Size

  • Testing Controls

SECTION 12 - INTERNAL CONTROL REPORTING TRADECRAFT

  • Optimize the Report Structure

  • Know Your Audience

  • Write for Your Audience

  • Organize Control

  • What to tell the Executive?

  • Executive Summary Section

  • Findings

  • Condition - Cause - Effect

  • Management Action Plans

  • Optimize the Tone

SECTION 13 - THE GREEN BOOK COMPLIANCE SUMMARY

  • Opining

  • Assessment of ICFR

  • Defensive Strategies

  • Better Policy Management

  • Culture of Compliance

  • Key Control Programs

  • Keys to Success

  • Overall Assessment of a System of Internal Control