FixNix Blog

The Pentagon still can’t manage to produce its first audit in 20 years

Dec 2, 2014 12:04:04 AM / by Shanmugavel Sankaran posted in fixnix, FixNix GRC, USA, audit, audit management, Blog, pentagon


After decades of failing to produce clear financial statements, the Pentagon is once again set to fail to meet its audit deadline two years from now.

The Pentagon accounts for nearly half of all discretionary spending approved by Congress, has an inventory that makes up 33 percent of the federal government, a budget of over $500 billion, and owns $1.3 trillion in property. Not once has it managed to scrape together a financial statement, which the federal government has theoretically required since the 1990s.

 Former Defense Sec. Leon Panetta gave the Pentagon until September 2017 to finally produce such a statement, but since then they’ve gradually pushed the deadline back and decided to “narrow the scope” of their accounting.

“To be able to do a financial statement audit by that date, it’s going to be very difficult because of the sheer scale and resources required,” Asif Khan, the director of financial management and assurance at the Government Accountability Office, told The Hill. “I think there are significant challenges in meeting the 2017 date.”

“We still have a lot of work left to do to be ready to audit all of our financial statements,” an anonymous defense official said. “It is an ambitious goal but we are committed to meeting it.”

The GAO has severely criticized the Pentagon’s sloppy accounting for years, rating them “high risk” since 1995 for being “one of the few federal entities that cannot accurately account for its spending or assets.”

Among the things this leaves the Department of Defense unable to do, according to the GAO: “control costs; ensure basic accountability; anticipate future costs and claims on the budget; measure performance; maintain funds control; prevent and detect fraud, waste, and abuse; address pressing management issues; and prepare auditable financial statements.”

The DOD claims it can’t manage to get its records together because of old technology and a lack of uniform accounting practices.

Republicans and Democrats have both called for auditing the Pentagon, but the bipartisan “Audit the Pentagon Act” has failed to move forward in the House.

“Any leader of a private business, corporation, church or association that couldn’t pass a financial audit could find himself in prison,” Sen Tom Coburn (R-Okla.) wrote earlier this year. “Year after year, the Pentagon recycles the same excuses it has used since the 1950s, but now promises it is finally making progress toward meeting its statutory deadlines. Year after year, Congress appropriates hundreds of billions of dollars without requiring the Pentagon to comply with the law and the Constitution.”

source :

Read More

If anything shouldn’t be taken for granted, it’s Information Security Management

Dec 1, 2014 11:58:40 PM / by Shanmugavel Sankaran posted in fixnix, Incident security management, ISO 20000, ISO 27001, audit, Blog, BYOD, policy management


It was one of our usual off-the-record discussions when I spoke with network admin and asked about the regular password change set up on the system. And, the answer included words like “my opinion,” “my experience,”... but, not a single word about policy. “Which policy?” I was asked. Oh, something is, obviously, wrong.

Read More

Gartner Positions MetricStream in the Leader's Quadrant of the Magic Quadrant for Business Continuity Management Planning Software

Sep 24, 2014 12:22:25 AM / by Shanmugavel Sankaran posted in fixnix, FixNix GRC, Gartner, Governance, incident, Magic Quadrant, Metric stream, asset, audit, BCMP, Blog, compliance, policy, risk


MetricStream, the leading provider of Governance, Risk and Compliance (GRC) solutions today announced that it has been positioned by Gartner, Inc. in the "Leaders" Quadrant of the 2014 Magic Quadrant for Business Continuity Management Planning (BCMP) Software1.

Read More

KPMG offers clients enhanced audit reports

Sep 24, 2014 12:18:43 AM / by Shanmugavel Sankaran posted in fixnix, Governance, grc, KPMG, Risk Management, audit, audit management, Blog, compliance, risk

0 Comments has issued an open invitation to its audit clients to allow it to describe its findings on their key risk areas in the audit report

The move follows the widespread interest that has been shown on both sides of the Atlantic in field tests the firm carried out earlier this year with a number of audit clients, including Rolls-Royce.

As part of its campaign to restore trust in audit in the wake of the financial crisis, the firm experimented with increasing the amount of useful information provided in the new long-form audit report, way beyond the minimum regulatory requirements.

As well as reporting on the risks and the auditors’ response to them, KPMG also included commentary from the individual senior audit partner. This included a discussion about qualitative matters with the aim of helping to add colour and depth, and to “emphasise areas of risk that concern management, audit committee and investors alike”.

The outcome was so successful that City Equity Research was moved to say, “KPMG’s report on Rolls-Royce should be regarded as best practice, in our view.”

According to KPMG head of audit Tony Cates, the firm’s innovative approach has become a talking point among investors and has featured as a “recurring theme” at a public meeting held by the Public Company Accounting Oversight Board on the future of US auditing.

“When we were approached by an audit committee chairman asking ‘Can I have a Rolls-Royce audit report?’, we knew that we needed to think about moving beyond a field test.”

The open invitation has the backing of the KPMG board, senior audit partners and UK chairman Simon Collins. He said, “It will enable us to work with more companies on increased transparency, shaping the future of audit and corporate reporting.

“There is certainly no requirement for client companies to take up our offer and, indeed, extended reporting may not be appropriate for all companies at this time.

“We hope, however, that management teams will debate the proposal with their boards, audit committees and, in particular, their key investors.

“These kinds of audit reports will contribute to greater transparency, insight and trust.”

To help audit clients decide whether or not to go ahead with the “enhanced” audit report, KPMG is offering to show audit clients what its reported “findings” would have looked like had it been engaged to do them during their last audit.

It points out, however, that the decision will need to be taken before the start of their next audit to ensure that “decisions are free from any question of bias and are about participating in the future of corporate and audit reporting”.

source :

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

see all

Recent Posts