FY 2015 Annual Audit Report



Similar documents
October 20, Sincerely. Anthony Chavez, CIA, CGAP, CRMA Director, Internal Audit Division

SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID

The University of Texas MD Anderson Cancer Center Internal Audit Annual Report for FY2015

Audit Committee Charter

2016-AP-0001 Fiscal Year 2016 Annual Risk Assessment and Audit Plan

Governmental Oversight and Accountability Committee

BOTTOMLINE TECHNOLOGIES (DE), INC. AUDIT COMMITTEE CHARTER

AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER

How To Audit A University Of Texas

The principal purposes of the Audit Committee ( Committee ) of the Board of Directors ( Board ) of CSRA Inc. (the Company ) are to:

Department of Motor Vehicles

Note the Chief Internal Auditor s findings to date and gain assurance from Officers that key issues raised are being addressed.

Internal Controls over Financial Reporting. Integrating in Business Processes & Key Lessons learned

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF GLOBAL MEDICAL REIT INC. ADOPTED AS OF JUNE 13, 2016

ALLEGIANT TRAVEL COMPANY AUDIT COMMITTEE CHARTER

VA Office of Inspector General

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

Regulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM))

Reasons for Change Orders

Charter of the Audit Committee of the Board of Directors of Woodward, Inc.

Department of Homeland Security DHS Directives System Directive Number: Revision Number: 00 Issue Date: SPECIAL ACCESS PROGRAM MANAGEMENT

TABLE OF CONTENTS. II. Internal Audit Plan for Fiscal Year III. Consulting Engagements and Non-audit Services Completed...

AN AUDIT OF INTERNAL CONTROL OVER FINANCIAL REPORTING THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS:

CVS HEALTH CORPORATION A Delaware corporation (the Company ) Audit Committee Charter Amended as of September 24, 2014

HALOZYME THERAPEUTICS, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS ORGANIZATION AND MEMBERSHIP REQUIREMENTS

AUDIT COMMITTEE CHARTER IRADIMED CORPORATION

Roadmap Steering Committee Meeting. Results of the 9/26/2008 Meeting

AMPLIFY SNACK BRANDS, INC. AUDIT COMMITTEE CHARTER. Adopted June 25, 2015

SUPERVISORY AND REGULATORY GUIDELINES: PU GUIDELINES ON MINIMUM STANDARDS FOR THE OUTSOURCING OF MATERIAL FUNCTIONS

July 2012 Report No An Audit Report on The ReHabWorks System at the Department of Assistive and Rehabilitative Services

RISK ASSESSMENT REPORT Internal Audit Department

HEWLETT-PACKARD COMPANY BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER

U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL

TECK RESOURCES LIMITED AUDIT COMMITTEE CHARTER

CHARTER FOR THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS SIGMA DESIGNS, INC. (As adopted by the Board of Directors effective as of May 2010)

Amended and Restated. Charter of the Audit Committee. of the Board of Directors of. Tribune Publishing Company. (As Amended November 11, 2014)

AUDIT EFFICIENCIES: IS YOUR RELIANCE STRATEGY WORKING FOR YOU? Kyleen Wissell, CRISC, PHR, RCC

Five-Year Strategic Plan

COUPONS.COM INCORPORATED CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Charter of the Audit Committee of the Board of Directors

Department of Finance & Management Strategic Plan V.3.3

Montgomery County, Maryland

Table of Contents: Chapter 2 Internal Control

JOHNSON ELECTRIC HOLDINGS LIMITED (the Company ) and its subsidiaries (collectively the Group )

Gordon S. Heddell Acting Inspector General Department of Defense. before the Senate Homeland Security and Government Affairs Committee

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF INTERCONTINENTAL EXCHANGE, INC.

Overview of State Procurement and

The Advanced Certificate in Performance Audit for International and Public Affairs Management. Workshop Overview

How To Maintain An Effective System Of Internal Control Over Financial Reporting

LATE SUBMISSION OF TRAVEL EXPENSE CLAIMS, UNFILED TRAVEL EXPENSE REPORTS, AND RECONCILIATION OF PREPAID EXPENSES

AMERICAN AIRLINES GROUP INC. AUDIT COMMITTEE CHARTER

LOCAL GOVERNMENT MANAGEMENT ASSESSMENT OVERVIEW AND QUESTIONNAIRE

Internal Audit and Advisory Services DRAFT

Title 34 GOVERNMENT CONTRACTS, PROCUREMENT AND PROPERTY CONTROL Part XI. Fleet Management

TABLE OF CONTENTS BACKGROUND AND INTRODUCTION... 5 PURPOSE... 5 SCOPE... 6 RISK ASSESSMENT PROCESS... 6

AICPA GAO INDEPENDENCE RULES COMPARISON: NONAUDIT SERVICES

Department of Homeland Security

Chapter 5. Planning the Audit Engagement

Security Concerns with Federal Emergency Management Agency's egrants Grant Management System

TITLE: Fraud Prevention and Detection Program IDENTIFIER: S-FW-LD-1008 APPROVED: Executive Cabinet (Pending)

WELLTOWER INC AUDIT COMMITTEE CHARTER

CHARTER. the performance of the Company s internal audit function and independent auditor; and

AUDIT OF READINESS FOR THE IMPLEMENTATION OF THE POLICY ON INTERNAL CONTROL

INTERNAL AUDIT DIVISION AUDIT REPORT 2013/073

FERRARI N.V. AUDIT COMMITTEE CHARTER (Effective as of January 3, 2016)

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF EVERBANK FINANCIAL CORP

DTE ENERGY COMPANY AUDIT COMMITTEE CHARTER

MARLIN MIDSTREAM GP, LLC AUDIT COMMITTEE CHARTER

Telecommunications Systems Manager I (Supervisor) Essential Task Rating Results

Club & LSC Financial Management. Jill J. Goodwin, CPA Waugh & Goodwin, LLP jgoodwin@waughgoodwinllp.com

FIVE STAR QUALITY CARE, INC. GOVERNANCE GUIDELINES

Course Objectives: COR Contracting Officer's Representatives in a Contingency Environment

WIX.COM LTD. (THE COMPANY ) AUDIT COMMITTEE CHARTER

AUDIT COMMITTEE MANDATE

RHODE ISLAND DEPARTMENT OF ENVIRONMENTAL MANAGEMENT FY WORK PLAN - OFFICE OF MANAGEMENT SERVICES

Financial Management Oversight (FMO) Progress Report

Internal Audit Follow-Up Report. Equipment Maintenance and Repair. TxDOT Office of Internal Audit. Jan J

Transcription:

FY 2015 Annual Audit Report

Table of Contents I. Compliance with House Bill 16 (Texas Government Code, Section 2102.015): Posting the Internal Audit Plan, Internal Audit Annual Report, and Other Audit Information on Internet Site...3 II. Planned Work Related to the Proportionality of Higher Education Benefits..3 III. Internal Audit Plan for Fiscal Year 2015..4 IV. Consulting Services and Non-Audit Services Completed... 7 V. External Quality Assurance Review (Peer Review).. 10 VI. Internal Audit Plan for Fiscal Year 2016 13 VII. External Audit Services Procured in Fiscal Year 2015..16 VIII. Reporting Suspected Fraud and Abuse....16 TxDOT 2015 Annual Audit Report 2

I. Compliance with House Bill 16 (Texas Government Code, Section 2102.015): Posting the Internal Audit Plan, Internal Audit Annual Report, and Other Audit Information on Internet Site House Bill 16 (83 rd Legislature, Regular Session) signed by Governor Perry on June 14, 2013, amended the Internal Auditing Act to require state agencies and institutions of higher education, as defined in the bill, to post internal audit plans, internal audit annual reports, and any weaknesses or concerns resulting from the audit plan or annual report on the entities Internet site within 30 days after the audit plan and annual report are approved by an entity s governing board or chief executive. The requirements are met by posting the approved documents at the following link: http://www.txdot.gov/inside-txdot/administration/commission/subcommittee-meetings.html A detailed summary of the weaknesses, deficiencies, wrongdoings, or other concerns raised by the audit plan or annual report and a summary of actions taken by TxDOT to address concerns, if any, that are raised by the audit plan or annual report is included in the fiscal year (FY) 2015 Annual Audit Report. II. Planned Work Related to the Proportionality of Higher Education Benefits Not applicable TxDOT 2015 Annual Audit Report 3

III. Internal Audit Plan for Fiscal Year 2015 PHASES OF THE AUDIT/CONSULTING SERVICES CYCLE Reports Issued Report Number FS1415 2/2015 Report Date Report Name Audit Service Professional Engineering Procurement Service (PEPS) Contract and Work Authorizations Internal Audit LS1501 5/2015 Construction Engineering & Inspection Contracts Internal Audit LS1502 5/2015 Data Classification Internal Audit FS1501 2/2015 Emergency Equipment Requisition Process Internal Audit FS1503 5/2015 Grant Reimbursement CTIF Internal Audit FS1503 5/2015 Grant Reimbursement Traffic Safety Internal Audit FS1509 8/2015 Mobile Security Internal Audit FS1505 8/2015 Toll Operations Contract Management Internal Audit MP1501 11/2014 Advance Funding Agreements MAP Follow-Up MP1515 8/2015 Bond Covenants MAP Follow-Up MP1502 11/2014 CDA Monitoring MAP Follow-Up MP1504 6/2015 COMPASS MAP Follow-Up MP1506 5/2015 Construction Operations MAP Follow-Up MP1505 5/2015 Construction/Maintenance Inspection MAP Follow-Up MP1507 5/2015 Delegation of Authority/Budget Compliance MAP Follow-Up MP1508 5/2015 Encumbrance MAP Follow-Up MP1516 8/2015 Equipment Maintenance, and Repair MAP Follow-Up MP1513 8/2015 Ferry Operations MAP Follow-Up MP1517 8/2015 Inventory MAP Follow-Up MP1503 11/2014 Privacy MAP Follow-Up MP1509 6/2015 Rail Project Management MAP Follow-Up TxDOT Annual Audit Report 4

MP1510 5/2015 Receivables Management SOC MAP Follow-Up MP1514 8/2015 ROW Governance & Internal Controls MAP Follow-Up MP1511 5/2015 SH 130 Segments 5 & 6 MAP Follow-Up MP1512 5/2015 Tuition Assistance Program MAP Follow-Up CT1406 8/2015 Traffic Safety Grant Monitoring Consulting CT1408 1/2015 TMPA Indirect Cost Rates 2014-15 Consulting CT1501 2/2015 Kennedy Consulting 2013 Indirect Cost Rate Consulting CT1502 7/2015 NEPA Assignment, Phase 2 Consulting CT1503 8/2015 Multiple Use Agreements Consulting CT1505 7/2015 SOX 2014 Annual Controls Testing Consulting CT1508 8/2015 SOX 2015 Non-Annual Controls Testing Consulting 604000 8/2015 BNSF Railway Additive Rates Review 2012 Review Carryovers to FY 2016 Internal Audit Plan Report Number Report Name Audit Service FS1514 Post-Implementation Review ERP Payroll and Recruiting (Closing Phase) Internal Audit FS1511 Change Order Process (Closing Phase) Internal Audit FS1506 Contract Administration (Closing Phase) Internal Audit FS1504 Local Letting Process (Closing Phase) Internal Audit FS1507 Maintenance Operations (Closing Phase) Internal Audit FS1508 Materials Testing (Closing Phase) Internal Audit FS1510 Software License Management (Closing Phase) Internal Audit LS1504 Toll Operations Federal Reporting (Closing Phase) Internal Audit FS1502 Fuel Consumption Oversight and Coordination (Closing Phase) Internal Audit LS1505 Commission Office Vetting Internal Audit SH 183 Managed Lanes Project Post-Implementation Review ERP Project Costing Post-Implementation Review ERP Purchasing Post-Implementation Review ERP Inventory Post-Implementation Review ERP Accounts Payable Internal Audit Internal Audit Internal Audit Internal Audit Internal Audit External Audits carried over to FY16 will be included in the Compliance Office s FY16 work plan. TxDOT Annual Audit Report 5

Detailed summary of the weaknesses, deficiencies, wrongdoings or other concerns raised by the FY15 Audit Plan or Annual Audit Report are as follows: 16 internal/external audits and consulting engagements were completed. - 16 findings were identified with control design and operating effectiveness deficiencies as noted below o 15 control design o 16 operating effectiveness 17 Management action plan (MAP) follow-up engagements were completed to determine whether previously-communicated risks have been mitigated. The following details were noted: - 49 closed MAPs corrective actions have been completed - 19 open MAPs corrective actions require completion to address identified risk from the original audit - 8 new MAPs corrective actions that were newly identified and further actions are necessary to properly address the remaining risk Deviations from FY 2015 Planned Audits Continuous evaluation of the audit plan, based on risks identified, resulted in the modification of the FY 2015 Audit Plan. Modifications were presented to the Chief Audit and Compliance Officer for review and approval and subsequently communicated to the Audit Subcommittee for review. Report Number LS1501 FS1503 Report Title Consulting Engineering and Inspection Contracting / Work Authorizations Grant Reimbursement MP1513 Ferry Operations MAP Follow-Up Added Deviation Renamed Construction Engineering & Inspection Contracts Two Reports Issued: Grant Reimbursement CTIF & Grant Reimbursement Traffic Safety MP1517 Inventory MAP Follow-Up Added MP1514 ROW Governance and Internal Controls MAP Follow-Up Added CT1501 Consultant 2013 Indirect Cost Rate Added LS1503 Construction Project Performance Measures Cancelled Lower Risk Considering SAO Coverage and Results OCR Commercially Useful Function Review Database Removed Metropolitan Planning Organization (MPO) Credit Swap Program Removed NEPA Application Program, Phase 3 Removed Cybersecurity Network Vulnerability/Penetration Program Removed TxDOT Annual Audit Report 6

IV. Consulting Services and Non-Audit Services Completed 1. TMPA Indirect Cost Rates 2014 and 2015 Objective: To provide assistance to the Traffic Operations Division s Traffic Safety Section (TRF) by reviewing the indirect cost rates for the Texas Municipal Police Association (TMPA) for fiscal years 2014 and 2015. Results: TMPA s proposed rates and any recommended adjustments were provided to TRF in individual internal memos as work on each fiscal year was completed. The decision to accept/modify TMPA s indirect cost rates are the responsibility of TRF management. Report Date: January 2015 2. Consultant 2013 Indirect Cost Rate Objective: To provide information on the auditability of the indirect cost rate of Kennedy Consulting Inc. for the year ended December 31, 2013, and provide the results of an indirect cost rate audit, if applicable. Results: An audit of Kennedy Consulting, Inc. s indirect cost rate was not performed as it was determined that an indirect cost rate could not be calculated, since there were no direct costs on which to base such a rate. Report Date: February 2015 3. NEPA Assignment, Phase 2 Objective: Determine if the Environmental Affairs Division s (ENV) processes are appropriate and complete to assume the Federal Highway Administration s (FHWA) responsibilities for the National Environmental Policy Act (NEPA) and assist in preparing ENV staff for upcoming FHWA audits. Results: Deliverables specified in the statement of work (see below) were completed and accepted by ENV, as follows: Flow charts of SAB and CAT processes and procedures for assuming FHWA s responsibilities for NEPA. Results of a review of the effectiveness and efficiency of Self-Assessment Branch and Corrective Action Team processes and procedures. A reference document to assist in Preparing for an Audit. Report Date: July 2015 TxDOT Annual Audit Report 7

4. Sarbanes-Oxley (SOX) 2014 Annual Key Controls Testing Objective: Determine the operating effectiveness of the selected annual key controls over financial reporting for FY 2014. Results: The seven annual key controls over financial reporting that were selected for testing by the Finance Division (FIN) were operating effectively. Report Date: July 2015 5. Traffic Safety Grant Monitoring Objective: To provide assistance to the Traffic Operation Division s Traffic Safety Section (TRF-TSS) in the development of a risk assessment for their monitoring function of grant recipients. Results: The deliverable consisted of a listing of risk factors for TRF-TSS to consider including in its risk assessment for grant recipients. Since the data for many of the risk factors was available in egrants, the design of the tool and piloting of a risk assessment was performed by TRF TSS staff. The advisory service team participated in meetings with TRF-TSS staff as they made final decisions on risk factors and weights based upon their impact in the piloted risk assessment. Report Date: August 2015 6. Multiple Use Agreements Paid Parking Facilities Objective: To provide information to the Maintenance Division (MNT) regarding Multiple Use Agreements (MUAs) with paid parking facilities. Results: The following deliverables specified in the Statement of Work were completed and provided to MNT. A summary of clauses in existing MUAs with paid parking facilities that are missing or different than those in the current MUA template. A memo listing key facts and potential issues identified from a review of the information received from entities with paid parking facilities regarding each parking facility s fee structure, fund balance, financial reports, and other information deemed useful. The original documentation received from the entities was also provided to MNT with the memo. Suggestions for improvements to the MUA policies, procedures, and terms within the MUA template. Audits of paid parking facilities were not performed because the review of the existing MUAs and information from entities with paid parking facilities (see first two bullets above) found that there TxDOT Annual Audit Report 8

are policies and MUA provisions that need to be in place to define the criteria necessary for an audit to be effective. MNT management decided that they would make revisions to the MUA process and to the existing MUAs based upon the work performed. The need for external audits of the paid parking facilities will be reassessed in FY16. Report Date: August 2015 7. Sarbanes-Oxley (SOX) 2015 Non-Annual Key Controls Testing Objective: Determine the operating effectiveness of the selected non-annual key controls over financial reporting for FY 2015 as part of TxDOT s Spirit of SOX initiative. Results: Thirteen non-annual key controls over financial reporting were selected for testing by the Finance Division (FIN). Of the 13 controls tested, one control was found to be ineffective. However, it was determined that the failure of this control would not have a significant impact on the TxDOT financial statements. The Compliance Office and FIN will be revising the process for the Spirit of SOX at TxDOT, to focus on key controls for financial reporting, beginning in fiscal year 2016. Report Date: August 2015 TxDOT Annual Audit Report 9

V. External Quality Assurance Review (Peer Review) TxDOT Annual Audit Report 10

TxDOT Annual Audit Report 11

TxDOT Annual Audit Report 12

VI. Internal Audit Plan for Fiscal Year 2016 Risk Assessment The Chief Audit and Compliance Officer performs a department-wide risk assessment to develop the Plan. The risk assessment process is conducted to assign the audit resources and includes: Review of state legislation. Obtaining input from members of the Commission, Administration, DDO, and staff. Performing an evaluation of department functions, based on objective criteria and professional judgment. Review and consideration of prior audit results. Review and consideration of the Federal Highway Administration (FHWA) Risk Assessment. Review and consideration of the Compliance Office s work plan. Review and consideration of investigative trends. Review and consideration of professional/industry standards. Review and consideration of Moving Ahead for Progress in the 21 st Century (MAP-21). The Chief Audit and Compliance Officer will provide quarterly status reports on audit activities to the Commission and Administration, and will present the results of completed audits at quarterly Audit Subcommittee meetings. Audit Plan The Plan consists of 75 risk-based audit engagements. The audit engagements (including FY2015 audits carried over) are divided into six areas of focus and coverage, as follows: Contracting/Third Party provide assurance of reporting and operational reliability to stakeholders. Governance/Program Management - provide assurance that business activities of the organization are optimized toward achievement of objectives. Information Technology focus on the integrity and security of information assets. District Operations provide assurance and insight of distributed activities. Carryovers and Carryovers in Closing Phase engagements not completed in FY15 which remain important to cover. Management Action Plan (MAP) Follow-Up determine remediation and risk management regarding previously identified organizational risks. TxDOT Annual Audit Report 13

Audit Plan FY 2016 Office of Internal Audit Contracting/Third Party (6) Budgeted Hours Right of Way Acquisition - Contract Management 1,300 NTT Data Contract Management Transformation 1,300 Performance Based Maintenance Contracts 1,609 Contract Administration - Segment 41 Contracts 1,300 Contract Administration - Closeout Phase 1,300 Toll Operations Call Center and Back Office Operations 1,609 Governance/Program Management (4) Budgeted Hours Toll Operations Federal Reporting 1,300 Bulk Fuel Management and Reporting 1,300 Budget Development, Allocation, and Monitoring 1,609 Fleet Operations Rental Equipment 1,300 Information Technology (3) Budgeted Hours Business Continuity 1,609 TAC 202 Reporting 1,300 Cloud Storage 1,609 District Operations (4) Budgeted Hours NEPA Public Involvement Process 1,609 Routine Maintenance Contracts 1,609 Non-MES Equipment/Consumables Management 1,609 Fair Labor Standards Act Overtime 1,609 FY15 Audits Carried Over (5) Budgeted Hours SH 183 Managed Lanes Project 1,300 Post-Implementation Review ERP Project Costing 1,609 Post-Implementation Review ERP Purchasing 1,609 Post-Implementation Review ERP Inventory 1,609 Post-Implementation Review ERP Accounts Payable 1,609 Management Action Plan (MAP) Follow-Up (43) Engagements performed to determine mitigation of risks previously communicated Budgeted Hours 5,719 TxDOT Annual Audit Report 14

Carryovers in Closing Phase (10) Toll Operations Federal Reporting Local Letting Process Maintenance Operations Materials Testing Change Order Process Contract Administration Software License Management Post-Implementation Review ERP Payroll and Recruiting Fuel Consumption Oversight and Coordination Commission Office Vetting Summary Internal Audit Section Budgeted Hours Contracting/Third Party 8,418 Governance/Program Management 5,509 Information Technology 4,518 District Operations 6,436 Management Action Plan (MAP) Follow-Up 7,736 FY 2015 Audits Carried Over 5,719 Total Hours: 38,336 TxDOT Annual Audit Report 15

VII. External Audit Services Procured in Fiscal Year 2015 Not applicable VIII. Reporting Suspected Fraud and Abuse Actions taken to implement the requirements of: Fraud Reporting Article IX, Section 7.09 General Appropriations Act (83 rd Legislature, Conference Committee Report) - A link to the State Auditor s Office (SAO) Fraud Hotline is available on the TxDOT website: txdot.gov/inside-txdot/office/compliance-ethics/reporting-fraud.html - Information about reporting suspected fraud involving state funds to the State Auditor s Office is included in TxDOT policy. Call the State Auditor s Office fraud hotline at 1-800- TX-AUDIT (892-8348) or report online at sao.fraud.state.tx.us. - Compliance Office (CMP) maintains an external hotline number (877-769-8936) and website (txdotwatch.com). Coordination of Investigations Texas Government Code, Section 321.022 - Reasonable Cause to Believe reports are completed by the Office of Compliance and sent to SAO at least semi-annually. - SAO Hotline Complaint coordination with Cesar Saldivar, Audit Manager. TxDOT Annual Audit Report 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information