The department of the navy's journey to auditability: financial auditability has sailed on troubled seas, but DON's financial management planners have a strategy to calm the waters.
Some may ask, "So what does it matter whether the DON demonstrates financial auditability?" Most of us understand the value of an auditor's clean audit opinion in the private sector. Corporations depend on this clean bill of financial health to demonstrate viability and veracity to shareholders and the market. In the past decade, penalties for deceptive, inaccurate financial reporting have become more stringent. So for the DON, which has no shareholders and market valuation, what's the value of investing in audit readiness as part of the Department of Defense (DoD) mission? Some of the reasons to pursue auditability include improved stewardship, reduced cost of business operations, and compliance with congressional direction.
The DoD, like every other executive agency, has been under a legislated requirement for the past two decades to produce auditable, accurate financial statements. While most agencies on the civilian side of government have received clean audit opinions on their statements, the DoD has not. Financial managers in the DoD may find this frustrating, but there are understandable reasons for the delay. The DoD is a mammoth organization--one of the largest "business" entities in existence--with a myriad of business processes and thousands of information systems supporting those processes. The Department's size and complexity have stifled a streamlined, orderly flow of financial transactions into accurate financial statements, currently making an audit impossible.
After several shifts in DoD audit readiness strategies by previous DoD comptrollers, our current Under Secretary of Defense (Comptroller), the Honorable Robert F. Hale, issued an updated DoD roadmap to auditability in 2009 and has included audit readiness as one of his four major goals. The first stop on Mr. Hale's map is an audit of each of the Military Department's SBR. The rationale in using the SBR as the first stop on the road to a DoD clean audit opinion makes sense: DoD business processes and systems are geared to budgetary accounting, and DoD financial managers are attuned to the obligation-to-expenditure business cycle. Because the "new" strategy plays to our strengths and experience--and because it focuses on one statement for an initial win--it has a higher probability of success than past plans.
The Navy-Marine Corps Team is aggressively executing this new strategy: The Marine Corps has begun its second year of SBR audit, and the DON Financial Improvement Program Team is busily preparing the rest of the Department for SBR audit readiness in FY 2013. This steady progress within the DON is a culmination of over seven years of focused effort to ready our people, processes, and business systems for a financial audit.
However, arriving at the destination--in this instance, undergoing an audit--is not the most valued element of the trip. The journey itself to a point on a chart called "auditability" is the real purpose. It requires that we fundamentally improve the way we do business collectively and establish tighter internal controls and more standardized processes as we operate within multiple business and accounting systems. Accomplishments along the way to our destination will confirm to the Congress and the American taxpayers that (1) we are committed stewards of the funds entrusted to us and (2) our investment to improve business processes and systems will yield a more efficient, less costly model of "backroom" support for our warfighters.
If this sounds like a formidable challenge, it is. So far on this journey, we have discovered that we must remain flexible on our route to the destination. Since no DoD organization as large as the DON thus far has achieved audit readiness, we find ourselves navigating gingerly in uncharted waters and changing direction, depending on what we encounter along the way. We are finding that we have to follow Yogi Berra's old dictum: "If you see a fork in the road, take it."
Before describing the direction we are headed on our quest for SBR audit readiness, it should be noted that the Marine Corps' contribution to the overall DON effort has been significant. The Marine Corps' experience during the SBR audit that it currently is undergoing has underscored the major improvements that must be made prior to declaring "ready for audit." It also emphasizes the importance of new capabilities in financial management that we have to achieve before the DON can make that declaration. The Marine Corps has performed admirably, as it always does, persevering and blazing a trail for the rest of us.
DON SBP Plan
Four tenets compose the DON SBR Plan:
(1) Establishing a strengthened array of internal controls throughout DON, decentralized at each major command
(2) Establishing repeatable capabilities that will support a controlled financial environment, including Fund Balance with Treasury reconciliation as well as end-to-end traceability of transactions, as demonstrated by supported balances and unadjusted-to-adjusted trial balance reconciliation
(3) Standardizing business processes, using best-of-breed procedures in legacy environments and identical procedures among Navy Enterprise Resource Planning (ERP) users to reduce the cost associated with financial management overhead and tighten internal controls
(4) Establishing an audit support infrastructure, emphasizing top-level knowledge and control of DON's financial data, as well as the ability to respond efficiently and effectively to an auditor's request for information
Accomplishing the first three tenets involves transforming the current DON business and financial culture. As a long-term goal, we must aggressively implement--and sustain--an improved array of internal controls over processes and systems. The business processes that affect the SBR include Appropriations Received, Military and Civilian Pay, Contracts, Reimbursables, Requisitions, and Temporary Duty Travel. We will be realigning business practices to meet key control objectives. These changes will improve accuracy, timeliness, and reliability of financial data and reduce the cost of reworking improperly executed transactions. Navy ERP, the target business environment, has demonstrated a robust, improved control environment.
Establishing and Sustaining Strong Internal Controls over Processes and Systems
This first tenet encompasses the most far-reaching and pervasive changes within DON, spanning all major commands and their subordinate organizations. It's the stop on the Journey to Auditability that will take the longest to achieve.
What is an internal control? Most of us recognize a control as a required element of our business, mandated by the Congress and codified in Office of Management and Budget Circular A-123. In the business and financial world, key controls must be designed, deployed, and periodically tested for their effectiveness to ensure that business data flow accurately to the departmental financial statements.
How are key internal controls identified? Discrete DON business processes are mapped from end to end by groups of experts. They identify vulnerable points in the process, those presenting risks that transaction data may inaccurately flow to financial reports. They then design controls to mitigate the risks. One example is within the civilian pay process (in which many readers of this article have an interest!). If an employee or a timekeeper passes an employee's time and attendance unchecked into the pay system, there is a risk that pay data rolling up to departmental statements may be inaccurate. The control prescribed to mitigate that risk is a supervisor's documented review of employee time reporting. Once this control is implemented within every organization, the next step is to monitor locally the regular use of the control and to assess its effectiveness.
Three points about "controls" before moving to the second tenet of the SBR Plan: (1) establishing a support infrastructure within each DON organization to implement and regularly test internal controls over financial reporting is a long-term challenge; (2) it will be possible to declare audit readiness prior to achieving a robust array of internal controls; and (3) Navy ERP will strengthen DON's control environment. Using the previously noted civilian pay internal control example, the Navy ERP system is designed with a level of rigor in certifying civilian pay timekeeping.
Establishing Repeatable Capabilities
The second tenet of the SBR Plan requires the DON to develop and exercise capabilities that demonstrate a mastery of the department's financial environment that produces repeatability. These abilities include cash reconciliation with the U.S. Treasury, including prompt clearing of reconciling items; tracing transactions from the general ledger systems to the SBR, noting crosswalks and adjustments; and demonstrating supported balances. Developing and repeating these abilities require close collaboration with the Defense Finance and Accounting Service.
Standardizing Business Processes
We have another, longer-term, transformation objective: to standardize and enforce uniform business processes--especially among disparate commands--with a goal of implementing the target business environment, that is, Navy ERR Although commands using Navy ERP have differing missions and business cultures, DON's goal is to "single up" as many ERP processes and controls as possible to achieve consistent practices across all ERP commands. This consistency will reduce the number of control activities and reduce the risk of errant financial transactions. DON is currently expanding its Navy-wide survey of business processes and documenting differences to identify, implement and, yes, enforce best practices.
Although the objective of bringing our SBR to audit using a legacy system environment is attainable, the eventual full deployment of Navy ERP certainly will improve and sustain audit readiness capabilities through enforced standards, more automated controls, and less complexity. DON also understands that along the path to its SBR audit objective, we will face complexities and challenges, including the following:
* Changing long-standing, divergent practices. This requires discipline, as it is human nature to continue with an existing, learned practice, even if it is not the best solution.
* Filling a void given the absence of enterprise policies and procedures governing business processes. Authoritative guidance is a necessity, a mandate for uniformity and change.
* A need for closer collaboration with external business partners. Integrating service providers into the required environmental and procedural changes is essential.
DON is methodically addressing each challenge. Although processes are not yet standardized, DON has employed control gap analysis to identify when a command's process and/or controls differ significantly from suggested controls. Control gap analysis allows DON to track and address significant deviations. Additionally, DON has begun a concerted, multi-year effort to standardize processes and controls within the Navy ERP environment.
To address the limitation of existing policy and procedure documentation, DON-wide accounting guidance must be developed to support standard business processes. The guidance should outline detailed procedures for DON business processes, to include control objectives and activities.
Finally, to enable improved alignment of priorities between DON and its service providers, DON will enter into memoranda of agreement (MOAs) that outline and detail the expectations for DON's service providers (for example, Defense Finance and Accounting Service). To be effective, these MOAs will require the commitment and accountability of executive leadership at both signing organizations.
Establishing an Audit Support Infrastructure
The final tenet of the DON SBR audit readiness strategy is to prepare for the audit itself. While understanding that DON's financial environment is the key to "getting in the game," putting in place an audit response infrastructure is vital to "playing the game." Responding promptly and precisely to an auditor's data requests will require a choreographed process. For example, data transfers may be large and require encryption. DON managers who provide the information must do so in a structured manner. The mechanism for response must be built well ahead of the audit and exercised in a strenuous manner. To develop this fourth capability, DON has begun regular rounds of quarterly financial transaction testing. During this testing, major commands are asked to assemble supporting documentation quickly for the transactions they've generated.
Influences on the DON Strategy
To inject some reality into what may seem an abstract strategy discussion, there are two significant areas that have colored DON's strategy and helped chart the course for the future. First, the Marine Corps' experience has illuminated the path ahead for the rest of DON. Second, Navy ERP will continue to demonstrate increased value to audit readiness as a modern, controls-driven business system.
What have we learned from the Marine Corps' audit? To begin, we routinely must demonstrate sound financial management capabilities such as reconciling cash balances with the U.S. Treasury and being able to trace financial transactions from their origins through to the financial statements. In addition, we must establish an effective reporting infrastructure that allows us to test constantly whether samples of transactions are being executed properly. These essential capabilities, when paired with our overall goal of implementing a strengthened internal controls environment, will make our navigation toward audit readiness more certain. In addition, these capabilities must be exercised repeatedly before asserting audit readiness.
The Marine Corps has wrestled with other formidable challenges. Organizations external to the Marine Corps provide that Service with data and services essential to accurate financial reporting. Whether it is accounting services or timely contract close-outs, the Marines largely are dependent upon other entities to provide accurate and complete data and support; levels of cooperation must be intensified.
Assembling immense quantities of financial data and then presenting them in an organized manner to satisfy audit standards have proven to be a prodigious task, requiring intricate staging. Standardizing business processes, one of the Marine Corps's priorities in preparing for its audit, reduces the complexity of an entity's internal controls environment and also lessens inefficiencies. The value of these Marine Corps "audit lessons learned" will be magnified as the entire DON and other large defense organizations contend with these issues.
Navy ERP has been a key element of our audit readiness strategy. In addition to improved internal controls, it will bring other benefits. These include standardizing business procedures across the universe of users; reducing costs from legacy systems retirement; and achieving efficiencies from streamlining and increased electronic workflow. Implementations continue on time and on schedule. By October 2012 Navy ERP is estimated to have over 70,000 users and will manage 50 percent of Navy's obligational authority, about $71 billion.
While this re-systemization will aid our audit preparations, our plan is to achieve audit readiness even though parts of our enterprise still operate using legacy systems and processes. Key internal control objectives are the same regardless of the business and financial environment. And while internal controls may be more robust in Navy ERP, commands using legacy systems also are pursuing improved controls over their processes and systems.
In summary, audit readiness is a journey that has been mandated for the entire Department of the Navy. The ultimate destination--sustaining a financial audit--is not the most valuable element of our collective efforts. Rather, it is the journey itself that comprises continuous improvement in and control over our business processes and systems. As we make progress on this long-term initiative, we are demonstrating greater stewardship over the funds we manage for the American people. Additionally, the Navy-Marine Corps Team will show a return on investment for this comprehensive program through increased efficiencies in our business operations.
BY DENNIS J. TAITANO, DEPUTY ASSISTANT SECRETARY OF THE NAVY (FINANCIAL OPERATIONS) DENNIS J. TAITANO
DENNIS J. TAITANO
Dennis Taitano is a member of the Senior Executive Service and currently holds the position of the Deputy Assistant Secretary for Financial Operations within the Office of the Assistant Secretary of the Navy (Financial Management and Comptroller). One of his significant areas of responsibility is the oversight and management of DON's Financial Improvement Plan, which, coupled with other efforts, is helping DON'S quest for auditability. Mr. Taitano is a member of ASMC's Washington Chapter.
|Printer friendly Cite/link Email Feedback|
|Author:||Taitano, Dennis J.|
|Publication:||Armed Forces Comptroller|
|Date:||Mar 22, 2011|
|Previous Article:||Army moving to compliance with the chief financial officers act.|
|Next Article:||Marine Corps audit journey: a look back and a lead forward: the Marine Corps leads the way to audit readiness with a determination that will not...|