Now that the first-half of 2021 is over with after tomorrow, what wasn't done for internal audits can get some overdue attention now.
Looks like 'the time has been adjusted' and scheduled for a City Council Meeting on July 8, 2021
ITEM 2-a
______________________________
Proposed Audit Plan Fiscal Year 2021/2022
( Page 1 of 2 )
Mission
The City Auditor’s office provides audit, consulting, and investigative services to identify and minimize risks, maximize efficiencies, improve internal controls, and strengthen accountability to Mesa’s citizens.
==================================================================
AN INSERT FROM AN EARLIER POSTS ON THIS BLOG
December 2020
FIRST LOOK: Mesa City Annual Financial Review Fiscal Year Ending June 2020 > Impact of Coronavirus Aid, Relief and Economic Security
This CAFR is an internal audit report prepared by the city's Financial Services Department that covers the first half of the calendar year and the end of the the fiscal year in June 2020 - four months into the COVID-19 Pandemic. We are now six months more into unpredictable stronger economic impacts that have destroyed the long-term prior planning strategies as well as the overall budget predictions, estimates and forecasts.
| File #: | 20-1230 |
| Type: | Presentation | Status: | Agenda Ready |
| In control: | Audit, Finance and Enterprise Committee |
| On agenda: | 12/14/2020 |
| Title: | Hear a presentation, discuss, and provide a recommendation on the City's Comprehensive Annual Financial Report (CAFR) for Fiscal Year Ended June 30, 2020. |
| Attachments: | 1. Presentation, 2. 2020 CAFR |
1 PRESENTATION:
2 2020 CAFR DOCUMENT
11.8MB 191 Pages
Financial Services Department
14 December 2020
_____________________________________________________________________________
FOR THE INTEREST OF READERS OF THIS BLOG:
5 Ways Internal Audit Can Fail to Adequately Serve Its OrganizationRichard ChambersFebruary 11, 2019
Source : https://iaonline.theiia.org
1. Avoiding High-risk Areas or Quietly Accepting Scope Limitations
2. Ignoring Organizational Culture
3. Failure to Perform Follow-up
4. "Watering Down" Reportable Issues
5. Failure to Provide Adequate Reporting About Internal Audit
==================================================================
Audit Plan Purpose and Considerations
The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s office for the year. Factors considered when selecting audits may include:
Requests or suggestions received from the City Council or City Manager Statutory mandates and/or volume of regulations (highly regulated vs. unregulated) Prior audit history or lack thereof Activities commonly susceptible to fraud Complexity of operations, significant changes in operations, or high turnover Cash handling volume and number of locations Impact and likelihood of potential adverse events (risk management/control failures)
The Audit Plan intentionally exceeds our capacity by approximately 20%, to provide flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently.
Audits which are not completed in the current year may be carried forward to the next year, as is the case with one of this year’s audits*.
Audits Planned for FY 2021/2022
Audit Subject Area Initial Objectives
* Falcon Field - Leases
Determine whether effective controls are in place to ensure revenues are accurately calculated, recorded, and collected; to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.
PRCF – Mesa Tennis Center
Determine whether effective controls are in place to ensure all due fees and charges are accurately calculated, recorded, and collected.
Police Department – Property and Evidence
Determine whether effective controls are in place to ensure that property and evidence are properly documented, secure, and available when needed; and ensure compliance with applicable policies, statutes, and other requirements or recommended practices.
Police Department – Criminal Investigations Case Management
Determine whether effective controls are in place to ensure that cases are properly assigned, investigated, and disposed of in accordance with applicable policies, statutes, and other requirements.
DoIT – Remote Access
Determine whether effective controls are in place to ensure risks related to remote access to the City’s network are minimized and connectivity between the network and remote users is secure.
( Proposed Audit Plan Fiscal Year 2021/2022 Page 2 of 2)
Transportation – Street Maintenance
Determine whether effective controls are in place to ensure proper maintenance of City streets in accordance with applicable policies, statutes, and other requirements.
Services/Housing & Community Development – VASH Program
Determine whether effective controls are in place to properly administer the Veteran Affairs Supporting Housing Voucher (VASH) program in accordance with applicable policies, statutes, and other requirements.
FY 2020/2021 Work in Progress (as of 6/30/2021)
DoIT – Software/Application Management
Fleet – Parts Management
Business Services/Purchasing Division – Procurement Processes
Police Department – Badging/Security Access
PCI DSS
Annual Review Follow-up Reviews Due in FY 2021/2022
PRCF – Convention Center Revenues
HR/Employee Benefits – Claims Admin. Contract
Transient Lodging Tax
Engineering – CMAR Projects
Engineering – JOC Projects
Police – Photo Safety Program
MFMD – Medical Transportation Services & Billing
_____________________________________________________________________________________
The objective of each follow-up review is to verify that corrective actions
agreed to in response to the audit were:
1) Implemented as agreed2) Effective in resolving the underlying audit findings
Other Activities
> Citywide Cash Audits
Unannounced audits of cash handling sites citywide throughout the year.
> Payment Card Industry Data Security Standards (PCI DSS) Review
Annual review of payment card acceptance sites for PCI DSS compliance.
> Fraud & Ethics Hotline Investigations
Monitor the City’s Fraud & Ethics Hotline and conduct investigations when necessary.
Consulting Services
Provide independent consulting/advisory servicesdata collectionvalidation, or analysisinternal control reviewsrisk analysesfinancial statement reviewsetc. as needed.
Unscheduled Audits
As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.
______________________________
| File #: | 21-0727 |
| Type: | Presentation | Status: | Agenda Ready |
| In control: | City Council Study Session |
| On agenda: | 7/1/2021 |
| Title: | Hear a presentation, discuss, and provide direction on the proposed Audit Plan for FY 2021/22. |
| Attachments: | 1. Presentation, 2. FY 2021-2022 Audit Plan (Proposed) |
PRESENTATION
City Auditor
Proposed FY 2022 Audit Plan
City Council Study Session July 1, 2021
Joseph Lisitano, City Auditor
Audit Plan Overview:
• Current work in progress
• Audits planned for FY 2022
• Follow-up reviews due in FY 2022
• Other activities
==============================
• Current work in progress
Current work in progress:• DoIT – Software/Application Management• Business Services/Purchasing – Procurement Processes• Fleet – Parts Management• Police – Badging Security Access• PCI DSS Annual Review• Audits planned for FY 2022• Follow-up reviews due in FY 2022• Other activities
• Audits planned for FY 2022
New audits:• *Falcon Field – Leases• PRCF – Mesa Tennis Center• Police Department – Property and Evidence• Police Department – Criminal Investigations Case Management*Carried over from FY21 Audit Plan
• DoIT – Remote Access• Transportation – Street Maintenance• Community Services/Housing & Community Development – VASH Program
• Follow-up reviews due in FY 2022
Follow-up reviews:• *PRCF – Convention Center Revenues• *HR/Employee Benefits – Claims Admin. Contract• Transient Lodging Tax • Police – Photo Safety Program*Delayed in FY 21 due to COVID-19
• MFMD – Medical Transportation Services and Billing
• Engineering – CMAR Projects
• Engineering – JOC Projects
• Other activities
Follow-up reviews:
• MFMD – Medical Transportation Services and Billing
• Engineering – CMAR Projects
• Engineering – JOC Projects
• Citywide Cash Handling Audits (continuous)
• PCI DSS Annual Review
• Fraud & Ethics Hotline Investigations
• Consulting (limited reviews, other projects, etc.)
• Unscheduled Audits (if requested by City Manager or City Council)
Questions or changes?
No comments:
Post a Comment