Internal Audit Department

Frequently Asked Questions

1. What is an audit?
2. How does the Department of Internal Audit choose what areas are to be audited?0
3. What is the process when an audit is performed?
4. What is meant by internal control?

Return to Internal Audit Home Page

What is an audit?

Webster’s dictionary describes an audit as "a formal examination and verification of financial accounts." The Internal Audit Department is responsible for reviewing all financial books, records, operations and activities of an organization. It is our responsibility to determine that policies and procedures are being followed and to report any deviations to the City Council and the Mayor. Internal auditors are a form of internal control - a form that functions by evaluating other forms of internal control. It is the job of Internal Audit to be certain that necessary controls are in place and working effectively.

In order to accomplish this objective, the nature of some audits require the element of "surprise". By the term surprise, we mean that auditors need to verify critical records before there is an opportunity to alter, make extractions, insert data, or change activity that was not there before the auditors arrived. Records that are usually examined on a surprise basis are cash funds, accounting records, employee records, observation of standard operating activities, and certain inventory records. This will help to identify potential problems and provide the opportunity to correct and improve them.

With every audit, we strive to add value, cover risk and develop people. The goal is to provide timely, reliable and relevant information and to accomplish this we feel communication is essential. Auditors provide a medium for establishing contact between all levels of employees and can give proper attention to employee problems, suggestions and ideas.

It is important to view an audit as an opportunity to discuss with the Internal Audit Department what you feel is working well within your area and what may not be. By working together we can deliver balanced assurance - to point out where the controls are functioning effectively and where the areas of considerable risk lie.

Back to Top

How does the Department of Internal Audit choose what areas are to be audited?

In identifying an area to review, a number of factors are considered.

1. Level of risk.
2. Management’s level of concern.
3. Current industry trends.
4. Current focus of the agency.

These factors are considered and an audit plan is developed on an annual basis. The Audit Plan maintains flexibility in that some audits take longer than expected or other issues become priority and the focus of the department is redirected.

Back to Top

What is the process when an audit is performed?

The most successful audit projects are those in which the unit being audited and the Internal Audit Department have a constructive working relationship. Our objective is to have your continuing involvement as well as communication at every stage, so that you understand what we are doing and why we are doing it. Every audit project is unique. However, there are similarities in the process auditors use. In most audits, the process consists of the following stages:

1. Obtain an understanding of the area under audit by reviewing:
1. Policy
2. Administrative Regulations
3. other authoritative sources
2. Develop an internal control analysis/questionnaire based on review of the above and/or administration’s assertion.
3. Develop fieldwork activities.
1. Request specific information from auditee.
2. Interview appropriate staff.
3. Test selected data.
4. Verify information.
5. Verify procedures.
6. Verify compliance.
7. Perform exit interview with auditee.
4. Provide preliminary draft report/status report to auditee.
5. Submit final report to the City Manager and City Council.

Back to Top

What is meant by internal control?

Internal controls are processes put in place by management and staff in order to effectively administer a specific program and achieve its goals. Internal controls may be rules or procedures; for example, certain steps must be followed in issuing a payroll check. Internal controls may also be informal, for example, you may control access to administrative records by locking them in a file drawer.

Internal controls are designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

1. Effectiveness and efficiency of operations.
2. Reliability of financial data and reporting.
3. Compliance with applicable laws and regulations.

Back to Top                                   Return to Internal Audit Home Page