City of Mesa Audits: Accountability To Citizens > (Interim City Auditor): The Plan, Services, Works In Progress

Let's take a look to review from the official source

https://www.mesaaz.gov/government/city-auditor/audits/audit-plan

 

(INTERIM) CITY AUDITOR

City Auditor: Interim Auditor Joseph Lisitano, CPA

Source: https://www.mesaaz.gov/government/city-auditor

 

SERVICES

Audits
Audits of City departments, activities, programs, contracts, etc. are conducted to evaluate: 

> Adequacy of internal controls to prevent or detect fraud.    

> Safeguarding of assets, from loss, damage or inappropriate use.    

> Compliance with laws, regulations, policies, contracts, grant terms, etc.    

> Accuracy of reported financial and performance information.    

> Economy and efficiency of operations.    

> Accomplishment of specified goals and objectives.    

 

Audit findings and recommendations are reported to the Council Audit, Finance & Enterprise Committee and posted on our Web site

 

Consulting
Consulting encompasses a wide array of non-audit services, including but not limited to: 

> Providing general guidance on internal controls and related matters, including application-level IT controls.

> Reviewing credit card acceptance sites for compliance with PCI DSS.

> Performing limited reviews and analyses of financial statements submitted by potential contractors in connection with RFQs.

> Observing MesaStat presentations and, as resources permit, periodically reviewing financial/performance data and measures presented by City staff.

> Performing periodic random reviews of Council Reports, to ensure that the information provided to decision-makers is accurate and complete.

 

Consulting services may or may not result in formal reports, but findings are always reported to management. 

When appropriate, findings may also be reported to the Audit, Finance & Enterprise Committee.

--------------------------------------------------------------------------------------------------------------------------

AUDIT PLAN 

The Audit Plan intentionally exceeds our capacity by approximately 20%

 

Mission: The City Auditor’s office provides audit, consulting, and investigative services to identify and minimize risks, maximize efficiencies, improve internal controls and strengthen accountability to Mesa’s citizens.

 

The Audit Plan intentionally exceeds our capacity by approximately 20%, in order to provide flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently. It also lets us adapt to changing circumstances and priorities during the year.

If necessary, audits may be carried forward to the next Plan year, as is the case with three* of this year’s audits.

FY 2020/2021 Audits
Audit Subject	Initial Objectives
*Business Services/Purchasing Division – Procurement Processes	Determine whether effective controls are in place to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.
*DoIT - Software/ Application Management	Determine whether effective controls are in place to ensure all applications used to conduct City business are licensed, inventoried, and meet City IT security standards.
*Engineering – Job Order Contracting (JOC)	Determine whether JOC projects are administered in accordance with established criteria; and whether there are effective internal controls to prevent or detect errors, fraud, waste, or abuse.
Police Department - Badging/Security Access	Determine whether effective controls are in place to ensure that building/suite access is managed appropriately to prevent unauthorized access to City facilities.
Falcon Field - Leases	Determine whether effective controls are in place to ensure revenues are accurately calculated, recorded, and collected; to prevent or detect errors, fraud, waste, or abuse, and ensure compliance with policies, statutes, and other applicable requirements.
Fleet - Parts Management	Determine whether effective controls are in place over parts management to prevent or detect errors, fraud, waste, or abuse and ensure compliance with policies and other applicable requirements.
----------------------------------------------------
FY 2019/2020 Work in Progress As of 6/30/2020
MFMD – Transport Services & Billing Engineering – CMAR Projects Engineering – CIP Mesa Police – Photo Safety Program
------------------------------------------------------------------------------------------------------------------------- More AUDITS https://www.mesaaz.gov/government/city-auditor/audits (All documents below in PDF format) FY 2019 / 2020   June 25, 2020 Continuous Auditing of Cash Funds June 16, 2020 Transient Lodging Tax June 10, 2020 FY 2020 Annual Credit Card Security Review May 26, 2020 Procurement Card Program Follow-up Review   May 19, 2020 Development Services Fees & Charges Follow-up Review February 25, 2020 Police Jail Services February 24, 2020 Nonprofit Support Organization Agreements Follow-up Review February 18, 2020 Employee Benefits - Claim Administration Contract November 26, 2019 Mesa Convention Center November 25, 2019 Eastmark CFD Follow-up Review August 29, 2019 Annual Credit Card Security Review July 1, 2019 Community Services Contract Monitoring for CDBG Follow-up Review   Follow-Up Reviews Due in FY 2019/2020
Audit Subject	Initial Objectives
Police – Jail Services Contract PRCF – Convention Center Revenues HR/Employee Benefits – Claims Admin. Contract Transient Lodging Tax	The objective of each follow-up review is to verify that corrective actions agreed to in response to the audit were: 1) Implemented as agreed; and 2) Effective in resolving the underlying audit findings.
Other Activities
Activity	Description
Citywide Cash Audits	Unannounced audits of cash handling sites citywide are conducted throughout the year.
Payment Card Industry Data Security Standards (PCI DSS) Operational Review	Annual review of payment card acceptance sites for PCI DSS compliance.
Fraud & Ethics Hotline Investigations	Monitor the City’s Fraud & Ethics Hotline and conduct investigations when necessary.
Consulting Services	Provide independent consulting/advisory services; data collection, validation and/or analysis; internal control reviews; risk analyses; financial statement reviews; etc. as needed.
Unscheduled Audits	As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.

-------------------------------------------------------------------------------------------------------------------------------

Audit Planning Process: The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s office for the year. 

It is developed based on a combination of key risk factors, as well as direction provided by the City Council and City Manager. Changes in scope or complexity of individual audits, or other unforeseen circumstances, may impact our ability to complete all work on the plan. Factors considered when selecting audits may include:

> Requests and/or Suggestions received from the City Council or City Manager

> Statutory mandates and/or regulation levels (highly regulated vs. unregulated activities)

> Prior audit history or lack thereof

> Complexity of operations or significant changes in operations or organizational structure

> Technological advances or challenges

> Cash handling volume and number of locations

> Impact & likelihood of potential adverse events (risk management/control failures)

> Activities commonly susceptible to fraud

 

Archegos Drama May Spur New Regulations

Archegos Capital Blowup: What Investors Need to Know

Dangerous Radiation Risk, Lightning, Coldest Temp | S0 News Mar.29.2021

New Aurora, Ancients Knew Astronomy, Baby Star Jets | S0 News Mar.30.2021

James Taylor & Yo-Yo Ma - Here Comes the Sun

Re: Chiller CATASTROPHIC FAILURE at City-owned "AZ Research Labs"

Going into the Archives on this blog site, here's an entry for a Contract Award for approval of a staggering  Dollar-Limit Increase by $1,316,000, from $2,700,000 to $4,016,000 annually on the Consent Agenda for a Mesa City Council Meeting on August 24,2020

Note:

The "complex" referenced to is AZ Labs owned by the City of Mesa and located at Phoenix-Mesa Gateway Airport.
More information can be found here on more than ten pages from the city's official web site.

AZCWR uses "bots", or computer programs that take advantage of thousands of computers across the planet, . .

 

"Our net effect is taking down 1,000 accounts a day," Scott said. When asked how his cadre of hackers, none of whom speak Arabic, are able to find the accounts, Scott responded that the AZCWR is given tips from intelligence agencies across the globe.
There is an assortment of tasks, from the aforementioned take-down of an ISIL account to attacking, with consent, the cyber security systems of businesses.
Also, when a foreign adversary is not "paying enough attention" to the AZCWR for the group to gather intel, the hackers will "poke the bear", Scott said.

While The government wants a cyber campaign against ISIL and others who attack the state, they don't want to encourage "cyber militias" to mount attacks against enemies.
Scott has worked for various government agencies, and his experience with has left a bad impression. "The US has a very backwards idea towards hackers. Russia, China, and even ... countries like Iran are offering them huge amounts of money, luxurious cars, and nice flats."
In the US, Scott explained, hackers still face witch-hunts and harsh penalties when the government should offer employment. AZCWR is there to force decision-makers to re-evaluate their stance on technologically-capable but legally questionable computer users.
"World War III is already here, and it's happening on the internet," the hacker said.
On Friday and yesterday, there were major headlines about cyber attacks readers can see on http://www.ooyuz.com
A wave of digital publishers and other ecommerce players were hit by a cyber attack this morning, causing their sites in some parts of the United States to go out in a problem that's lingering into middle afternoon. According to DownDetector—check out its map above—the East Coast and Southern California have been hit the hardest while Western Europe also experienced outages

 

CONTRACTS
*4-e

File #:

20-0811

Type:

Contract

Status:

Agenda Ready

In control:

City Council

On agenda:

8/24/2020

Title:

Dollar-Limit Increase to the Term Contracts for HVAC Services and Equipment for the Parks, Recreation and Community Facilities Department as requested by the Office of Economic Development (Citywide) The dollar-limit increase is needed for several upcoming chiller installation projects including a large replacement that is critical to the AZ Labs operations.  Trane has provided a quote for the total project cost, at $1,316,000, inclusive of all labor charges for the chiller installations and replacements. The Office of Economic Development, Parks, Recreation and Community Facilities Department and Purchasing recommend increasing the dollar-limit using the cooperative contracts: US Communities with Trane; Omnia Partners (formerly National IPA) with Comfort Systems USA, and HACI Service LLC; 1GPA with Midstate Energy, and Pueblo Mechanical & Controls; by $1,316,000, from $2,700,000 to $4,016,000 annually, with an annual increase allowance of up to 5%, or the adjusted Consumer Price Ind...

Attachments:

1. Council Report

 

-----------------------------------------------------------------------------------------------------------------------------

More > 23 October 2016

Home On The Range Here In Mesa: Cyber Warfare

Somewhat surprised to see this article  on Al Jazeera by Creede Newton about a facility located here in Mesa appearing just two hours earlier
Cyber warfare: The new international warfront
Faced with increased cyber attacks, [ like just 2 days ago! ] US government is balancing attack on and defense from hackers and cyber criminals. . .

Whether the people in AZCWR are self-styled vigilantes or consider themselves some kind of "cyber militia" is a concern as well as the city's agreeing to lease the  building to them.

 

 

Mesa, Arizona - To enter the Arizona Cyber Warfare range (AZCWR), a person must have a signed waiver, the consent from the strict private security firm that guards the facilities, and the fortitude to withstand the salty language and messy environment created by the hackers inside.

"This is the only place in the world where the good guys can learn to hack from good guys who really know how to hack," Brett Scott, one of the founders of the AZCWR, told Al Jazeera inside their hacking headquarters.

The organisation is housed inside a complex that began as a research facility for top-secret military technology in the 1980s.

The group has three missions:

(1) to educate the public on the merits of hacking by offering free courses,

(2) to change the realm of cyber-security for both the public and private sectors to gather, and

(3) to handle the enemies of the United States.

 

-----------------------------------------------------------------------------------------------------------------------------
More >

f anyone is curious about Dane Mullenix and a company business profile, here's a segment of  Mesa Morning Live from July 3, 2013.

Some of it is "top secret' Headquarters: McLean, VA

Revenue: 750 million USD

Founded: December 20, 2002

Subsidiaries: iv Alion-METI Corporation, v Alion CATI Corp, More

 

Website: alionscience.com 

Alion Science and Technology Corporation is an technology solutions company delivering technical expertise and operational support to the United States Department of Defense, civilian government agencies and commercial customers.
-----------------------------------------------------------------------------------------------------------------------------
More