Office of the City Auditor 2018 Annual Work Plan and Long Term Audit Plan

Similar documents
Texas Workforce Commission

Current Planning Reserve Audit

AUDIT PLAN FOR FISCAL YEAR 2017 TEXAS FACILITIES COMMISSION

Development Securities Review April 12, 2013

AUDITOR GENERAL S REPORT ACTION REQUIRED Audit Work Plan SUMMARY RECOMMENDATION. Date: October 10, Audit Committee. To: Auditor General

The 2017 Audit Work Plan provides City Council with an overview of how the resources allocated to the Auditor General s Office will be used in 2017.

INTERNAL AUDIT PLAN OF ACTIVITIES

Project Change Order Review

APPENDIX 1. Auditor General s Office. Annual Report and 2005 Budget

Investment Funds Transfer Audit. October 03, 2008

Fiscal Year 2018/2019 Annual Audit Plan

Lee County Board of County Commissioners 2018 Annual Audit Plan

OFFICE OF THE CITY AUDITOR

Finance and Treasury Department

Approved by School Board August 3, 2009 RICHMOND PUBLIC SCHOOLS INTERNAL AUDIT SERVICES ANNUAL AUDIT PLAN FISCAL YEAR 2010

Office of Inspector General. Annual Report for Fiscal Year

FY 2016 Internal Audit Annual Report

VENTURA COUNTY EMPLOYEES RETIREMENT ASSOCIATION RETIREMENT ADMINISTRATOR CHARTER

TEACHERS RETIREMENT BOARD CONSENT: ATTACHMENT(S): 1. DATE OF MEETING: June 8, 2016/ 15 mins

fjw~ EdW. J~an Inspector General ~L~"F!oriaa! Dr. Eric J. Smith 325 West Gaines Street, Suite 1514 Tallahassee, Florida

INTEGRATED DEVICE TECHNOLOGY, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER

THE CORPORATION OF THE VILLAGE OF LUMBY

Auditor s Letter. Timothy M. O Brien, CPA Denver Auditor Annual Audit Plan

Fiscal Year (FY) 2017 Internal Audit Annual Report

2017-AP-0001 Fiscal Year 2017 Annual Risk Assessment and Audit Plan

CORPORATE RISK 2017 ANNUAL REPORT

Lee County Port Authority 2017 Annual Audit Plan Internal Audit/Inspector General Department

CARIBBEAN DEVELOPMENT BANK STRATEGIC FRAMEWORK FOR INTEGRITY, COMPLIANCE AND ACCOUNTABILITY PILLARS I AND II INTEGRITY AND ETHICS POLICY

Annual Report of Internal Audit Activities Fiscal Year 2016

CITY OF EDMONTON BYLAW AUDIT COMMITTEE (CONSOLIDATED ON FEBRUARY 13, 2018)

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

WIPO General Assembly

TEXAS HIGHER EDUCATION COORDINATING BOARD INTERNAL AUDIT ANNUAL REPORT

SOMERVILLE HOUSING AUTHORITY ANTI- FRAUD POLICY. April 3, 2013

CITY OF TORONTO Auditor General s Office 2013 Recommended Operating Budget

Tax Administration Diagnostic Assessment Tool MODULE 11: ACCOUNTABILITY AND TRANSPARENCY

Lee County Port Authority 2018 Annual Audit Plan

UNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy

Current Trends in Investigations. Omid Yazdi Forensic Partner

Business Licensing Revenue Opportunity Review

City of Greater Sudbury

FINANCIAL PLANNING AND BUDGETING - CENTRAL GOVERNMENT AND DEPARTMENTS

Texas Workforce Commission

Audit Schedule July 1, 2018 through June 30, 2019

Fraud Detection and Prevention for the Insurance Industry

Corporate Legal Policy

P.O. Box 1749 Halifax, Nova Scotia B3J 3A5 Canada Item No. 6 Budget Committee January 10, 2018

IESBA Agenda Paper 5-B February 2011 New Delhi, India

Section 2. Introduction and Purpose of the LMS

UNION PACIFIC CORPORATION AUDIT COMMITTEE OF THE BOARD OF DIRECTORS CHARTER

Presentation to the Audit Committee February 27, 2015

AUDIT AND FINANCE COMMITTEE OF THE BOARD OF DIRECTORS MANDATE

MUTUAL HOUSING MANAGEMENT

Annual Report of Internal Audit Activities Fiscal Year 2017

2009 Financial Report to Citizens

DIVISION OF INSPECTOR GENERAL. Audit Services & Public Integrity Units 2010 ANNUAL REPORT

Texas Facilities Commission. Internal Audit Annual Report. Fiscal Year 2017

Branch Neighbourhood and Community Development

TEXAS HIGHER EDUCATION COORDINATING BOARD INTERNAL AUDIT ANNUAL REPORT

THE UNIVERSITY OF TEXAS AT TYLER

SCHNEIDER NATIONAL, INC. AUDIT COMMITTEE OF THE BOARD OF DIRECTORS CHARTER

Approved Business Plan and Budget. Florida Reliability Coordinating Council, Inc.

Risk Management Policy & Procedures. Premier Ltd.

Summary Enterprise Risk Management Framework

Prairie Mountain Credit Union Ltd. Financial Statements For the year ended September 30, 2017

Alberta Medical Association (C.M.A. Alberta Division) Consolidated Financial Statements September 30, 2017

Whistleblower Program

COUNTY OF SONOMA. CAL-Card USER MANUAL

Hundred and Thirty-fourth Session. Rome, October WFP Anti-Fraud and Anti-Corruption Policy

OFFICE OF INSPECTOR GENERAL 2019 COMPREHENSIVE AUDIT PLAN

CARIBBEAN DEVELOPMENT BANK STRATEGIC FRAMEWORK FOR INTEGRITY, COMPLIANCE AND ACCOUNTABILITY PILLARS I, II AND III WHISTLEBLOWER POLICY

City of. Carmelita Flagpole, circa 1927

ULSTER COUNTY COMPTROLLER S OFFICE

October 19, Board of School Directors North Hero School District c/o Grand Isle Supervisory Union 5038 US Route 2 North Hero, Vermont 05474

Purchasing Procedures Manual

WEST CONTRA COSTA UNIFIED SCHOOL DISTRICT

This Policy supports our culture through procedures for the receipt, review and retention of Complaints from Representatives or others.

Terms of Reference and Annual Planner for National and Provincial Government Audit Committees

Everything You Didn t Want To Know About Employee Crime

C.A.O. BRIEFING NOTE FAIRNESS AND EQUITY

The Australian National University Fraud Control Framework. Corporate Governance & Risk Office

AUDITOR GENERAL S REPORT

FLORIDA OFFICE OF EARLY LEARNING OFFICE OF INSPECTOR GENERAL Annual Report for Fiscal Year

Interurban Transit Partnership

SIX MONTH STATUS REPORT October 1, 2016 March 31, John A. Carey, Inspector General

External and internal audit recommendations: progress on implementation

2015 Risk Assessment. C u y a h o g a C o u n t y, O h i o D e p a r t m e n t o f I n t e r n a l A u d i t i n g

Powell River Regional District and Powell River Regional Hospital District Final Report to the Board of Directors

Fraud prevention for credit unions

Office of Internal Auditing

TOWNSHIP OF SOUTH GLENGARRY FINANCIAL STATEMENTS

City of Prince Albert YEAR STRATEGIC PLAN

ASB Meeting July 17-20, 2017

Department of Transportation Financial Management Information System Centralized Operations

Annual Plan. Office of Internal Auditing

ENER-CORE, INC. DISCLOSURE CONTROLS AND PROCEDURES. Adopted September 24, analyzed to determine whether disclosure is appropriate; and

SIX MONTH STATUS REPORT April 1, 2018 September 30, John A. Carey, Inspector General

Del Mar College Fiscal Year 2018 Annual Internal Audit Report November 1, 2018

COUNTY OF RIVERSIDE, CALIFORNIA BOARD OF SUPERVISORS POLICY

Transcription:

1200, Scotia Place, Tower 1 10060 Jasper Avenue Edmonton, Alberta T5J 3R8 edmonton.ca/auditor and Long Term Audit Plan November 14, 2017

This page is intentionally blank.

Introduction Bylaw 12424, City Auditor Bylaw, established the position of City Auditor and delegated the powers, duties, and functions to that position. The City Auditor is responsible for all internal auditing activities within City programs and City agencies. This includes: Providing independent, objective assurance and advisory services designed to add value and improve the City s programs. Assisting the City with accomplishing its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Coordinating fraud investigation activities. The s (OCA) Annual Work Plan outlines the work it intends to conduct during the year. Bylaw 16097, Audit Committee Bylaw, gives Audit Committee the power to approve the Annual Work Plan. Annual Project Cycle The following diagram illustrates the OCA s Annual Project Cycle. The process begins with the development of the Annual Work Plan. Annual Work Plan Development Recommendation Follow Up Audit Committee Approves Plan Project Reporting Conduct Project Work 1

Annual Work Plan Development The OCA s annual planning process is designed to ensure that it prepares a risk-based work plan and that, through its execution, adds value to the corporation. The following diagram illustrates the OCA s process for developing its Annual Work Plan. Potential Projects and Section Risk Self-Assessments Draft Annual Work Plan Development Annual Work Plan Approval 1. Potential Projects The OCA maintains a database of potential projects. These projects are identified through suggestions from members of City Council, Executive Leadership Team, City Administration, discussion with the City s external auditor, observations made by audit staff, hotline tips, and reviews of audits conducted in other jurisdictions. The OCA assesses each project using the following risk factors: Volume and value of assets, expenditures, or transactions; Vulnerability of the area; Amount of regulation applicable to the area; Strength of internal control environment; Governance and ethics environment of the area; Sensitivity of information; and When the area was last audited. 2

As well, we exercise professional judgment to acknowledge varying degrees of impact on overall operations, trends within the City, or Council-directed projects in determining the final risk assessment score for each potential project. 2. Section Risk Self-Assessments In 2017, each section in the City completed a risk self-assessment as required by the City s Enterprise Risk Management Directive. The City s Enterprise Risk Management area led the process and assisted with the completion of the assessments. The assessments include a list of risks to the achievement of the goals of the section, including a corresponding analysis of identified risks, the likelihood of their occurrence, the magnitude of the impact the occurrence of the risk will have on the corporation, and mitigation strategies. 3. Draft Annual Work Plan Development We combine the risk scores of the potential projects with the program area risk selfassessment scores to develop a final risk score for each program area. We then rank the program areas based on the risk score. Through an annual workshop, the OCA staff review the ranked list of program areas and identified projects and discuss project scope, potential outcomes, resources required, and audit priority. Following the opportunity for staff input, the OCA management team chooses the projects to include in the draft Annual Work Plan. 4. Annual Work Plan Approval The OCA circulates the draft Annual Work Plan to Audit Committee and City Council and places it on the last Audit Committee meeting agenda of the year for discussion and approval. Audit Committee may require changes to the proposed Annual Work Plan prior to its approval. After approval of the Annual Work Plan, the OCA meets with the City s external auditor to coordinate audit activities and ensure efforts are not duplicated. Audit Project Categories The OCA s and Long Term Audit Plan include projects within the following categories: 1. Value for Money Audits Value for money audits include program area audits identified through our program area risk assessments, audit projects identified through our audit universe, and Information Technology audits. All value for money audits begin with identifying the process or program area s goals and assessing risks that could interfere with accomplishing those goals. These audits determine whether a department, process, service, or program operates efficiently, effectively, and economically and whether risks are appropriately mitigated. Results from these audits are used both by the Administration and by City Council to improve the manner in which each program area delivers its services. These 3

audits may include use of computer assisted audit techniques that allow the OCA to analyze large amounts of data maintained on corporate systems. 2. Investigations These audits are designed to prove or refute alleged fraudulent behaviour or misconduct by a City employee or other parties. 3. Proactive Projects These projects allow the OCA to provide proactive, strategic, risk, and control-related advice prior to and during the development and implementation of projects, programs, and systems. This helps to ensure that appropriate controls and safeguards are in place to achieve the stated goals. As well, post-implementation reviews of selected information systems may be undertaken. Other proactive activities undertaken by OCA staff include serving on selected corporate committees; this allows the OCA to ensure that leading practice and control-related inputs receive appropriate attention throughout the project. As well, OCA staff members provide ongoing monitoring of certain activities, providing assurance that specific controls are working as intended. 4. Follow-up Reviews These audit projects allow the OCA to determine the adequacy, effectiveness, and timeliness of actions taken by management on recommendations made in audit reports. Our audit reports provide recommendations to the Administration that identify opportunities for improvement. We maintain a database of audit recommendations to facilitate the recommendation follow-up process. 5. OCA Governance and Leadership Activities The OCA participates in a number of initiatives that support City Council and Audit Committee s governance responsibilities and contribute to leading audit practices by others. As well, the OCA coordinates its audit efforts with the City s external auditor to optimize audit benefits to the City, including increased audit coverage and avoidance of duplicate audit work. 6. Emerging Issues These are audits or projects that are not listed in the Annual Work Plan. These projects may be identified by the OCA during a scheduled audit, by City Council, by the Administration, or by a member of the public. As stated in the City Auditor Bylaw, with the exception of projects directed by Council, the City Auditor will use discretion to decide whether, when, and how to best address emerging issues. 4

The following Work Plan outlines the program area and project audits that the OCA has identified as high priority based on our risk assessments. Our goal is to have a flexible work plan to facilitate the completion of outstanding projects, undertake new ones, and initiate some that will be carried forward to 2018. We will identify the exact scope of each project during our project planning process. The City Auditor will provide Terms of Reference documents for significant projects to Council Members, as well as the Public Audit Committee Members. The City Auditor will also provide periodic status reports of all OCA activity to the Audit Committee. Title Description Value for Money Audits Touch the Water Project Audit Office of Emergency Management Audit Fraud Risk Management - Detection, Investigation, and Corrective Action Access to Information Technology Systems Audit Use of Consultants Audit Audit of Accounts Payable This audit will include a review of the Touch the Water Project to identify the causes for project delay. This audit will assess the effectiveness of the Office of Emergency Management. In 2010, the OCA conducted an assessment of the City's Fraud Risk Management Framework. From that project, a new fraud directive was developed and general awareness of fraud risk was improved. This audit will focus on assessing the effectiveness of the City s processes for fraud detection, investigation, and corrective action. This audit will include a review of user access to the City s major Information Technology systems. This audit will identify the City s use of consulting services and assess their impact or value. Accounts Payable processes invoices and issues payments to suppliers for goods and services purchased by the City. This audit will assess the effectiveness of accounts payable controls, policies, and procedures. 5

Title Roads and Parks Yard Operations Audit Residential Infill Audit Open Data Review ETS Revenue Management Bridge Maintenance (In Progress) Waste Audit Cornerstones Plan Review Investment Policy Review Description This audit will assess the efficiency and effectiveness of the City s Roads and Parks Yard Operations. This will include reviewing management oversight, accountability and inventory management. This audit will assess the efficiency and effectiveness of the City s residential infill processes. This project will assess the process for ensuring the reliability of publically available data. It will also assess the process and controls used to populate and maintain the open data catalog. This audit will assess the effectiveness of revenue management within Edmonton Transit. The objective of this audit is to determine if the City s Bridge Maintenance program is effectively managed. The overall objective of this audit is to assess the value-for-money offered by the City s integrated waste management system delivered through Waste. This audit will assess whether the Cornerstones Plan is achieving its intended goals on affordable housing and whether activities are in compliance with existing policies. This audit will include a review of the City s investment policies and compliance with those policies. Current Planning Reserve Fund Current Planning Branch operates on a cost-recovery business model whereby excess revenues from delivering services are contributed to a reserve fund. This audit will assess whether the management and use of this fund meet intended purposes. 6

Title Neighbourhood Parks Upgrade Process Description This audit will assess the process for neighbourhood park upgrades including reviewing both citizen and Administration s role in this process. Information Technology Disaster Recovery Planning This audit will evaluate the Information Technology Branch s preparedness in the event of an unforeseen service disruption. Information Technology Security Management This audit will evaluate the effectiveness of controls within the Information Technology Branch's Security Management practice area and assess the effectiveness of essential security functions. Investigations Investigation Projects Hotline Administration As indicated in Administrative Directive A1454, Fraud, the City Auditor has primary responsibility for investigating suspected fraud and may involve the City Manager on investigations of suspected fraud, depending on the nature and scope of the complaint. The OCA manages the City s Fraud and Misconduct Hotline. City employees can submit reports by phone or internet 24 hours a day, 7 days a week, all year round. We will investigate allegations of suspected fraud and misconduct as appropriate. Proactive Projects Performance Measures Validation There are 10 performance measures in The Way Ahead Progress Report that we have not validated. In 2018 we will validate the results of those 10 measures and present our assessment. 7

Title Fraud Risk Management Continuous Auditing Description The OCA will continue to support the City s fraud risk management efforts by updating the City s website, posting Fraud Prevention Tips and facilitating fraud awareness presentations throughout the organization as requested by business areas or initiated by the OCA. We use advanced audit software to provide ongoing monitoring of selected information systems and activities. This helps to identify potential risks and also provide assurance that specific controls are working as intended. In 2018, we plan to include the Employee Master File and Payroll Transactions as part of our continuous monitoring work. Follow-up Reviews Follow-up of Recommendations Our audit reports provide recommendations to the Administration that identify opportunities for improvement. We maintain a database of audit recommendations to facilitate the follow-up process. At each Audit Committee meeting we will provide a report on the status of each recommendation. OCA Governance and Leadership 2017 Annual Report The City Auditor will provide an Annual Report which will include a summary of the observations, recommendations, and information pertaining to the audits conducted by the OCA in 2017. 2018 Annual Work Plan Progress 2019 Annual Work Plan To assist Audit Committee and Council in their governance oversight role of the City Auditor, the City Auditor provides Activity Reports to Audit Committee summarizing the status of projects identified in the approved OCA Annual Work Plan. The City Auditor will submit an Annual Work Plan to Audit Committee at the last Audit Committee meeting in 2018. The Annual Work Plan outlines the scope of work the OCA intends to conduct in the next year. 8

Title Industry Sharing Description The OCA actively supports the internal audit profession through memberships in the Institute of Internal Auditors (IIA), Canadian Comprehensive Auditing Foundation (CCAF-FCVI), Association of Local Government Auditors (ALGA), Information Systems Audit and Control Association (ISACA), and the Association of Certified Fraud Examiners (ACFE). The OCA also shares operating practices with various organizations that help to promote the internal audit profession and our audit practices within the City. Emerging Issues Emerging Issues Unanticipated events or issues may arise throughout the year. The City Auditor assesses their importance and risks as they arise and may, at his discretion, assign resources to the new project. The City Auditor includes an appropriate resource allotment in the work plan to address these unforeseen issues. The City Auditor provides updates to the Audit Committee on emerging issue projects undertaken. 9

2019 to 2020 Long Term Audit Plan The following table shows the potential projects we may undertake in 2019 and 2020 based on our current risk assessment. This plan is subject to change as new risks develop in the City. Year Potential Project Topic Department Branch 2019 Facility maintenance services City Operations Fleet and Facility Parks operations City Operations Parks and Roads Assessment and Taxation Financial and Corporate Assessment and Taxation Branch Preferred vendors Financial and Corporate Corporate Procurement and Supply PeopleSoft Financial and Corporate Information Technology Information Technology Financial and Corporate Information Technology Change management City s land inventory Financial and Corporate Real Estate Business Planning and Supports Branch Integrated Infrastructure Business Planning and Supports Servicing agreement process Urban Form and Corporate City Planning Strategic Development Development and zoning services Urban Form and Corporate Strategic Development Development 2020 Indigenous Relations Office Citizen Community Inclusion and Investment Animal care and control Citizen Community Standards and Neighbourhoods Citywide fuel access and City Operations Fleet and Facility monitoring Contract penalty values Corporate Project City governance Corporate Project Sale of surplus assets Financial and Corporate Corporate Procurement and Supply Reserve accounts Financial and Corporate Financial Hiring practices Financial and Corporate Human Resources Office of Infrastructure and Funding Strategy Integrated Infrastructure Infrastructure Planning and Design Business Revitalization Zones Regional and Economic Development Economic and Environmental Sustainability 10

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback