The URL can be used to link to this page

Home My WebLink AboutCAO-2024-510 - 2025 Internal Audit Work PlanStaff Report Chief Administrator's Office REPORT TO: Audit Committee DATE OF MEETING: December 16, 2024 SUBMITTED BY: Corina Tasker, Internal Auditor, 519-783-8154 PREPARED BY: Corina Tasker, Internal Auditor, 519-783-8154 WARD(S) INVOLVED: All DATE OF REPORT: November 26, 2024 REPORT NO.: CAO -2024-510 SUBJECT: 2025 Internal Audit Work Plan J K�T�R www. kitchener. ca RECOMMENDATION: That the 2025 Internal Audit work plan be approved as outlined in report CAO -2024- 510. REPORT HIGHLIGHTS: • The purpose of this report is to outline the proposed assurance and consulting activities to be conducted by the Internal Auditor in 2025. • The work plan consists of seven assurance/compliance audits, one status update, and two consulting engagements. • There are no financial implications. • Community engagement included this report posted to the city's website with the agenda in advance of the council / committee meeting. • This report supports the delivery of core services BACKGROUND: Internal Audit Goal The overarching goal of internal audit is to protect the City's assets and interests. This includes, but is not limited to, protecting the long-term health of the organization, its financial and physical assets, its reputation, its ability to perform critical services and the safety and well-being of employees and citizens. Internal Audit Services To fulfill the above goal, the internal auditor provides two types of service in accordance with the Institute of Internal Auditors definitions: Assurance services — which involve the internal auditor's objective assessment of evidence to provide an independent opinion or conclusions regarding an entity, operation, function, process, system, or other subject matter; and *** This information is available in accessible formats upon request. *** Please call 519-741-2345 or TTY 1-866-969-9994 for assistance. Page 50 of 101 Consulting services — which are advisory in nature and are generally performed at the specific request of an engagement client. When performing consulting services, the internal auditor should maintain objectivity and not assume management responsibility. Internal Audit Work plan The assurance services included on the internal audit work plan outlined in this report consists of topics that have been independently selected by the internal auditor. These topics fall broadly into one of three categories: 1) Physical assets — such as physical inventory counts 2) Financial resources — such as expense audits 3) Policy compliance — such as hiring transparency This annual plan consists of compliance and controls audits, confidential investigations, and any other independent analysis as required. Standard assurance audit topics which are common to most organizations or other municipalities are included in a recurring 6 -year plan. Other assurance topics are added as required related to emerging risks, tips, or other audit findings. The internal auditor will also provide consulting services related to process reviews, capacity analysis, organizational structure analysis, risk assessments and value for money analysis as the need arises. These services are provided to aid staff in continuous improvement in the design and delivery of City services. These types of reviews are requested by divisional management, or by Council through discussions with the CAO on a semi-annual basis. Additional consulting services may be added in the second half of 2025 as requested. Audit reports on each work plan item will be presented to Audit Committee as completed, on a quarterly basis. REPORT: 2025 Internal Audit Work Plan Audit Committee is asked to approve the 2025 Internal Audit work plan shown below as per the Audit Committee terms of reference. Assurance Services: Audit Topic Type of Audit Notes Deposits Controls In progress in 2024 Fire Life Safety Controls In progress in 2024 Employer Paid Parking Compliance In progress in 2024 Physical Inventory Count Verification Annual SAP Separation of Duties Controls Employee Expenses Compliance Hiring of Relatives Compliance Re -test under new policy Hiring Transparency Status Update Confidential Investigations Controls, Compliance As required Page 51 of 101 Consulting Services: Topic Type of Analysis Concrete Maintenance Service Levels Custodial Services at Community Centres Roles and Responsibilities, Service Levels Definitions Compliance audit - A test to determine if staff is following all rules, regulations and policies associated with the service. Confidential Investigations — Investigating staff or public complaints about any alleged staff misconduct including, but not limited to, fraud, theft, or inappropriate behaviour. Controls audit - An analysis and test of control points within a process to ensure that fraudulent activity can be eliminated or mitigated. Count Verification — Sampling physical inventory counts to verify the accuracy of staff physical inventory counts. Roles and Responsibilities — A review across functions or roles to determine the best location for certain tasks to reside. Status update — A check-in on the status of recommendations and benefits achieved from previous audits or reviews. Service Levels — An analysis of current and desired service levels and associated resourcing and costs to achieve objectives. STRATEGIC PLAN ALIGNMENT: This report supports the delivery of core services. FINANCIAL IMPLICATIONS: Capital Budget — The recommendation has no impact on the Capital Budget. Operating Budget — The recommendation has no impact on the Operating Budget. COMMUNITY ENGAGEMENT: INFORM — This report has been posted to the City's website with the agenda in advance of the council / committee meeting. PREVIOUS REPORTS/AUTHORITIES: There are no previous reports/authorities related to this matter. APPROVED BY: Dan Chapman, CAO ATTACHMENTS: none Page 52 of 101 0 a 0 O M LO N 0) (6 0 O LO N 0) (6 O C: O 4 cn O L W W W r1 _0 Q� ca C: O V O 4-j a ,> O O � •� c U _0 ,-, O CL 4-) 0 MO c E � CL c�i� O O O O O D- V V O I I I 0 O LO N 0) (6 Q • V w > cr DC • C: bn W 4- O w E O L- 0 - E • �0 0 V y - O m wI V 0 O LO LO N 0) (6 n `, 7j O 4-0 Wel Q N 0 Q E O U m Co J N L.L Q E O U _O Q E W OR ca U .cn a_ V O W-01 Dil 0 Q E O U a) cnN Q X W N O Q E W Q E O U no a) Q Z) cn c� cn 0 CL Z 06 U N Q cn 0) .L no N crN cn 3 A, u C) O CO LO N 0) (6 n N C U 0 O ti LO N 0) (6 wwwwwwwwwwwwwwwwwwwwww cu ^� _W 0 ry •N _c A _� A }W W W a Q O U U 0 CL 0 0 0 ry H Cn wwwwwwwwwwwwwwwwwwwwww Cn 0 U � CU M cn a) 0 U • a) ca o U U) • a) CU o o 'V cn E 0 0 0 0 O ti LO N 0) (6