I recently ran into the publication shown in the lead picture to this article and found it fascinating, particularly for those of us involved in the business of inventory management as it relates to financial compliance. The publication is freely available on Protiviti’s web site; link to the download page here.
To provide some very quick background, the Sarbanes-Oxley Act (commonly abbreviated as SOX) is the Federal Law that mandates certain practices in financial record keeping and reporting for corporations. To quote SECNAV’s FIAR Committee: “the federal sector’s version of SOX is the Federal Managers’ Financial Integrity Act of 1982, from which the revised OMB Circular A-123, Appendix A was derived.”
So, now that we have established the background and relationship between SOX and FIAR, what I wanted to highlight is the great importance that SOX gives to physical inventory controls. For example, Protiviti’s guide gives the following as an example of a good description for adequate management controls in compliance with SOX:
“Inventory management personnel periodically conduct cycle counts with an objective of systematically covering the entire inventory over a 12-month period. The cycle-counting process covers all locations. Counts are complete. The physical counts are posted immediately to the perpetual records and compared to recorded amounts. Any differences noted are used to process an adjustment to the general ledger. The plant controller approves the adjustment. Significant book-to-physical adjustments, as identified by the plant controller, are investigated to determine the items causing the adjustment and the root causes so that appropriate process improvements can be made.”
Sounds familiar? Reading that paragraph reassured me that, with the current direction in policies, we are likely on track to achieve audit readiness at DoD, provided that we execute on those policies.
Here is another paragraph from that publication discussing how physical inventory, as a management control, is used to mitigate audit risk:
“Controls that have the most direct impact on mitigating a risk and achieving an assertion that the company is controlling the flow of financial reporting transactions and information. These are the controls that management and process owners would agree are the company’s “primary line of defense” to reducing a risk of a material misstatement to an acceptable level and achieving a higher risk financial reporting assertion. Thus, they are the controls that the company looks at first to ensure they are operating effectively before considering all other controls. An example is the use of management approvals to address the risk of unauthorized transactions. Another example is the use of wall-to-wall physical inventories or periodic cycle counting to satisfy the “existence of inventory” assertion. Still another consideration is the proximity of a control to the point within a critical process at which there is a reasonable possibility errors or fraud could occur.” (Highlight is mine)
I just wanted to share this to show how physical inventory management is indeed a key component to audit readiness, and recognized as such at the highest levels. If you are able to read the full document (though it is long and kind of dense), I highly recommend it.