Each year the Internal Audit Office prepares an Annual Audit Plan. Audits are selected through a countywide risk analysis process to concentrate on those areas of greatest risk and opportunity for improvements. Audit topics are chosen based on potential for improved internal controls, cost savings, revenue enhancement, and increased efficiency. Additional audit areas are selected based on management requests. At the beginning of each audit project, meetings are held with agency management to discuss the scope, objectives, and timing of work to be performed.
Audits are performed in four phases:
Survey work involves research performed to assess risks and determine existing controls in place. The auditor may conduct interviews, flowchart processes, and review other documentation in order to obtain a complete understanding of the audit area and finalize the scope and objectives of the project.
Fieldwork involves testing and evaluating key controls of the functions being audited. In this phase the auditor will determine whether controls are adequate and whether operations are conducted in an efficient and effective manner. Sufficient evidence will be developed to support audit observations and recommendations for improvement.
Reporting begins with a draft report which is discussed with agency management at an exit conference at the conclusion of the audit. During this meeting, Internal Audit reviews and discusses all significant findings to reach agreement on steps needed to enhance operations or correct any deficiencies. The final report includes an executive summary of our observations, as well as a write-up of the detailed audit findings, recommendations, and management's responses.
Follow-up is a periodic review in which the progress and implementation status of agreed upon improvements are assessed and validated.