Internal Audit Work Plan

Similar documents
Internal Audit Work Plan First Half of Fiscal Year Department of Management and Finance

Ambulance Contract Billing Report October 12, 2016 KEY CONTROL FINDING RECOMMENDATION STATUS The City should:

Financial Controls Checklist

Division of Student Affairs General Fund Units Internal Control Questionnaire FY 2012

University Internal Audit

Division of Student Affairs Internal Control Questionnaire FY 2011

Wire Transfer Audit. Craig Hametner, CPA, CIA, CMA, CFE City Auditor. Prepared By: Jed Johnson Senior Audit Analyst. Michelle Taylor Audit Analyst

This Questionnaire/Guide is intended to assist you in decision making, as well as in day-to-day operations. Best Regards,

AUDIT COMMITTEE ACTIVITY REPORT

Prince William County Public Schools Annual Audit Plan

ADMINISTRATIVE RESPONSIBILITIES FOR UNIVERSITY AND COLLEGE ADMINISTRATORS, DEPARTMENT HEADS, AND DIRECTORS

Policy Analysis: Internal Controls #1.11 1/2009

Dutchess County Department of Planning and Community Development Division of Mass Transit January 2007 December 2008

Audit of Core Management Controls. Internal Audit Sector

Maryland School for the Deaf

Understanding Internal Controls Office of Internal Audit

Contract and Procurement Fraud

University System of Maryland University of Baltimore

Control Self Assessment Questionnaire

Audit Report 2016-A-0002 City of Delray Beach Purchasing

University System of Maryland University of Maryland, College Park

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been completed/validated since last report in August 2016

EGYPTIAN AREA AGENCY ON AGING Fiscal Monitoring Program

City Property Damage Claims Processing and Collection

INTERNAL CONTROLS REVIEW PROGRESS REPORT Highlighted items have been completed since last report in January 2016

Department of Biology

Contract and Procurement Fraud. Fraud in Procurement without Competition

Fire Department Inventory Management Audit

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Communication Report No

FINANCE DEPARTMENT DIRECTOR

Horizontal Audit of the Acquisition Cards Process

Maryland Department of Health Office of the Chief Medical Examiner

PEORIA COUNTY, ILLINOIS

INTERNAL CONTROLS REVIEW PROGRESS REPORT

Detailed competency map

Guide to Internal Controls

FRAUD AWARENESS UPDATE

Financial Resources: Control of finances The institution exercises appropriate control over all its financial resources.

Why do we need Internal Controls?

APPENDIX 2 COMMUNITY DEVELOPMENT COMMISSION FINANCIAL CHECKLIST REQUIRED FOR ALL APPLICANTS (A SITE VISIT MAY BE CONDUCTED LATER)

Internal Audit Report - Contract Compliance Cycle Audit Department of Technology Services: SHI International Corporation Contract Number

What Happens When Internal Controls Fail

Employee Relations Approved General Government Operating Budget ER - 1. Municipal Manager. Employee Relations

Finance Committee, Board of Health Elizabeth Bowden, Interim Director of Administrative Services FINANCIAL CONTROLS CHECKLIST

Department of Health and Mental Hygiene Clifton T. Perkins Hospital Center

ROSWELL PARK CANCER INSTITUTE CORPORATION INTERNAL CONTROLS OVER PROCUREMENT AND REVENUES. Report 2005-S-15 OFFICE OF THE NEW YORK STATE COMPTROLLER

College of Engineering and Computer Science Dean's Office

Office of Financial Services June 30, 2017

INTERNAL CONTROLS MANUAL DICKSON COUNTY SCHOOLS DANNY L. WEEKS, ED.D. DIRECTOR OF SCHOOLS LINDA FRAZIER BUSINESS MANAGER JUNE 2016

Seminar Internal Control Identification and Filtering

EMPLOYEE FRAUD OPPORTUNITIES CHECKLIST

Washington Headquarters Services ADMINISTRATIVE INSTRUCTION

The definition of a deficiency is also set forth in the attached Appendix I.

Audit of the Integrated Services Function at Selected Research Centres

The definition of a deficiency is also set forth in the attached Appendix I.

Central Oregon Intergovernmental Council

Visa Procure-To-Pay Best Practices for the Federal Government

Christopher Newport University

FUNCTION: To Protect and Enhance the Nonprofit Organization s Capacity to Serve the Community.

CITY OF CORPUS CHRISTI

Texas Workforce Commission

Final Report. Project (b)

Your School District Procurement Card. Staff Guide Staff Agreement & Board Policy

Internal Control Program

Lawrence Berkeley National Lab. Observations from Audit Procedures October 17, 2005

Audit of Key Financial Controls at Health Canada, Final Report. December 2016

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been updated since last report in October 2017

Internal Oversight Division Audit Approach for Continuous Auditing

Petty Cash and Change Funds. Inventories (Equipment and Supplies)

DEPARTMENT OF INSPECTOR GENERAL OKALOOSA COUNTY, FLORIDA JD PEACOCK II, CLERK OF CIRCUIT COURT AND COMPTROLLER

Department of Labor, Licensing and Regulation Division of Labor and Industry

Common Questions on Segregation of Duties

FINANCIAL SERVICES DEPARTMENT Strategic Business Plan

Audit of Producer Cars. Audit and Evaluation Services Final Report Canadian Grain Commission

STAFF REPORT INFORMATION ONLY

Internal Audit Report Purchasing Card Cycle Audit Department of Libraries. Report Date: May 25, 2017

INTERNAL CONTROLS REVIEW PROGRESS REPORT Yellow highlighted items have been updated since last report in October 2016

Internal Audit Report - Purchasing Card Cycle Audit Department of Environmental Services: Water Pollution Control Plant Bureau

UNIVERSITY OF TOLEDO INTERNAL AUDIT DEPARTMENT PURCHASE CAPITAL GOODS

Accounting Specialist I Accounting Specialist II Accounting Specialist III Class Specification

2014 ANNUAL & 2015 MID-TERM REPORT

Internal Controls Integrating COSO

Preparing for a Headache-free Audit

AUDIT OF KEY FINANCIAL PROCESSES AT MAINLAND NOVA SCOTIA FIELD UNIT FINAL REPORT PREPARED BY PROGESTIC INTERNATIONAL INC.

Audit of Departmental Fuel Management Final September Audit of Departmental Fuel Management. September (CRS) Chief Review Services

Ten Payment Fraud Protections

Fiscal Oversight Fundamentals

Several unallowable expenditures and exceptions to policy were noted.

RREGULATION ON INTERNAL CONTROLS AND INTERNAL AUDIT FUNCTION IN MICROFINANCE INSTITUTIONS. Article 1 Scope and Purpose

Audit Recommendations Status Report As of March 31, 2016

MANATEE COUNTY CLERK OF THE CIRCUIT COURT INTERNAL AUDIT DIVISION TRANSPORTATION DEPARTMENT A U D I T R E P O R T

CITY OF REEDLEY ACCOUNTING TECHNICIAN I ACCOUNTING TECHNICIAN II

Chapter 2 (new version)

Common Questions on Segregation of Duties

Kua O Ka La s Financial/Accounting Policies & Procedures

SEMINOLE COUNTY OFFICE OF MANAGEMENT AND BUDGET PURCHASING DIVISION BLANKET PURCHASE ORDER PROCESS AUDIT. March 31, 1998

Credit Cards & Purchasing Cards (P-Card) (USFR Memorandum No. 253)

Audit Report. An Audit of the Expenditures of the Salt Lake County Council. Our Mission: Our Mission: To foster informed decision making,

Fraud Prevention Training

Advanced Finance for Governing Board Members. Charter Schools: Advancing the Promise!! 2015 Annual Conference

Transcription:

Internal Audit Work Plan Fiscal Year 2018 Department of Management and Finance 1

Internal Audit Services Arlington County s Internal Audit Division is organizationally located in the Department of Management and Finance. Internal Audit is designed to add value and improve an organization's operations by utilizing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal control, and governance processes. Annually, Internal Audit compiles a work plan to guide the efforts of the division so that limited resources can be focused on the highest identified risk areas. The Fiscal Year 2018 Work Plan was developed using a limited risk-based approach where processes within County departments were considered, and areas of known and expected risk ultimately selected for inclusion in the schedule. It is expected that a more comprehensive risk analysis will be used for Fiscal Year 2019. To accomplish the Work Plan, the County employs both internal resources and external consulting services. The Fiscal Year 2018 Work Plan includes budgeted time for cycle audits, audits of specific programs and processes, non-audit services, follow-up on previously issued audit recommendations, and internal administrative/quality assurance activities. The pages that follow provide an overview of the Internal Audit Work Plan with the caveat that the schedule is subject to change based on unexpected changes in risk that may affect the organization. 2

Risk Factors Considered for Selection in the Work Plan Control Environment Existence of formalized policies and procedures, accountability, knowledge and training, operational changes,etc. Materiality Revenues/expenditures, potential for loss, impact to the organization, etc. Complexity of Activity/Business Process Level of complexity involved in day-to-day operations or conducting transactions, regulatory considerations, etc. Information Technology Systems Utilization of automated systems to assist in achieving goals, help with decision-making, monitor progress, realize efficiencies, etc. Time since last audit Time since last review or evaluation for the activity or department 3

Cycle Audits Contract Compliance While the Purchasing Division provides centralized assistance to departments in procuring goods and services, the administration and oversight of individual contracts are the responsibility of the respective departments. A County Contract Administration Policy, effective January 1, 2017, provides guidance to Project Officers to assist with oversight responsibilities for an assigned contract; however, the work of the Project Officers is largely decentralized. Cycle audits of contract compliance will focus on a specific contract and evaluate the effectiveness of internal controls over the administration of that contract, compliance with County policies, and compliance with the terms of the contract under audit. - Compliance with County policies - Appropriateness of expenditures per contract terms - Quality of service delivery/goods Payroll and Timekeeping The Fiscal Year 2018 Budget includes over $300 million in funds for salaries for over 3,900 full-time equivalent positions. Compensation structures vary across position types and hours worked, and timekeeping and reporting methods vary by department. Rotating reviews of timekeeping and payroll practices across the departments will evaluate internal controls over the recording of employees time worked, software systems used to record time, the accuracy of the conversion of time worked into a paycheck, and approval and oversight processes. - Accuracy of time records and compensation types - User access to software systems used to record information - Approval processes and associated segregation of duties Inventory/Asset Management Physical assets are purchased and maintained at the departmental level across the County, resulting in decentralized asset management. There is inherent risk associated with accurately accounting for items as a result of the decentralization. Departments are responsible for tracking, inventorying, and safeguarding their assets, as well as properly disposing of items at the end of their lifecycles. Audits of inventory and asset management will evaluate the effectiveness of internal controls over tracking/monitoring asset use, inventories of assets, physical safeguarding of items, and the disposal process. - Existence of assets in the workplace - Tracking assets - Proper disposal/decommissioning of assets with appropriate approvals 4

Cycle Audits Grant Compliance According to the Comprehensive Annual Financial Report for the fiscal year ended 2016, Arlington County received $136.2 million in operating grants and contributions. Individual departments are charged with overseeing compliance and reporting requirements for their respective grants, as the County does not have a centralized grant management function. Cycle audits of grant compliance will focus on a specific grant and evaluate the effectiveness of internal controls over the administration of the grant, compliance with terms and conditions stipulated by the grant, and accurate and timely reporting. - Appropriateness/reasonableness of expenditures - Completeness of documentation to justify purchases - Compliance with grant terms, conditions and reporting requirements Purchase Cards Purchase cards are intended to provide an alternative method to the traditional purchasing process by utilizing charge cards to handle the purchase of high-volume, low dollar value goods and services. Audits of purchase cards in each of the County s departments on a rotating basis will evaluate compliance with County policies, including appropriateness of expenditures, timeliness and completeness of reconciliations, and oversight of the purchase card program. - Appropriateness/reasonableness of expenditures - Completeness of documentation to justify purchases - Compliance with County policies Funds Handling Revenue collection is decentralized across various County departments and locations. As a result of the decentralization, collection practices and methods also vary. Regular audits of funds handling seek to provide assurance over the internal controls associated with safeguarding of assets and effective cash management. - Physical safeguarding of cash, checks, etc. - Segregation of duties in cash handling processes - Access to software applications 5

Audit Services Sole Source Purchases Sole source purchasing is a noncompetitive purchasing practice used when it is determined that only one source is available from which to procure a good or service. In order to qualify as a sole source purchase, a department must complete a Sole Source Justification Form indicating the reasons the vendor is the only one available and the need for the good/services, which must then be approved by the Purchasing Division. The audit of sole source purchases would include determining whether the purchases were supported by adequate justification and support, justification was appropriately reviewed and approved, and any related policies or requirements were followed. - Appropriate expenditure of County resources - Declaration of a provider as the sole entity from which to purchase - Compliance with rules, guidelines, policies, noticing requirements Printing and Mail Services A full-services print and mail operation exists to assist departments with printing, copying, graphic design and mail services. A new contract requires all County photocopiers/printers to be leased through the Printing and Mail Services Division. Total projected revenue for Fiscal Year 2018 is estimated at $2.4 million. An audit of the Printing and Mail Services Division would evaluate the effectiveness of the operation, including rate setting and billing, internal purchasing practices, and oversight of the photocopier/printer contract. - Compliance with County policies, specifically concerning purchasing - Appropriate use of equipment - Data loss prevention for copiers removed from service 6

Audit Services County Cell Phones County-issued mobile devices are provided to approved users based on business needs. The Department of Technology Services manages the County-wide cell phone contract and invoices, as well as Mobile Device Management Software to assist with the remote management of data on lost or stolen devices. A Mobile Device Use and Management Policy governs user activities and expectations for all mobile devices accessing Arlington County government data. The audit of cell phones would evaluate internal controls over inventory management, issuance and usage of cell phones, and the process for cancelling service and returning cell phones. - Management of physical inventory - Appropriateness/reasonableness of expenditures and usage - Potential for data loss Fuel Card Audit The intent of the Fuel Card and PIN Program is to streamline and simplify the management and purchase of fuel for County vehicles and equipment and to be able to track individual vehicle and equipment fuel use. The audit of the fuel card program and usage of fuel cards will evaluate compliance with County policies, including appropriateness of expenditures, issuance, usage and safeguarding of fuel cards, and oversight of the fuel card program. - Appropriateness/reasonableness of expenditures - Completeness of documentation to justify expenditures - Compliance with County policies 7

Audit Services Risk Assessment Survey to inform the FY19 Work Plan Annually, Internal Audit compiles a work plan to guide the efforts of the division so that limited resources can be focused on the highest identified risk areas. The Fiscal Year 2018 Work Plan was developed using a limited riskbased approach where processes within County departments were considered, and areas of known and expected risk ultimately selected for inclusion in the schedule. It is expected that a more comprehensive risk analysis will be used for Fiscal Year 2019. A survey tool will be developed to gather information. The tool will gather information about risks and concerns communicated by management. The work plan will also take into consideration internal concerns communicated by management and staff throughout the year. Follow up on Prior Audits Best Practices in Internal Audit require that Internal Audit establish a follow-up process to ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action. Included within Management Responses in the previously issued internal audit reports is the targeted implementation date for remediation. Follow-up procedures are performed on those issues where the target dates have been reached, and ample time has passed under the new control (generally six months) to verify and report the implementation status of the recommendations to the previously reported findings. 8

Internal Audit Information Internal Audit Mission: To strengthen County operations and minimize risk and fraud through systematic evaluation of operations and internal controls. To assist senior management and departments to effectively and efficiently implement County programs in compliance with financial, accounting and other County policies by conducting objective internal audits and reviews. To test internal controls to provide reasonable assurance that resources are safeguarded against waste and abuse. In conjunction with the County Manager s Office and other departments, implement the Financial Fraud, Waste and Abuse Hotline. Copies of Audit Reports: Financial Fraud, Waste & Abuse Hotline: Report suspected instances of fraud, waste or abuse https://departments.arlingtonva.us/arlington-county-internal-auditservices/ Phone: (866) 565-9206 Online: https://arlingtonva.ethicaladvocate.com 9

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback