Home  • Getting the Job  • About the Job  • Daily Log  • Career Advice  • Internship Value  • Pictures  • Links 
Kevin Marinak - Summer 2004 Internship at KPMG

Section 2 - About the Job

2.1 – The Employer

My employer was KPMG, LLP. KPMG is one of the big four accounting firms (KPMG, PriceWaterhouseCoopers, Ernst & Young, Deloitte and Touche) in the world.

The KPMG office is located at 2001 M Street NW in Washington, DC. However, KPMG employees spend the majority of their time at their client’s office. So, KPMG employees can go weeks or months without even stepping foot in the KPMG office. For this reason, KPMG uses “hoteling”. Hoteling means that employees sign up for workspace whenever they will be using the KPMG office. At KPMG, we had a website that we would use to sign up for a cubicle, office, or meeting room. There is always plenty of space in the office, so I didn’t have to worry about not being able to find a desk to work at.

KPMG has three primary service lines: Audit, Tax, and Risk Advisory Services (RAS). I worked in the Information Risk Management (IRM) practice within KPMG, which is a part of the RAS service line.

IRM mainly works on information systems audits and information technology advisory work. Information systems auditing involves going to a client and inspecting their systems to ensure that the proper controls are in place. We follow standards produced by National Institute of Standards and Technology (NIST) and the Government Accountability Office (GAO). Some of the areas of a client’s information systems that we look at are access controls, change controls, and the security program.

The IRM practice in Washington, DC has a lot of federal clients, so most of the work is for federal agencies. However, in other KPMG IRM practices across the country most of the clients are not government agencies. Much of their work involves ensuring that clients are compliant with Sarbanes-Oxley. Sarbanes-Oxley is new legislation that was created after the Enron scandal to ensure that corporations have adequate accounting controls.

2.2 – Your Job

Local Office Orientation
My internship began with three days of local office orientation at the KPMG office in Washington, DC. All the interns met in a conference room where the KPMG recruiters went over some of the operating procedures of the company. They told us stuff like how to use the phones and how to enter our time and expense information into the firm’s online reporting system. We were issued our access passes and brand new laptop computers. We spent one afternoon going over how to configure the computers. The rest of the time was spent taking online training courses and tests. The topics of the courses included ethics, information security, and financial independence.

KPMG National Intern Training
For the second week of the internship, all the interns flew out to Palm Springs, CA. There were about 800 interns from offices all over the US that attended the training. We all stayed at the J.W. Marriott resort, where there were huge conference rooms to accommodate the training sessions.

We arrived on Monday afternoon and got settled into the hotel. There was a nice welcome dinner that night, followed by new hire orientation. On Tuesday, we spent most of the day at professional development classes. The purpose of these classes was to teach some of the communication skills needed for everyday business situations. Wednesday and Thursday were spent in smaller lectures, where everyone went to classes for their specific business lines. They taught me information that was specific to the Risk Advisory Services practice at KPMG.

There were several social events in the middle of all the training. I got a chance to meet people from all over the country, relax by the pool, and enjoy the nice California weather! On Friday morning, everyone packed up and headed to the airport for their flight home.

KPMG Database
After getting back from national intern training, I began work in the KPMG office. I worked five days a week, for eight hours a day. I worked on several different projects during my internship. During the first week, I worked on updating a database of Notice of Findings and Recommendations (NFRs). NFRs are documents that we issue when we discover a problem with the information systems at a client. This was a good project because I got a chance to read some of the issues that the firm most commonly deals with.

HHS OS
The second week, I worked in the Office of the Secretary (OS) at the United States Department of Health and Human Services (HHS). I was at the main HHS building, located near the United States Capitol. This was not a project that someone in the IRM practice typically would work on. I was assigned to the project because I did not have a security clearance, which is required for most of the projects that IRM employees typically work on. For this project, my job was to evaluate the Intranet site of the OS and to make improvements to the content and functionality. I ended up running into some delays with the IT department at HHS, so I was moved to a new project after a week.

UFMS
My next project was at Unified Financial Management System (UFMS), which is a large-scale software project for HHS. The UFMS office was located in Rockville, MD. UFMS is a financial system that will be used by all of the operating divisions (CDC, FDA, NIH, etc.) of HHS. As of now, the operating divisions all have their own financial reporting systems. UFMS will hopefully end some of the overlapping work that is currently being done by each of the individual operating divisions and make the department much more efficient. My job at UFMS was to improve the infrastructure team’s web portal. The web portal is where the information that is used by the team members is posted. I met with some of the team members and brainstormed ideas to add the site. I worked with another intern from Penn State University. One of the best things about this project was that I got to be in the environment of a billion-dollar software project. I got to see what it was like to work as a software contractor versus an information systems auditor. I noticed that many of the contractors work long twelve-hour days, sometimes more.

DeCA
My final project was with the Defense Commissary Agency (DeCA). This project gave me the most valuable experience because it was the type of project that I would work on as an IRM new-hire. I worked in a team of three. There was a senior manager, an associate, and myself. We traveled to the DeCA client site, located south of Richmond in Fort Lee, VA, and worked there for three days. While we were at DeCA, we spoke with several key IT personnel and tried to obtain the documents that we needed to evaluate their operations. I found that one of the hardest parts of the job is just getting the information that we need to conduct the evaluation. We did a walk-through of the DeCA data warehouse. I got to see all the equipment that is used to run the information systems for all the Commissaries in the world. Another nice aspect of this project was that I got to stay in the downtown Richmond Marriott, paid for by the company. The company also paid for my meals while I was at the client site.

The following week, I was back in the KPMG office evaluating the information that we gathered on our trip to the DeCA site. My job was to write workpapers with my analysis of the information that we received. The purpose of workpapers is to document the procedures that were performed and the conclusions that can be reached. The workpapers are then used to draft a final report that is issued to DeCA with our findings and recommendations. The final report serves as supporting documentation to backup the financial statement audit. It gives credibility to the numbers generated by the information systems.

                                            Created by Kevin Marinak - August 2004