City of Mesa Audits: Accountability To Citizens > (Interim City Auditor): The Plan, Services, Works In Progress

Let's take a look to review from the official source

https://www.mesaaz.gov/government/city-auditor/audits/audit-plan

 

(INTERIM) CITY AUDITOR

City Auditor: Interim Auditor Joseph Lisitano, CPA

Source: https://www.mesaaz.gov/government/city-auditor

 

SERVICES

Audits
Audits of City departments, activities, programs, contracts, etc. are conducted to evaluate: 

> Adequacy of internal controls to prevent or detect fraud.    

> Safeguarding of assets, from loss, damage or inappropriate use.    

> Compliance with laws, regulations, policies, contracts, grant terms, etc.    

> Accuracy of reported financial and performance information.    

> Economy and efficiency of operations.    

> Accomplishment of specified goals and objectives.    

 

Audit findings and recommendations are reported to the Council Audit, Finance & Enterprise Committee and posted on our Web site

 

Consulting
Consulting encompasses a wide array of non-audit services, including but not limited to: 

> Providing general guidance on internal controls and related matters, including application-level IT controls.

> Reviewing credit card acceptance sites for compliance with PCI DSS.

> Performing limited reviews and analyses of financial statements submitted by potential contractors in connection with RFQs.

> Observing MesaStat presentations and, as resources permit, periodically reviewing financial/performance data and measures presented by City staff.

> Performing periodic random reviews of Council Reports, to ensure that the information provided to decision-makers is accurate and complete.

 

Consulting services may or may not result in formal reports, but findings are always reported to management. 

When appropriate, findings may also be reported to the Audit, Finance & Enterprise Committee.

--------------------------------------------------------------------------------------------------------------------------

AUDIT PLAN 

The Audit Plan intentionally exceeds our capacity by approximately 20%

 

Mission: The City Auditor’s office provides audit, consulting, and investigative services to identify and minimize risks, maximize efficiencies, improve internal controls and strengthen accountability to Mesa’s citizens.

 

The Audit Plan intentionally exceeds our capacity by approximately 20%, in order to provide flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently. It also lets us adapt to changing circumstances and priorities during the year.

If necessary, audits may be carried forward to the next Plan year, as is the case with three* of this year’s audits.

FY 2020/2021 Audits
Audit Subject	Initial Objectives
*Business Services/Purchasing Division – Procurement Processes	Determine whether effective controls are in place to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.
*DoIT - Software/ Application Management	Determine whether effective controls are in place to ensure all applications used to conduct City business are licensed, inventoried, and meet City IT security standards.
*Engineering – Job Order Contracting (JOC)	Determine whether JOC projects are administered in accordance with established criteria; and whether there are effective internal controls to prevent or detect errors, fraud, waste, or abuse.
Police Department - Badging/Security Access	Determine whether effective controls are in place to ensure that building/suite access is managed appropriately to prevent unauthorized access to City facilities.
Falcon Field - Leases	Determine whether effective controls are in place to ensure revenues are accurately calculated, recorded, and collected; to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.
Fleet - Parts Management	Determine whether effective controls are in place over parts management to prevent or detect errors, fraud, waste, or abuse and ensure compliance with policies and other applicable requirements.
----------------------------------------------------
FY 2019/2020 Work in Progress As of 6/30/2020
MFMD – Transport Services & Billing Engineering – CMAR Projects Engineering – CIP Mesa Police – Photo Safety Program
------------------------------------------------------------------------------------------------------------------------- More AUDITS https://www.mesaaz.gov/government/city-auditor/audits (All documents below in PDF format) FY 2019 / 2020   June 25, 2020 Continuous Auditing of Cash Funds June 16, 2020 Transient Lodging Tax June 10, 2020 FY 2020 Annual Credit Card Security Review May 26, 2020 Procurement Card Program Follow-up Review   May 19, 2020 Development Services Fees & Charges Follow-up Review February 25, 2020 Police Jail Services February 24, 2020 Nonprofit Support Organization Agreements Follow-up Review February 18, 2020 Employee Benefits - Claim Administration Contract November 26, 2019 Mesa Convention Center November 25, 2019 Eastmark CFD Follow-up Review August 29, 2019 Annual Credit Card Security Review July 1, 2019 Community Services Contract Monitoring for CDBG Follow-up Review   Follow-Up Reviews Due in FY 2019/2020
Audit Subject	Initial Objectives
Police – Jail Services Contract PRCF – Convention Center Revenues HR/Employee Benefits – Claims Admin. Contract Transient Lodging Tax	The objective of each follow-up review is to verify that corrective actions agreed to in response to the audit were: 1) Implemented as agreed; and 2) Effective in resolving the underlying audit findings.
Other Activities
Activity	Description
Citywide Cash Audits	Unannounced audits of cash handling sites citywide are conducted throughout the year.
Payment Card Industry Data Security Standards (PCI DSS) Operational Review	Annual review of payment card acceptance sites for PCI DSS compliance.
Fraud & Ethics Hotline Investigations	Monitor the City’s Fraud & Ethics Hotline and conduct investigations when necessary.
Consulting Services	Provide independent consulting/advisory services; data collection, validation and/or analysis; internal control reviews; risk analyses; financial statement reviews; etc. as needed.
Unscheduled Audits	As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.

-------------------------------------------------------------------------------------------------------------------------------

Audit Planning Process: The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s office for the year. 

It is developed based on a combination of key risk factors, as well as direction provided by the City Council and City Manager. Changes in scope or complexity of individual audits, or other unforeseen circumstances, may impact our ability to complete all work on the plan. Factors considered when selecting audits may include:

> Requests and/or Suggestions received from the City Council or City Manager

> Statutory mandates and/or regulation levels (highly regulated vs. unregulated activities)

> Prior audit history or lack thereof

> Complexity of operations or significant changes in operations or organizational structure

> Technological advances or challenges

> Cash handling volume and number of locations

> Impact & likelihood of potential adverse events (risk management/control failures)

> Activities commonly susceptible to fraud