CDFM Module 1: Resource Management Environment 1.3 Study Guide With Practical Questions And Answers|2024.

Enterprise Risk Management (ERM) - correct answer -agency wide approach to addressing interrelated risk & how to more effectively prioritize & manage risk OMB Circular 136 Financial Reporting Requirements - correct answer -Requires each agency to develop a risk profile & suggest putting in place an oversight counsel Internal Controls - correct answer -is a process effected by an entity's oversight body, management, and other personnel that provides reasonable assurance that the objectives of an entity will be achieved. ERM and IC responsibilities: - correct answer Federal leaders & managers are responsible for: (1) establishing & achieving goals & objectives, (2) seizing opportunities to improve effectiveness and efficiency of operations, (3) provide reliable reporting, and (4) maintaining compliance with relevant laws & regulations OMB Circular A-123 - correct answer provides guidance to Federal Managers on improving the accountability & effectiveness of Federal programs & operations by identifying & managing risks, & establishing requirements to assess, correct, and report on the effectiveness of internal controls Government Performance and Results Act Modernization Act (GPRAMA) - correct answer -sets objectives, do a risk assessment and put into internal controls Agencies must: - correct answer annually, agencies must develop a risk profile coordinated with their annual strategic reviews and also provide assurances on internal control effectiveness in their Agency Financial Report (AFR) or Performance & Accountability Report (PAR) due Nov 15th Relationship between ERM and IC - correct answer -Leading international standards setters in the fields of risk management & internal control, including both the Committee of Sponsoring Organizations of the Treadway Commission (COCO) and the International Organization for Standardization (ISO), incorporate internal control as part of the larger risk management process. -ERM involves a "Portfolio View of Risk" or consideration of all areas of organizational exposure to risk (ALL ACTIVITIES) The Federal Managers' Financial Integrity Act of 1982 (FMFIA) - correct answer -established the legal framework for internal control in the Federal Gov't. -requires ongoing evaluations & reports of the adequacy of the systems of internal accounting and administrative control of each Executive agency. Section 2 of the FMFIA requires: - correct answer -that the head of each Executive agency annually submit to the President & the Congress: (1) a statement on whether there is reasonable assurance that the agency's controls are achieving their intended objectives, and (2) a report on material weaknesses in the agency's controls *** DoD does this in APR (annual financial Report) that is due Nov. 15th FMFIA requires: - correct answer -the U.S. Government Accountability Office (GAO) to establish Standards for Internal Control in the Federal Government--- "The Green Book" -OMB, in consultation with GAO, to establish guidelines for evaluation by agencies of their system of internal accounting & administrative control to determine if it provides reasonable assurance that: (1) obligations & costs are in compliance with law (2) funds, property & other assets are safeguarded against waste, loss, unauthorized use, or misappropriation (3) revenue & expenditures are properly recorded & accounted for to permit the preparation of accounts FMFIA requires Executive Agencies to: - correct answer -evaluate internal accounting & administrative controls -identify, track, & correct material weaknesses -annually report self-assessment findings -make agency annual reports public The Green Book - correct answer -includes standards, principles, & attributes which provide the overall framework for establishing & maintaining internal controls & for identifying & addressing major performance & management challenges & areas at greatest risk of fraud, waste, abuse, and mismanagement. -these standards, principles, and attributes are the criteria that management should apply when establishing IC within their respective agencies DoD Managers' Internal Control Program, DoD 5010.40 - correct answer to implement the FMFIA and OMB Circular A-123 within the DoD. OMB Circular A-123, Management's Responsibility for ERM and IC - correct answer -The circular provides guidance to Federal managers on establishing an enterprise risk management capability & on improving the accountability & effectiveness of Federal programs & operations by establishing, assessing, correcting, and reporting on internal control Structure of OMB Circular A-123 - Management's Responsibility for ERM & IC - correct answer -Section II: defines management's responsibilities for ERM & IC, and includes requirements for identifying & managing risks -Section III: provides guidance for establishing IC for risks identified -Section IV: discusses management's responsibility to continuously monitor, assess, & improve the effectiveness of IC -Section V: provides guidance on correcting IC deficiencies, corrective action plans requirements & audit follow up and resolution initiatives -Section VI: provides guidance on annual assurance statements & reporting requirements Federal Financial Management Improvement Act of 1996 - correct answer -requires each Federal Agency to: (1) implement & maintain financial management systems that comply w/ Fed. requirements, Fed. accounting standards, & the US Gov't standard general ledger at the transaction level (2) if there is non-compliance put in place a remediation/corrective plan (3) requires cost accounting ERM - correct answer -is an effective Agency-wide approach to addressing the full spectrum of the organization's external & internal risks by understanding the combined impact of risks as an interrelated portfolio, rather than addressing risks only within silos -ERM model is from OMB Circular A-123 -Requires agencies to develop a "risk profile" ERM program should: - correct answer be fully integrated into agency decision making processes, with active leadership support & engagement (setting "tone at the top") Internal Control categories: - correct answer -Operations: effectiveness & efficiency of operations -Reporting: reliability of reporting for internal & external use -Compliance: compliance w/ applicable laws & regulations Internal Control over Operations (ICO-O) - correct answer to ensure efficient & effective achievement of organization goals & objectives with minimum risk Internal Control over Financial Reporting (ICO-FR) - correct answer a process designed to provide reasonable assurance regarding the reliability of financial reporting, meaning management can make the following assertions: refer to pg. 1.3.14 Internal Control over Financial Systems (ICO-FS) - correct answer -The Federal Information System Controls Audit Manual (FISCAM), presents a methodology for performing information system control audits of federal & other gov'tal entities in accordance w/ professional standards. -Following are general & business process application controls included in the FISCAM General Controls - correct answer are the policies & procedures that apply to all or a large segment of an entity's information systems & help ensure their proper operation. They include: -security management -access controls -configuration management -segregation of duties -contingency planning Business process applications controls - correct answer are directly related to individual computerized applications. They help ensure that transactions are complete, accurate, valid, confidential, & available Internal Control related to Use of Shared Service Providers - correct answer -Service organization IC considerations include management's responsibility for the performance of third party provided processes, establishing "user controls" at the Agency receiving services, & service organization oversight -YOU the Agency, put in place controls to ensure valid proper processing & monitoring Internal Controls objectives: - correct answer Provide reasonable assurance that: -Programs achieve intended results -Resources are used efficiently -Programs/resources are protected from waste, fraud, & mismanagement -Laws & regulations are followed -Financial reporting is reliable & accurate The Green Book has: - correct answ