2018 Annual Audit Report to the Commission GCPUD Audit Department 11/13/18 1
Meeting Objectives: 1. Principles of Audit Plan Development 2. Status of the 2018 Audit Plan 3. Review 2019 Audit Plan 4. Moving Forward GCPUD Audit Department 11/13/18 2
Internal Audit Objectives and Purpose Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. Internal Audit helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. (International Professional Practices Framework) Internal Audit’s objective is fundamentally assurance. Looking at the past and present to provide reasonable assurance that all activities are being carried out in accordance with written policy, procedures, and applicable regulations . GCPUD Audit Department 11/13/18 3
Audit Plan Development INTERNAL AUDIT AND CONTROLS RISK CONTROL FRAMEWORKS Events, Vulnerabilities OBJECTIVES (COSO, ISO 31000) Compliance 1) Control Environment - Sets Tone of Org H,L H,H Operational 2) Risk Assessment Impact Financial 3) Control Activities - Testing Strategic 4) Information and Communication L,L L,H 5) Monitoring Controls: Adequate and Effective Likelihood RISK BASED AUDIT PROGRAM Objectives Scope of Engagement Audit Results Identify Audit Findings Assurance on Controls Prepare and Distribute Report Monitor Implementation of Recommendations GCPUD Audit Department 11/13/18 4
Audit Plan Development GCPUD Audit Department 11/13/18 5
Color indicates Assurance / Coverage scores where 1 is the most effective / highest confidence / fully pervasive 1-2 3-4 5-6 7-8 9-10 • GCPUD Audit Department 11/13/18 6
Audit Plan Development Risked Based Approach ERM – Risk Assessment 1. Management & Employee Input 2. Commission Contributions 3. Internal Audit Evaluation 4. Emerging Risks, Trends, and Focus Internal Audit Charter (adopted by Resolution, 2014) The internal audit plan will be developed based on a prioritization of the audit scope using a risk-based methodology, including input by Senior (Executive) Management and the Commission. The Auditor will review and adjust the plan, as necessary, in response to changes in the organization’s business, risks, operations, programs, systems, and controls. GCPUD Audit Department 11/13/18 7
2018 Audit Plan Status Continuous Monitoring Audits 1. 2017 P-Card Audit 2. Payroll Roster Audit – Ghost Employees 3. 2017 Voucher Audit Risk Based Assurance Audits 1. Small and Attractive Asset Audit* 2. Net Metered Loss Audit Generation to BA Load/Customer Request/Metering/Kwh Billed 3. Design Build Contract Audit* GCPUD Audit Department 11/13/18 8
2019 Audit Plan Key Focus Areas for Audit Activities Continuous Monitoring Audits 1. 2018 P-Card Audit 2. 2018 Voucher Audit Emphasis on PO’s & Procurement Process Risk Based Assurance Audits 1. Payroll Overtime & Upgrade Audit 2. Rates & Customer Class Audit 3. Net Metered Loss Audit – Continued GCPUD Audit Department 11/13/18 9
THREE YEAR AUDIT PLAN 2018 2019 2020 2021 2017 P-Card Audit 2018 P-Card Audit 2019 P-Card Audit 2020 P-Card Audit CONTINUOUS MONITORING 2017 Voucher Audit 2019 Voucher Audit 2020 Voucher Audit 2018 Voucher Audit Emphasis on PO's & AUDITS Vendor Trend & Employee Procurement Processes Payroll Roster Audit Payroll Roster Audit Cross Check Audit Small and Attractive Asset Audit Payroll - Overtime & Upgrade Power Distribution and Customer Deposit & Billing Audit Reliability Audit Audit Wholesale Marketing Supply Power Production Audit Rates and Customer Class Audit Audit RISK BASED Net Metered Loss Audit Generation to BA Load ASSURANCE Net Metered Loss Audit Customer Request /Metering/ AUDITS Generation to BA Load Billing of Kwh Usage Customer Request /Metering/ Billing of Kwh Usage Design Build Contract Consulting Emerging Risks, Trends, and Emerging Risks, Trends, and Emerging Risks, Trends, and Audit Focus Focus Focus Follow-Up: Follow-Up: Follow-Up: Follow-Up: Implementation of Audit Implementation of Audit Implementation of Audit Implementation of Audit Recommendations Recommendations Recommendations Recommendations Audit Placeholders: FCC & CIAC Calculation, Power Request Queue, System of Record for Federal Filings, Finance/Accounting/Bond Compliance, CIP Compliance, Safety, District wide training on Process and Controls GCPUD Audit Department 11/13/18 10
Moving Forward: 1. Washington State Auditor’s Office (SAO) Compliance Audit 2. Internal Controls Environment of Accountability Adequate and Effective 3. Audit and ERM Quarterly Meetings Continual Risk Assessment 4. Continuing Education and Training GCPUD Audit Department 11/13/18 11
Questions? Comments? Concerns? GCPUD Audit Department 11/13/18 12
PUBLIC UTILITY DISTRICT NO. 2 OF GRANT COUNTY, WASHINGTON 2019 INTERNAL AUDIT PLAN Introduction The objective of this document is to present information regarding District and industry wide risks and areas of focus that will be the starting point for the 2019 audit strategy and related audit engagements. These focus areas are and will be derived by using various sources of information including: Enterprise Risk Management Commission The Strategic Plan Executive Management General Counsel Specific recognized process issues External Audit activities Manager and Supervisor suggested process review In conjunction with the official planning period, Internal Audit will perform its own assessment of key District and industry risks. This assessment will be based on current and previous year Audit Planning, updated to reflect current information regarding management attention areas, results of audit activities as well as routine process evaluation. Audit Plan Development Based on Focused Priorities Purpose: To develop periodic plans for which audits or other process evaluations will be provided. These audits will be based on the risk assessment performed by Enterprise Risk Management (ERM) and consultations with Executive Management, Managers and Supervisors. Essential Activities: Identify organizations that can be audited and possible focus areas within Grant PUD. Identify areas or issues that are considered as priorities within Grant PUD based on the risk assessment performed by ERM and through consultations with Commissioners, Executive Management, and divisional stakeholders. With divisional stakeholders, determine the business objectives, core processes, risks and key success parameters for each division. Use objectives, core processes, risks and key parameters to determine areas of audit focus. Outline clear parameters, scope and stakeholder obligations for each audit engagement. Determine the overall resources required to accomplish the audit plan including any additional resources that may be required to complete and respond to issues that arise during the audits. In collaboration with primary stakeholders, determine the time period to be covered by the plan. Obtain Executive Management and Commission approval of the Audit Plan and the resources required to complete the Audit Plan.
Outputs: A Periodic internal audit and services plan based on priorities identified by the risk assessment, Executive Management, and other key stakeholders within Grant PUD. Understanding by Internal Audit of Commission, Executive Management, and stakeholders’ priorities. Identify opportunities for Internal Audit to improve organizational process, operations and objectives. 2019 - Key Focus Areas for Audit Activities Provide reasonable assurance that controls are adequate and effective in obtaining District objectives. Meet with Executive Management once a Quarter to evaluate areas of focus and direction. Report to Commission on areas of focus and emphasis bi-annually in May and November. Continuous Monitoring Audits o 2018 P-Card Audit o 2018 Voucher Audit Audit PO Process Audit Procurement Processes Risked Based Assurance Audits o Payroll – Overtime & Upgrade Audit o Rates & Customer Class Audit o Net Metered Loss Audit Obtain essential outside training opportunities from professional groups on best practices, tools and techniques for internal auditors. Ensure flexibility to address emerging risks and trends. Proposed Three Year Audit Plan 2019 2020 2021 2018 P-Card Audit 2019 P-Card Audit 2020 P-Card Audit Continuous 2018 Voucher Audit 2019 Voucher Audit 2020 Voucher Audit Monitoring Emphasis on PO's and Audits Vendor Trend & Employee Procurement Process Payroll Roster Audit Cross Check Payroll - Overtime & Upgrade Power Distribution and Customer Deposit and Audit Reliability Audit Billing Audit Wholesale Marketing Power Production Audit Rates and Customer Class Audit Supply Audit Net Metered Loss Audit Risk Based Assurance Generation to BA Load Customer Request /Metering/ Audits Billing of Kwh Usage Emerging Risks, Trends, and Emerging Risks, Trends, and Emerging Risks, Trends, and Focus Focus Focus Follow-Up: Monitor Audit Follow-Up: Monitor Audit Follow-Up: Monitor Audit Recommendations Recommendations Recommendations
Propo posed ed 3-Year ear 10 10% S Slice ce S Sal ale Commission Meeting 11/13/2018 Powering our way of life.
Recommend
More recommend