31 March 2021

City of Mesa Audits: Accountability To Citizens > (Interim City Auditor): The Plan, Services, Works In Progress

Let's take a look to review from the official source
Top FAQs for Internal Audits - BizzSecure
 
(INTERIM) CITY AUDITOR
City Auditor: Interim Auditor Joseph Lisitano, CPA
 
SERVICES
Audits Four Ways to Get More Value from Your Internal Audits - The Auditor
Audits
of City departments, activities, programs, contracts, etc. are conducted to evaluate: 
> Adequacy of internal controls to prevent or detect fraud.    
> Safeguarding of assets, from loss, damage or inappropriate use.    
> Compliance with laws, regulations, policies, contracts, grant terms, etc.    
> Accuracy of reported financial and performance information.    
> Economy and efficiency of operations.    
> Accomplishment of specified goals and objectives.    
 
Audit findings and recommendations are reported to the Council Audit, Finance & Enterprise Committee and posted on our Web site
 
Consulting
Consulting encompasses a wide array of non-audit services, including but not limited to: 
> Providing general guidance on internal controls and related matters, including application-level IT controls.
> Reviewing credit card acceptance sites for compliance with PCI DSS.
> Performing limited reviews and analyses of financial statements submitted by potential contractors in connection with RFQs.
> Observing MesaStat presentations and, as resources permit, periodically reviewing financial/performance data and measures presented by City staff.
> Performing periodic random reviews of Council Reports, to ensure that the information provided to decision-makers is accurate and complete.
 
Consulting services may or may not result in formal reports, but findings are always reported to management. 
When appropriate, findings may also be reported to the Audit, Finance & Enterprise Committee.
--------------------------------------------------------------------------------------------------------------------------
AUDIT PLAN 
The Audit Plan intentionally exceeds our capacity by approximately 20%
 
Mission: The City Auditor’s office provides audit, consulting, and investigative services to identify and minimize risks, maximize efficiencies, improve internal controls and strengthen accountability to Mesa’s citizens.
 Understanding Premium Audits and Why Compliance Is Important | Zeiler  Insurance Services, Inc.
The Audit Plan intentionally exceeds our capacity by approximately 20%, in order to provide flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently. It also lets us adapt to changing circumstances and priorities during the year.
If necessary, audits may be carried forward to the next Plan year, as is the case with three* of this year’s audits.

So what have we got planned!

FY 2020/2021 Audits

Audit Subject

Initial Objectives

*Business Services/Purchasing Division – Procurement Processes

 


Determine whether effective controls are in place to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.

*DoIT - Software/ Application ManagementDetermine whether effective controls are in place to ensure all applications used to conduct City business are licensed, inventoried, and meet City IT security standards.
*Engineering – Job Order Contracting (JOC)
Determine whether JOC projects are administered in accordance with established criteria; and whether there are effective internal controls to prevent or detect errors, fraud, waste, or abuse.
Police Department - Badging/Security Access Determine whether effective controls are in place to ensure that building/suite access is managed appropriately to prevent unauthorized access to City facilities.
Falcon Field - Leases
Determine whether effective controls are in place to ensure revenues are accurately calculated, recorded, and collected; to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.

Fleet - Parts Management
Determine whether effective controls are in place over parts management to prevent or detect errors, fraud, waste, or abuse and ensure compliance with policies and other applicable requirements.

----------------------------------------------------

FY 2019/2020 Work in Progress

As of 6/30/2020 So what have we got planned!

MFMD – Transport Services & Billing

  • Engineering – CMAR Projects
  • Engineering – CIP Mesa
  • Police – Photo Safety Program
  • -------------------------------------------------------------------------------------------------------------------------

    More

    AUDITS https://www.mesaaz.gov/government/city-auditor/audits

    (All documents below in PDF format)

    FY 2019 / 2020
     
    June 25, 2020
    Continuous Auditing of Cash Funds
    June 16, 2020
    Transient Lodging Tax
    June 10, 2020
    FY 2020 Annual Credit Card Security Review
    May 26, 2020
    Procurement Card Program Follow-up Review  
    May 19, 2020
    Development Services Fees & Charges Follow-up Review
    February 25, 2020
    Police Jail Services
    February 24, 2020
    Nonprofit Support Organization Agreements Follow-up Review
    February 18, 2020
    Employee Benefits - Claim Administration Contract
    November 26, 2019
    Mesa Convention Center
    November 25, 2019
    Eastmark CFD Follow-up Review
    August 29, 2019
    Annual Credit Card Security Review
    July 1, 2019
    Community Services Contract Monitoring for CDBG Follow-up Review

     

    Follow-Up Reviews Due in FY 2019/2020

    Audit SubjectInitial Objectives
    • Police – Jail Services Contract
    • PRCF – Convention Center Revenues
    • HR/Employee Benefits – Claims Admin. Contract
    • Transient Lodging Tax

    The objective of each follow-up review is to verify that corrective actions agreed to in response to the audit were:

    1) Implemented as agreed; and

    2) Effective in resolving the underlying audit findings.

    Other Activities

    ActivityDescription
    Citywide Cash AuditsUnannounced audits of cash handling sites citywide are conducted throughout the year.
    Payment Card Industry Data Security Standards (PCI DSS) Operational Review
    Annual review of payment card acceptance sites for PCI DSS compliance.
    Fraud & Ethics Hotline Investigations
    Monitor the City’s Fraud & Ethics Hotline and conduct investigations when necessary.

     

    Consulting Services

    Provide independent consulting/advisory services; data collection, validation and/or analysis; internal control reviews; risk analyses; financial statement reviews; etc. as needed.

    Unscheduled Audits
    As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.
    -------------------------------------------------------------------------------------------------------------------------------
    Audit Planning Process: The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s office for the year. 
    Compliance Healthcheck SMCR Regulatory Process Review TCF auditIt is developed based on a combination of key risk factors, as well as direction provided by the City Council and City Manager. Changes in scope or complexity of individual audits, or other unforeseen circumstances, may impact our ability to complete all work on the plan. Factors considered when selecting audits may include:
    > Requests and/or Suggestions received from the City Council or City Manager
    > Statutory mandates and/or regulation levels (highly regulated vs. unregulated activities)
    > Prior audit history or lack thereof
    > Complexity of operations or significant changes in operations or organizational structure
    > Technological advances or challenges
    > Cash handling volume and number of locations
    > Impact & likelihood of potential adverse events (risk management/control failures)
    > Activities commonly susceptible to fraud
     

    No comments: