Tribes receiving CSBG ARRA funds certify that a risk assessment has been conducted addressing the following:

• previous audit or monitoring findings;

• internal controls;

• conflicts of interest;

• statutory and regulatory compliance; and

• equipment and property policies.

• Probability of Occurrence

• Potential Impact

–Financial

–Legal

–Program Mission

–Organizational and Program Reputation

• Previous audit findings with no corrective actions (“red flag”)

• Lack of operating procedures or policies

• Policies and procedures in conflict with statutory or regulatory requirements, accounting standards

• Operating procedures or policies not communicated to key staff

• Operating procedures not followed consistently or routinely bypassed

• Inability to track and report on CSBG ARRA funds.

• No segregation of key duties (e.g. program planning, funds approval, funds disbursement, reconciliation).

• Lack of expertise among key personnel (e.g. financial, program monitoring)

• Inherent risk of expenditure (e.g. cash disbursement) without compensating controls and oversight

• Inadequate documentation of activities or expenditures

• Inadequate protections against theft or misuse of property

• Review of past audit or monitoring findings – Have corrective action plans been developed and implemented?

• Review of Key Federal and State Requirements(e.g. GAO Internal Control standards, OMB Cost principles, CSBG Act, CSBG Information Memoranda).
  

• Review of existing policies and procedures – Are clear policies and procedures in place for CSBG ARRA funds?  Have these policies been reviewed to assure compliance with the CSBG Act (e.g. income eligibility) and other Federal guidance (e.g. OMB cost principles).

• Testing – Review samples of existing work to assure consistency.  Discuss and look for “blind spots” in existing controls and procedures.

• Communicating and Refining – Assure leadership, board members, and staff are aware of potential risk areas and identify refinements in existing procedures and policies.  Assure that any refinements in policies and procedures are communicated among all staff with appropriate training provided where necessary.

• Federal ARRA funds will be highly scrutinized.  Internal risk assessments are intended to assure preparation for future reviews, audits, and oversight.

• Risk assessment can be a key element of accomplishing the goals of a program or activity by assuring that funds and activities are conducted as intended.

• Tribal Chief, Chief Executive or Tribal Chairperson certifies and submits risk assessments by October 30, 2009.