Comptroller of Public Accounts Effectiveness of Internal Engagement May 1997



Similar documents
Health and Human. Services. Commission. InternalAutht Division. Internal Audit Plan. Fiscal Year 2016

Internal Auditing Guidelines

GUIDELINES INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS PERFORMING FINANCIAL STATEMENT AUDITS OF STATE AGENCIES

Nelson R. Bregon, General Deputy Assistant Secretary for Community Planning and Development. James D. McKay Regional Inspector General for Audit, 4AGA

GAO DEFENSE CONTRACT AUDITS. Actions Needed to Improve DCAA's Access to and Use of Defense Company Internal Audit Reports

Agenda Item: 7.6 Prepared by: Mark Majek, Kathy Thomas, Deborah Bell, Tamara Cowen and Jaye Stepp Meeting Date: October 2014

Audit of Financial Reporting Controls

Status Report of the Auditor General of Canada to the House of Commons

Waterbury Housing Authority, Waterbury, CT

Adding Value to the UK Community

Internal Audit Manual

September 2005 Report No

Texas A&M University - Commerce: Review of Faculty Human Resources Processes PROJECT SUMMARY. Summary of Significant Results

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Audit of Internal Controls Over Financial Reporting.

Department of Audit and Compliance. Quality Self-Assessment

Larry Laine, Deputy Land Commissioner and Chief Clerk. Annual Report on the Internal Audit Quality Assurance and Improvement Program

The ADT Corporation. Audit Committee Charter. December 2014

MICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL. Doug A. Ringler, C.P.A., C.I.A. AUDITOR GENERAL ENTERPRISE DATA WAREHOUSE

AUDIT REPORT. The Department of Energy's Management of Cloud Computing Activities

AUDIT OF THE HUMAN RESOURCES PROCESS

O L A. Workers Compensation Court of Appeals July 1, 1998, through June 30, 2003 OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA

Internal Oversight Division Internal Audit Manual

AHIA HCCA Auditing & Monitoring Focus Group Defining the Key Roles and Responsibilities Corporate Compliance and Internal Audit.

Roles and Responsibilities Corporate Compliance and Internal Audit

Office of the Director of Audit. Harmonized Audit Manual

OFFICE OF INSPECTOR GENERAL. Audit Report. Evaluation of the Railroad Retirement Board Medicare Contractor s Information Security

July 6, Mr. Michael L. Joseph Chairman of the Board Roswell Park Cancer Institute Elm & Carlton Streets Buffalo, NY 14263

Office of Inspector General

Audit of the Policy on Internal Control Implementation

December 2014 Report No An Audit Report on The Telecommunications Managed Services Contract at the Health and Human Services Commission

September 2010 Report No

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Prepared by: Audit and Assurance Services Branch.

AUDIT OF READINESS FOR THE IMPLEMENTATION OF THE POLICY ON INTERNAL CONTROL

October 20, Sincerely. Anthony Chavez, CIA, CGAP, CRMA Director, Internal Audit Division

Federal Bureau of Investigation s Integrity and Compliance Program

Report No. D September 29, Financial Management of International Military Education and Training Funds

Division of Insurance Internal Control Questionnaire For the period July 1, 2013 through June 30, 2014

BOARD OF EDUCATION OF BALTIMORE COUNTY OFFICE OF INTERNAL AUDIT - OPERATIONS MANUAL INTERNAL AUDIT OPERATIONS MANUAL

PwC Advisory Internal Audit. PricewaterhouseCoopers State of the internal audit profession study: internal audit post Sarbanes-Oxley*

SUBSTANCE ABUSE SERVICES

Information Technology

M-Aud. Comptroller of the Currency Administrator of National Banks. Internal and External Audits. Comptroller s Handbook. April 2003.

LEGAL SERVICES CORPORATION OFFICE OF INSPECTOR GENERAL FINAL REPORT ON SELECTED INTERNAL CONTROLS RHODE ISLAND LEGAL SERVICES, INC.

June 2008 Report No An Audit Report on The Texas Education Agency s Oversight of Alternative Teacher Certification Programs

John Keel, CPA State Auditor. An Audit Report on Inspections of Compounding Pharmacies at the Board of Pharmacy. August 2015 Report No.

Memorandum. ACTION: Report on Computer Security Controls of Financial Management System, FTA FE May 23, 2000.

Practice guide. quality assurance and IMProVeMeNt PrograM

DEPARTMENT-LEVEL ACCOUNTING ENTRIES FOR FY1999. Report No. D August 18, Office of the Inspector General Department of Defense

Oversight of Information Technology Projects. Information Technology Audit

INSPECTOR GENERAL. Fiscal Year 2013 Postal Service Financial Statements Audit St. Louis Accounting Services. Audit Report.

Establishing a Quality Assurance and Improvement Program

Common Internal Audit Findings and How to Avoid Them

Five-Year Strategic Plan

FAIRCHILD SEMICONDUCTOR INTERNATIONAL, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS (As Amended through December 11, 2013)

Guidance for audit committees. The internal audit function

New York State University of Academic Majors and Undergraduate Programs

AUDIT OF THE MACOMB COUNTY SHERIFF S OFFICE EQUITABLE SHARING PROGRAM ACTIVITIES MOUNT CLEMENS, MICHIGAN EXECUTIVE SUMMARY*

Mecklenburg County Department of Internal Audit. Business Support Services Agency Fuelman Gas Card Investigation Follow-Up Audit Report 1467

Office of Inspector General

Aboriginal Affairs and Northern Development Canada. Internal Audit Report

Independent Evaluation of NRC s Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2015

The City of New York, Office of Management and Budget, New York, NY

FASHION INSTITUTE OF TECHNOLOGY SELECTED FINANCIAL MANAGEMENT PRACTICES. Report 2006-S-71 OFFICE OF THE NEW YORK STATE COMPTROLLER

Transcription:

Table of Contents Comptroller of Public Accounts Effectiveness of Internal Engagement May 1997 Overall Conclusion...1 The Internal Audit Department Is Currently Effective in All Eight Criteria, But Could Improve in Three Key Criteria...1 Improve the Assessment of Entity Risks...1 Strengthen the Audit Plan...2 Management Involvement in the Internal Audit Function...3 The Internal Audit Department Is Effective in Five Criteria...4 Appendix Objectives, Scope, and Methodology...5

Comptroller of Public Accounts Detailed Issues and Recommendations Overall Conclusion The Internal Audit Department (Department) at the Comptroller of Public Accounts (Comptroller) is effective: The Department assists members of the organization in the discharge of their responsibilities. The Department provides analyses of the adequacy and effectiveness of internal control systems, policies, procedures, and departmental performance. Auditees perceive Department staff to be qualified professionals, providing logical, understandable, useful recommendations. The Department is effective in all eight criteria; however, it has opportunities to improve in three effectiveness criteria. The Department employs nine auditors to provide audit coverage for the activities of the Comptroller. In 1996, the Comptroller s office collected more than $18.7 billion in tax revenues, expended about $150 million on Comptroller programs, and employed more than 2,700 workers. Section 1: The Internal Audit Department Is Currently Effective in All Eight Criteria, But Could Improve in Three Key Criteria Section 1-A: Improve the Assessment of Entity Risks Although the Comptroller has complied with state law by preparing a risk assessment, the following areas of its risk assessment should be improved: Except for data processing areas, analyses are completed without input from executive management. Some risk factors, such as geographic distance from the headquarters office, used to weight and rank auditable areas are not good indicators of risk. Auditable areas are only described by title. Without input from management, good risk factors, and documented auditable areas, audit resources may not be directed to high-risk areas MAY 1997 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT PAGE 1

Comptroller of Public Accounts Detailed Issues and Recommendations Recommendation: The Department should obtain executive management s input on agency auditable areas and risk factors. The Department should also include descriptions of auditable areas. Management s Response: We agree. The period covered during the State Auditor review did not include results or plans for fiscal year 1997. For fiscal year 1997, Internal Audit included executive management s input in the audit plan. Executive management provided feedback on the risk factors and the auditable areas. In addition, both executive management and the Internal Auditor revisit the plan on a quarterly basis. This is in line with the COSO approach of having management identify risks on an on-going basis. Section 1-B: Strengthen the Audit Plan The Comptroller prepares an audit plan in compliance with statutes. However, the following weaknesses in the audit plan should be strengthened: Audit plans do not accurately reflect the number of audit projects that can be reasonably accomplished each year. Plans exceed resources available. Audit-project budgets are not based on a documented approach. The Department has not outsourced audits as planned. Audit plans have not sufficiently budgeted for special projects. Electronic data processing (EDP) EDP audits, outsourced audits, and special projects on the Department s annual audit plan are not included in its Annual Internal Audit Report. The audit plan may not have directed audit resources to the high-risk areas. This increases the overall risks of the agency. Also, the Annual Internal Audit Report should contain complete information on internal audit activities that can be used by oversight bodies. Recommendations: We recommend the Department list only the number of audits in the audit plan that it can reasonably expect to complete each year. Budgets for audit projects should be based on a documented, reasonable approach. Special projects should include PAGE 2 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT MAY 1997

Comptroller of Public Accounts Detailed Issues and Recommendations reasonable time budgets. Also, the Department should follow management s approved outsourcing plan for audits. Additionally, all audit projects completed from the Department s audit plan should be included in its Annual Internal Audit Report. Management s Response: We agree. Turnover in the department impeded the expectations of results in the 1996 audit plan. For the fiscal year 1997 plan, factors including turnover, new staff training, outsourcing and State Auditor coverage were included to ensure adequate audit coverage of the agency and optimal allocation of resources. Based on a midyear review of the 1997 audit plan, it appears audit coverage is on target. Audit project budgets, including special projects, are now based on a documented approach. Beginning in fiscal year 1997, tracking of all projects, including special projects, and assessing a reasonable budget was implemented. Because management was included in the plan, it appears special projects are on target with the plan and hours budgeted. The 1997 Annual Internal Audit Report included all projects, including special projects and external audits. The State Auditor did not review the 1997 Annual Internal Audit Report during their review, since fieldwork was completed in July 1996 and the 1997 Report was published in October 1996. Section 1-C: Management Involvement in the Internal Audit Function The Internal Audit Department s charter, annual audit plan, departmental budget, and audit reports are approved by executive management. In addition, audit issues are discussed with executive management biweekly. Prior to March 1996, the Internal Audit Director may not have been reporting to a level high enough to ensure action on audit findings. Thus, the Department s independence and objectivity may have been impaired. The Director reported to the Inspector General. This condition did not ensure organizational independence and objectivity. At the time of our audit, the Internal Audit Director reported to the Deputy Comptroller. The Director has stated that the Deputy Comptroller has the responsibility for evaluating the Director. Management s Comment: We agree. Management corrected the condition in March 1996. MAY 1997 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT PAGE 3

Comptroller of Public Accounts Detailed Issues and Recommendations Section 2: The Internal Audit Department Is Effective in Five Criteria Organizing and managing the internal audit function - The Department s staff has the necessary skills, educational backgrounds, profession certifications, training, and experience to carry out audit responsibilities. The Department uses written status reports to keep executive management informed of activities and progress. Planning and conducting audits - The Department plans and conducts audits according to the Institute of Internal Auditing standards. Communicating audit results - Audit reports contain the scope, purpose, objectives, executive summary, overall opinion, appropriate references, and responses from management and auditees. Reports are sent to the Deputy Comptroller, which helps ensure auditees will take corrective action. Findings and recommendations are clear, concise, and objective. Follow-up on audit recommendations - The Department performs ongoing follow-ups on internal and external audit recommendations. Follow-up review procedures are outlined in the Department s handbook. Follow-ups are conducted on a biweekly basis and are based on audit communication and documentation received from agency directors. Ensuring compliance with audit standards - The current Internal Audit Director complies with the requirements of the Texas Internal Auditing Act and Institute of Internal Auditing Standards. The Department is also in compliance with the Institute of Internal Auditing Code of Ethics. Through compliance with laws and standards, the Department meets key objectives of internal auditing and assists agency administrators with carrying out their assigned responsibilities. PAGE 4 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT MAY 1997

Appendix Objectives, Scope, and Methodology Objectives The objectives of Evaluating the Effectiveness of Internal Audit were to: Evaluate the effectiveness of the State s internal audit departments. Determine whether internal audit departments meet the key objectives of internal auditing and assist agency administrators in carrying out their assigned responsibilities. Scope The scope of the audit included: Evaluating the effectiveness of 12 of the larger state agencies internal audit departments Surveying the board chairs, elected officials, audit committee chairs, and internal audit department directors of the 79 agencies and universities with internal audit departments to obtain their opinions and comments on the effectiveness of internal auditing; and compiling the results of the survey. Methodology The methodology used on this engagement consisted of developing criteria, obtaining information on each of the 12 agencies selected for review, analyzing the information, and evaluating the information against the criteria. Information collected to accomplish the audit objective included the following: Interviews with management of oversight agencies Interviews with management and staff of individual agencies Documentary evidence, including: - State statutes - Internal auditing standards - Government Auditing Standards - Agency documents including plans, policies, manuals, reports, memoranda, and other written communications - Internal audit reports MAY 1997 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT PAGE 5

Appendix Objectives, Scope, and Methodology Procedures and tests conducted: Internal audit function information collected in the current fiscal year and the last two completed fiscal years was evaluated against criteria developed from the Texas Internal Auditing Act. Criteria used: Criteria developed from the Texas Internal Auditing Act The following are the eight basic effectiveness criteria and a brief definition of each: Board/Management Involvement in Internal Audit Function - The agency s board or elected official and executive management are adequately involved in the internal audit function and in completing their responsibilities under the Texas Internal Auditing Act. Organizing and Managing the Internal Audit Function - The internal audit director is effective in managing and organizing the internal audit department. Assessing Entity Risks - A risk assessment is used in the audit planning process and all agency risks are identified and appropriately ranked. Preparation of the Audit Plan - The audit plan includes those areas identified as high risk, and resources are available to complete the plan. Planning and Conducting Audits - Audit projects are properly planned, and due professional care is used in performing the audits. Communicating Audit Results - The results of audits are appropriately communicated in written format to the proper level to ensure corrective action is taken. Ensuring Compliance With Audit Standards - The internal audit department takes steps to ensure work conforms to audit standards. Follow-Up on Audit Recommendations - The internal audit department follows-up recommendations in audit reports from prior periods. PAGE 6 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT MAY 1997

Appendix Objectives, Scope, and Methodology Other Information Fieldwork was conducted from April to September 1996. The audit was conducted in accordance with applicable professional standards, including: Generally Accepted Government Auditing Standards Generally Accepted Auditing Standards The audit work was performed by the following members of the State Auditor s staff: Michelle Jaubert-Esquivel, CPA (Team Leader) Jay L. LaBlanc Larry Vinyard, CPA, CIA (Project Manager) Leslie Ashton, CPA (Quality Control Reviewer) Charlie Hrncir, CPA (Audit Manager) Deborah Kerr, Ph.D. (Audit Director) MAY 1997 EVALUATING THE EFFECTIVENESS OF INTERNAL AUDIT PAGE 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information