Meeting_Body
REVISED
FINANCE, BUDGET AND AUDIT COMMITTEE
MAY 18, 2016
Subject/Action
SUBJECT: FY17 AUDIT PLAN
ACTION: APPROVE ADOPTION OF THE FY17 PROPOSED AUDIT PLAN
Heading
RECOMMENDATION
Title
ADOPT the FY17 Proposed Audit Plan.
Issue
ISSUE
At its January 2008 meeting, the Board adopted modifications to the FY07 Financial Stability Policy. The Financial Stability Policy requires Management Audit Services (Management Audit) to develop a risk assessment and an audit plan each year and present it to the Board. It also requires that the Finance, Budget and Audit Committee, as the audit committee for the agency, provide input and approval of the audit plan.
Discussion
DISCUSSION
Instrumental to the development of the FY17 Audit Plan was completion of the FY16 agency-wide risk assessment. The agency-wide risk assessment is continually being refined and adjusted based upon events, issues identified during audits and agency priorities. The risk assessment continues to place a strong emphasis on the agency’s internal control framework and vulnerability to fraud. We believe this year’s risk assessment portrays the agency’s risks in light of the changes to our risk environment and the challenges the agency faces in the next few years. The result is the FY17 Proposed Audit Plan (Attachment A).
This is the twelfth year an audit plan has been developed and presented to the Board for input and adoption.
Policy Implications
An audit plan defines the work that will be completed or directed by Management Audit each fiscal year. It indicates both the depth and breadth of audit activities addressing financial, operational and compliance risks for the agency. The audit plan also identifies the extent to which controls are being assessed by routine audit activities, addressed proactively through advisory services, or as a result of concerns from management.
The annual audit plan is driven by two key factors: (1) risk assessment results, and (2) audit resources. The goal in drafting the audit plan is to address the highest risk areas at the agency given the resources available to complete the audits.
In developing the plan, the hours included for each audit are an estimate. There are occasions where some reviews may take longer and therefore absorb more hours than proposed and in other cases, the audit will be completed in fewer hours than estimated. In addition, urgent requests arise that need audit support. When this occurs, the plan must be reassessed and Management Audit may supplement internal resources with outside consultants as long as there is funding and consultants available for the task. Therefore, not all planned audit work may be completed and the audit plan may be reassessed and adjusted during the year for unanticipated risks and work.
Determination_Of_Safety_Impact
DETERMINATION OF SAFETY IMPACT
Approval of this item will not impact the safety of Metro’s patrons or employees.
Financial_Impact
FINANCIAL IMPACT
Any funding for external consultants needed to complete the annual audit plan will be included in the FY17 budget in Management Audit’s cost centers and the appropriate projects throughout the agency.
Alternatives_Considered
ALTERNATIVES CONSIDERED
One option would be not to complete an annual audit plan. This is not recommended since the audit plan is a management tool to systematically assign resources to areas that are a concern or high risk to the agency. Communicating the audit plan to the Board is required by audit standards.
Next_Steps
NEXT STEPS
Once the Board adopts the annual audit plan, Management Audit will develop the audit schedule for FY17. Management Audit will report to the Board quarterly on its progress in completing the annual audit plan.
Attachments
ATTACHMENTS
Attachment A - FY17 Annual Business Plan and Proposed Audit Plan
Prepared_by
Prepared by: Monica Del Toro, Audit Support
(213) 922-7494
Reviewed_by
Reviewed by: Diana Estrada, Chief Auditor
(213) 922-2161
