ࡱ> M ebjbj== SWW`(l.......$Rp!p!p!P!!Rh########_aaa^_$f d.#####&..##*&&&#".#.#_&#_&B& /~'..## Ӽ.RRp!#ˑXDŸ<##&RR....I. Audit Approach As an element of the Universitys core business functions, Bank Account Administration and Reconciliation will be audited approximately every three years using a risk-based approach. The minimum requirements set forth in the general overview and risk assessment section below must be completed for the audit to qualify for core audit coverage. Following completion of the general overview and risk assessment, the auditor will use professional judgment to select specific areas for additional focus and audit testing. II. General Overview and Risk Assessment (Estimated time to complete 80 hrs.) At a minimum, general overview procedures will include interviews of unit management and key personnel; review of available bank and financial reports; evaluation of policies and procedures associated with the processes; inventory of compliance requirements; consideration of key operational aspects; and assessment of the information and communications systems environment. During the general overview, a detailed understanding of the management structure, significant financial and operational processes, compliance requirements, and information and communications systems will be obtained (or updated). As needed, the general overview will incorporate the use of internal control questionnaires (an example is provided as Attachment A), process flowcharts, walk-throughs, and the examination of a sample of documents supporting key process controls. A. The following table summarizes audit objectives and corresponding high-level risks to be considered during the general overview. Audit ObjectiveAreas of RiskObtain a detailed understanding of significant processes and practices employed in the administration and reconciliation of bank accounts, specifically addressing the following components: Management philosophy, operating style, and risk assessment practices; Organizational structure, and delegations of authority and responsibility; Key positions with responsibility and accountability for financial and programmatic results; Process strengths (best practices), weaknesses, and mitigating or compensating controls; Information and communications systems, applications, databases, and electronic interfaces.Weak management philosophy on the importance of controls and poor communication regarding expectations may result in inappropriate behavior. Risk assessment processes may not identify and address key areas of risk. Inadequate separation of responsibilities for activities may create opportunities for fraud. Failure to assign responsibility and accountability for achieving financial or programmatic results may decrease the likelihood of achieving results. Processes and/or information and communications systems may not be well designed or implemented, and may not yield desired results, i.e., accuracy of financial information, operational efficiency and effectiveness, and compliance with relevant regulations policies and procedures.  B. The following procedures will be completed as part of the general overview whenever the core audit is conducted. General Control Environment Interview the director and key managers to identify and assess their philosophy and operating style, channels of communication, and internal risk assessment processes. Obtain an organizational chart, delegations of authority, and reports used by management to monitor operations. Interview select staff members to obtain the staff perspective on the control environment. During all interviews, solicit input on concerns or areas of perceived risk. Evaluate the adequacy of the organizational structure and various reporting processes to provide reasonable assurance that responsibilities have been assigned and accountability for programmatic and financial results is clearly demonstrated. If the organizational structure and various reporting processes do not appear adequate, consider alternative structures or reporting processes to enhance assurance. Comparison to other similar units, or corresponding units at other campuses, may provide value by demonstrating better accountability. Business Processes Identify key activities, and gain an understanding of the corresponding processes. Identify positions with responsibility for key activities, including initiating, reviewing, approving, and reconciling activities and transactions. Use flowcharts or narratives to identify key controls, process strengths, weaknesses, and mitigating or compensating controls. Conduct a walk-through of the key processes, using a small sample of transactions. Review documents, correspondence, reports, and statements, as appropriate, to corroborate process activities described by unit personnel. Evaluate processes for adequate separation of responsibilities. Evaluate the adequacy of the processes to provide reasonable assurance that University resources are properly safeguarded. If processes do not appear adequate, develop detailed test objectives and procedures, and conduct detailed transaction testing with specific test criteria. Consider whether statistical (versus judgmental) sampling would be appropriate for purposes of projecting on the population as a whole or for providing a confidence interval. Information and Communications Systems 11. Interview units information technology personnel to identify all information systems, applications, databases, and interfaces (manual or electronic) with other systems associated with the processes and to get responses to the following questions: Is this an electronic or manual information system? Does the system interface with core administrative information systems? If yes, is that interface manual or electronic? Does the system interface with outside vendor information systems? If yes, is that interface manual or electronic? What type(s) of source documents are used to input the data? What types of access controls and edit controls are in place within the automated system? How are transactions reviewed and approved within the system? Who reconciles the system's output to ensure correct and accurate information? Is a disaster/back-up recovery system in place for this system? What is the retention period for source documents and system data? 12. Obtain and review systems documentation, if available. 13. Document information flow and interfaces with other systems, using flowcharts or narratives. Consider two-way test of data through systems from source documents to final reports, and from reports to original source documents. 14. Evaluate the adequacy of the information systems to provide for availability, integrity, and confidentiality of University information resources. 15. If system controls do not appear adequate, develop detailed test objectives and procedures, and conduct detailed testing with specific test criteria. C. Following completion of the general overview steps outlined above, a high-level risk assessment should be prepared and documented in a standardized working paper (e.g., a risk and controls matrix). To the extent considered necessary, as determined by the auditor, this risk assessment may address aspects of other areas outlined below (financial reporting, compliance, operational efficiency and effectiveness, and information and communications systems). In addition to the evaluations conducted in the general overview section, the risk assessment should consider the following: annual receipts or expenditures; time since last review; recent audit findings; organizational change; regulatory requirements, etc. III. Financial Reporting (Estimated time to complete 16 hrs.) A. The following table summarizes audit objectives and corresponding high-level risks regarding financial reporting processes. Audit ObjectiveAreas of RiskEvaluate the accuracy and integrity of financial reporting, specifically addressing the following components: Bank Account Administration Authorization for and purpose of account; Appropriateness of authorized signers. Bank Account Reconciliation Timeliness, accuracy, and completeness of bank account reconciliations; Investigation and resolution of reconciling items; Independent review and approval of bank account reconciliations.Bank Account Administration Bank accounts may not be authorized or used for appropriate purposes. Signers may no longer be appropriate (no longer in the position or employed by the University). Bank Account Reconciliation Bank account reconciliations may not be performed timely, accurately or completely. Reconciling items may not be appropriately resolved. Bank account reconciliations are not subject to independent review. B. The following procedures should be considered whenever the core audit is conducted. Bank Account Administration 1. Identify all bank accounts associated with the unit. Ensure accounts have been properly authorized by the Treasurers Office. 2. Identify authorized signers on the account. Ensure authorized signers are University employees with relevant job responsibilities. Identify the type of bank account (for example, depository, disbursement, zero balance, etc.). Review account activity to ensure compliance with intended use (for example, no checks written from a depository account). 4. Interview staff to determine whether there is a clear understanding of bank account administration processes and requirements. Bank Account Reconciliation 1. Interview department staff to document the process of reconciling bank accounts. Gain an understanding of the bank account reconciliation process. 2. On a test basis, review bank account reconciliations for timeliness, accuracy, and completeness. Ensure that reconciling items on the bank statement (deposits in transit, outstanding checks) are investigated and resolved. Conduct detailed testing as needed to validate the accuracy and completeness of the reconciliation. 3. Trace book balance as shown on the reconciliation to the general ledger. Trace bank balance as shown on the reconciliation to the bank statement. 4. Review bank account reconciliation for evidence of supervisory review and approval. 5. Evaluate the accuracy and reliability of financial reporting. If reporting does not appear accurate and reliable, develop detailed test objectives, procedures, and criteria. Conduct detailed testing as needed to determine the impact of financial reporting issues. IV. Compliance (Estimated time to complete 6 hrs.) A. The following table summarizes audit objectives and corresponding high-level risks regarding compliance with policies and procedures, and regulatory requirements. Audit ObjectiveAreas of RiskEvaluate local compliance with the following requirements: BUS-49, Policy for Handling Cash and Cash Equivalents Section 1 Managing University Bank Accounts; Section VIII Reconciliation of Bank Statement to the General Ledger. Other University and local policies and procedures.Bank Account Administration Unauthorized bank accounts may exist, subjecting the University to an increased risk of fraud. Bank Account Reconciliation Failure to reconcile bank accounts increases the risk of fraudulent activity, disguises errors in the Universitys general ledger accounts, and may negatively impact the Universitys cash position. B. The following procedures should be considered whenever the audit is conducted. 1. Select a sample of bank reconciliations and evaluate compliance with BUS-49 and any local policies and procedures ensuring that: Bank Account Administration a. Requests for opening, making changes to, or closing the bank account have been properly authorized by the Treasurers Office Accounts not established by the Treasurer are or have been brought to the attention of the proper parties for resolution Bank Account Reconciliation Bank accounts are reconciled to the general ledger monthly by employees who are independent of the cash receipts or cash disbursements processes Reconciling items are resolved in a timely manner Documentation supporting the reconciliation is maintained and includes evidence of appropriate supervisory review and approval. 2. Based on the limited review, evaluate whether processes provide reasonable assurance that operations comply with policies and procedures. 3. If it does not appear that processes provide reasonable assurance of compliance, develop detailed test procedures, and criteria to evaluate extent of non-compliance and impact. Conduct additional detailed testing as needed to assess the overall impact of compliance concerns. V. Operational Effectiveness and Efficiency (Estimated time to complete 12 hrs.) A. The following table summarizes audit objectives and corresponding high-level risks regarding operational effectiveness and efficiency. Audit ObjectiveAreas of RiskEvaluate bank account administration and reconciliation processes, specifically addressing the following areas: Bank Account Administration Prompt handling of requests for opening, making changes to, and closing accounts; Periodic review for unauthorized bank accounts and updating of account signers Bank Account Reconciliation Personnel management; Separation of duties; Process efficiency.Bank Account Administration Inefficiencies or other delays in handling requests for opening, making changes to, and closing bank accounts could encourage the opening of unauthorized accounts. Failure to periodically review open bank accounts and update account signer information could result in an increasing number of unauthorized accounts and inappropriate signers, increasing the potential for fraud. Bank Account Reconciliation Having bank reconciliations performed by persons lacking the requisite qualifications increases the risk of inaccuracies and other errors. Inadequate separation of duties could result in a person being able to commit and hide fraudulent or otherwise inappropriate activities. Inefficient processes waste University resources.  B. The following procedures should be considered whenever it is determined that audit work related to operational effectiveness and efficiency should be conducted: Bank Account Administration Interview appropriate unit staff to understand the process and timing associated with requesting that bank accounts be opened, changed, or closed. Request and review reports, records of communication, or other documentation that could be used to evaluate process efficiencies. Evaluate the efficiency of the process and the reasonableness of the time it takes to complete the activity. Interview appropriate unit staff to understand the process for reviewing for unauthorized bank accounts. Request and review reports or other documentation supporting recent reviews. Evaluate the process and results. Interview appropriate unit staff to understand the process for ensuring that the list of account signers is current and proper. Request and review reports or other documentation supporting recent reviews. Evaluate the process and results. Bank Account Reconciliation 4. Interview appropriate unit staff to evaluate the individuals knowledge, skills, and ability to perform bank account reconciliations. Review recent bank account reconciliations to determine if they appeared to be performed by a knowledgeable and qualified employee. 5. Review organizational structure and job descriptions to determine if persons responsible for performing bank account reconciliations were independent of other cash handling responsibilities. 6. Based on knowledge of process gained through work performed as part of the general overview and other sections, consider whether there are operational improvements that can be made to the process to make it more efficient. 7. If it does not appear that processes provide reasonable assurance of operational effectiveness and efficiency, develop detailed test procedures, and criteria to evaluate the extent and impact of operational inefficiency. Conduct additional detailed testing as needed to assess the overall impact of operational efficiency concerns. VI. Information and Communications Systems (Estimated time to complete 6 hrs.) A. The following table summarizes audit objectives and corresponding high-level risks regarding information systems. Audit ObjectiveAreas of RiskEvaluate the following information systems, applications, databases, system interfaces, and records practices. Electronic or manual interfaces between intra-University systems, applications, and/or databases; Electronic or manual interfaces between University and bank information systems, applications, and/or databases; Records management policies and practices for both hardcopy and electronic records.Security management practices may not adequately address information assets, data security, or risk assessment. Application and systems development processes may result in poor design or implementation. The confidentiality, integrity, and availability of data may be compromised by ineffective physical, logical, or operational controls. Business continuity planning may be inadequate to ensure prompt and appropriate crisis response. Records management practices may not adequately ensure the availability of necessary information. B. The following will be performed each time the audit of Bank Account Administration and Reconciliation is conducted. 1. Identify any significant changes to information and communications systems, and corresponding business processes. 2. Evaluate the impact of any significant changes to the overall system of internal controls. C. In addition, consider two-way tests of data through systems from source documents to final reports and from reports to original source documents. Evaluate the adequacy of the information and communications systems to provide for availability, integrity, and confidentiality of University information and communications resources. D. Based on the information obtained during the information and communications systems overview, evaluate whether any information and communications resources should be evaluated further via detailed testing using specific test criteria and procedures. GENERAL OBJECTIVES: 1. Obtain the following to the extent that they are available: a. Mission statement or vision statement b. Organizational chart c. Current delegations of authority or responsibility Most recent job descriptions for key positions Process flowcharts f. List of key applications, databases, and interfaces (manual or electronic) and any available systems documentation g. Disaster recovery/business continuity plan for this activity h. List of bank accounts and authorized account signers (for Bank Account Administration) and list of account reconciliations and names of persons responsible for reconciling the account and for reviewing and approving the reconciliation (for Bank Account Reconciliations) i. List of regularly prepared management reports used for financial and/or programmatic monitoring j. List of key contacts for major activities 2. Describe any significant changes to unit operations since the last core audit in the last three years (or since the last core audit was conducted). For example, turnover in key positions; changes to policies, processes, or procedures; new information systems; new or revised compliance requirements; etc. 3. Describe management's processes or approaches for evaluating the status of current operations. If the various approaches include any formal risk assessment process, describe the process in detail and corresponding reporting, if any. 4. Do you have any concerns with regard to the current state of bank account administration or reconciliation activities? If so, what are they? If not, what activities or bank accounts/ reconciliations should be considered for selection as the focus or scope of the current review in your opinion? 5. Have any bank account administration and reconciliation activities been the subject of review by any outside party (e.g., external auditors, peer review, independent consultants, regulatory agencies, etc.)? If so, please provide the results of the review(s). FINANCIAL OBJECTIVES: Bank Account Administration: 1. Describe processes related to opening, making changes to, and closing bank accounts. Also describe processes and responsibilities for monitoring bank accounts and activity to identify potential unauthorized accounts. 2. Describe processes related to updating account signers. Also describe processes and responsibilities for monitoring changes to authorized account signers (that is, reviewing for completeness and accuracy changes actually made by the bank as well as reviewing or identifying changes in employee status which should require that the person be removed or added as an authorized account signer. 3. What types of bank accounts or bank activity is the unit responsible for? What monitoring is done to ensure that bank accounts are used only for the purposes for which they have been established? For example, is monitoring done to ensure that checks are not written against depository accounts? Bank Account Reconciliation: Describe the process for reconciling bank accounts. Who is responsible for reconciling the accounts? Does the process include documentation of supervisory review and approval? Who is the reviewer/approver? 5. How frequently are accounts reconciled? 6. Describe the process for handling reconciling items. How long does it generally take to investigate and resolve reconciling items? COMPLIANCE OBJECTIVES: 1. Explain your processes for promoting and ensuring compliance with BUS-49 (and any other relevant local policies and procedures). 2. In your opinion, are there any specific policies, procedures, rules, or regulations that are not consistently observed? If so, please explain the requirement, and estimate the level of compliance (or non-compliance) and its impact. OPERATIONAL OBJECTIVES: 1. Describe your processes for ensuring: Bank Account Administration: a. Prompt handling of requests for opening, making changes to, and closing bank accounts b. Periodic review for unauthorized bank accounts and updating of account signers Bank Account Reconciliation: c. Those responsible for reconciling accounts are knowledgeable and qualified d. Those responsible for reconciling accounts do not have any other cash handling responsibilities (adequate segregation of duties) e. Bank account reconciliation processes are efficient and effective 2. Describe managements reporting processes regarding the status of operational activities. Include both written and verbal reporting channels. For example, include documented status reports, as well as project status meetings. Also, please indicate which are used on a recurring basis, and the frequency, and which are used on a more ad hoc basis. 3. Describe the processes for directing the work of employees and evaluating performance. 4. Describe any improvements that you would like to see made to bank account administration and reconciliation activities. Specifically, what would be changed, and what would be the resulting benefit? Has the idea been discussed internally and, if so, what was the result? If not, why? INFORMATION AND COMMUNICATIONS SYSTEMS OBJECTIVES: 1. Who is responsible for systems administration and security? How is physical security maintained for the units information resources? How is logical security (access) provided or restricted? Who decides? 2. Have any of the units information and communications systems been developed internally? If so, describe the development process and the current status of the system(s). 3. How do the units information and communications systems interface with systems in other units? 4. How do the units information and communications systems interface with the bank? What, if any, operational problems have occurred? 5. Is there a written business continuity plan that covers key processes? If so, is the plan periodically tested? When was the last test, and what were the results? 6. For how long are bank account and bank account reconciliation records retained? Is this consistent with record retention guidelines? In your opinion, are the retention periods appropriate and sufficient? 7. Have there been any indications of problems with information, i.e., availability, accuracy, completeness, timeliness, security, etc.? 8. Have all the required software licenses been acquired? Are maintenance agreements current? 9. Do you have any concerns about departmental information and communications systems, or interfaces with other systems? Audit Procedures and Internal Control Questionnaires Bank Account Administration and Reconciliation Core Audit Program (Total Estimated Time to Complete 120 hrs.) Draft Dated: July 21, 2003 Attachment A Proposed Internal Control Questionnaire (ICQ) Attachment A - Page  PAGE 3 of 3 oqP Q ` a o MN!!!v"w""""#!#r##K$g$%,%%S&T&p&((+,, -----... /m//+1G111B2^22S55596:6I6J6X6667778{99;;>?CjC >*CJaJCJaJ>*h>*CJ 5>*CJ\56CJ\]CJ 5CJ\Tpq P Q a o $<<$If^a$ $<<$Ifa$ "^`" l^`l^deo p - t ,:T & F VV$EƀwfIf^V$Ifk$$Ifl0$L064 la<t  WT & F VV$EƀwfIf^VT & F VV$EƀwfIf^V v WT & F VV$EƀwfIf^VT & F VV$EƀwfIf^V _ WT & F VV$EƀwfIf^VT & F VV$EƀwfIf^V WT & F VV$Eƀwf If^VT & F VV$EƀwfIf^V0@6(  0^`0 "^`"k$$Ifl0$L064 la<T & F VV$Eƀwf If^V01MNhiYWF & F"Eƀwf.^F & F"Eƀwf. `^```ioF & F"Eƀwf.F & F"Eƀwf.56IJ[F & F"Eƀwf. 0^`0 ^`F & F"Eƀwf.oF & F"Eƀwf.F & F"Eƀwf.RSoi_ ^``F & F"Eƀwf .F & F"Eƀwf .q_O & F   Eƀwf.^ O & F   Eƀwf.^ q"_O & F   Eƀwf.^ O & F   Eƀwf.^ "|_O & F   Eƀwf.^ O & F   Eƀwf.^  I_O & F   Eƀwf.^ O & F   Eƀwf.^ IIJ!!{{ & F01$@& ^`0 b>^b`> bb>^b`> b^O & F   Eƀwf .^ !!!v"w""""J k$$Ifl0$L064 la<$<<$If^a$ $<<$Ifa$ "^`" 0^`0 "^`" 0^`0"##!#K#r#s##KEE $IfT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^V$If$If## $WT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^V $K$g$$QT & F( HVV$EƀwfIf^V$IfT & F HVV$EƀwfIf^V$ %%,%%KT & F HVV$EƀwfIf^V$If$IfT & F HVV$EƀwfIf^V%%%WT & F HVV$Eƀwf If^VT & F HVV$EƀwfIf^V%%%S&T&p&&&{'|'zxnhnfh^h p0^p`0^ 0^`0 "^`"k$$Ifl0$L064 la< |'W(X(((())**p+q+++, - & Fp01$@& ^p`0 p0^p`0^S & F! pp0Eƀwf.^p`0 -------.j d$Ifk$$Ifl0$H064 la<$<<$If^a$ $<<$Ifa$ 0^`0.G.v.WT & F p$EƀwfoIf^T & F VV$EƀwfIf^Vv... /WQ$IfT & F VV$EƀwfIf^VT & F p$EƀwfoIf^ /l/m//P0KT & F VV$EƀwfIf^V$If$IfT & F VV$EƀwfIf^VP0Q0R000*1+1G11~~ttjj @ 0^@ `0 p0^p`0 0^`0 "^`"m$$Ifl 0$H064 la<1A2B2^22MJ & F)0Eƀwf.`0  p^p  U & F#  @ @ 0Eƀwf.^@ `02!3330414]SI? ^ p0^p`0 ^`Q & F# dp@ @ Eƀwf.^@ Q & F# dp@ @ Eƀwf.^@ 14S5T55596:6J6X6$<<$If^a$ $<<$Ifa$ "^`" 0^`0 "^`" p^p` pp0^p`0X6Y666687 4T & F  VV$EƀwfIf^V$If$Ifk$$Ifl0$L064 la<877777KT & F  VV$EƀwfIf^V$If$IfT & F  VV$EƀwfIf^V7778WQ $IfT & F  VV$EƀwfIf^VT & F  VV$EƀwfIf^V88z9{99WMG$If $If^T & F  VV$EƀwfIf^VT & F  VV$EƀwfIf^V9$::WT & F  VV$Eƀwf If^VT & F  VV$EƀwfIf^V::::;>44 0^`0m$$Ifl0$L064 la<T & F  VV$Eƀwf If^V;;;(=)=>>cF & F$Eƀwf.F & F$Eƀwf. p0^p`0>>>? @!@@@AACCiCjCC} 0^`0 0^`0 b bb^b bb^b`F & F$Eƀwf.jCCCCCCGGIKJKKK]K_KLNS#S%SVWWWWXXXZ*Z,ZtZZ"[?[]^=_n_p_dd*CJ 5>*CJ\ 5CJ\h56CJ\]CJ6CCCCCnDlf$Ifk$$Ifl0$L064 la<$<<$If^a$ $<<$Ifa$ 0^`0nDDAEWT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^VAEEFWT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^VF`FFWT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^VFIGGWT & F HVV$EƀwfIf^VT & F HVV$EƀwfIf^VGGG$H%HHHHLJMJKK_Kxrhhrxhxf p0^p`0^ 0^`0 & F01$@& ^`0m$$Ifl}0$L064 la< _K`KKKKLFLYLGR & F# d1$@& Eƀwf.^R & F# d1$@& Eƀwf.^` 0^`0YLLM NNNNOOPPRRSS%S&SCS"T#TUUVVV 0^`0 & F01$@& ^`0 & F 01$@& ^`0VWWWWXXXX%Y&YZZ,Z-Z 0^`0 0^`0 & F01$@& ^`0V & F$ D01$@& Eƀwf.^`0-ZVZtZZ ["[?[[\Y\Z\]]^^<_=_p_q_C`D`` & F01$@& ^`0^ & F 01$@& ^`0 `^`` 0^`0``XaYaaabb^c_cccJdKddd)e*8@8 Heading 2$@&^CJNN Heading 3 $ 0@&^`0 5CJ\88 Heading 4$@&`CJHH Heading 5 $ p`@&^p``CJ<@< Heading 6$@&^>*CJD@D Heading 7$p0@&^p`0>*CJ4@4 Heading 8$@&>*CJ0 @0 Heading 9 $@&CJ<A@< Default Paragraph Font,@, Header  !, @, Footer  !DCD Body Text Indent"^`"HO"H Level 1 & F01$@&^`0CJhHO2H Level 2 & F01$@&^`0CJhDR@BD Body Text Indent 2 ^CJDSRD Body Text Indent 3 p^pCJ&)@a& Page Number*B@r* Body TextCJJYJ Document Map-D M OJQJ^JKGa""&pqPQaop-tv_  0 1 M N h i 56IJRSq"| IIJvw!Krs K g !!,!!!!!!S"T"p"""{#|#W$X$$$$%%&&p'q'''( )))))))*G*v*** +l+m++P,Q,R,,,*-+-G--A.B.^..!///0010S1T11192:2J2X2Y22228333333344z5{55$66666777(9)9::::; <!<<<==??i?j??????n@@AAAB`BBICCCC$D%DDDDLFMFKG_G`GGGGHFHYHHI JJJJKKLLNNOO%O&OCO"P#PQQRRRSSSSTTTT%U&UVV,V-VVVtVV W"W?WWXYXZXYYZZ<[=[p[q[C\D\\\X]Y]]]^^^_____J`K```)aCnDAEFFG_KYLV-Z`ee5789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^`abcdefghijke6*!t\\`aa`aaHoUVq+,STUXJ J &&#'o'((( ) ) )N,O,,,S1T111s>w>>>>>??C?h???AABBBBBB\C\CdCeCCCCCWDjDNEOE`E`EEE,F?FFFFFj\}\\\](]z]]]]^^*^*^9^:^V^V^^^^^^^^\_____$`$```````3a;aiajajalaaaaa Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc Helen Valness]C:\Personal\Core Audit Programs\Core Audit Bank Account Administration and Reconciliation.doc GBlumbergGC:\Docs03\Core Audit Bank Account Administration and Reconciliation.doc) * p#KBk"`P,X`\(Kfs!ldo$X3j$MM&%v"vN 's*p'FA@+leʆ-0_Mz1H \5ؕP]Z:|O3%;`P>0!6?H.{#B?v|9EN^Kr5 Opx_ZgZ8Ly?e]67_E'scdt_e`j&1θ.pkQd;lr%]en@*o1hg7o颍+p6Cq088yr2Ehr,t l~fs0^`0.0^`0.^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.D\D^D`\o(.  ^ `. L ^ `L.xx^x`.HH^H`.L^`L.^`.^`.L^`L.^`o(.  ^ `. L ^ `L.xx^x`.HH^H`.L^`L.^`.^`.L^`L.h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h ^`OJQJo(oh XX^X`OJQJo(h ((^(`OJQJo(h ^`OJQJo(oh ^`OJQJo(h^`.h^`.h pp^p`OJQJo(@ @ ^@ `o(.h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(  ^ `o(.pp^p`.@ L@ ^@ `L.^`.^`.L^`L.^`.PP^P`. L ^ `L.hpp^p`)h@ @ ^@ `.hL^`L.h^`.h^`.hL^`L.hPP^P`.h  ^ `.hL^`L.h^`)h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.^`o(.h ^`OJQJo(pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h@ @ ^@ `.^`o(.hL^`L.h^`.h^`.hPLP^P`L.h  ^ `.h^`.h!L!^!`L.h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(h  ^ `.0^`0o(.d0d^d`0o(.h^`.@ ^`o(.L^`L.^`.X X ^X `.(#L(#^(#`L. ^`OJQJo( ^`OJQJo(o pp^p`OJQJo( @ @ ^@ `OJQJo( ^`OJQJo(o ^`OJQJo( ^`OJQJo( ^`OJQJo(o PP^P`OJQJo(h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(h^`)h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.h^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h^`o(.h  ^ `.h L ^ `L.hxx^x`.hHH^H`.hL^`L.h^`.h^`.hL^`L.^`.^`.pp^p`.@ @ ^@ `.^`.^`.^`.^`.PP^P`.^`o(.  ^ `. L ^ `L.xx^x`.HH^H`.L^`L.^`.^`.L^`L.808^8`0o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h 88^8`OJQJo(h ^`OJQJo(oh   ^ `OJQJo(h   ^ `OJQJo(h xx^x`OJQJo(oh HH^H`OJQJo(h ^`OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h ^`OJQJo(oh XX^X`OJQJo(h ((^(`OJQJo(h ^`OJQJo(oh ^`OJQJo(h^`.h^`.hpLp^p`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.^`)^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h   ^ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h | | ^| `OJQJo(h LL^L`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh ^`OJQJo(8^`o(1. 0 ^ `0o(.@ L@ ^@ `L.^`.^`.L^`L.^`.PP^P`. L ^ `L.h tt^t`OJQJo(h DD^D`OJQJo(oh   ^ `OJQJo(h   ^ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h TT^T`OJQJo(h $$^$`OJQJo(oh ^`OJQJo(^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h ^`OJQJo(h ^`OJQJo(oh pp^p`OJQJo(h @ @ ^@ `OJQJo(h ^`OJQJo(oh ^`OJQJo(h ^`OJQJo(h ^`OJQJo(oh PP^P`OJQJo(^`o(.  ^ `. L ^ `L.xx^x`.HH^H`.L^`L.^`.^`.L^`L.^`o(.  ^ `o(. L ^ `L.xx^x`.HH^H`.L^`L.^`.^`.L^`L.h@ @ ^@ `.h^`.hL^`L.h^`.h^`.hPLP^P`L.h  ^ `.h^`.h!L!^!`L.^`o(.^`.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.^`o(.8^`o(.pLp^p`L.@ @ ^@ `.^`.L^`L.^`.^`.PLP^P`L.h HH^H`OJQJo(h ^`OJQJo(oh ^`OJQJo(h   ^ `OJQJo(h ^`OJQJo(oh XX^X`OJQJo(h ((^(`OJQJo(h ^`OJQJo(oh ^`OJQJo(*hg7oN '(K.pksc7_?e]]en3%;P,_Mz1*p'!F3j$P>MM&%]Z:e`jdd;lA@+6?{#B_ZgZ o$89hr,t*o$9 9E9 +pk \5#KCq^K O~H-8yr|90.91.92 93T94959697p9 ^`.9!^`.9"^`P9#^`9$^`9%^`(9&^`p9'^`A0))A,5        pJ/        |                             (d(     A,5                                            HnfG         ,Z                 4D\R t                               `z.        x                         P4        ,                                                              S)                \Ȧ                 zp        y                >U        >{HnfG                Qaop wK !!))))*P,Q,:2J2X2Y2366????ACC`aaaa@\\Finmgt-nts03\HP LaserJet 8100 Series PCL (Audit)Ne01:winspoolHP LaserJet 8100 Series PCL\\Finmgt-nts03\HP LaserJet 81004C odXXLetter DINU"4:\\Finmgt-nts03\HP LaserJet 81004C odXXLetter DINU"4:\\to9\\a @Unknown GBlumbergG: Times New Roman5Symbol3& : Arial5& z!Tahoma?5 : Courier New;Wingdings"hww[w O(!r0daS 2QIStephanie Burke Helen ValnessOh+'0   < H T `lt|IssStephanie Burketeptep Normal.dotuHelen Valnesse15eMicrosoft Word 9.0@hx@DG@xBTvL@.R O՜.+,0 px  ,(a I Title  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklnopqrstuvwxyz{|}~Root Entry F .R1TablemWordDocumentSSummaryInformation(DocumentSummaryInformation8CompObjjObjectPool .R .R  FMicrosoft Word Document MSWordDocWord.Document.89q