[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]



                         [H.A.S.C. No. 112-92]


 
                   INDUSTRY PERSPECTIVES ON ACHIEVING
                            AUDIT READINESS

                               __________

                                HEARING

                               BEFORE THE

                 PANEL ON DEFENSE FINANCIAL MANAGEMENT

                        AND AUDITABILITY REFORM

                                 OF THE

                      COMMITTEE ON ARMED SERVICES

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             FIRST SESSION

                               __________

                              HEARING HELD

                           NOVEMBER 17, 2011

                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13


                  U.S. GOVERNMENT PRINTING OFFICE
72-416                    WASHINGTON : 2012
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202ï¿½09512ï¿½091800, or 866ï¿½09512ï¿½091800 (toll-free). E-mail, [email protected].  


                                     
                 PANEL ON DEFENSE FINANCIAL MANAGEMENT 
                        AND AUDITABILITY REFORM

                  K. MICHAEL CONAWAY, Texas, Chairman
SCOTT RIGELL, Virginia               ROBERT ANDREWS, New Jersey
STEVEN PALAZZO, Mississippi          JOE COURTNEY, Connecticut
TODD YOUNG, Indiana                  TIM RYAN, Ohio
                Paul Foderaro, Professional Staff Member
               William Johnson, Professional Staff Member
                    Lauren Hauhn, Research Assistant


                            C O N T E N T S

                              ----------                              

                     CHRONOLOGICAL LIST OF HEARINGS
                                  2011

                                                                   Page

Hearing:

Thursday, November 17, 2011, Industry Perspectives on Achieving 
  Audit Readiness................................................     1

Appendix:

Thursday, November 17, 2011......................................    21
                              ----------                              

                      THURSDAY, NOVEMBER 17, 2011
           INDUSTRY PERSPECTIVES ON ACHIEVING AUDIT READINESS
              STATEMENTS PRESENTED BY MEMBERS OF CONGRESS

Andrews, Hon. Robert, a Representative from New Jersey, Ranking 
  Member, Panel on Defense Financial Management and Auditability 
  Reform.........................................................     2
Conaway, Hon. K. Michael, a Representative from Texas, Chairman, 
  Panel on Defense Financial Management and Auditability Reform..     1

                               WITNESSES

Boutelle, Joann, Partner, Deloitte and Touche LLP................     3
Keeley, Mark, Partner, PricewaterhouseCoopers LLP................     7
Porter, Tracy, Partner, Grant Thornton LLP.......................     5

                                APPENDIX

Prepared Statements:

    Boutelle, Joann..............................................    27
    Conaway, Hon. K. Michael.....................................    25
    Keeley, Mark.................................................    49
    Porter, Tracy................................................    37

Documents Submitted for the Record:

    ``DOD Audit Readiness Essentials,'' Submitted by Mark Keeley.    61

Witness Responses to Questions Asked During the Hearing:

    [There were no Questions submitted during the hearing.]

Questions Submitted by Members Post Hearing:

    [There were no Questions submitted post hearing.]

           INDUSTRY PERSPECTIVES ON ACHIEVING AUDIT READINESS

                              ----------                              

                  House of Representatives,
                       Committee on Armed Services,
    Panel on Defense Financial Management and Auditability 
                                                    Reform,
                       Washington, DC, Thursday, November 17, 2011.
    The panel met, pursuant to call, at 8:00 a.m. in room 2212, 
Rayburn House Office Building, Hon. K. Michael Conaway 
(chairman of the panel) presiding.

OPENING STATEMENT OF HON. K. MICHAEL CONAWAY, A REPRESENTATIVE 
     FROM TEXAS, CHAIRMAN, PANEL ON DEFENSE MANAGEMENT AND 
                      AUDITABILITY CONTROL

    Mr. Conaway. Thanks to everyone for being here at our last 
Panel on Defense meeting for the month of November. I would 
like to welcome our witnesses this morning to bring us 
industry's perspective on audit readiness.
    Over the past 4 months we have heard from a variety of 
witnesses within Government, including representatives from the 
office of OSD [Office of the Secretary of Defense] and military 
department comptrollers; the Department of Defense functional 
communities; department Office of Inspector General; and the 
GAO [Government Accountability Office] on the challenges that 
the Department faces in achieving audit readiness and its 
efforts to resolve these issues.
    Today, as the Panel nears the completion of its work, we 
turn to accounting firms that have experience out of the 
private sector, as well as within Government, to get their 
views on the impediments to DOD [Department of Defense] 
achieving auditability and the actions needed to address these 
challenges.
    In addition to having experience performing work at various 
other entities, these firms are involved in almost every aspect 
of the Department's financial improvement and audit readiness 
efforts, ranging from assisting DOD components in implementing 
the FIAR [Financial Improvement and Audit Readiness] strategy, 
to assisting the Office of the Under Secretary of Defense, 
Comptroller, in performing its review of DOD's components' 
progress, and actually performing certain audits themselves.
    Therefore, they can provide a well-informed point of view 
on the problems facing DOD as it works toward achieving 
auditability on the statement of budgetary resources by 2014 
and full financial statements by 2017.
    Some of the challenges have been identified to date, 
including sustaining leadership and effective oversight, 
ensuring workforce competency and implementing the ERPs 
[Enterprise Resource Planning], solving longstanding internal 
control weaknesses, and managing organizational challenges 
associated with having a large and complex organization such as 
DOD.
    The witnesses here today may or may not consider all these 
issues as impediments to improving financial management and 
audit readiness, or they may have slightly different take on 
the issues, or they may identify other challenges altogether.
    Most significantly, they may be able to provide alternative 
options on how to overcome these weaknesses.
    I look forward to hearing their testimony. I would now like 
to introduce our witnesses. We have got Ms. JoAnn Boutelle, 
partner with Deloitte and Touche; Ms. Tracy Porter, partner 
with Grant Thornton; and Mr. Mark Keeley, partner with 
PricewaterhouseCoopers.
    Now I would like to turn to Rob Andrews for any opening 
statement he would like to make.
    [The prepared statement of Mr. Conaway can be found in the 
Appendix on page 25.]

  STATEMENT OF HON. ROBERT ANDREWS, A REPRESENTATIVE FROM NEW 
 JERSEY, RANKING MEMBER, PANEL ON DEFENSE FINANCIAL MANAGEMENT 
                    AND AUDITABILITY CONTROL

    Mr. Andrews. Well, good morning, Chairman.
    Good morning, ladies and gentlemen. I am glad to have you 
with us.
    I will repeat something I have said as we have gone forward 
in this process; that we are on the verge of making very 
consequential decisions about the defense budget, either by 
default, through the sequestration process, or through a more 
deliberative mechanism through the Special Committee. But one 
way or another there is big decisions ahead.
    And one thing I think that we all understand is that bad 
data lead to bad decisions, and bad recordkeeping systems lead 
to bad data. And it is an unfortunate presumption that the 
present state of affairs--because we do not have accurate 
financial statements from the Department of Defense--gives us 
too much bad data.
    So this whole project is really not about some, you know, 
metaphysical accounting exercise--with all due respect to the 
chairman--don't want to insult accountants, but it is about a 
much larger and more substantive problem, which is if--that are 
we going to make these very consequential decisions with good 
information or without good information.
    And I am encouraged by much of what I have heard from the 
Department of Defense and the Services and the various sub-
units of the Services that are responsible for making us audit-
ready by the statutory deadline.
    But that is only half of the equation. I have been looking 
forward to this morning because it is the other half of the 
equation. We have been hearing from the people who are going to 
be preparing to be audited. We are now going to hear from the 
people who will be doing the audits and get your perspective on 
the audit readiness and the steps that stand between us and 
being totally audit-ready. So we are glad that you are here. 
The spirit of this panel has always been to try to take 
information and use it in the best way possible, and we are 
glad that you are here to give us some of that information we 
can use.
    So thank you, Mr. Chairman. I look forward to the 
testimony.
    Mr. Conaway. Thanks, Rob.
    Ms. Boutelle, your opening statement? And without 
objection, all your statements will be entered in the record. 
Your written statements will be entered in the record.

 STATEMENT OF JOANN BOUTELLE, PARTNER, DELOITTE AND TOUCHE LLP

    Ms. Boutelle. Thank you.
    Chairman Conaway, Congressman Andrews and members of the 
Panel, thank you for the opportunity to testify today.
    I have had the unique experience over the last 26 years 
serving in both Government and now industry. Prior to joining 
Deloitte in 2004, I worked as the Deputy Chief Financial 
Officer at DOD and before that at the Defense Finance and 
Accounting Service.
    While serving as the DCFO [Deputy Chief Financial Officer], 
I recognized the managerial challenges caused by issues with 
the integrity of DOD financial data and led efforts to improve 
financial statements, business processes and systems.
    It is from this experience that I offer my perspective on 
two areas which I think are critical to DOD's achieving 
auditability; first, an increase in sustained leadership 
commitment and, second, a workforce with the applicable 
financial and technical competencies.
    I will talk about leadership first. A commitment from DOD 
leadership starting at the Secretary's level is critical to 
achieve audit readiness by 2017. This belief comes from 
Deloitte's direct experience working with both commercial and 
Government clients.
    The chief financial officer and the DOD financial 
management community have demonstrated leadership in addressing 
the tough issues of fixing the Department's business processes 
and systems.
    However, the business owners must also be held accountable 
to correct deficiencies that impact the Department's ability to 
achieve their audit goals. Cross-functional ownership at the 
senior levels cannot be forced by the CFO [Chief Financial 
Officer], who is a peer to many of the business leaders. This 
is a job for the Secretary and the Deputy Secretary, with 
tangible and measurable objectives.
    Secretary Panetta's recent announcement that he is now 
personally involved in driving the Department to achieve audit 
readiness is a major signal that this is a top priority of the 
Department.
    However, sustained participation from the Secretary and 
Deputy Secretary is critical to reinforcing the message 
throughout the Department that auditability is a top priority. 
Let me provide an example where a director of an agency became 
personally involved in achieving auditability. The Defense 
Information Systems Agency, or DISA, started on a journey in 
2005 to obtain an audit opinion on its financial statements. 
The DISA director and others in leadership became personally 
involved and actively drove the audit readiness efforts, and 
recently DISA successfully completed an audit of their working 
capital fund.
    The ongoing involvement of the DISA director was a major 
factor in their success.
    Deloitte has seen similar examples in recent years on the 
commercial side where corporate CEOs [Chief Executive Officers] 
and COOs [Chief Operating Officers] aggressively led the 
implementation of the Sarbanes-Oxley Act. These organizations 
quickly learned that success required the full engagement of 
senior executives, not only in finance, but in the business 
units.
    A similar pattern of sustained leadership engagement is 
critical to the Department's ability to meet its aggressive 
audit readiness time lines.
    Now let me address the second critical area for success: 
The need to improve the competencies of the DOD workforce. 
Workforce development relating to financial management within 
the DOD should include three areas.
    First, there are the people who are directly involved in 
the preparation of the Department's financial statements. There 
should be an increased effort to hire CPAs [Certified Public 
Accountants] into these key positions and also to incentivize 
current qualified employees to take the CPA exam.
    Second, there are those nonfinancial managers who in the 
course of their daily jobs conduct activities that result in a 
financial transaction. Not all of these people need to be 
trained accountants, but they need to be trained to understand 
their role in financial management and why controls and timely 
processing of financial transactions are important to the 
integrity of the financial data.
    Third, there are those financial managers in DOD who are 
directly involved in the financial statement audit and audit 
readiness process.
    Leading these efforts requires CPAs with experience in 
complex financial statement audits. Getting to the first audit 
opinion is the most difficult step, and meeting the need for 
experienced audit professionals is critical to help DOD focus 
their resources most effectively.
    The DOD does not have a sufficient number of CPAs with this 
experience. Since coming to Deloitte and working directly with 
seasoned audit practitioners, I have come to appreciate the 
difference between knowing how the Department processes and 
accounts for financial and budgetary transactions and knowing 
how to audit these transactions. DOD needs to recognize this 
difference.
    In conclusion, DOD and its industry partners share the same 
goal--for DOD to achieve an unqualified audit opinion and for 
them to meet their deadlines.
    I want to thank the Panel for holding these important 
hearings on defense financial management and for your laser-
focused attention on this very important issue.
    I look forward to your questions.
    [The prepared statement of Ms. Boutelle can be found in the 
Appendix on page 27.]
    Mr. Conaway. Thank you, Ms. Boutelle.
    Ms. Porter.

     STATEMENT OF TRACY PORTER, PARTNER, GRANT THORNTON LLP

    Ms. Porter. Chairman Conaway, Ranking Member Andrews and 
distinguished members of the Panel, good morning and thank you 
for inviting me to testify today. I am pleased to be able to 
share with you my perspective on the impediments to DOD 
achieving audit readiness and the actions DOD needs to take to 
become audit-ready.
    As you know, Grant Thornton was recently retained to 
perform the audit of the statement of budgetary resources of 
the United States Marine Corps. The results of that audit 
aren't the subject of my testimony today.
    Instead, my views have been formed through years of 
conducting audits and audit readiness engagements for the 
Federal Government.
    I know, for some, audit readiness at DOD may seem like a 
struggle that will not soon be won. But I have seen significant 
changes in recent past included a much stronger focus on 
improving financial management and not simply because of the 
audit.
    Instead, there is a strong and sincere desire at DOD to 
give defense managers and warfighters better financial 
information with which to make their business decisions.
    Improving financial management is the ultimate goal of 
auditing the financial statements. But the road to an 
unqualified opinion is often rocky. Too often organizations and 
their stakeholders have unrealistic expectations about the 
results of early audits.
    Some of the expectations may derive from the term ``audit 
readiness.'' When laymen hear the term ``audit readiness'' they 
may assume it means an organization is likely to obtain an 
unqualified opinion on its financial statements. It often 
means, however, that the organization simply has enough 
evidence ready to subject to the scrutiny of auditors, even 
though the result may be a qualified opinion or even a 
disclaimer.
    The past has shown that receiving a qualified opinion or 
disclaimer is often the first step most Federal agencies have 
had to take before they really understand where the focus of 
their audit remediation efforts need to be.
    Like almost every action DOD takes, its audit will be the 
single largest audit every undertaken. In addition to large, 
the audit will be complex because DOD's operations span our 
Nation's history, while the focus on audit readiness is 
relatively recent.
    Unlike most companies undergoing an audit for the first 
time, DOD isn't audit-ready. The difference between the initial 
audit readiness of DOD and most large companies stem from the 
drive for profit. The profit drive ingrains in private sector 
personnel that without financial managers' input to keep 
business decisions, they don't have adequate understanding of 
the availability of resources to carry out their operations. 
That nature hasn't been part of the Government's way of doing 
business. They just assume the funding will come.
    While changing today's past practices are slow, the 
financial statements still reflect transactions from the past. 
So often obtaining that clean opinion for the first few years 
is unrealistic. Just as expectations of audit readiness should 
be managed, it should also be ensured that realistic deadlines 
are imposed. In a publicly traded company, auditors are in an 
organization every quarter and then they have 90 days at the 
end of the fiscal year to complete the financial statement 
audit.
    Within the Federal Government, agencies have up to 45 days 
after the end of the year to complete and submit their audited 
statements to OMB [Office of Management and Budget]. In my 
view, it is simply impractical to subject an organization as 
complex as DOD to this unreasonable deadline for the first few 
years that they are subjected to the audit, especially when the 
publicly traded counterparts that are smaller and less complex 
have twice as long to accomplish the same tasks.
    Another challenge is DOD's reliance on a complex web of 
service providers. Service providers perform financial 
management functions such as transaction processing and systems 
maintenance. In carrying out the functions, DOD agencies assume 
the service providers have proper internal controls, while 
service providers rightly assume that the policies and 
procedures are residing within the agencies.
    An effective manner for DOD to actually gain that 
assurance, instead of having to assume, is to have the service 
provider's internal controls audited by an independent party. 
But it might surprise the Panel members to know that DOD 
service providers aren't subjected to that audit, like the 
service providers in other agencies.
    In addition, DOD agencies and service providers need a 
detailed agreement that documents what the service providers 
are supposed to do for the agencies. That lack of agreement 
results in poor controls and injects risk in every transaction.
    Internal controls within DOD agencies themselves are also 
weak, and it is another challenge that they face. The 
organization as large and complex as DOD, they need a uniform 
approach to internal controls that would greatly enhance their 
financial management. The DOD controls environment is often far 
from standard, resulting in a decentralized, ineffective 
financial management environment. Without a uniform approach, 
it is difficult to share and adopt lessons learned in all DOD 
agencies and service providers.
    The 2,200-plus business systems that DOD relies on to 
perform its financial management is another challenge. This 
would be difficult enough were such systems under some 
standardization. Unfortunately, consistent policies on data 
processing and management are not in place.
    In my view, there are situations where DOD should not go 
back and undo the sins of the past. When a proper justification 
can be made, certain old transactions recorded in a financial 
system would far outweigh their benefits. But standards and 
policies and procedures need to be in place to govern systems 
and the data that they maintain for current and future 
transactions.
    Human capital is another major challenge throughout the 
Federal Government. The chain of command in the defense 
community adds complexity to that challenge. Financial 
management officials at headquarters often have no indirect or 
no authority over the financial management officials in the 
field. In addition, those field managers have more loyalty to 
their commanders than to the headquarters-level staff. This 
lack of financial management chain-of-command makes it 
difficult to apply consistent financial management policies and 
procedures.
    I have discussed the challenges to audit readiness 
asrequested. And though they are many, the talent and energy 
being invested by DOD in improved financial management is 
unprecedented. With DOD's continued leadership and attention, 
and the support and pressure applied by panels such as this 
one, I am sure we will be soon be reminiscing about just how 
steep the climb was at one time.
    That concludes my opening statement. I would be happy to 
take any questions.
    [The prepared statement of Ms. Porter can be found in the 
Appendix on page 37.]
    Mr. Conaway. Thank you, Ms. Porter.
    Mr. Keeley.

 STATEMENT OF MARK KEELEY, PARTNER, PRICEWATERHOUSECOOPERS LLP

    Mr. Keeley. Chairman Conaway, Ranking Member Andrews and 
members of the Panel, it is a pleasure to be here today to 
share my perspectives about the impediments to the Department 
of Defense achieving audit readiness and the actions the DOD 
needs to take to become audit-ready.
    My own audit readiness perspectives come from 27 years of 
public accounting experience as a licensed CPA, including 20 
years in the private sector and 7 years working here with the 
DOD. My experience is primarily in information systems 
auditing, but I will also offer an informed opinion today to 
the extent that I am able on broad audit readiness matters 
within the DOD.
    The firm in which I am a partner, PricewaterhouseCoopers 
LLP, has performed first-time audits of several Federal 
Government departments and DOD entities, including the 
financial statement audit of the United States Army Corps of 
Engineers-Civil Works; the financial statement audit of an 
intelligence community agency; and the service organization 
audit of the Defense Information Systems Agency.
    In addition, PwC [PricewaterhouseCoopers LLP] has been 
providing audit readiness advice to the Office of the Under 
Secretary of Defense Comptroller, Financial Improvement and 
Audit Readiness Directorate, FIAR, for the past 3 years. In 
this capacity, I have assisted with the development and 
implementation of the FIAR guidance and helped develop and 
teach the FIAR Directorate's 3-day audit readiness professional 
development course to over 1,000 DOD professionals, including 
financial leaders.
    Most recently, I signed the unqualified examination opinion 
on the successful audit readiness of the Air Force fund balance 
with Treasury reconciliation process.
    As I was preparing my testimony today, I happened to visit 
the Department of Energy. The lobby of the Department 
headquarters contains a prominent display about the Manhattan 
Project and the role of Albert Einstein. The display reminded 
me of a quotation by Albert Einstein that is relevant to 
today's topic: ``We cannot solve the problems by using the same 
kind of thinking we used when we created the problems.''
    The DOD did not intend to create the audit readiness 
challenges it has today. Rather, the DOD developed and 
implemented processes and systems tailored to achieve its 
overall functional mission. Audit-readiness then became an 
imperative. Because of DOD's incumbent processes and systems 
were not originally designed to meet audit readiness, a new 
kind of thinking will be required for the DOD to address the 
requirements of an audit-ready organization.
    Since the CFO Act was passed in 1990, one of the most 
significant changes in audit readiness thinking that has 
already occurred in the DOD is the development and 
implementation of a financial improvement and audit readiness 
strategy. Rather than attempt to audit an entire component all 
at once, the strategy prioritizes financial improvement work 
into manageable waves of audit activity such as the statement 
of budgetary resources.
    The work ethic of DOD personnel is strong and the DOD can 
accomplish any goal that it sets for itself. The 60-day SBR 
[statement of budgetary resources] plans that are currently 
being developed by each component will soon provide detailed 
blueprints for how the DOD will meet the latest audit readiness 
deadlines.
    Based on PwC's experience, the DOD should continue to 
improve its financial management and audit readiness efforts in 
three ways. First, enhance the skills of personnel resources 
through the addition of certified public accountants who have 
financial statement audit experience, and also continue to 
implement the Secretary of Defense Comptroller's financial 
improvement and audit readiness professional development 
program, as well as the financial management certification 
program.
    Number two--ensure that functional leaders and financial 
leaders throughout the DOD, including the leaders of 
components, as well as shared service organizations, are held 
equally accountable for audit readiness. Third, ensure legacy 
or ERP systems are configured to report data in the financial 
statements as prescribed by generally accepted accounting 
principles, or GAAP.
    I would be pleased to expand further on these three mains 
areas during the question and answer period, and I thank you 
again for the opportunity to share my perspectives.
    [The prepared statement of Mr. Keeley can be found in the 
Appendix on page 49.]
    Mr. Conaway. Well, thank you very much. It does occur to me 
that this may be one of the few times we have five CPAs--there 
may be some in the audience as well. Any CPAs in the audience? 
Wow--seven. Steve and I are CPAs as well. So I want to get that 
on there--just a personal plug.
    [Laughter.]
    And I am wearing my CPA cufflinks, too, by the way. Rob.
    Mr. Andrews. I have my American flag cufflinks.
    Mr. Conaway. Okay.
    [Laughter.]
    Todd, you have 5 minutes.
    Mr. Young. Well, I am not a CPA, so I didn't understand all 
the CPA humor, but I appreciate everyone being here this 
morning. I was particularly interested, Ms. Porter, in your 
comments related to internal controls and the internal control 
environment within DOD, but also outside the various 
stakeholders and service providers that DOD has. I don't know 
how many entities provide services to DOD, but quite a large 
number, I suspect.
    To your knowledge, are any of those audited with respect to 
their internal control processes and procedures right now--
something that you recommended we start doing?
    Ms. Porter. Within DOD, there are two, I believe, current--
they are called SAS-70 or SSAE-16 audits. They are the audits 
of the internal controls of the service providers. I believe 
DISA has one and DFAS [Defense Finance and Accounting Services] 
has an audit, but not as a service provider. There was one 
more. It might be DCA [Defense Commissary Agency].
    Mr. Young. That is all right.
    Ms. Porter. DCIPS [Defense Civilian Intelligence Personnel 
System] also has one.
    Mr. Young. If I understood in your testimony, you actually 
think that we should engage in more audits, broader audits, 
more regular audits of those entities.
    Ms. Porter. Of the service providers, yes.
    Mr. Young. That would seem to result in a great expansion 
of all the audit activity of DOD, which may well be justified. 
It may be necessary, to your mind.
    Are there some examples you can think of where had we 
conducted audits of these service providers, it would have 
mitigated some challenges that we are now experiencing?
    Ms. Porter. The service providers operate the systems that 
cut across all the military departments. So I will give you an 
example. In the Marine Corps, DFAS actually processes the 
transactions for the United States Marine Corps out of one of 
their locations. A lot of the information that and the 
challenges that occur during that audit, DFAS is taking those 
lessons learned and moving them across the rest of their 
organization. Had those audits of that service provider 
happened prior to the Marine Corps audit, there would have been 
a more consistent and advanced notice of those types of 
improvements that needed to be made before the Marine Corps 
audit got underway.
    The other part to think about is each time that a service 
provider--so let us say that the Army goes under audit 
tomorrow. DFAS still has to be audited by the Army auditors as 
well because there is not this independent report that each of 
the auditors of the military services can look at and rely on.
    Mr. Young. I see. Okay.
    You also spoke, Ms. Porter, to some unique human-capital 
challenges that our Armed Services face in light of the formal 
chain of command and then their duties, which are within the 
realm, in some cases, of financial management; so some people 
following the marching orders of those in the field, others 
listening to those at command. That seems like a pretty great 
challenge. Is that unique, however, to the military?
    I mean, within the private sector we have business units, 
and we have, you know, all sorts of different boxes and 
different people to look to.
    I guess I am trying to get a sense of why this is a unique 
challenge to the military? Maybe you could speak to that. If I 
understand the problem maybe we can come up with a better way 
to address it.
    Ms. Porter. I think the problem is unique to the military 
because the functional leaders, both at the command level--
don't understand how they actually play into the overall 
financial management role. They don't understand how what they 
do in making their purchases and the acceptance of--like a 
receiving report at the field level really has an overall 
implication up to the financial statements themselves.
    And I think that--you know, the command level financial 
managers understand there is a standard set of policies and 
procedures. But what happens when they are down there is they 
get implemented in a way that works for them, which isn't 
necessarily the standardization across all the Department.
    Mr. Young. It seems like that challenge could be one 
experienced by private sector entities, though, right? And if 
so, how is it typically addressed there?
    Ms. Porter. I think the challenge could be addressed there, 
but it is mitigated because the auditors are in with all parts 
of the organization and have been for years. So everybody 
understands their role and what they do to get to those audited 
numbers. And right now this is all foreign to DOD.
    Mr. Young. Okay. Thank you.
    Mr. Conaway. Mr. Andrews.
    Mr. Andrews. Thank you.
    I thank the witnesses.
    Mr. Keeley, you tell a story in your testimony about a 
payroll audit requiring 8,000 hours in 1 year and then 400 
hours the next year because of technological improvements that 
were made. And that is in the context of your assessment of the 
ERP situation generally.
    Given what you know about the progress or lack thereof of 
the ERP systems, how do you think we are doing? And what 
suggestions might you make for us to expedite the process and 
improve the quality?
    Mr. Keeley. Thank you for the question, Congressman.
    From my perspective, auditors are systems agnostic. So the 
FIAR guide itself speaks to the need for the components to 
improve, legacy systems or ERP solutions.
    So the aspects that an auditor looks for in any system is 
that the transactions are processed in accordance with GAAP, 
they capture and retain the transaction data so that it can be 
traced to the financial statements, and that transactions are 
maintained in a reliable computer environment.
    The example I used in my written testimony regarding the 
8,000 hours that it took to test the 800 items really comes 
from the spectrum of control that we need to achieve within the 
systems environment, both legacy systems and the ERP.
    And I have spoken to this point many times at the FIAR 
directorate and elsewhere throughout the components. Based on 
all my years as a systems auditor, the controls that are most 
required for an information system are logical security and 
programming.
    If a component can prove to me that direct access to 
programs and data is well-secured, that component is well on 
its way to achieving at least some reliance on----
    Mr. Andrews. Based upon your knowledge of the ERPs that are 
in various stages of development, how do we stack up against 
that criterion?
    Mr. Keeley. My experience looking at the criteria is that 
the ERPs are first focused on functionality. So it is perfectly 
normal when you develop an ERP system to make sure it works. 
That is what the Department of Defense has been primarily 
focused on.
    From my experience, the controls that I spoke to in terms 
of logical security and program are often implemented after the 
functionality is addressed. So from my perspective, the view of 
controls and the testing of logical security programming and 
operations needs to happen much more quickly. It should be 
happening at the front end, in the middle and at the end. From 
what I have seen, that is not happening.
    Mr. Andrews. Now, Ms. Porter, you make reference to the 
SSAE-16 standards, which I think you say are lacking in a lot 
of the service provider areas.
    What kind of changes would the service providers have to 
adopt in order to comply with the SSAE-16 standards?
    Ms. Porter. The first step in the process would be to 
actually have those systems and their processes as a service 
provider be examined under those standards.
    Right now there is very few, there is one that was recently 
awarded that is under way right now in the civilian pay 
process. But that would be the first step.
    Mr. Andrews. What do think that those examinations would 
likely yield? And what changes would those examinations likely 
provoke?
    Ms. Porter. They would yield where there are deficiencies 
in the controls around the information systems and the 
transaction processing that those systems take place.
    And the hopeful result that would come out of that would be 
there would be changes made to those systems that would have an 
impact across all the military services and would get them one 
step closer to having that production of data at the 
transaction level----
    Mr. Andrews. You think those changes could likely be 
achieved with existing resources or would they require new 
resources for those service providers?
    Ms. Porter. I think with the proper level of understanding 
and training, I think they could be accomplished with the 
service providers that are in place today.
    I think they are definitely dedicated to making those 
things happen.
    Mr. Andrews. We think so too. We are encouraged by it.
    Now, Ms. Boutelle, you sat on both sides of the equation 
here, in your service, within the Department of Defense as well 
as on the outside. And you claim, and I think you are right, 
that increasing the number of CPAs that we have is an essential 
priority.
    Do you think that we have a compensation structure within 
the Federal service that will facilitate that goal, or won't 
it?
    Ms. Boutelle. I think the compensation structure is fine. 
There is a lot of opportunities to incentivize people to come 
on board.
    So I think if they take advantage of what is available to 
them to actually target CPAs, perhaps sign-up bonuses, training 
opportunities and things like that, I think that they can 
attract strong CPAs into the workforces.
    Mr. Andrews. We have attracted seven of them here this 
morning, so that is a very good sign.
    [Laughter.]
    I also just wanted to comment about the ERPs that--and I 
want to thank the chairman and Chairman McKeon and Ranking 
Member Smith in response to our last hearing about some 
concerns that GAO had raised about the ERPs.
    Chairman Conaway and the other members I mentioned, along 
with myself, signed a letter November 8th to the GAO asking 
that the GAO update its work on the ERPs by the 31st of 
December if they could.
    So what deadline are we using?
    Mr. Foderaro. The 31st of March.
    Mr. Andrews. I am sorry, I am always an optimist. So that 
we would have available to us their work; so as we deliberate 
on the fiscal year 2013 bill we have that. So I wanted to thank 
the chairman for his cooperation in that letter, and thank you 
for writing it.
    [Laughter.]
    Thank you very much.
    Mr. Conaway. Thanks, Rob.
    Steve.
    Mr. Palazzo. Well, good morning.
    And for Todd, I am not going to say any CPA jokes, because 
he just doesn't get our humor.
    [Laughter.]
    And I guess we will just start with Ms. Boutelle and just 
go to the right.
    I am interested in knowing--I was going to talk about ERPs. 
And as a CPA myself I have been through the ERP process; not at 
the level of a DOD audit. So I was going to talk on that.
    But what I wanted to see is--you know, there have been some 
dates out there. We are supposed to achieve audit readiness by 
2017. Then all of a sudden Secretary Panetta came out and said, 
``We can do this by 2014.'' Then all of a sudden there is 
some--you know, there was an article--for another $1 billion we 
could do it by 2017.
    So in you all's opinion, what is a true, accurate date? You 
know, where do you think we are actually going to be able to 
achieve audit readiness? What are some of the most important 
factors in preparing us for audit achievability and any 
weaknesses and strengths along the way?
    And you can expand or summarize however you want.
    Ms. Boutelle. Good question. That is a question that has 
been asked for years, right? And I think that until the 
business leaders become more engaged in fixing the business 
processes and systems that the progress is not going to be made 
as aggressively as it needs to.
    So to the point of what needs to be done, besides 
leadership involvement, I think there is something to be said 
for the ERPs, but to build the ERPs off of standard processes, 
standard data, they need to focus more on the business 
enterprise architecture in the Department, a wonderful tool 
that would allow them to build the processes so that there is 
one place of truth for how to do business with the Department--
or within the Department--and would allow them then to test all 
of the ERPs that are being developed against that one standard 
truth.
    So I think that that would certainly help. But I do think 
that the biggest challenge is getting the owners of the 
processes. So, again, whether you are talking about a payroll 
transaction, you are talking about receiving goods or services, 
you are talking about issuing inventory, transporting equipment 
material, all of those are business processes and those 
transactions are the type of transactions where the impediments 
are.
    And so to fix them, to meet audit criteria, is what should 
be the major focus going on in the Department.
    Mr. Palazzo. Just real quickly: 2017 or 2014----
    Ms. Boutelle. So----
    Mr. Palazzo [continuing]. Or somewhere in between?
    Ms. Boutelle. So I actually think 2014 is very aggressive. 
I just think that is very aggressive given all of the details 
that they need to work.
    But somewhere between 2014 and 2017, I think, should be 
doable if they put the resources and the attention on it that 
is needed.
    Mr. Palazzo. Thank you.
    Ms. Porter.
    Ms. Porter. I would agree with Ms. Boutelle that you need 
that sustained leadership to continue and you need that 
leadership to get out to the field level so that they really do 
understand what their role is in the overall financial 
management process.
    The other thing I think that is going to be key to this is 
transaction level detail, regardless of where that transaction 
level detail comes from--because you can't do an audit without 
it. And the other thing that you need is the documentation that 
is going to support the transaction level detail.
    If you put all of those things together, you can achieve 
the 2014 and the 2017 goal with the right amount of focus and 
the right sustainment across the Department.
    Mr. Keeley. Congressman, I have two points to make on this 
topic.
    From my perspective, the first one is methodology. In order 
to achieve the date, the methodology has to be ingrained 
throughout the Department. In the FIAR methodology, it is very 
straightforward and basic. We need to identify and document 
financial processes, test internal controls, test 
documentation, find gaps and correct them.
    The most important aspect right now is testing. We have 
spent a lot of time documenting processes. And I have seen 
volumes of them. And people are documenting everything they do 
that is critical to the mission, and that is very important.
    We need to extract the financial aspects and get down to 
testing. That is my first point.
    The second point I would mention is the skill of the people 
to apply this approach. People are definitely hard-working; and 
there is a strong work ethic throughout DOD. But it comes down 
to judgment. When you look at workarounds in an ERP solution, 
how you are going to test that workaround. It comes down to 
pure judgment, and that only comes from experience.
    The word ``judgment'' appears in the Government 
Accountability Office financial audit manual and the yellow 
book of Government and audit standards 270 times out of 1,300 
pages.
    So judgment is critical to being able to test and execute 
and achieve the 2014 date.
    Mr. Palazzo. I am out of time. I yield back.
    Mr. Conaway. All right. Thanks.
    Ms. Porter, you mentioned the--to flesh out, just for the 
record, the impact of having the service providers be audited 
by each of the--because the service providers don't have their 
own audit that other accountants can rely upon, each of the 
various entities would in effect have to come in and audit that 
service provider itself.
    Can you walk us through why it would be less expensive 
audit-hour-wise and cost to the taxpayer if those service 
providers had documentation audits that they could give to the 
various branches and other components that the auditors there 
could rely on?
    Ms. Porter. What that means is that, if those independent-
service-provider audits are available, the auditors of the 
statements themselves of the service organizations could rely 
on that work. There would only be--as long as that service 
provider audit covered the right period of time.
    So I will give you an example for the Marine Corps. If DFAS 
had had a service-provider audit that covered the last 9 months 
of the fiscal year, we would not have had to go in to the DFAS 
to look at their controls or look at the controls of the 
systems that they operate, such as the defense civilian pay 
system or the defense cash accountability system.
    Instead, we could have used the audit of that service 
provider and relied upon that report. That is assuming that 
that service provider's report was an unqualified opinion or 
that it identified where the weaknesses were, because then what 
that would allow us to do is then focus back into the 
Department what were the mitigating controls that they had in 
place to compensate for the weaknesses of the service provider.
    Mr. Conaway. Mr. Keeley, you mentioned the other day, in a 
conversation that we had--or today, in fact--that you are 
``systems-agnostic.'' That was your phrase.
    Flesh that out. In the sense of you can audit, if the 
controls are there, no matter what the system, whether it is an 
ERP or a hand-posted set of books, if the controls are there, 
you can audit that.
    Would you, kind of, walk us through what you meant by that?
    Mr. Keeley. Yes. The controls need to be there. What we 
often find--and I will use an example of what I have seen in 
the field--is the earlier testimony you have received about 
ERPs talks about 2,200 or so systems throughout the DOD.
    Now, auditors are not afraid of size. So we can go in and 
look at the systems that need to be audited. But one aspect of 
the ERP solutions is to consolidate the data so that you don't 
have duplication of data.
    One area of systems that causes a great deal of problem in 
an audit, when you have data in duplicate systems, an auditor 
doesn't know which to choose. And so, in working with business 
folks, if the business folks have data in a legacy system and 
an ERP system, it is difficult to first reconcile that 
information and then nail down a population.
    We spend a great deal of time identifying the absolute 
population upon which we can test. And if we can't identify the 
population, we cannot move forward.
    So, less may be more in the case of the ERP consolidation; 
so I applaud the effort. But that is much more of a business 
decision. I do not want an audit to impede the DOD's 
warfighting mission. If you need 2,000 systems to achieve the 
mission, I can audit it.
    So it is a matter of determining how much reliance I can 
place on that system.
    And the financial information systems audit manual has 424 
points to it. We all, as auditors, apply judgment to those 
points and we can address primarily half of them to get you to 
at least some reliance on internal controls and be much more 
efficient using judgment.
    Mr. Conaway. That reliance on internal controls, just for 
the record, drove the drop in audit hours from 8,000 audit 
hours to 400 audit hours in that previous example.
    Mr. Keeley. That is a perfect example. If we go from no 
reliance on a system, because, for instance, if security is not 
locked down, to at least some reliance, the change in 
substantive testing is exponential.
    Mr. Conaway. All right.
    Ms. Boutelle, based on your experience, we talk about the 
workforce and the need for CPAs with a specific background in 
either financial statement audit or financial statement 
preparations. We have got a lot of folks, CPAs, in the system 
now.
    Is it all or none? Do you have to hire these folks from the 
outside totally, or can you cross-train or retrain or help get 
experience for the folks who are already on the team who know 
the way that these are going on, to help get them the skills 
necessary to be able to fill some of those slots that are 
lacking?
    Ms. Boutelle. So I think that they could work side by side 
with trained audit professionals. I think that the three firms 
here at the table have people on board helping in different 
places in DOD. I think, if they paired up some of their CPAs 
with the folks working audit readiness or even the audits, and 
they worked closely and they had a defined approach for how 
they would do that, I think that the experience gained by the 
current CPAs in the Government--that would enhance their 
capability to help the Department move forward.
    I do think that--you know, I am a CPA having spent most of 
my time in the Government. And I am not as proficient in audit 
as these two colleagues next to me. You know, I have lots of 
wonderful audit practitioners back at Deloitte that I have 
learned a lot from in the 7 years that I have been there.
    So I do think that bringing in more seasoned audit 
practitioners to help guide the approach and then letting the 
folks within the Government learn from them would be a doable 
approach.
    Mr. Conaway. Thanks.
    We are going to have time for another round. Rob?
    Mr. Andrews. I really don't have another round of questions 
at this time.
    Mr. Conaway. Okay.
    Todd, Scott, or Steve?
    Ms. Porter, the real-world example you were giving us about 
publicly held companies provide, or produce quarterly financial 
statements, and your firm is in their shop--well, some level of 
engagement with those quarterly reports.
    But that is not happening in the Federal--is there a 
similar process that could go on in the Department of Defense, 
in this example, that would shorten the timeframe needed to 
close out the books in November? I mean is there a way to look 
at what you do in the private sector with those quarterly 
reviews that you do and the impact it has on the year-end 
audits? Could that same model work in some altered form in a 
Federal agency?
    Ms. Porter. Well, first, let me say I am not advocating 
quarterly reports for the Federal Government. I really don't 
want to be on the record of saying that because everyone will--
--
    [Laughter.]
    Mr. Conaway. That was not----
    [Laughter.]
    Ms. Porter. Yes. But what I think that does is it adds a 
discipline and an exposure to the auditors that the DOD hasn't 
experienced so far because they are in there having the 
conversations. They are having discussions around what are your 
management controls that you use?
    And this is where it is not the auditors that are driving 
what the civilian agencies or even the commercial entities are 
doing. Management understands what they need to operate their 
business from a control perspective. And the auditors figure 
out how to use that information to get what they need to 
conduct the audit, to give management the feedback back as to 
whether they are using accurate financial information to make 
their decisions.
    It has been, from a DOD and a Government perspective, for 
years, but proprietary accounts weren't looked at. They only 
focused on the budgetary sides of the transactions. And that 
was often driven by what overseers were asking them to report 
back up on.
    So as they have tried to get themselves in tune to both 
sides of the transactions, the budgetary and the proprietary 
side, there has been a learning curve. And sometimes that 
learning curve has been impeded by not having the true 
understanding of what level of detail, what an auditor actually 
looks for, and they don't have that in the commercial entities 
because they are so involved with each other all the time.
    Mr. Conaway. All right. Mr. Keeley, any comments in regard 
to that?
    Mr. Keeley. No. Are you----
    Mr. Conaway. Well, just that, you know, field work being 
done more regularly throughout the year--would that reduce the 
number of total audit hours?
    One of the things we are obviously going to--at some point 
in time, get to a running rate in which the controls are in 
place; the systems are working and sustainability of the audits 
year in and year out is going to be the key.
    That first audit, you can't maintain the level of intensity 
to get to that first audit year after year after year after 
year, I don't think.
    Once you have got this thing running, what would be the 
role of the auditors during the normal process?
    Mr. Keeley. Well, yes, Congressman, my view is that 
continuous auditing has always been a bit of an enigma, even in 
the private sector. Yes, auditors are in the field, and we can 
do early substantive testing.
    But from my experience in the private sector 7 years before 
I came down here, the private-sector companies have teams of 
specialized accountants. They have tax departments with tax 
accountants. They have statutory accountants focused on 
compliance reporting. And then they have GAAP accountants.
    So they have entire teams in the field supplemented, of 
course, with internal audit. And they work at the companies. 
They are the companies' employees.
    Our auditors, to the extent we can interact with them 
throughout the year and actually perform the testing I was 
talking about, definitely expedites the audit.
    There are accounting standards and rules that allow us to 
perform early testing and still rely on it for the year end.
    So it is definitely difficult to do, but it is done 
throughout the community.
    Mr. Conaway. Ms. Boutelle--I have got one more question for 
Ms. Porter--but, first, Ms. Boutelle, given your experience in 
both sides of the shop, is there a way to create a chain-of-
command responsibility at Department of Defense, other than 
have whoever the current Secretary of Defense is saying, day 
after day after day, get this done--in other words, can there. 
You know, Bob Hale has, or the Assistant Secretary of State--
Comptroller really doesn't have command reach into all these 
other places.
    So, given that org chart that is in place--and we are going 
to make a lot of changes to it--is there a way that we can get 
to a point or a system that holds all the folks at the various 
levels accountable for making sure this gets done, so that--any 
thoughts on that?
    Ms. Boutelle. I think, with the Secretary's involvement and 
whoever the Secretary is, going forward, has to be involved. I 
think that that will send a very strong message.
    Now, I understand that the reality is that the Secretary is 
not going to meet with the business owners on a monthly basis, 
most likely, but some periodic forum would be beneficial.
    The Chief Management Officer and the Deputy Chief 
Management Officer, I think, having responsibility for the 
business processes, the systems, would also be a very strong 
marriage between those two roles, the CMO and the DCMO, with 
Bob Hale in driving this, that maybe between the two of them--I 
know Beth McGrath has got tremendous knowledge of the systems 
and the processes.
    I think coming together with Bob Hale they make a pretty 
formidable team. They have got to have the power, though, to 
direct changes within the business areas. And without that, 
they cannot be as successful as they need to be.
    Mr. Conaway. Ms. Porter, I can't let you off the hook. What 
can you share with us, if anything, about the Marine Corps 
audit that--and you may not be able to talk to us about this 
year's Marine Corps audit, but can you share with us a 
perspective on the difference between where the Marine Corps 
was this time last year and where the Marine Corps is today, 
without telegraphing too much what is going to happen shortly? 
I couldn't let you off the hook.
    Ms. Porter. Sure.
    So last year's audit, in fiscal year 2010, we had a big 
struggle at the beginning of the audit. We didn't get very far 
into the testing beyond beginning balances. We basically tested 
no current year transactions.
    For the fiscal year 2011 audit--well, let me go back to 
fiscal year 2010. There were also quite a few findings and 
recommendations that came out of the audit that the Marine 
Corps started immediately to undertake remediation actions to 
while the audit was still under way.
    In fiscal year 2011, you could see that there was an 
improvement in the process, they better understood what we were 
looking for, they were better able to produce reconciliations 
and tie-outs of data that we had a big struggle with in the 
previous year. It is not perfect because they still had some 
struggles this year. We thought it might be a little bit 
better. But they are moving in the right direction.
    We have also got to a lot more current year testing this 
year than we did in the past. So you definitely see that they 
are becoming more accustomed to understanding what we are 
looking for. We are also becoming more accustomed to how they 
do business and what documentation they have.
    And so I see progress every year. And I also see them 
taking those lessons learned to the other Services.
    Mr. Conaway. All right. Typically, you know, in a 
commercial entity you give a set of financial statements. You 
also give them a statement of weakness of internal controls--
did you see adequate remediation for the stuff that you 
discovered in the 2010 audit, Marine Corps make--without 
specific details--but make adequate process at addressing those 
weaknesses and moving as far as you thought they could move in 
the time they had to move it?
    Ms. Porter. We issued two different sets of findings and 
recommendations to the Marine Corps last year, one associated 
with information technology and one associated with the 
financial statement controls themselves.
    So the information technology piece, we did see quite a bit 
of changes and were able to test those actions that they took 
last year. And before we had to cut off testing I would say 
there was probably another 20 to 30 percent of them that are 
ready to be tested right now, that the action actually took 
place after we stopped testing.
    For the financial statement findings, it is a little more 
difficult to address because we haven't yet been able to 
conduct the test of the current year transactions, which--
associated with those findings--which would actually in fact 
tell us whether the remediation actions worked.
    Mr. Conaway. All right. Okay.
    Rob, other questions?
    Mr. Andrews. Well, just as a concluding comment, think Ms. 
Porter's limited sneak preview of the Marine Corps audit, which 
shows reason for optimism. And the chairman's question about 
sustaining the progress we have made beyond this Secretary of 
Defense I think is the core challenge facing this panel.
    I think Secretary Panetta deserves enormous praise for 
giving this effort such a high priority. But there will be 
another Secretary of Defense soon. There always is.
    Mr. Conaway. Maybe even another president.
    Mr. Andrews. Maybe. That is right. And whether there is 
another president or this one, there is--you know, secretaries 
do change.
    And I do think that our key mission is to try to build into 
the culture of the institution and the structure of the 
institution a high priority on this audit readiness, because if 
we have to rely upon the leadership priorities of the person 
who is going to be secretary, I just don't think we are ever 
going to achieve what we need to do, because, you know, 
priorities come and go.
    So the chairman and I have talked about this before. Think 
all members of the Panel and members of the public should be 
thinking about advice they could give us on institutionalizing 
the progress that we have seen right now.
    I think very much of that is attributable to the chairman's 
focus, laser-like focus on this issue for several years, and on 
Secretary Panetta's admirable response to that. But we want to 
make this a principle that extends beyond individuals to a more 
embedded culture in the organization. However we can do that, I 
think we will have made great progress.
    And I do appreciate the contribution of the three witnesses 
here this morning. Thank you.
    Mr. Conaway. Well, I want to echo Rob's praise of Secretary 
Panetta, unprecedented forward leap and commitment to this 
issue. And I am really tickled to death he has made that.
    Just quickly, just kind of maybe a yes or no, have we got 
enough forward momentum toward this goal that this is actually 
going to happen? In other words, can we--we get beyond that 
tipping point where, yes, it is going to behard, and, yes, it 
may take a while, but have we got past that point where we 
really are going to make this happen, in your all's 
perspective?
    Mark.
    Mr. Keeley. Yes, sir, I believe so. One of the topics I 
talked about in my testimony was the lessons learned. So we 
have a great deal of lessons learned from the Marine Corps, 
from the Army Corps, from DISA and others. And we are always 
looking back at those lessons and applying them going forward.
    So applying the lessons and speeding the training and 
momentum is certainly achievable.
    Mr. Conaway. Okay.
    Tracy, your perspective?
    Ms. Porter. I do think the goals are there. I think the 
sustainment across the Department at the lower levels so that 
it doesn't go away when the Secretary changes is critical to 
make this leap forward that they are trying to get to.
    So with that right amount of focus and with those lessons 
continuing to being learned and nobody backing off from that 
progress and just keeping that pressure on, because you take 
the pressure of the audit readiness or the pressure of the 
audit off, the way things work right now aren't yet well 
ingrained in everybody within the Services. So they will 
immediately fall back to their old way of doing business.
    So you have to just keep this pressure and this momentum in 
order to keep us going in the direction that they need to go.
    Mr. Conaway. JoAnn, your comments?
    Ms. Boutelle. I agree with Ms. Porter. I think that you 
have to keep the pressure on. I think that the momentum is 
there, it is moving, you have brought tremendous attention to 
this topic. But there is a ways for them to go for the business 
owners to truly embrace and understand their responsibility.
    So, again, I think that they can make it if you keep the 
pressure on them.
    Mr. Conaway. All right.
    Well, thank you three. I appreciate the witnesses today. 
And we did not telegraph that question. We try to make sure 
this panel keeps existing. No.
    [Laughter.]
    One of our big issues is how do we put in place the right 
kind of attention at the committee so that when Rob and I are 
doing something else or going somewhere else, that pressure and 
that commitment from our side on the oversight piece remains in 
place in the appropriate manner to make sure we do our part of 
that.
    Again, thank the witnesses for being here this morning.
    We are adjourned.
    [Whereupon, at 8:56 a.m., the panel was adjourned.]
?

      
=======================================================================




                            A P P E N D I X

                           November 17, 2011

=======================================================================

      
?

      
=======================================================================


              PREPARED STATEMENTS SUBMITTED FOR THE RECORD

                           November 17, 2011

=======================================================================

      
                  Statement of Hon. K. Michael Conaway

Chairman, Panel on Defense Financial Management and Auditability Reform

                               Hearing on

           Industry Perspectives on Achieving Audit Readiness

                           November 17, 2011

    I'd like to welcome everyone to today's hearing on Industry 
Perspectives on Achieving Audit Readiness. Over the past 4 
months, we have heard from a variety of witnesses within 
Government, including representatives from the offices of the 
OSD and Military Department Comptrollers, the DOD functional 
communities, the DOD Office of Inspector General (OIG), and the 
GAO on the challenges the Department faces in achieving audit 
readiness and its efforts to resolve these issues. Today, as 
the Panel nears the completion of its work, we turn to 
accounting firms that have experience out in the private 
sector, as well as within Government, to get their views on the 
impediments to DOD achieving auditability and the actions 
needed to address these challenges.
    In addition to having experience performing work at various 
other entities, these firms are involved in almost every aspect 
of DOD's financial improvement and audit readiness (FIAR) 
effort, ranging from assisting DOD components in implementing 
the FIAR strategy, to assisting the Office of the Under 
Secretary of Defense (Comptroller) in performing its review of 
the DOD components' progress, to actually performing certain 
audits themselves. Therefore, they can provide a well informed 
point of view on the problems facing DOD as it works towards 
achieving auditability on the Statement of Budgetary Resources 
by 2014 and the full set of financial statements by 2017.
    Some of the challenges that have been identified to date 
include sustaining leadership and effective oversight, ensuring 
workforce competency, implementing Enterprise Resource Planning 
(ERP) systems, resolving long-standing internal control 
weaknesses, and managing organizational challenges associated 
with having a large and complex organization such as DOD. The 
witnesses here today may or may not consider all of these 
issues as impediments to improving financial management and 
achieving audit readiness, or they may have a slightly 
different take on the issues, or they may identify different 
challenges all together. Most significantly, they may be able 
to provide alternative options on how to overcome these 
weaknesses. That is why I look forward to hearing their expert 
views on the issues confronting DOD and possible courses of 
action to address these challenges.
    I would like to thank our witnesses in advance for their 
testimony and agreeing to be with us this morning. We have with 
us today:

         LMs. JoAnn Boutelle, Partner, Deloitte & 
        Touche LLP;

         LMs. Tracy Porter, Partner, Grant Thornton 
        LLP; and

         LMr. Mark Keeley, Partner, 
        PricewaterhouseCoopers LLP.

        [GRAPHIC] [TIFF OMITTED] T2416.001
        
        [GRAPHIC] [TIFF OMITTED] T2416.002
        
        [GRAPHIC] [TIFF OMITTED] T2416.003
        
        [GRAPHIC] [TIFF OMITTED] T2416.004
        
        [GRAPHIC] [TIFF OMITTED] T2416.005
        
        [GRAPHIC] [TIFF OMITTED] T2416.006
        
        [GRAPHIC] [TIFF OMITTED] T2416.007
        
        [GRAPHIC] [TIFF OMITTED] T2416.008
        
        [GRAPHIC] [TIFF OMITTED] T2416.009
        
        [GRAPHIC] [TIFF OMITTED] T2416.010
        
        [GRAPHIC] [TIFF OMITTED] T2416.011
        
        [GRAPHIC] [TIFF OMITTED] T2416.012
        
        [GRAPHIC] [TIFF OMITTED] T2416.013
        
        [GRAPHIC] [TIFF OMITTED] T2416.014
        
        [GRAPHIC] [TIFF OMITTED] T2416.015
        
        [GRAPHIC] [TIFF OMITTED] T2416.016
        
        [GRAPHIC] [TIFF OMITTED] T2416.017
        
        [GRAPHIC] [TIFF OMITTED] T2416.018
        
        [GRAPHIC] [TIFF OMITTED] T2416.019
        
        [GRAPHIC] [TIFF OMITTED] T2416.020
        
        [GRAPHIC] [TIFF OMITTED] T2416.021
        
        [GRAPHIC] [TIFF OMITTED] T2416.022
        
        [GRAPHIC] [TIFF OMITTED] T2416.023
        
        [GRAPHIC] [TIFF OMITTED] T2416.024
        
        [GRAPHIC] [TIFF OMITTED] T2416.025
        
        [GRAPHIC] [TIFF OMITTED] T2416.026
        
        [GRAPHIC] [TIFF OMITTED] T2416.027
        
        [GRAPHIC] [TIFF OMITTED] T2416.028
        
        [GRAPHIC] [TIFF OMITTED] T2416.029
        
        [GRAPHIC] [TIFF OMITTED] T2416.030
        
        [GRAPHIC] [TIFF OMITTED] T2416.031
        
?

      
=======================================================================


                   DOCUMENTS SUBMITTED FOR THE RECORD

                           November 17, 2011

=======================================================================

      
      
    [GRAPHIC] [TIFF OMITTED] T2416.032
    
    [GRAPHIC] [TIFF OMITTED] T2416.033
    
    [GRAPHIC] [TIFF OMITTED] T2416.034
    
    [GRAPHIC] [TIFF OMITTED] T2416.035
    
    [GRAPHIC] [TIFF OMITTED] T2416.036
    
    [GRAPHIC] [TIFF OMITTED] T2416.037
    
    [GRAPHIC] [TIFF OMITTED] T2416.038
    
    [GRAPHIC] [TIFF OMITTED] T2416.039
    
    [GRAPHIC] [TIFF OMITTED] T2416.040
    
    [GRAPHIC] [TIFF OMITTED] T2416.041
    
    [GRAPHIC] [TIFF OMITTED] T2416.042
    
    [GRAPHIC] [TIFF OMITTED] T2416.043
    
    [GRAPHIC] [TIFF OMITTED] T2416.044
    
    [GRAPHIC] [TIFF OMITTED] T2416.045
    
    [GRAPHIC] [TIFF OMITTED] T2416.046
    
    [GRAPHIC] [TIFF OMITTED] T2416.047
    
    [GRAPHIC] [TIFF OMITTED] T2416.048
    
    [GRAPHIC] [TIFF OMITTED] T2416.049
    
    [GRAPHIC] [TIFF OMITTED] T2416.050
    
    [GRAPHIC] [TIFF OMITTED] T2416.051
    
    [GRAPHIC] [TIFF OMITTED] T2416.052
    
    [GRAPHIC] [TIFF OMITTED] T2416.053
    
    [GRAPHIC] [TIFF OMITTED] T2416.054
    
    [GRAPHIC] [TIFF OMITTED] T2416.055
    
                                  
