Audit Plan. Marlene Hartinger, Chief of Audit Services. Auditors: Nancy McDaniel Johnny Alexander Julie Ratcliff Sarah Myers
|
|
- Lesley Short
- 6 years ago
- Views:
Transcription
1 Audit Plan Marlene Hartinger, Chief of Audit Services Auditors: Nancy McDaniel Johnny Alexander Julie Ratcliff Sarah Myers Approved October 21, 2011
2 Table of Contents Overview... 1 Audit Budget Full Staff Audit Plan with Full Staff... 3 Audit Risk Assessment Methodology... 4 Review Previously Identified Risks... 7 Interviews... 8 Risk Categorization... 8 Risk Areas Not Included in Audit Plan... 9
3 Overview The descriptions and broad objectives in this plan are starting points for audits that we anticipate will be assigned in the biennium. The topics are based on riskassessment discussions with ODOT staff and stakeholders as well as our judgment of the most effective deployment of audit resources. Once an audit is underway, it is possible that the scope and objectives will change during the survey phase as auditors seek updated information about risks and prepare detailed work plans. Audit priorities were discussed and identified during the May 5, 2011 Audit Committee meeting and are reflected in the revised audit plans and topics referred to management. 1
4 Audit Budget Full Staff The full staff audit budget was based on five auditors; we received approval to fill our two open auditor vacancies. To estimate the annual audit hours available it was assumed that each auditor spends 15 percent of their available time on administrative tasks and will take all accrued vacation and sick leave, 40 hours of CPE. We have factored in estimated furlough days as we anticipate that furloughs will continue in fiscal years 2012 and Together these nonaudit hours represent 35 percent of an auditor s time. This methodology also factors in anticipated long term leave and reduction of hours for an auditor and a delay in hiring a principal and senior auditor. After this calculation 5,600 and 6,400 hours are available for audit work in 2012 and 2013, respectively. Audit Plan Topics FYE 2012 FYE 2013 Carry Over from Construction QA 700 OWIN Follow-Up 480 OWIN Payment Process 640 A&E Contract Administration 1,280 Change Orders Follow-Up 480 Information Classification OTIA III Close-Out 480 Construction QA Follow-Up 480 Alternative Contracting 960 Document Management 960 Capping Report: Statement of Work Writing 200 Delegated Authority Follow-Up 480 External Reporting 640 Total Planned and Carry Over 3,850 4,890 Other Audit Work Management Requests 1,250 1,250 Risk Assessment Routine Follow-Up SPOTS Review Oregon Peer Review 100 Total Other Audit Work 1,750 1,950 Total Estimated Hours 5,600 6,840 Available Hours 5,600 6,400 2
5 Audit Plan with Full Staff Audit Area Construction QA (Carry-Over from 2010) OWIN Payment Process Oregon Wireless Interoperability Network Site Acquisition Follow-Up Information Classification Description Construction Quality Assurance is carry-over work from 2011 and part two of report 10-03, Construction Quality Assurance: Structure Provides Checks and Balances but Improvements Would Strengthen Construction Oversight. The overall objective of the assignment is to assess whether ODOT's processes are adequate to ensure that the quality of materials incorporated in projects is verified before they are installed and paid for. This part will test a sample of completed projects to assess the effectiveness of ODOT's Construction Quality Assurance Program. OWIN management is designing a payment process specific to the CM/GC nature of the OWIN project and will not be using the MPB payment process. Using a payment sample, an audit of OWIN payment practices will: Review the payment processes to assess internal controls; Test compliance with payment policies and procedures; and Identify areas of improvement. Audit report 10-05, Oregon Wireless Interoperability Network: Controls Needed in Partnership and Site Acquisition Processes, found that controls over site acquisition and partnership processes were inadequate. When the final program budget is determined, we will perform a follow-up audit to assess progress at implementing audit recommendations. Oregon Statute and Department of Administrative Services Policy require all state agencies to classify information assets and protect them accordingly. Executive staff, management, and Audit Services identified personally identifiable information, information access, and inability to find information as risk areas. An audit of ODOT s Security Fabric, the implementation of statute and DAS policy, could address these information-related risks and potentially highlight other vulnerabilities. An audit of ODOT s information classification would include: Review of Security Fabric implementation; Estimated Hours
6 Change Orders Follow-Up OTIA III Close- Out A&E Contract Administration Assessment of compliance with state statute and DAS policy; Review controls and retreivability of all levels of information; and Identify areas of improvement. Report 08-04, System to Track and Analyze Change Orders Needs Oversight, found that while the efforts made to improve change order tracking and reporting are commendable, further improvements in data reliability and report sharing are necessary to make this information useful and meaningful to decision makers. We will perform a follow-up audit to assess progress at implementing audit recommendations. With the OTIA III program winding down and lack of finalized close-out program, audit staff is concerned with the adequacy of the final control over program costs. An audit of program close-out would include an assessment of close-out methodology, schedule and progress. The A&E contract administration was identified as a top risk by executive staff, upper management, audit staff, and stakeholders. Concerns involved: Contracting Methods Procurement Compliance Contract Quality Negotiation Documentation Deliverables Receipt Contract Costs Payment Appropriateness Performance Monitoring Using a sample selected from central and regional procurement, an audit of this area would include the following: Review payments and deliverables; Review consultant evaluations; Review regional and central contract administration guidance; Evaluate statewide consistency; Review best practices for contract administration; and Identify areas of improvement ,280 4
7 Construction Quality Assurance Follow-Up Alternative Contracting Document Management Capping Report: Statement of Work Writing Audit report 10-03, Construction Quality Assurance: Structure Provides Checks and Balances but Improvements Would Strengthen Construction Oversight, identified areas of improvement. This follow-up will review recommendation implementation status. With the expansion of alternative contracting on large scale projects and current project challenges, ODOT management and audit staff identified alternative contracting as a risk area. ODOT has used alternative contracting in the OTIA III program with mixed success and these contracting methods are being used for a local agency project. To audit ODOT s implementation of alternative CMGC contracting, we will: Review best practices and ODOT guidance; Evaluate the CMGC procurements and oversight processes of Willamette River Bridge, Transportation building remodel, Oregon Wireless Interoperability Network and ODOT s participation in the Sellwood Bridge. Identify lessons learned and areas of improvement. The Pioneer Mountain Eddyville project may be considered for a design-build lessons learned review. Coupled with information classification is the risk that these assets are not sufficiently protected or controlled in a redundant recovery method. An audit of document management would involve an enterprise assessment of information: Security Storage Costs Retreivability Long Term Accessibility Audit Services will recap the recommendations and implementation status of statement of work related findings in IGAs, construction, and A&E contracting ,
8 Delegated Authority Follow-Up External Reporting Audit report 08-07, ODOT s IT Procurement Structure Lacks Effective Oversight, found that overall delegations of authority throughout ODOT do not comply with the Public Contracting Code. Further, report 10-02, Follow-Up Audit: Intergovernmental Agreements Lack of Authority Makes Agency-wide Change Unlikely at this Time, found that OPO completed an internal review of current delegations and determined that OPO did not possess the necessary oversight authority agency-wide for IGA standardization to be completely successful. The follow-up audit will review ODOT s efforts to reorganize, clarify, and improve the agencies delegation process. Externally reported data is manually compiled. This manual process can be inconsistent, prone to error, and time consuming. An audit of external reports would include: Identifying legislative reports; Assessing report preparation and reliability; Reviewing data sources; and Identifying areas of improvement
9 Audit Risk Assessment Methodology The purpose of the biennial risk assessment is to create an audit plan based on an assessment of risks that have the potential to interfere with ODOT s ability to achieve its mission. To prepare the biennial audit plan we: Reviewed previously identified risks to identify specific and current risks; Interviewed ODOT management and staff; Interviewed external stakeholders; Reviewed results from the ODOT s enterprise risk management (ERM) approach; Identified specific audit areas and objectives; Specified audit resources; and Categorized and prioritized auditable risk areas. To identify relevant auditable risks we reviewed previously identified risks, interviewed 49 ODOT staff and stakeholders, and reviewed ERM results. Based on this information we prioritized risk areas to create an audit plan for the biennium. Review Previously Identified Risks In reviewing past audit plans coverage, we found that we had not adequately addressed some previously identified risks. As a result, we reviewed these audit topics to determine if they were current risks and, if so, attempted to specifically define the risk area. These topic areas were: Bridge Contract Oversight Financial Data Integrity Human Resources Information Security OTIA III Procurement Technical Center Decentralization Revenue Safety Of the 10 previously identified risks, eight were still considered high risk areas. Due to additional research, we were able to specifically identify risk areas and potential audit objectives to ensure audit coverage of these areas in the future. Reoccurring risks, and specific areas, are listed below: Contract Oversight A&E Contract Administration and Construction Documentation Consistency Human Resources Succession Planning, Recruitment & Retention, Classification, and Discipline Information Security Balance Security and Productivity, ODOT s Security Fabric, and Protection of Personally Identifiable Information 7
10 Data Integrity Information Technology Business Planning and External Manual Reporting OTIA III Close-out Process Procurement Statement of Work Writing Revenue Funding Uncertainty Safety Employee Safety and Emergency Preparedness Interviews We interviewed 49 ODOT staff and stakeholders. ODOT staff included 11 executive staff, 17 managers, and 17 staff members. All division executives or administrators participated in the risk assessment either through interviews or written responses to questions. Further, all ODOT administrative functions and modes provided valuable input throughout the risk assessment process. Besides ODOT staff, we interviewed two Federal Highway Administration employees, a Department of Justice attorney, a Legislative Fiscal Office analyst, and an American Council of Engineering Companies representative. A gap in our stakeholder coverage was that we were unable to speak with a member of the Oregon Transportation Commission. Risk Categorization We tabulated the risks from the interviews, ERM, and audit brainstorming session into a list and grouped them by topic and risk levels of high and medium. We judged risk level as the likelihood that an event would occur and the severity of the effect if it did. We included as many of the high risks on our Audit Plan as we have the resources to assess. The remaining topics were reported to the Audit Committee with the expectation that they will be communicated to management and that management will address the risks without audit assistance. 8
11 Risk Areas Not Included in Audit Plan Through the ERM process executive staff prioritized initiatives that were also identified as part of the audit risk assessment and these areas were not included in the audit plan. These executive priorities are: 1. Succession Planning (including recruitment, retention, and classification); 2. State Data Center; and 3. Funding. Other risk areas not included in either of our proposed audit plans, and not covered by executive staff, are presented in the table below. Potential audit approaches are described. In the absence of an audit, Audit Services expects that the Audit Committee will communicate the risk areas to management to address the risks. Risk Area Transportation Applications Development Process Information Technology Business Planning Description Information technology application processes were identified across the board as relevant risks to ODOT achieving its mission. Indentified concerns included: Lengthy and time intensive process; Result in less than optimal systems; and Antiquated software and systems. An audit of the TAD process will include a process review to: Identify length of process and potential bottlenecks; Evaluate customer satisfaction; Evaluate consistency; and Identify areas of improvement. The lack of an enterprise approach to information technology planning was identified as a top risk by executive staff, upper management, and audit staff. Concerns involved: Governance Resource Deployment Business Continuity To audit information technology business planning we will: Review governance, project prioritization, and resource deployment; and Identify areas of improvement. Potential Management Action Management is considering hiring a consultant to address the risk. Management is considering hiring a consultant to address the risk. 9
12 A&E Procurement Process Emergency Preparedness Business Continuity Employee Safety Human Resources Structure Review Construction Documentation Consistency The A&E contract procurement process and subsequent contract administration were identified as top risks by executive staff, upper management, audit staff, and stakeholders. Concerns involved: Contracting Methods Procurement Compliance Contract Quality Negotiation Documentation Deliverables Receipt Contract Costs Payment Appropriateness Performance Monitoring Using a sample selected from central and regional procurement, an audit would include the following: Test compliance with ORS ; Review documentation standards; Review process timelines; Identify potential bottlenecks; Evaluate statewide consistency; and Identify areas of improvement. Emergency preparedness has received increased emphasis across the agency due to tsunami threats and potential earthquakes. An audit of emergency preparedness would assess ODOT s ability to continue operations in an emergency. Employee safety was raised as a risk area due to three recent workplace deaths. These deaths end a 10-year period of no workplace deaths. An audit of employee safety will include a review of safety training and culture. Human resources have been identified as a high risk area for a number of years. Due to turnover in management and staff, resources may not be deployed in the most effective manner. An audit of human resources will review organizational structure and staffing. Construction documentation was identified as an auditable risk by executive staff because documentation standards are lacking and projects may be documented in different manners. To audit construction documentation consistency, we will select a sample of construction contracts and: Review documentation standards and requirements; Management is considering hiring a consultant to address the risk. This risk is an agency priority. This risk is an agency priority. Management is considering hiring a consultant to address the risk. 10
13 Access Management Bulk Fuel Local Agency Certification Procurement Responsibility Local Agency Certification Administration and Oversight Compare existing documentation to standards; Evaluate statewide consistency; and Identify areas of improvement. Access Management is a program with high public visibility and safety impacts to the traveling public, and economic impacts to private businesses. As a result of SB 1024, access management processes at ODOT must be clarified, simplified, and based on objective standards. An area that the legislation did not address but that was suggested by the stakeholder committee is a process review for considering grants of access for public roads and streets. Controls over bulk fuel tanks is an issue that Fleet Management has consistently raised over the past few years and was passed on to Audit Services through the ERM process. An audit of bulk fuel controls would involve a sample of tanks and: Review of existing controls; Possibility of undetected theft; Assessment and costs of additional controls; and Identification of areas of improvement. ERM and ODOT management expressed concern over the procurement part of the Local Agency Certification Program. Concerns raised included: Stewardship Responsibilities Accountability Continuous Review Roles and Responsibilities An audit of the procurement responsibilities in the Local Agency Certification will include: Review of certified agency procurement process; Assessment of stewardship responsibilities; and Evaluation of roles and responsibilities. Now that more local agencies are seeking certification, management and staff are concerned with continued oversight of certified agencies. An audit of continued oversight of certified agencies would include: Assessment of continued ODOT oversight; Comparison to WSDOT local program oversight; and Evaluation of project close-out. A bill is being worked on that addresses this risk area. 11
14 12
MEMORANDUM Legislative Fiscal Office 900 Court St. NE, Room H-178 Salem, Oregon Phone FAX
MEMORANDUM Legislative Fiscal Office 900 Court St. NE, Room H-178 Salem, Oregon 97301 Phone 503-986-1828 FAX 503-373-7807 To: From: Joint Legislative Committee on Information Management and Technology
More information1. Definition & Mission
1. Definition & Mission 1.1 Internal Auditing is an independent, objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of. 1.2 Group Internal
More informationFY 2019 Internal Audit Program Semi-Annual Update
1/18/2019 FY 2019 Internal Audit Program Semi-Annual Update Audit Committee Item 6 January 11, 2019 Overview The SANDAG Internal Audit Program performs a variety of audit services to assist management
More informationREPORT 2015/146. Audit of the United Nations Interregional Crime and Justice Research Institute FINAL OVERALL RATING: PARTIALLY SATISFACTORY
INTERNAL AUDIT DIVISION REPORT 2015/146 Audit of the United Nations Interregional Crime and Justice Research Institute Overall results relating to the management of operations were initially assessed as
More informationHuman Resources Information System Business Case Executive Summary
Human Resources Information System Business Case Executive Summary January 2009 Oregon Department of Administrative Services Statewide (503) 373-3270 Human Resource Management System (HRIS) BusinE-mail
More informationEnvironment: Public Drinking Water Supply Program
5 Environment: Public Drinking Water Supply Program Summary The Department of Environment is not adequately monitoring public drinking water supplies to ensure public safety risks are appropriately addressed.
More informationSignificant Cost Savings Can Be Achieved by Modernizing Oregon s Procurement Systems and Practices
Department of Administrative Services Office of the State Chief Information Officer Significant Cost Savings Can Be Achieved by Modernizing Oregon s Procurement Systems and Practices December 2018 2018-45
More informationOFFICE of the COMPTROLLER. General Accounting Chief Accounting Officer (CAO) (M-VIII) JOB POSTING FY
OFFICE of the COMPTROLLER General Accounting (CAO) (M-VIII) JOB POSTING FY 19-014-00032583 About the Office of the Comptroller The Office of the Comptroller (CTR) is an Independent, Executive Level Agency
More informationINTERNAL AUDIT OFFICE (IAO) FISCAL YEAR 2019 RISK-BASED AUDIT PLAN
INTERNAL AUDIT OFFICE (IAO) FISCAL YEAR 2019 RISK-BASED AUDIT PLAN Activity Performance Audits, Assurance Services, and Special Requests: Budgeted Hours DC Water Blue Plains WWTP O&M and Capital Indirect
More informationINFORMATION SERVICES FY 2018 FY 2020
INFORMATION SERVICES FY 2018 FY 2020 3-Year Strategic Plan Technology Roadmap Page 0 of 14 Table of Contents Strategic Plan Executive Summary... 2 Mission, Vision & Values... 3 Strategic Planning Process...
More informationAgency Report Item 3: Department of Human Services Child Welfare Staffing
Agency Report Item 3: Department of Human Services Child Welfare Staffing Analyst: Laurie Byerly Request: Acknowledge receipt of a report on Child Welfare staffing. Recommendation: Acknowledge receipt
More informationExecutive Summary THE OFFICE OF THE INTERNAL AUDITOR. Internal Audit Update
1 Page THE OFFICE OF THE INTERNAL AUDITOR The Office of Internal Audit focuses its attention on areas where it can contribute the most by working with the organization to reduce risk and increase operational
More informationINTERNAL AUDIT DIVISION REPORT 2016/171
INTERNAL AUDIT DIVISION REPORT 2016/171 Audit of the management of engineering projects in the United Nations Multidimensional Integrated Stabilization Mission in Mali There was a need to implement a proper
More informationLA18-09 STATE OF NEVADA. Performance Audit. Department of Administration Hearings Division Legislative Auditor Carson City, Nevada
LA18-09 STATE OF NEVADA Performance Audit Department of Administration Hearings Division 2017 Legislative Auditor Carson City, Nevada Audit Highlights Highlights of performance audit report on the Hearings
More informationFinancial CIA-I. Certified Internal Auditor (CIA) Download Full Version :
Financial CIA-I Certified Internal Auditor (CIA) Download Full Version : http://killexams.com/pass4sure/exam-detail/cia-i QUESTION: 225 To identify those components of a telecommunications system that
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationREPORT 2014/156 INTERNAL AUDIT DIVISION. Audit of the recruitment process at the United Nations Office on Drugs and Crime
INTERNAL AUDIT DIVISION REPORT 2014/156 Audit of the recruitment process at the United Nations Office on Drugs and Crime Overall results relating to the efficient and effective management of the recruitment
More informationREPORT 2015/091 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/091 Audit of the recruitment of national staff and individual contractors in the United Nations Mission in the Republic of South Sudan Overall results relating to the
More informationAudit of Canadian Armed Forces Museums
ASSISTANT DEPUTY MINISTER (REVIEW SERVICES) Reviewed by ADM(RS) in accordance with the Access to Information Act. Information UNCLASSIFIED. Audit of Canadian Armed Forces Museums October 2016 1259-5-001(ADM(RS))
More informationStrengthening Control and integrity: A Checklist for government Managers
Forum: Analytics and Risk Management Tools for Making Better Decisions Strengthening Control and integrity: A Checklist for government Managers By James A. Bailey The next contribution is based on a Center
More informationAdministrative Services About Administrative Services
About The Department oversees and directs the operations of Finance, Human Resources, Sales Tax, Purchasing, Information Technology, Risk Management, Budget, the Public Information Office, Front Desk Reception,
More informationREPORT 2015/030 INTERNAL AUDIT DIVISION. Audit of the recruitment process at the United Nations Framework Convention on Climate Change
INTERNAL AUDIT DIVISION REPORT 2015/030 Audit of the recruitment process at the United Nations Framework Convention on Climate Change Overall results relating to recruitment process were initially assessed
More informationLya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises
Richard F. Chambers Certified Internal Auditor Certification in Control Self-Assessment Certified Government Auditing Professional President April 16, 2009 Lya Villasuso OECD Corporate Affairs Division
More informationSOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER
SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER The Audit Committee of the Board of Directors of Southwest Airlines Co. shall consist of at least three directors, each of whom shall meet the independence
More informationCERTIFIED ADMINISTRATOR OF SCHOOL FINANCE AND OPERATIONS
SFO SCHOOL FINANCE AND OPERATIONS CERTIFIED ADMINISTRATOR OF SCHOOL FINANCE AND OPERATIONS SFO Exam Guidebook ASBO International s certification program is governed by the Certification Commission, a semi-independent
More informationEnterprise Risk Management Report
Effective risk management is fundamental to the achievement of the Group s strategic objectives. The ERM System has been in place since 2010 which provides clear responsibility and accountability structures
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationWashington State University Office of Internal Audit FY 2015 Audit Plan
Washington State University Office of Internal Audit FY 2015 Audit Plan The purpose of the Audit Plan is to outline audits and other activities the WSU Office of Internal Audit will conduct during fiscal
More informationREPORT 2015/086 INTERNAL AUDIT DIVISION. Audit of the Kuwait Joint Support Office
INTERNAL AUDIT DIVISION REPORT 2015/086 Audit of the Kuwait Joint Support Office Overall results relating to the effective management of support functions performed by the Kuwait Joint Support Office were
More informationINTERNAL AUDIT DIVISION REPORT 2016/131
INTERNAL AUDIT DIVISION REPORT 2016/131 Audit of movement control operations in the United Nations Multidimensional Integrated Stabilization Mission in the Central African Republic Control processes over
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA DEPARTMENT OF ADMINISTRATION DIVISION OF PURCHASE AND CONTRACT FINANCIAL RELATED AUDIT OFFICE SUPPLIES TERM CONTRACT AUDIT FOLLOW-UP JUNE 2014 OFFICE OF THE STATE AUDITOR BETH A.
More informationFY 2013 Internal Audit Annual Report
FY 2013 Internal Audit Annual Report Purpose of the Internal Audit Annual Report: To provide information on the assurance services, consulting services, and other activities of the internal audit function.
More informationAudit of the Integrated Services Function at Selected Research Centres
Audit of the Integrated Services Function at Selected Research Centres Office of Audit and Evaluation January 2010 Report recommended for Deputy Minister s approval by the AAFC Audit Committee, January
More informationState Procurement Manual
1 of 5 AUTHORITY: Wis. Stats. 16.71 16.72(4) 16.75(1)(c) SCOPE: - to define delegation - to establish authority to perform and to delegate authority to perform procurement activities - to establish criteria
More informationBuilding Owners Cost Engineering Organizational Capability. Tim Mitchell Chevron
Building Owners Cost Engineering Organizational Capability Tim Mitchell Chevron Tim Mitchell Biography Degree B.S. Civil Engineering, 1986 Mississippi State University Professional Field: Upstream Oil
More informationSTATE OF NEVADA DEPARTMENT OF PUBLIC SAFETY CAPITOL POLICE DIVISION
STATE OF NEVADA DEPARTMENT OF PUBLIC SAFETY CAPITOL POLICE DIVISION AUDIT REPORT Table of Contents Page Executive Summary... 1 Introduction... 4 Background... 4 Staff and Budget... 4 Scope and Objective...
More informationEnterprise Risk Management Montana State Fund
Enterprise Risk Management Montana State Fund Report to the Board January 28, 2011 Presented by: Mary Peter, Director of Enterprise Risk Management Enterprise Risk Management (ERM) Defined An integrated
More informationInternal Audit & the Audit Committee
HCCA Audit & Compliance Committee Conference February 2008 Internal Audit & the Audit Committee Glen C. Mueller, CPA, CIA, CISA, CISM Scripps Health, San Diego, CA VP-Chief Audit & Compliance Executive
More informationMEMORANDUM Legislative Fiscal Office 900 Court St. NE, Room H-178 Salem, Oregon Phone FAX
MEMORANDUM Legislative Fiscal Office 900 Court St. NE, Room H-178 Salem, Oregon 97301 Phone 503-986-1828 FAX 503-373-7807 To: From: Joint Legislative Committee on Information Management and Technology
More informationPolicy and Procedures Date: November 5, 2017
Virginia Polytechnic Institute and State University No. 3350 Rev.: 8 Policy and Procedures Date: November 5, 2017 Subject: Charter for the Office of Audit, Risk, and Compliance 1. Purpose... 1 2. Policy...
More informationCENTER FOR COMMUNITY SERVICES DIRECTIVE
CENTER FOR COMMUNITY SERVICES DIRECTIVE Title: Organizational Standards Directive #: C2018-07 Effective: October 1, 2018 To: Community Services Block Grant Subgrantees From: Lynette Praster, Director Center
More informationHuman Resources BUDGET & FULL-TIME EQUIVALENTS SUMMARY & BUDGET PROGRAMS CHART. Operating $ 8,664,661 Capital $0 FTEs 29.25
BUDGET & FULL-TIME EQUIVALENTS SUMMARY & BUDGET PROGRAMS CHART Operating $ 8,664,661 Capital $0 FTEs 29.25 Lori Gentles Department Director Administration Employee Relations/Benefits Recruiting & Classification
More informationSERVICES & PROGRAMMING
2018 ANNUAL ACTION PLAN STRATEGIC OBJECTIVES These objectives and components theme focus areas and outline direction to address change, improvement, ensure long-term success, and accomplish our mission,
More informationRisk Assessment - Balancing Risk While Enhancing Controls
Risk Assessment - Balancing Risk While Enhancing Controls cliftonlarsonallen.com Session Objectives Define risk and risk assessment. Execution of assessment and approach Impact on controls and future state
More informationSUBJECT: AUDIT RESPONSE - OFFICE OF DATE: March 17, 2017 EQUALITY ASSURANCE. Date
CED AGENDA: 3/27/16 ITEM: D (4) CITY OF SANjOSE CAPITAL OF SILICON VALLEY Memorandum TO: SHARON W. ERICKSON FROM: Barry Ng SUBJECT: AUDIT RESPONSE - OFFICE OF DATE: March 17, 2017 EQUALITY ASSURANCE Approved
More informationFinal review report Review of corporate accommodation Public Works and Government Services Canada Office of Audit and Evaluation March 31, 2016
Number and Title of Audit Draft Preliminary Survey Report Review of corporate accommodation Public Works and Government Services Canada Office of Audit and Evaluation March 31, 2016 Table of contents
More informationFrequently Asked Questions About Government Payment Authorities Provincial Comptroller s Office
Purpose of this document Where are copies of this document available? This publication is intended to act as a summary reference for issues that frequently arise concerning Government payment processes.
More informationEfficiency First Program
Efficiency First Program Short-Term Impact; Long-Term Results Presented to: Discussion Points About AOTMP Your Telecom Environment The Efficiency First Framework Our Approach The Efficiency First Program
More informationBoard & Superintendent
Board & Superintendent Roles & Responsibilities 1111 W. 9th St. Juneau, AK 99801 (907) 463-1660 phone (907) 586-2995 fax General FuNctions Governs the district; hires the superintendent, establishes expectations,
More informationREPORT 2015/024 INTERNAL AUDIT DIVISION. Audit of the Office of the United Nations High Commissioner for Human Rights Country Office in Guatemala
INTERNAL AUDIT DIVISION REPORT 2015/024 Audit of the Office of the United Nations High Commissioner for Human Rights Country Office in Guatemala Overall results relating to the management of operations
More informationTechnology Strategic Plan
Rev. Date: 10/26/16 Technology Strategic Plan FY 2015-2018 August 2014 Revised: March 2016 Planning Process The FY 2015-18 Technology Strategic Plan was developed in the spring 2014 by the Chief Information
More informationVIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY COMPLIANCE, AUDIT, AND RISK COMMITTEE OF THE BOARD OF VISITORS COMPLIANCE, AUDIT, AND RISK CHARTER
VIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY COMPLIANCE, AUDIT, AND RISK COMMITTEE OF THE BOARD OF VISITORS I. PURPOSE COMPLIANCE, AUDIT, AND RISK CHARTER The primary purpose of the Compliance,
More informationIT PROJECT ANALYST/MANAGER
IT PROJECT ANALYST/MANAGER I. DESCRIPTION OF WORK Positions in this banded class are responsible for project management work involving planning and coordination of information technology projects. To ensure
More informationINTERNAL AUDIT DIVISION AUDIT REPORT 2013/093
INTERNAL AUDIT DIVISION AUDIT REPORT 2013/093 Audit of the preparedness of the United Nations Office at Geneva and its client organizations to comply with the International Public Sector Accounting Standards
More informationFY 2016 Annual Audit Report
FY 2016 Annual Audit Report TABLE OF CONTENTS I. Compliance with Texas Government Code, Section 2102.015: Posting the Internal Audit Plan, Internal Audit Annual Report, and Other Audit Information on Internet
More informationNORTH TAHOE PUBLIC UTILITY DISTRICT STRATEGIC PLAN Adopted April 10, 2018
1 PROVIDE QUALITY RECREATION, Establish sustainable funding sources for Evaluate Cost/benefit of hiring marketing 1.1 EVENT FACILITIES, AND ACTIVITIES Recreation and Parks manager as recommended two years
More informationRequest for Proposals Professional Audit Services. January 17, 2019
Request for Proposals Professional Audit Services January 17, 2019 TABLE OF CONTENTS I. INTRODUCTION A. General Information 4 B. Term of Engagement 5 II. NATURE OF SERVICES REQUIRED A. Scope of Work 5
More information2013 STRATEGIC PLAN: INTRODUCTION
2013 STRATEGIC PLAN: INTRODUCTION The Association of Inspectors General s Strategic Plan identifies our collective aspirations of what this organization may achieve in the years to come. It is designed
More information3rd QUARTER 2015 REPORT July 1, 2015 September 30, 2015
3rd QUARTER 2015 REPORT July 1, 2015 September 30, 2015 October 15, 2015 Katharine Palmer City Auditor This page intentionally blank ISC: UNRESTRICTED 1. Introduction The City Auditor is accountable to
More informationInternal Audit of Compensation and Benefits
Internal Audit of Compensation and Benefits Office of the Chief Audit and Evaluation Executive Audit and Assurance Services Directorate June 2010 Cette publication est également disponible en français.
More informationREPORT 2014/148 INTERNAL AUDIT DIVISION. Audit of the recruitment process at the Office of the High Commissioner for Human Rights
INTERNAL AUDIT DIVISION REPORT 2014/148 Audit of the recruitment process at the Office of the High Commissioner for Human Rights Overall results relating to the efficient and effective management of the
More informationRIDER 31: CHILD PROTECTIVE SERVICES STAFFING FISCAL YEAR FISCAL YEAR 2015
RIDER 31: CHILD PROTECTIVE SERVICES STAFFING FISCAL YEAR 2014 - FISCAL YEAR 2015 CONTENTS Purpose and Background... 2 Turnover... 2 Fill Rates... 3 Reasons why staff leave... 4 Recruitment and Retention
More informationOpening Statement to the Fifth Committee on the Report of the Board of Auditors on the United Nations Peacekeeping Operations (A/70/5/Vol.
United Nations Nations Unies BOARD OF AUDITORS NEW YORK Phone: (212) 963-5623 Mr Chairman, Distinguished Delegates, Opening Statement to the Fifth Committee on the Report of the Board of Auditors on the
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the
More informationEvolving Core Tasks for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
Evolving Core Tasks for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationAuditor General s Office REVIEW OF THE CITY SAP COMPETENCY CENTRE APPENDIX 1. June 1, 2010
APPENDIX 1 REVIEW OF THE CITY SAP COMPETENCY CENTRE June 1, 2010 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1 BACKGROUND...2
More informationAudit Committee Charter for XL Group Ltd
Audit Committee Charter for XL Group Ltd Audit Committee Charter for XL Group Ltd Purpose The Audit Committee is appointed by the Board to assist the Board in overseeing (1) the quality and integrity of
More informationInternal Oversight Division. Internal Audit Strategy
Internal Oversight Division Internal Audit Strategy 2018-2020 Date: January 24, 2018 page 2 TABLE OF CONTENTS LIST OF ACRONYMS 3 1. BACKGROUND 4 2. PURPOSE 4 3. WIPO STRATEGIC REALIGNMENT PROGRAM 5 (A)
More informationBasecamp Program Update
Basecamp 2018 Program Update 2/20/2018 BASECAMP S PROGRAM STRUCTURE The Basecamp Program was developed in partnership by the Office of the State Chief Information Officer (OSCIO) and Procurement Services
More informationFY19 Appropriations Committee Questionnaire
Department of Human Resources 1a. What are your programs? HUMAN RESOURCES OPERATIONS The division includes the following enumerated programs/functions: Classification and Position Management, Benefits
More informationIndigenous and Northern Affairs Canada. Internal Audit Report. Audit of Business Continuity Planning. Prepared by: Audit and Assurance Services Branch
Indigenous and Northern Affairs Canada Internal Audit Report Audit of Business Continuity Planning Prepared by: Audit and Assurance Services Branch August 2017 TABLE OF CONTENTS TABLE OF CONTENTS... i
More informationBusiness Case and Proposal
Business Case and Proposal Formation of an Internal Audit Service for Cambridge City Council, Huntingdonshire District Council and South Cambridgeshire District Council 1.0 Executive Summary 1.1 Cambridge
More informationChapter 3 Workers Compensation Board: Governance and Long-term Sustainability
Chapter 3 Workers Compensation Board: Governance and Long-term Sustainability Overall Conclusions The Board of Directors has governance structures and processes to provide oversight and accountability
More informationChris Horton, Ph.D., CIA, CGAP County Auditor. Arlington County Auditor DRAFT Annual Audit Work Plan FY 2019
Chris Horton, Ph.D., CIA, CGAP County Auditor Arlington County Auditor DRAFT Annual Audit Work Plan FY 2019 June 19, 2018 Introduction The Annual Audit Work Plan for Fiscal Year 2019 (FY 2019 Plan) comprises
More informationOffice of the City Auditor. Committed to increasing government efficiency, effectiveness, accountability and transparency
Office of the City Auditor Committed to increasing government efficiency, effectiveness, accountability and transparency Issue Date: TABLE OF CONTENTS Executive Summary... ii Recommendation... iv Background...1
More informationAudit Committee Meeting
Audit Committee Meeting Meeting Date & Time: Friday, May 18, 2018 5:00 pm 7:00 pm Meeting Location: Courthouse Plaza 2100 Clarendon Blvd., Suite 311 Arlington VA, 22201 AGENDA 1. Call to order 2. Approval
More informationTRA Internal Audit Fiscal Year 2019 Audit Plan
TRA Internal Audit Fiscal Year 2019 Audit Plan Leslie Nagel, CPA, CEBS, CIA Chief Audit Executive Approved by TRA Audit Comittee April 10, 2018 Approved by TRA Board of Trustees April 11, 2018 TRA Internal
More informationAssessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive
Assessment of the Design Effectiveness of Entity Level Controls Office of the Chief Audit Executive February 2017 Cette publication est également disponible en français. This publication is available in
More informationState of Florida Department of Children and Families
State of Florida Department of Children and Families Rick Scott Governor Rebecca Kapusta Interim Secretary ADDENDUM #3 to the following Invitation to Negotiate (ITN): Advertisement Number: Section 5.3.1,
More informationDiving into the 2013 COSO Framework. Presented by: Ronald A. Conrad
Diving into the 2013 COSO Framework Presented by: Ronald A. Conrad 2 Objectives Obtain an understanding of why the COSO Framework has been updated Understand how the framework has changed Identify the
More information5 Core Must-Haves for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
5 Core Must-Haves for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationOregon Department of Transportation. Geographic Information Systems. Implementation Plan
Oregon Department of Transportation Systems Implementation Plan January Introduction Access to information is the key component driving ODOT s GIS goals. Most forms of information can be related to a geographic
More informationCERTIFICATIONS IN HUMAN RESOURCES. SPHRi TM Senior Professional in Human Resources - International TM SPHRi. Exam Content Outline
CERTIFICATIONS IN HUMAN RESOURCES SPHRi TM Senior Professional in Human Resources - International TM 2018 SPHRi Exam Content Outline SPHRi Exam Content Outline At-a-Glance: SPHRi Exam Weighting by Functional
More informationDepartment of Biology
THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Department of Biology Report No. 14-10 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University
More informationTHE COLOMBO PLAN. (Colombo Plan Gender Affairs Programme) Terms of Reference
THE COLOMBO PLAN For Cooperative Economic and Social Development in Asia and the Pacific (Colombo Plan Gender Affairs Programme) Terms of Reference Institutional Capacity Assessments and Improvement Plans
More informationChoosing The Right EHR For You: Best Practices In Vendor Selection & Contracting
Choosing The Right EHR For You: Best Practices In Vendor Selection & Contracting Presented By: Joseph Naughton-Travers, Ed.M., Senior Associate, OPEN MINDS Presented On: July 26, 2013 An OPEN MINDS Executive
More informationEXTERNAL QUALITY ASSESSMENT OF ORANGE COUNTY S INTERNAL AUDIT DEPARTMENT
EXTERNAL QUALITY ASSESSMENT OF ORANGE COUNTY S INTERNAL AUDIT DEPARTMENT August 27, 2007 Office of Robert E. Byrd, CGFM County Auditor-Controller 4080 Lemon Street P.O. Box 1326 Riverside, CA 92502-1326
More informationAssurance Dashboard. Audit added to review controls related to Audit Added Procurement. increased activity due to hurricane Irma 2017 CAT Travel and
1 Page Office of the Internal Auditor Overview of Audit Plan and Plan Changes The OIA continually follows development of risk and monitors delivery of projects listed in the Audit Plan. As we reassess
More informationSPEECH-LANGUAGE PATHOLOGY & AUDIOLOGY
Annual Performance Progress Report (APPR) for Fiscal Year (2007-2008) Proposed KPM's for Biennium (2009-2011) Original Submission Date: 2008 2007-2008 KPM # 2007-2008 Approved Key Performance Measures
More informationPrince William County Public Schools Annual Audit Plan
Prince William County Public Schools 2011 Annual Audit Plan Office of Internal Audit Vivian Calkins-McGettigan, MBA, CPA, CPFO Chief Internal Auditor Table of Contents Foreword 3 Introduction to the Office
More informationFinal Report for Strategic Planning Services November 2008
Final Report for Strategic Planning Services November 2008 Utilities Department The City of Las Cruces Las Cruces, NM Submitted by: DMBE-Certified Woman Business Enterprise, Certificate Number 650963 P.O.
More informationNOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED Meeting Audit Committee Date 24 July 2018 Location Pacific Quay, Glasgow Title of Paper Internal Audit Organisational Change Report Item Number 5.5 Presented By Campbell McLundie,
More informationFiscal Year 2014 FISCAL YEAR OCTO OBER 28, 2014 OFFICE BOX 19112
FISCAL YEAR 2014 ANNUAL INTERNAL AUDIT REPORT AS REQUESTED BY THE STATE AUDITOR S OFFICE OCTO OBER 28, 2014 OFFICE OF INTERNALL AUDIT BOX 19112 ARLINGTON, TX 76019 0112 817 272 01500 www.uta.edu/internalaudit
More informationAnalysis Item 9: Employment Department Supplemental Nutritional Assistance Program Employment Services
Analysis Item 9: Employment Department Supplemental Nutritional Assistance Program Employment Services Analyst: Michelle Deister Request: Increase the Other Funds expenditure limitation by $5,574,000 and
More informationAUDIT COMMITTEE CHARTER
AUDIT COMMITTEE CHARTER ORGANIZATION AND PURPOSE The Board of Directors (the Board ) of Nabors Industries Ltd. (the Company ) has established the Audit Committee of the Board to carry out the duties and
More informationAudit of Information Management. Internal Audit Report
Audit of Information Management Internal Audit Report October 2011 Table of Contents EXECUTIVE SUMMARY 2 1.0 INTRODUCTION...... 6 1.1 BACKGROUND... 6 1.2 RISK ASSESSMENT...... 7 1.3 AUDIT OBJECTIVES AND
More informationEnhanced Risk Management Policy
Enhanced Risk Management Policy Approved By: City Council Category: General Administration Approval Date: September 12, 2001 Effective Date: September 12, 2001 Revision Approved By: Revision Date: August,
More informationChapter 2 IWK Health Centre: Financial Management Controls and Governance
Chapter 2 IWK Health Centre: Financial Management Controls and Governance OGANS Overall Conclusions The Board of Directors and management of the IWK Health Centre did not effectively govern and oversee
More informationContents. Contents 1 Executive Summary 2 What We Examined 2 Why It's Important 2 What We Found 2 Special Examination Opinion 4
1800 Contents Contents 1 Executive Summary 2 What We Examined 2 Why It's Important 2 What We Found 2 Special Examination Opinion 4 I 1 Executive Summary What We Examined The First Nations (FNTC)was established
More informationCentral East LHIN Organizational Health Self Assessment Tool
Organizational Self Assessment Tool Purpose: This self assessment tool is designed for use by community support services and community mental health and addictions agencies to quickly assess their organizational
More information