Internal Audit Work Plan

Similar documents
INTERNAL AUDIT REPORT

USING YOUR PORT S INFLUENCE TO SHIFT THE MARKET TOWARDS CLIMATE RESILIENCE

INTERNAL AUDIT REPORT

INTERNAL AUDIT REPORT

INTERNAL AUDIT REPORT


INTERNAL AUDIT REPORT

INTERNAL AUDIT REPORT

Employee Expense Audit

OFFICE of the COMPTROLLER. General Accounting Chief Accounting Officer (CAO) (M-VIII) JOB POSTING FY

INTERNAL AUDIT REPORT

MAC CONTINUOUS AUDIT REPORT st QUARTER

Strategic Plan

Fleet Billing Process HIGHLIGHTS

Department of Transportation Maryland Aviation Administration

FRAUD AWARENESS UPDATE

Bonner County Job Description

INTERNAL AUDIT REPORT

4 container terminals, 500+ acres 2 with on-dock rail. Both RR s intermodal yards within a mile of the terminals. Naturally deep harbor (over 200

FINANCIAL SERVICES DEPARTMENT Strategic Business Plan

OFFICE OF THE AUDITOR

General Government and Gainesville Regional Utilities Vendor Master File Audit

MAC INTERNAL AUDIT DEPARTMENT 2017 PROPOSED ANNUAL AUDIT PLAN

INTERNAL AUDIT REPORT

Long Beach City Auditor s Office

General Counsel/Chief Compliance Officer

Northern Oklahoma College Tonkawa, Oklahoma

Prince William County Public Schools Annual Audit Plan

AUDITOR, 1517 SENIOR AUDITOR, 1518

Selected Employee Travel Expenses. Department of Health

Benchmarking Report Share, Compare, Validate SAMPLE. Year: 2017 Your Organization Date

UNIVERSITY OF ILLINOIS (A Component Unit of the State of Illinois) Report Required Under Government Auditing Standards. Year ended June 30, 2011

TRA Internal Audit Fiscal Year 2019 Audit Plan

INTERNAL AUDIT REPORT

EXCITING CAREER OPPORTUNITIES

King County International Airport/Boeing Field

United Way of the Virginia Peninsula

Several unallowable expenditures and exceptions to policy were noted.

MicroCred Internal Control Basics. Assessing the internal control structure 9/29/2014. Goals of the internal control structure

Certificate in Internal Audit IV

Chris Horton, Ph.D., CIA, CGAP County Auditor. Arlington County Auditor DRAFT Annual Audit Work Plan FY 2019

Department for Medicaid Services (DMS) HCBS Case Management Cost and Wage Survey

AUDIT OF CITY PARKING CONTRACTS HIGHLIGHTS

John Wayne Airport (JWA) Accounting. years. Retain for 6 years. years. years. years

A REPORT TO THE CITIZENS OF SALT LAKE COUNTY. BEN McADAMS, MAYOR. An Audit of the Key Controls of. The Salt Palace Convention Center

Pohnpei Port Authority. Five Year Strategic Plan:

Texas Facilities Commission (TFC) Office of Internal Audit (OIA)

AUDIT OF: Richmond Pubic Schools PAYROLL

CHAPTER 6 GOVERNMENT ACCOUNTABILITY

The Road to Continuous Assurance. Jason A. Gross, CPA, CIA, CFE, CISA, ACDA Vice President, Controls Management Siemens Financial Services, Inc.

Business Services Center Shared Services. Office of General Services

INTERNAL AUDIT OFFICE (IAO) FISCAL YEAR 2019 RISK-BASED AUDIT PLAN

FRIENDSHIP HOUSE JOB DESCRIPTION. Full Time: Monday - Friday 9AM-6PM, Weekends and evenings as needed

Effecting Change Through the Audit Process: Audit of the Orlando-Orange County Expressway Authority

What Happens When Internal Controls Fail

Advanced Finance for Governing Board Members. Charter Schools: Advancing the Promise!! 2015 Annual Conference

HIGHLIGHTS AUDIT OF SELECTED PUBLIC WORKS CAPITAL PROJECT CONTRACTS AND ARRA PROJECTS WHY THIS AUDIT WAS CONDUCTED

INTERNAL AUDIT REPORT

Innovation and Internal Controls

OBSERVATIONS, RECOMMENDATIONS, AND RESPONSES

University System of Maryland University of Maryland, College Park

Department of Biology

Seattle Public Schools The Office of Internal Audit

Alyssa G. Martin, CPA Brandon Tanous, CIA, Using the COSO CFE, CGAP, CRMA Framework to Develop a Strong and Preventive Control Environment

Audit of Weighing Services. Audit and Evaluation Services Final Report Canadian Grain Commission

INTERNAL AUDIT REPORT

FINANCE DEPARTMENT DIRECTOR

38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud

PUBLIC MANAGEMENT SYSTEMS: AN OVERVIEW

Audit Report. An Audit of the Expenditures of the Salt Lake County Council. Our Mission: Our Mission: To foster informed decision making,

FUNCTION: To Protect and Enhance the Nonprofit Organization s Capacity to Serve the Community.

MULTI-SERVICE CENTER JOB DESCRIPTION

2019 Summer Internship Application Form

Office of Internal Auditing

Fair Housing Human Rights Department Records Retention Schedules

Bottom-line Savings through Contract Compliance and Cost Recovery

Employee Relations. Mayor. Employee Relations Administration. Police/Fire Retiree. Office of Equal Opportunity. Personnel Services.

TRANSMITTAL TO Eugene D. Seroka, Executive Director Harbor Department

LINK Darla Hill. Office of University Audits. Director, CPA, CIA, CFE

EXAMINATION REPORT Wastewater Management Division Contractor Hiring & Payment Practices

Idaho PTE Business Education Course with Essential Learning Outcomes and Learning Indicators

5 Core Must-Haves for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1

Maryland Department of Health Office of the Chief Medical Examiner

ROSWELL PARK CANCER INSTITUTE CORPORATION INTERNAL CONTROLS OVER PROCUREMENT AND REVENUES. Report 2005-S-15 OFFICE OF THE NEW YORK STATE COMPTROLLER

ACADEMIC DEPARTMENT FISCAL REVIEW

The Right KPIs, Metrics for High-performing, Cost-saving Space Management. An Approach and Case Study

GBAS Business Administrator Institute: Presenter: Brian Mikell, Chief Audit Executive Office of Audit and Compliance Review

Seattle Public Schools The Office of Internal Audit

APPENDIX 2 COMMUNITY DEVELOPMENT COMMISSION FINANCIAL CHECKLIST REQUIRED FOR ALL APPLICANTS (A SITE VISIT MAY BE CONDUCTED LATER)

VENDOR RISK MANAGEMENT FCC SERVICES

Audit Committee Meeting

SELF ASSESSMENT OF BUSINESS OBJECTIVES. Kelly Dorin CPA, CA, CIA, CFE, CCSA, CRMA

Audit of Key Financial Controls at Health Canada, Final Report. December 2016

AUDIT OF SELECTED DEPARTMENTS PERFORMING ACCOUNTS RECEIVABLE FUNCTIONS

Risk Assessment - Balancing Risk While Enhancing Controls

IIA Springfield IL Chapter

Department of Labor, Licensing and Regulation Division of Labor and Industry

STATE OF NORTH CAROLINA

Evolving Core Tasks for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1

ADMINISTRATIVE RESPONSIBILITIES FOR UNIVERSITY AND COLLEGE ADMINISTRATORS, DEPARTMENT HEADS, AND DIRECTORS

Transcription:

Internal Audit Work Plan 2017 Proposed Flexible Work Plan INTERNAL AUDIT March 24, 2017 INTERNAL AUDIT

TABLE OF CONTENTS Working cross functionally to achieve the Port s Goals Internal Audit 2017 Page 2

Vision Promote operational excellence at the Port Internal Audit Mission The Internal Audit Department conducts risk-based operational/performance audits. Our frequent reviews of Port operations and activities provide value-added audit services that result in: Stronger accountability for meeting or exceeding strategic and operational performance expectations Fiscal integrity including detection and deterrence of fraud, waste, and abuse Greater transparency in governance and decision making Improved investment of public resources to advance trade and commerce, promote industrial growth, stimulate economic development, and create jobs Through independent and objective audits, we provide the Port Commission with assurance and opportunities for enhanced efficiency and effectiveness of management practices in Governance, Risk Assessment, Controls, and Compliance. Audit Standards Audit Work Guided by Professional Standards Government Auditing Standards (issued by the Comptroller General of US) and by International Professional Practices Framework (issued by The Institute of Internal Auditors) Striving for excellence Internal Audit 2017 Page 3

Risk Assessment & Methodology Best Practice Framework Internal Audit Strategy For simplification we group risks into 6 auditable units: Strategic / Governance Risk We perform a risk assessment over Port operations annually to drive our Flexible Work Plan. The plan is established based on: IA department s institutional knowledge Discussions with key Port leadership Data analytics Prior audit history It is developed and designed to align our audit strategy with Port goals and objectives. Risk of inconsistent guidance and/or oversight, and poor strategic direction that do not achieve Port objectives and/or Century Agenda Goals. Reporting Risk Risk of misreporting financial and other non-financial information from Port operation results. Operational Risk Risk of ineffective and inefficient Port operations, including lack of accountability due to inappropriate process and management. Information Technology (IT) Risk Risk of significant negative impact to Port operations due to unmitigated IT vulnerabilities. Accountability / Transparency Risk Risk of not meeting Public expectations. Diminishing Port s reputation and loss of public trust. Compliance Risk Risk of noncompliance or lack or adherence to applicable laws and regulations (federal, state, local laws and Port policies, procedures and agreements). Internal Audit identifies key risks using the best practice framework to optimize Internal Audit 2017 Page 4

Risk Scoring Methodology Each auditable unit is assessed and rated on a scale of 1 to 5 for impact and likelihood We start by compiling an Audit Universe. The Port s Audit Universe includes: Business units Departments Lease Agreements Information Technology Port Governance and Policies Port Specific Programs/ Initiatives Note: This is an example for illustration purposes only. Risk drivers / attributes are defined for the impact and likelihood of each auditable unit. We evaluate each auditable unit for impact and likelihood for all items within the Port s Audit Universe. Overall Impact and Likelihood ratings are multiplied to derive a final quantitative determinant. Average Overall Risk rating used in Final Risk Score. Risk based assurance to help management meet its objectives Internal Audit 2017 Page 5

Risk Scoring Methodology (continued) The final risk determinant translates to the following qualitative risk ratings of low, medium, and high. High risk focus creates value Internal Audit 2017 Page 6

Proposed 2017 Work Plan Risk Rating Summary Internal Audit risk assessment and scoring resulted in the following proposed audits by category Audit Type Count Est. Hours Hours % Central Accounting Processing Systems 1 600 7% Comprehensive Operational /Department 7 2,950 33% 3rd Party Management Agreement 0 0 0% Limited Operational Port-wide Programs 6 1,950 22% Non-Lease Audit Coverage 72% Information Technology 2 400 4% Consulting Services and Contingency 540 6% Lease & Concession Agreements 7 2,500 28% Fiscal integrity including detection and deterrence of fraud, waste, and abuse Internal Audit 2017 Page 7

Audits Suggested for 2017 Recommended Projects In 2017 Central Accounting Processing System Departments/Compreh ensive Operational Programs 3rd Party Management 1 Disbursements/Accounts Payable Cycle -- Management controls, including controls over vendor master file 1 Airport Parking Garage & Employee/Tenant Parking 2 Maritime StormWater Utility 3 SeaTac Utilities 4 Maritime Maintenance Shop 5 Terminal 91 Dockage 6 Fishermen s Terminal 7 AV Commercial Management (AV Business Development) None Proposed in 2017 Limited Operational 1 Promotional Hosting and Trade Business & Community Expense Review Program Governance, Compliance & Management Controls 2 Capital Program 3 Port/Private Partnership P-66 Norwegian Cruise Line Partnership Tenant/Improvement - $15 million Port reimbursements. 4 Aviation Tenant/Improvement Reimbursements Delta Lounge $13 million Port Contribution Information Technology (IT) 5 On/Off Boarding of Port Consultants/Contractors - (Review Physical & System Application Access Controls of Port consultants/contractors) 6 Port Travel Expenses Corporate Travel Card Program 1 IT Change Management Diagnostic 2 Business Continuity/Disaster Recovery Review Cont d Greater transparency through assurance and accountability Internal Audit 2017 Page 8

Recommended Projects In 2017 (Cont d) Audits Suggested for 2017 Concession Agreements Consulting Services and Contingency 1 Avis/ Budget Car Rental LLC 2 Hertz Rent -A- Car 3 Doug Fox Parking/ATZ 4 Eastside for Hire New 2016 Airport Agreement 5 Host International, Inc. 6 Dufry Seattle JV (Duty Free Shop) Bell Street P-66 Parking Revenue 7 1 Implementation of a Port-wide moorage system to ensure effective controls and PCI compliance 2 Seaport Alliance 3 Transportation Network Companies (TNCs, i.e. Uber, Lyft & Wingz) currently the Port has a Pilot Program 4 2017 Work Plan Risk Assessment 5 6 Aviation Janitorial Program etc. Greater transparency through assurance and accountability Internal Audit 2017 Page 9

Proposed 2017 Work Plan 2016 Carryover Audits 2016 Work Plan Audits in Progress 3 rd Party Management Bell Harbor International Conference/ WTC Center The Club at SEA Lounges (Airport Lounges) A flexible risk based approach maximizes benefits to the Port Internal Audit 2017 Page 10

Port of Seattle Revenues & Other Resources by Category Significant Revenue/Other Resources by Category Key Risks Strategic/Governance risk Operational Accountability / Transparency Reporting Compliance The majority of Port revenues are derived from airlines rental and landing fees; and PFC Significant Revenue/Other Resources by Category ($ in 000's) $ Amount Airlines Rental & Landing Fees per SLOA Agreements 253,452 Passenger Facility Charge (PFC) 81,462 Space Rental 74,745 Airport Parking (parking garage & employees/tenants) 73,090 Tax Levy 71,678 Car Rental 33,703 Customer Facility Charge (CFC) 34,374 Retail, Food & Beverage (concession fees) 51,310 Maritime Berthage & Moorage/Dockage 14,765 Others 38,566 Total $727,146 Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2016. Internal Audit 2017 Page 11

Port-wide Expenditures by Category Significant Expenditures by Category Key Risks Strategic/Governance risk Operational Accountability / Transparency Reporting Compliance The majority of Port expenditure are salaries, wages and benefits; outside services (personal & professional); and major constructions. Significant Expenditures by Category ($ in 000's) $ Amount Salaries, Wages & Benefits 194,631 Outside Services 61,153 General Expense 20,477 Utilities 20,297 Travel 2,364 Others 20,024 Total $ 318,947 Via Duct Contribution $ 147,700 Construction work in progress spent 169,195 Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2016. Internal Audit 2017 Page 12

Central Accounting Processing System Audits Port of Seattle Central Accounting Processing Systems: Asset Management Last Audit No Significant Issues Payroll Last Audit No Significant Issues Disbursements/Accounts Payable Last Audit No Significant Issues General Ledger Last Audit No Significant Issues Accounts Receivable/Revenue Last Audit No Significant Issues Proposed 2017 Work Plan: Disbursements/Accounts Payable -- Management controls, including controls over vendor master file Note: Central Accounting Systems are a Focus of External Financial auditor. Focused and logical actions driving Century Agenda Strategies and Objectives Internal Audit 2017 Page 13

Department Audits Our focus is on efficiency and effectiveness of department programs, including compliance, accountability, and reporting. Commission directives and Port objectives are carried out in the Port departments. Key Risks Strategic / Governance Operational Accountability / Transparency Reporting Financial and non-financial Information Technology Compliance At the Port, there are approximately 75 Business Units with 171 departments. Departmental Audit-- 5-Year History Coverage Not Audited 55% Proposed 2017 Work Plan Airport Parking Garage & Employee/Tenant Parking Maritime Stormwater Utility SeaTac - Utilities Maritime Maintenance Shop Terminal 91 Dockage Change of Management Fisherman Terminal AV Commercial Management (AV Business Development) Audited 45% Note: Departments not audited have been subject to Cross Functional Program Audits such as: P-card, Travel, Payroll, Inventory etc. Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Internal Audit 2017 Page 14 Source: PeopleSoft & PropWorks as of December 07, 2016.

3 rd Party Management Agreements Port 3 rd party operations are Port activities that are run and operated by a third-party on behalf of the Port. The third-party operator is paid a management fee. These operations are risky because the Port is accountable for all operation costs, but does not run the day-to-day operation. Note the Port owns the facilities that house these operations. Key Risks Operational Accountability / Transparency Reporting Compliance $6,039 40% $2,521 16% Revenues (in 000 s) Expenses (in 000 s) $1,091 7% $5,590 37% Airport Club Lounges Bell Harbor Conference World Trade Center - Club World Trade Center - Offices These 3 rd Party Agreements below are currently under audit as part of the 2016 work plan. $6,046 59% $916 9% Airport Club Lounges Bell Harbor Conference Airport Club Lounges Bell Harbor Conference Center World Trade Center - Club $1,139 11% $2,182 21% World Trade Center - Club World Trade Center - Offices No 3 rd party agreement audits are planned in 2017 Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2016. Internal Audit 2017 Page 15

Lease & Concession and Other Agreements The Port earns most of its revenues from lease & concession and other agreements. Port Revenues & Other Resources ($ in 000 s) 457,041 63% Agreements 471 77.9% 10,503 1% 71,678 10% 187,925 26% Common agreement types include: SLOA Airline Agreements Land Rental Space Rental Lease and Concession Agreement Non-Agreement Tax Levy Federal Grants Non-agreement receipt types include: Parking Berthage and Moorage ID Badge Fees Others Space and Land rental agreements generate fixed fee revenue based on square footage etc. To ensure accuracy and complete reporting to the port, these agreements are deemed low risk. Lease and concession agreements generate revenue to the Port based on Lessee self-reported gross receipts. These agreements are deemed high risk, and Internal Audit has recovered over $7.7 million in underreporting. Economic Vitality through Developing, Negotiating, and Managing Agreements *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2016. Internal Audit 2017 Page 16 134 22.1% SLOA III, Space & Land Rental Agreements Lease & Concession Agreement

Lease & Concession Agreements Key Risks Operational Accountability /Transparency Reporting Compliance Concession Agreements 73 54% Proposed 2017 Work Plan Doug Fox Parking Lot /AZT Hertz Rent-A-Car Avis/Budget Car Rental LLC Eastside for Hire - New 2016 Airport Agreement for Customer pick up Host International, Inc. Dufry Seattle JV (Duty Free shop) Bell Street P66 Parking Revenue 61 46% Audit Not Audited Agreements not audited are deemed low risk. *To date, Internal Audit has recovered approximately $7.7 million in underreporting concession fees. Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2016. Internal Audit 2017 Page 17

Limited Operational Programs ( Port-Wide) The focus of this audit category is efficiency and effectiveness of Port-wide programs, including compliance, accountability, and reporting. Such Port-wide programs include: Port travel, purchasing P-card program, inventory program, cost allocation, janitorial services, small business initiative etc. Commission directives and Port objectives are carried out in these Port-wide programs or activities. Key Risk Strategic/Governance Operational Accountability/Transparency Reporting Compliance Proposed 2017Work Plan Promotional Hosting and Trade Business Expenses --$1.1 million in 2016. Capital Program Port/Private Partnership P-66 Norwegian Cruise Line partnership & Construction - $15 Million Port Contribution Aviation Tenant Reimbursements Delta Lounge $13 million Port contribution Port-wide On/Off Boarding of Port Consultants/Contractors - (Physical & System Application Access controls) Port Travel Expenses Corporate Travel Card Program Greater transparency through assurance and accountability Internal Audit 2017 Page 18

Limited Operational Program Capital Program The 2017 Capital Budget reflects the Port's continuing commitment through investment of $651.6 million in development, expansion, and renewal of Port facilities. Major projects include: North Satellite Modernization International Arrivals Facility Center Runway Reconstruction Optimized Baggage Handling System Key Risks Strategic/Governance Operational Accountability/Transparency Compliance Proposed 2017 Work Plan International Arrivals Facility Committed Capital Projects ($ in 000's) 2017 Budget 2017-2021 CIP Aviation Division 501,539 1,781,572 Maritime Division 29,531 56,130 Economic Development Division 7,765 13,553 Corporate & Others 7,219 30,676 Total Committed 546,054 1,881,931 Business Plan Prospective Projects 105,523 820,523 Total CIP 651,577 2,702,454 Greater transparency through assurance and accountability *Source: Port of Seattle 2017 Budget and Business Plan Internal Audit 2017 Page 19

Information Technology The Port uses technology for innovation and to drive success of its strategies and programs. Therefore, information technology is critical to Port success, and is an integral part of the Internal Audit annual work plans. Like in the past years, Internal Audit information technology projects are outsourced to external IT firms. These audits are managed by internal audit staff. Key Risk Information technology Proposed 2017 Work Plan Per Information Technology Port-wide Risk Assessment IT Change Management Diagnostic Business Continuity/Disaster Recovery Review Working cross functionally to achieve Port s Goals Internal Audit 2017 Page 20

Proposed 2017 Work Plan Consulting Services & Contingency We partner and provide consulting services to Port management in order to improve Port programs and/or services. In consulting services, Port management owns and takes accountability of the projects. The following is a list of consulting services we propose to provide in 2017. Consulting Projects/Contingency Maritime Seaport Alliance Implementation of a Port-wide moorage system to ensure effective controls and PCI compliance Seaport Alliance?? Aviation Others Transportation Network Companies (TNCs, i.e. Uber, Lyft & Wingz) currently the Port has a Pilot Program Aviation Janitorial Program Others as needed 2017 Work Plan Risk Assessment A partnership approach maximizes benefits to the Port Internal Audit 2017 Page 21

Internal Audit Team and Organizational Structure Joyce Kirangi, Director Certifications: CPA, CGMA Pamela Bailey, Sr. Administrative Assistant Certifications: PACE Dan Chase, Acting Audit Manager Certifications: CPA, CIDA Spencer Bright, Senior Auditor Certifications: CGAP, CIA, CFE Margaret Songtantaruk, Senior Auditor Certifications: CFE, CB Dan Chase, Senior Auditor Certifications: CPA, CIDA Dandan Wang, Senior Auditor Certifications: CPA, CIA Ritika Marwaha, Internal Auditor Roneel Prasad, Internal Auditor Internal Audit 2016 Page 22

Questions? Internal Audit 2016 Page 23

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback