Types of Audit
Internal Audit Department Types of Audits All audits engagements begin with an audit objective. The audit objective or the audit question determines the type of the audit and the audit standards to follow. Internal auditing is an important part of overall governance, accountability, and internal control. Per government auditing standards, a key role of many internal audit organizations is to provide assurance that internal controls are in place to adequately mitigate risks in order to achieve organization goals and objectives. The Institute of Internal Auditors (IIA's) International Professional Practices Framework (IPPF) defines Internal Auditing as follows: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Port of Seattle Framework for Audit Consideration Commission CEO/Port Management Port Staff Overall Desired Results (Outcomes and Outputs) Sets the overall Establish governance structure/ Operate systems as Outcomes, outputs, direction and functions/departments to carry out the designed by Desired Results Policy objectives management Design and establish strategies and Carry out processes Outcomes, outputs systems for accomplishing goals and as designed by Desired Results objectives management Establish processes for each Maintain financial Outcomes, outputs function/department records and Desired Results documents actions taken Develop policies and procedures for Carry out the Desired Results each process established processes and policies. Ensures established processes/ Report results to Desired Results infrastructure meet requirements management An asterisk indicates services currently provided by IA Page 1 Internal Audit Department Port of Seattle Mission Statement: Create Economic Vitality HERE Port of Seattle Organization Chart and Framework for Audit Consideration King County Voters Commission Executive Office Capital Aviation Seaport Real Estate Corporate Development Accounting & Business Airport Lease & Asset Development & Aviation Project Financial External Affairs Development Operations Management Planning Management Reporting Cruise & Capital Facilities Airport Maritime Development Finance & Budget Health & Safety Aeronautical Management Properties Operations Administration Business Central Information & Commercial Human Resources Development & Landside Harbor Services Procurement Communications Strategy & Development Management Office Technology Concessions Aviation Environmental & Fishing & Engineering Internal Audit Labor Relations Executive Commercial Planning Vessels Aviation Recreational Port Construction Office of Social Facilities Aviation Legal Finance & Budget Boating Services Responsibility Director's Office Airport Office Community Seaport Project Police Building Seaport Maintenance Public Affairs Development Management Department Management Administration Building Finance & Portfolio Regional Department Budget Risk Services Management Transportation Environmental Facilities & Management and Real Estate Infrastructure Planning Administration Utilities Security Fire Department Maintenance An asterisk indicates services currently provided by IA Page 2 Internal Audit Department Government Auditing Standards (GAGAS) classifies audits into three broad categories as follows: Financial Audits Performance Audits, and Attestation 1. Financial audits Financial audits provide an independent assessment of whether an organization's reported financial information (e.g., financial condition, results, and use of resources) are presented fairly in accordance with recognized criteria (for example, FASB or GASB pronouncements). The auditor issues an independent opinion on the f air presentation of the financial statements. As part of the financial audit, the auditor also reviews the following processes only to the extent that the systems are significant over financial reporting: Internal control system and process* Compliance with laws and regulations* Provisions of contracts and grants* Professional firms outside the organization typically conduct these types of audits. Currently, Moss Adams conducts the Port financial audit. 2. Performance audits Performance audit objectives may vary widely and include assessments of program effectiveness, economy, and efficiency; internal control; compliance; and prospective analyses. Performance audits are intended to improve organizations performance, operations, reduce costs, facilitate decision-making, and contribute to public accountability. *The audit objectives that focus on program effectiveness and results typically measure the extent to which an organization is achieving its goals and objectives. Example, how well is the program/department working? Is it achieving the intended results? Is it meeting the target? The audit objectives that focus on economy and efficiency address the costs and resources used to achieve organization results. Example, why does it cost this much? Would it cost less? How can we do the same for less (economy)? How can we produce more with the same resource (productivity)? An asterisk indicates services currently provided by IA Page 3 Internal Audit Department Performance audit objectives vary widely and may include review and assessment of the following: Organizations/Programs effectiveness* Organizations or Program economy/efficiency --includes development of benchmarks criteria against which performance is evaluated against Internal controls* Compliance* Prospective analyses and other information* analysis and conclusions based on assumptions about events that may occur in the future Typical questions in performance audits Is this organization/program accomplishing what it's supposed to? (program results/effectiveness)* Are the procedures adequate or sufficient to? (process results/effectiveness)* Does it have to cost this much? (program/service efficiency) Can we produce more with the same resources? (productivity) Is this agency doing what's required? (compliance)* Is the agency handling resources responsibly? (compliance*/efficiency) What really happened? (investigation)* How much, how many, what if? (information)* Currently, the Washington State Auditor's Office (SAO) conducts Port's performance audits at the Port. 3. Attestation Audits - An attest engagement is an engagement in which a practitioner is engaged to issue, or does issue, an examination, a review, or an agreed-upon procedures report on specified subject matter, or an assertion about the subject matter, that is the responsibility of another party. The responsible party in attest engagements is the person, individual or representative of the entity, who is responsible for the subject matter. Internal Audit, conducts a combination of many elements of audit attestations as outlined on the operational audits section. Other Types of Audits 4. Operational Audits Operational auditing involves an objective review and assessment of the control (strategies, processes, systems, and other operating activities) that management has designed and implemented in order to achieve organizational goals and objectives. The auditor's objective is to provide independent assurance on the effectiveness of management An asterisk indicates services currently provided by IA Page 4 Internal Audit Department controls. The auditor gives an assurance of the end-results that management is trying to accomplish. For example, if management objective is to create jobs, the auditor gives an assurance whether the established (infrastructure) controls are effective to allow the creation of jobs. An operational auditor can also audit to determine whether such jobs were created. As part of the audit, an operational auditor evaluates and assesses the following: Management efforts such as established internal controls which includes the overall governance, plan, operational strategies, policies, methods, and procedures adopted by management to meet its missions, goals, and objectives. * The processes implemented by management for planning, organizing, directing, and controlling business unit/department operations. * The systems put in place for measuring, reporting, and verifying the reliability and relevance of information, including monitoring business units/ or departments performance. * Internal control is critical as it serves as a defense in safeguarding assets and in preventing and detecting errors; fraud; noncompliance with provisions of laws, regulations, contracts and grant agreements; and abuse. Part of operational auditing involves assessing and evaluating the following areas which are an integral part of internal control: Risk assessment/Risk management efforts* IT governance/information systems controls Controls over compliance with applicable laws, regulations, contracts, and grant agreements* Accountability* Fraud* Analysis of financial activities and non-financial information* 5. Compliance Audits* reviews for compliance with governance regulations and policies aimed at increasing fiscal transparency of an organization. At the Port, this includes compliance audit of over 600+ lease and concession agreements. Currently, Internal Audit spends a great deal of time auditing Port contracts and concessions. In addition, other Washington State agencies like Department of Revenue and Department of Retirement audit various compliance requirements within the Port. Compliance requirements can be financial or non-financial. 6. IT Audits reviews and assesses the design and effectiveness of computer general and application controls. An asterisk indicates services currently provided by IA Page 5
Limitations of Translatable Documents
PDF files are created with text and images are placed at an exact position on a page of a fixed size.
Web pages are fluid in nature, and the exact positioning of PDF text creates presentation problems.
PDFs that are full page graphics, or scanned pages are generally unable to be made accessible, In these cases, viewing whatever plain text could be extracted is the only alternative.