2016-AP-0001 Fiscal Year 2016 Annual Risk Assessment and Audit Plan

Similar documents
Department of Homeland Security Office of the Inspector General. Office of Emergency Management Oversight. Audit Division- Eastern District

SAFETY AND SECURITY: Opportunities to Improve Controls Over Police Department Workforce Planning

Department of Homeland Security Office of Inspector General. Review of U.S. Coast Guard Enterprise Architecture Implementation Process

Executive Director for Operations AUDIT OF NRC S CYBER SECURITY INSPECTION PROGRAM FOR NUCLEAR POWER PLANTS (OIG-14-A-15)

LEGAL SERVICES CORPORATION OFFICE OF INSPECTOR GENERAL FINAL REPORT ON SELECTED INTERNAL CONTROLS RHODE ISLAND LEGAL SERVICES, INC.

Chapter 5. Planning the Audit Engagement

RISK ASSESSMENT REPORT Internal Audit Department

Nelson R. Bregon, General Deputy Assistant Secretary for Community Planning and Development. James D. McKay Regional Inspector General for Audit, 4AGA

Audit Report OFFICE OF INSPECTOR GENERAL. Farm Credit Administration s Purchase Card Program A Auditor-in-Charge Sonya Cerne.

LOCAL GOVERNMENTAL ENTITY EXAMPLE FINANCIAL CONDITION ASSESSMENT INDICATORS AND RELATED PROCEDURES

FY 2015 Annual Audit Report

Office of Inspector General Department of Defense FY 2012 FY 2017 Strategic Plan

Fiscal Year 2014 Work Plan

GUIDELINES INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS PERFORMING FINANCIAL STATEMENT AUDITS OF STATE AGENCIES

LOCAL GOVERNMENT MANAGEMENT ASSESSMENT OVERVIEW AND QUESTIONNAIRE

Transmittal Letter Objectives and Scope Approach Financial System Permitting Application... 9

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL 400 MARYLAND AVENUE, S.W. WASHINGTON, DC

VA Office of Inspector General

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work

AUDIT COMMITTEE TERMS OF REFERENCE

The Commonwealth of Massachusetts AUDITOR OF THE COMMONWEALTH

IMPORTANCE OF PROGRAM INTEGRITY IN HOME AND COMMUNITY BASED SERVICES JERRY DUBBERLY, PHARMD, MBA

Napa County, California, Needs Additional Technical Assistance and Monitoring to Ensure Compliance with Federal Regulations

State and District Monitoring of School Improvement Grant Contractors in California FINAL AUDIT REPORT

MEDICARE DRUG INTEGRITY CONTRACTORS IDENTIFICATION

DATA CENTER OPERATIONS

OFFICE OF INSPECTOR GENERAL

ANTI-FRAUD POLICY Adopted August 13, 2015

Department of Veterans Affairs Office of Inspector General Strategic Plan FY

2IÀFHRI,QVSHFWRU*HQHUDO

Los Angeles County Metropolitan Transportation Authority Office of the Inspector General Medicare Part B Reimbursements to Retirees

Security Concerns with Federal Emergency Management Agency's egrants Grant Management System

The Federal Railroad Retirement Board (RRB) and Data Analytics

Five-Year Strategic Plan

SANTA ANA UNIFIED SCHOOL DISTRICT LEAD INTERNAL AUDITOR

AUDIT OF THE MACOMB COUNTY SHERIFF S OFFICE EQUITABLE SHARING PROGRAM ACTIVITIES MOUNT CLEMENS, MICHIGAN EXECUTIVE SUMMARY*

Santora CPA Group. State of Delaware Statewide School Districts Construction Projects Attestation Engagements Capital School District

AUDIT REPORT Audit of Controls over GPO s Fleet Credit Card Program. September 28, 2012

Information Technology Operational Audit DEPARTMENT OF STATE. Florida Voter Registration System (FVRS) Report No July 2015

INTEGRATED SILICON SOLUTION, INC. CORPORATE GOVERNANCE PRINCIPLES. Effective January 9, 2015

FEDERAL FAMILY EDUCATION LOAN PROGRAM (FFELP) SYSTEM

Table of Contents. Transmittal Letter Executive Summary Background Objectives and Approach Issues Matrix...

Monitoring of Government Travel Card Transactions

AGA CGFM Examinations Sample Questions

F I N A N C I A L R E G U L A T I O N S

PROCUREMENT. Actions Needed to Enhance Training and Certification Requirements for Contracting Officer Representatives OIG-12-3

Date: October 1, Audit, Finance and Enterprise Committee. Jennifer Ruttman, City Auditor. Audit of Workers Compensation Program

PERFORMANCE AUDIT OF COLUSA COUNTY LOCAL TRANSPORTATION COMMISSION FOR THE THREE YEARS ENDED JUNE 30, 2014

Increasing the Speed and Effi ciency of Providing Disaster Housing Assistance

ADMINISTRATIVE MANUAL Subject: CORPORATE RESPONSIBILITY Directive #: Present Date: January 2011

BY GARY DONALDSON. The City of Atlanta Shares Insights for Increasing Revenue

E Distribution: GENERAL POLICY ISSUES. Agenda item 4 WFP ANTI-FRAUD AND ANTI-CORRUPTION POLICY. For approval

October 20, Sincerely. Anthony Chavez, CIA, CGAP, CRMA Director, Internal Audit Division

AN AUDIT OF INTERNAL CONTROL OVER FINANCIAL REPORTING THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS:

December 2014 Report No An Audit Report on The Telecommunications Managed Services Contract at the Health and Human Services Commission

Office of Inspector General The School District of Palm Beach County

LARIMER COUNTY STRATEGIC PLAN

Fuel Card Process Review. Division of Administrative Services. Report: A-1415DEP-015

2IÀFHRI,QVSHFWRU*HQHUDO

Audit Report. Division of Mental Health and Developmental Services Substance Abuse Prevention and Treatment Agency

The City of Calgary, 2009 PSC Operational Review Final Report

Transcription:

OFFICE OF INSPECTOR GENERAL PALM BEACH COUNTY John A. Carey Inspector General Inspector General Accredited Enhancing Public Trust in Government 2016-AP-0001 Fiscal Year 2016 Annual Risk Assessment and October 2, 2015 Insight Oversight Foresight

Fiscal Year 2016 Risk Assessment The risk assessment process for Fiscal Year (FY) 2016 was conducted using a combination of several methods of research and information gathering in order to create a more robust overview of the risks for entities within the Office of Inspector General s (OIG) jurisdiction. The risk assessment was conducted using the same methodology of an audit project, using the different phases of the audit (planning/gain an understanding, risk assessment/fieldwork, and reporting) in order to gather risk factors and formulate a risk assessment matrix that would be used to rank the risks identified in order to create an audit plan. Gain an Understanding We used a combination of efforts in information gathering to gain an understanding of, and identify risks of, the 38 municipalities and two special taxing districts within the OIG s jurisdiction. These efforts included: Review of the Fiscal Year 2015 Risk assessment survey responses submitted by the municipalities and special taxing districts. Review of the final risk ratings assigned to each of the municipalities and organizations for FY 2015. Review of Council and/or Commission meeting minutes and agendas posted to the websites of the municipalities. Interviews with Executive Management from the Solid Waste Authority (SWA) and Children s Services Council (CSC). Review of the responses from the online survey to Government Employees, Citizens, Stakeholders and Contractors requesting input on risks or concerns. Review of news articles and blog posts for the municipalities and special taxing districts. Review of Comprehensive Annual Financial Reports (CAFRs) and Florida Auditor General reports for Fiscal Year 2014. Risk Assessment We compiled the information gathered into a risk assessment matrix. Additional risks were included based on the results of brainstorming meetings, drawing upon the professional expertise and experience of the OIG staff. Each risk was rated based on significance and impact. Any known controls to mitigate the risk or lower the impact were noted. We assessed a final risk rating for the identified risks. OIG Senior Management reviewed the list of topics determined to be high risk. Prospective audits were selected from this list based on factors such as impact to the community. The FY 2016 plan will include planned audits ( above the line ) and possible audits ( below the line ). Planned audits P a g e 1

are scheduled projects. Possible audits are projects which could be scheduled if there are available resources (i.e., due to fewer than expected IG/Management requested audits, completion of all planned audits, or increased staffing). Based on input from the OIG Senior Management team, six audits were selected. These six audits, coupled with the carryover audits from Fiscal Year 2015 and the IG/Management Requested audits - which are received either through intake referrals, requests or other emerging risks - comprise the Fiscal Year 2016. FY 15 Survey to Municipalities and Special Taxing Districts Interview with CSC and SWA Executives Survey to Public and Government Employees, Contractors, Citizens and Stakeholders Review of municipal meeting minutes and agendas News articles/ blog posts Comprehensive Annual Financial Reports Gain an Understanding Risk Assessment Brainstorming Meetings (OIG Senior Management and Audit Division) identifying risk Gathered risks added to Matrix Preliminary rating of risks Define controls to mitigate risks Final Rating of each risk Possible Audit objectives Determination of Audit budget and available hours Risks and audit objectives presented to Senior Management Decision on which audits will be on the plan "above the line" and "below the line" Draft, Review, and Final The goal of the risk assessment process is to create a list of audits that will address high-risk concerns about entities under the jurisdiction of the OIG and to plan for the most effective use of the OIG s limited audit resources. Once the risk assessment was completed, Senior Management and the Inspector General met to determine which audits should be included in the audit plan. The consists of carryover audits, planned audits, possible audits, and IG/Management requested audits. The remainder of the time is delegated to non-audit activities. P a g e 2

Fiscal Year 2016 Carryover Audits There are two audits which were included on the Fiscal Year 2015 audit plan which were started but have not been completed. These two projects are considered carryover audits and will be completed in Fiscal Year 2016: Palm Beach County Department of Economic Sustainability (DES) Grant Management Objectives include: Determine if there are sufficient controls in place to safeguard grant funds against fraud, waste and abuse. Evaluate grant monitoring activities to determine effectiveness in achieving Disaster Recovery Initiative objectives. Determine whether grant funds are expended in accordance with grant agreements. City of Delray Beach Objectives include: Determine if purchasing activity is controlled by adequate and documented policies and procedures. Assess the validity, justification, and authorization of selected purchasing activities. Planned Audits City of Pahokee This audit would include a review of financial management systems, controls over purchasing, and control environment. Possible objectives: Is the City of Pahokee using sound financial practices to conduct city business? Are purchases made by the city being properly documented and approved to avoid fraud, waste and abuse? Is the City Commission conducting business in a manner that is transparent and in the taxpayers best interest? Rationale: The City has experienced a high turnover in leadership positions, including a new City Manager hired in March 2015. The city is also listed in a state of financial emergency by the Florida Auditor General. The current city leadership has requested the OIG s assistance. Town of Loxahatchee Groves This audit would include a review of financial management systems, controls over purchasing and control environment. Possible objectives: Is the Town of Loxahatchee Groves using sound financial practices to conduct city business? Are purchases made by the city being properly documented and approved to avoid P a g e 3

fraud, waste and abuse? Is the Town Council conducting business in a manner that is transparent and in the taxpayers best interest? Rationale: There was noted public concern regarding the Town s management and contracting activities. Multiple Entities - Fleet/Fuel Management This audit would determine the extent to which controls are in place to ensure vehicles and fuel purchases managed by selected entities are being used appropriately. Possible objectives: How are the selected entities protecting fuel card purchases from wasteful/abusive spending? Are vehicles and parts purchased at the most cost effective rate to keep government spending low? Are vehicles purchased using government funds being tracked and used efficiently? Rationale: Entities with Fleet and/or Fuel programs have a significant risk of wasteful and abusive spending on fuel purchases, vehicle parts and repairs, and fuel card purchases. Multiple Entities Utilities This audit would determine the extent to which controls are in place to ensure that the utilities managed by selected municipalities are managed effectively. This audit would include a review of rate setting practices, billing and collections policies, and security over personally identifiable information. Possible objectives: Are utilities using proper billing, collections and rate setting practices? Is the customer s confidential and/or sensitive information (credit cards, social security numbers, etc.) adequately protected? Are municipalities conducting utilities activities in accordance with interlocal agreements and Florida statutes? Rationale: There was noted public concern over management of utilities including rate setting, cash handling, and security over private information. Possible Audits Follow-Up - City of South Bay: This audit would determine the extent to which audit recommendations from two previous audits have been implemented. Rationale: Audit follow-up is important, especially where an entity has had repeated reported deficiencies, to evaluate the progress management has made in correcting reported deficiencies. The Government Auditing Standards (GAS 6.36) states that auditors should evaluate whether management has taken appropriate action to address findings and recommendations. P a g e 4

Multiple Entities Information Technology This audit would determine the extent to which controls are in place to guard against inappropriate access of electronic information at selected entities. Rationale: As entities move further toward IT-driven environments, restricting access of confidential and/or sensitive information to only authorized individuals is an important public concern. IG/Management Requests The audit office conducts audits which are not planned, but are requested by municipalities or deemed necessary by the OIG. These audits are considered priority projects. Because of the urgent nature of these requested audits, the planned audits in the section above are subject to change/cancellation. Non-Audit Activities Activities which are not included in the audit plan as audit program activities are considered non-audit activities. These activities include, but are not limited to, Professional Development, Strategic Planning and Risk Assessment, quarterly audit follow-up, special projects and Quality Control and Assurance. Conclusion The Fiscal Year 2016 based on the Fiscal Year 2016 risk assessment has been completed. The has 2 carryover audits from the Fiscal Year 2015, 4 Planned Audits and 2 Possible Audits in addition to the audits which are received from Investigations intake and self-initiated municipality requests. We will further consider risk with each audit to ensure that the audit engagement is identifying the highest risk and impact. P a g e 5

Fiscal Year 2016 at a Glance* Audit Palm Beach County DES Delray Beach - Finance Possible Objectives Carryover Audits Determine if there are sufficient controls in place to safeguard grant funds against fraud, waste and abuse. Determine if purchasing activity is controlled by adequate and documented policies and procedures. City of Pahokee Town of Loxahatchee Groves Multiple Entities: Fleet/Fuel Management Multiple Entities: Utilities Planned Audits Is the City of Pahokee using sound financial practices to conduct city business? Are purchases made by the city being properly documented and approved to avoid fraud, waste and abuse? Is the City Commission conducting business in a manner that is transparent and in the taxpayers best interest? Is the Town of Loxahatchee Groves using sound financial practices to conduct city business? Are purchases made by the city being properly documented and approved to avoid fraud, waste and abuse? Is the Town Council conducting business in a manner that is transparent and in the taxpayers best interest? How are the selected entities protecting fuel card purchases from wasteful/abusive spending? Are vehicles and parts purchased at the most cost effective rate to keep government spending low? Are vehicles purchased using government funds being tracked and used efficiently? Are utilities using proper billing, collections and rate setting practices? Is the customer s confidential and/or sensitive information (credit cards, Social Security Number, etc.) protected from fraudulent use? Are municipalities conducting utilities activities in accordance with interlocal agreements and Florida statutes? Follow Up Audit: South Bay Multiple Entities: IT Security Possible Audits Determine the extent to which audit recommendations from two previous audits have been implemented. Determine the extent to which controls are in place to guard against inappropriate access of electronic information at selected entities. *IG/Management Request audits, due to their nature, are not included. P a g e 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information