Work Plan supp
Internal Audit Work Plan 2016 Proposed Flexible Work Plan INTERNAL AUDIT February 22, 2016 INTERNAL AUDIT TABLE OF CONTENTS Working cross functionally to achieve the Port's Goals Internal Audit 2016 Page 2 Port of Seattle Activities & Key Financials Port of Seattle Business Plan Forecast ($ in 000's) OPERATING BUDGET Notes Budget 2015 Budget 2016 Airline Revenue 1 $ 242,352 $ 261,019 Non-Airline Revenue 312,989 275,305 NWSA Distributable Revenue 0 51,829 SLOA III Incentive Straight Line Adj (3,576) (3,576) Total Operating Revenues 551,766 584,578 242,087 230,688 Operating & Maintenance Expense Corporate Division Costs 1 67,006 78,955 Law Enforcement Costs 20,674 22,919 Airline Realignment 5 0 Environmental Remediation Liability Expense 3,142 3,448 Total Operating & Maintenance Expenses 1 332,914 336,010 Net Operating Income Before Depreciation 218,852 248,568 Total Depreciation Expense 162,082 162,451 Net Operating Income after Depreciation $ 56,770 $ 86,116 Committed Capital Budget $ 327,554 $ 348,033 Business Plan Prospective 42,031 60,412 Total Capital Budget $ 369,585 $ 408,445 Notes: 1) Includes revenue from Corporate, Stormwater Utility & Elimination and corresponding offset to allocated charges from Corporate departments. Advancing trade and commerce, promoting industrial growth, and stimulating economic development *Source: Port of Seattle 2016 Budget and Business Plan Internal Audit 2016 Page 3 VISION Promote operational excellence at the Port MISSION The -added audit services that result in: Stronger accountability for meeting or exceeding strategic and operational performance expectations Fiscal integrity including detection and deterrence of fraud, waste, and abuse Greater transparency in governance and decision making Improved investment of public resources to advance trade and commerce, promote industrial growth, stimulate economic development, and create jobs Through independent and objective audits, we provide the Port Commission with assurance and opportunities for enhanced efficiency and effectiveness of management practices in: Governance Risk Assessment Controls Compliance Internal Audit Vision Promote operational excellence at the Port Mission The Internal Audit Department conducts risk-based operational/performance audits. Our frequent reviews of Port operations and activities provide value-added audit services that result in: Stronger accountability for meeting or exceeding strategic and operational performance expectations Fiscal integrity including detection and deterrence of fraud, waste, and abuse Greater transparency in governance and decision making Improved investment of public resources to advance trade and commerce, promote industrial growth, stimulate economic development, and create jobs Through independent and objective audits, we provide the Port Commission with assurance and opportunities for enhanced efficiency and effectiveness of management practices in Governance, Risk Assessment, Controls, and Compliance. Audit Standards Audit Work Guided by Professional Standards Government Auditing Standards (issued by the US Comptroller General) and by International Professional Practices Framework (issued by The Institute of Internal Auditors) Striving for excellence Internal Audit 2016 Page 4 VISION Promote operational excellence at the Port MISSION The -added audit services that result in: Stronger accountability for meeting or exceeding strategic and operational performance expectations Fiscal integrity including detection and deterrence of fraud, waste, and abuse Greater transparency in governance and decision making Improved investment of public resources to advance trade and commerce, promote industrial growth, stimulate economic development, and create jobs Through independent and objective audits, we provide the Port Commission with assurance and opportunities for enhanced efficiency and effectiveness of management practices in: Governance Risk Assessment Controls Compliance Risk Assessment & Methodology Best Practice Framework We perform a risk assessment over Port operations annually to drive our Flexible Work Plan. The plan is established based on: Internal Audit IA department's institutional knowledge Strategy Discussions with key Port leadership Data analytics Prior audit history It is developed and designed to align our audit strategy with Port goals. For simplification we group risks into 6 auditable units: Risk of inconsistent guidance and/or Risk of misreporting financial and other Strategic / oversight, and poor strategic direction Reporting Risk non-financial information from Port Governance Risk that do not achieve Port objectives operation results. and/or Century Agenda Goals. Risk of ineffective and inefficient Port Information operations, including lack of Risk of significant negative impact to Operational Risk Technology (IT) accountability due to inappropriate Port operations due to unmitigated IT Risk process and management. vulnerabilities. Risk of noncompliance or lack or Accountability / Risk of not meeting Public expectations. adherence to applicable laws and Transparency Diminishing Port's reputation and loss of Compliance Risk regulations (federal, state, local laws Risk public trust. and Port policies, procedures and agreements). Internal Audit identifies key risks using the best practice framework to optimize Internal Audit 2016 Page 5 Risk Scoring Methodology Each auditable unit is assessed and rated on a scale of 1 to 5 for impact and likelihood Risk drivers / attributes are We evaluate each auditable unit for impact defined for the impact and We start by compiling an Audit Universe. and likelihood for all items within the Port's likelihood of each auditable The Port's Audit Universe includes: Audit Universe. unit. Business units Departments Lease Agreements Information Technology Port Governance and Policies Port Specific Programs/ Initiatives Note: This is an example for illustration purposes only. Overall Impact and Likelihood ratings are multiplied Average Overall Risk rating to derive a final quantitative determinant. used in Final Risk Score Risk based assurance to help management meet its objectives Internal Audit 2016 Page 6 Risk Scoring Methodology (continued) The final risk determinant translates to the following qualitative risk ratings of low, medium, and high. Low Risk=1-5 5.0 5.0 7.5 10.0 12.5 15.0 17.5 20.0 22.5 25.0 4.5 4.5 6.8 9.0 11.3 13.5 15.8 18.0 20.3 22.5 Medium Risk=6-12 4.0 4.0 6.0 8.0 10.0 12.0 14.0 16.0 18.0 20.0 High Risk=13-25 3.5 3.5 5.3 7.0 8.8 10.5 12.3 14.0 15.8 17.5 3.0 3.0 4.5 6.0 7.5 9.0 10.5 12.0 13.5 15.0 2.5 2.5 3.8 5.0 6.3 7.5 8.8 10.0 11.3 12.5 2.0 2.0 3.0 4.0 5.0 6.0 7.0 8.0 9.0 10.0 1.5 1.5 2.3 3.0 3.8 4.5 5.3 6.0 6.8 7.5 1.0 1.0 1.5 2.0 2.5 3.0 3.5 4.0 4.5 5.0 1.0 1.5 2.0 2.5 3.0 3.5 4.0 4.5 5.0 High risk focus creates value Internal Audit 2016 Page 7 Risk Rating Summary Proposed 2016 Work Plan Internal Audit risk assessment and scoring resulted in the following proposed audits by category Est. Hours Audit Type Count Hours % Lease and Concession 8 2,725 27% Central Accounting Processing systems 0 0 0% Comprehensive Operational Audit 4 1,600 16% 3rd Party Management 4 1,000 10% Non-Lease Audit Limited Operational 3 2,460 24% Coverage 73% Information Technology 3 600 6% Consulting Services and Contingency 6 1,740 17% Fiscal integrity including detection and deterrence of fraud, waste, and abuse Internal Audit 2016 Page 8 Recommended Projects In 2016 Audits Suggested for 2016 Concession 1 Clear Channel Worldwide Agreements 2 Louis Dreyfus - Pier 86 Grain Terminal 3 Airport Management Services LLC Hudson 4 Anthony's Inc. - Pier 66 and Fishermen's Terminal 5 Cruise Terminal of America 6 Clipper Navigation Inc. MAG only 7 Marel Seattle Inc. MAG only 8 Terri D's Catering dba ACT - 3 1 Airport Operations - Ground Transportation (STILA) Comprehensive Operational 2 Airport Security - Credential Center 3 Police Department 4 Landside Employee Parking 1 Airport Club International 3rd Party Management 1.1 Airport Club Cascade 2 Bell Harbor International Conference Center 2.1 World Trade Center Club 1 Centralized International Support Services Program Limited Operational 2 Airport Janitorial Services Program 3 Aviation Capital Program Information 1 HIPAA Compliance - Health Insurance Portability and Accountability Act Technology (IT) 2 General Control - End-Point Security 3 IT Asset Management / Radio Communication Equipment 1 Selection of External Financial Auditor Consulting Services and Contingency 2 Implementationof Port wide moorage system to ensure effective controls 3 Seaport Alliance 4 Follow-up of 2015 Yellow Cab Audit 5 Transportation Network Companies (TNCs) -- potential agreements to pick up at the airport 6 2016 Work Plan - Risk Assessment 7 Others Greater transparency through assurance and accountability Internal Audit 2016 Page 9 2015 Carryover Audits Proposed 2016 Work Plan Audits in Progress as of December 31, 2015 Lease and Concession Agreements Limited Operational EAN Inc. Aviation and Payless Car (Enterprise, Hertz dba Maritime Rental dba Commission Alamo, and Firefly Rent-A- Maintenance SeaTac Rent- Office National) Car Shops - A-Car Rent-A-Car Inventory A flexible risk based approach maximizes benefits to the Port Internal Audit 2016 Page 10 Central Accounting Processing System Audits Port of Seattle Central Accounting Systems: Asset Management Accounts Payable Last Audit No Significant Issues Last Audit No Significant Issues Disbursements General Ledger Last Audit No Significant Issues Last Audit No Significant Issues Accounts Receivable Human Capital Resource - Payroll Last Audit No Significant Issues Last Audit No Significant Issues No central accounting processing system audits are proposed in 2016. Note: Central Accounting Systems are a focus of external Financial auditor. Focused and logical actions driving Century Agenda Strategies and Objectives Internal Audit 2016 Page 11 Department Audits Our focus is on efficiency and effectiveness of department programs, including compliance, accountability, and reporting. Commission directives and Port objectives are carried out by Port departments. Key Risks As of December 2015, there were approximately 95 Strategic / Governance Business Units with 183 departments. Operational Accountability / Transparency Departmental Audits 5-Year Coverage Reporting Information Technology Not Audited 55% Compliance Proposed 2016 Work Plan Audited Airport Security Credential Center 45% Police Department Ground Transportation Note: Departments Not Audited have been subject to Cross Functional Landside Employee Parking Program Audits such as: P-card, Travel-card, Payroll, etc. Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Internal Audit 2016 Page 12 Source: PeopleSoft & PropWorks as of December 07, 2015. 3rd Party Management Agreement Audits Port 3rd party operations are Port activities that are run Expenses and operated by a third-party on behalf of the Port. The (in 000s) third-party operator is paid a management fee. $6,595 Airport Club Lounges 72% Bell Harbor Conference These operations are risky because the Port is accountable World Trade Center - Club World Trade Center - Offices for all operation costs, but does not run the day-to-day operation. Note the Port owns the facilities that house $901 $958 $677 10% these operations. 11% 7% Revenues Key Risks (in 000s) Operational $8,038 67% Accountability / Transparency Reporting Compliance $1,077 $2,000 9% Proposed 2016 Work Plan $930 16% 8% Bell Harbor International Conference and World Trade Center Club Significant Findings in the Last Audit Airport Club International and Airport Club Cascade Lounges New Operator Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Internal Audit 2016 Page 13 Source: PeopleSoft & PropWorks as of December 07, 2015. Lease & Concession And Other Agreements The Port earns most of its revenues from lease & concession and other agreements. Port Total Gross Receipts/Revenues Agreements (In 000s) 500 529,147 85.2% 70% Agreement Non-Agreement Tax Levy Grants 87 14.8% 14,370 146,053 2% 19% 66,759 SLOA, Space and Land Rental Agreements 9% Lease & Concession Agreements Common agreement types include: Non-agreement types include: SLOA Agreements Parking Land Rental Berthage and Moorage Space Rental ID Badge Fees Lease and Concession Others Space and Land rental agreements generate fixed fee revenue based on square footage. These agreements are deemed low risk. Lease and concession agreements generate revenue based on customer self reported gross revenues. These agreements are deemed high risk. Economic Vitality through Developing, Negotiating, and Managing Agreements *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Internal Audit 2016 Page 14 Source: PeopleSoft & PropWorks as of December 07, 2015. Lease & Concession Agreements Key Risks Lease & Concession Agreements Operational Accountability / Transparency Reporting Compliance 70% Proposed 2016 Work Plan Audited Not Audited ACT-3 Catering 30% Airport Management Services - Hudson Clear Channel Anthony's at P66 and Fishermen's Marel Seattle Inc. Never exceeded MAG Agreements not audited are deemed low risk. Clipper Navigation Inc. Never exceeded MAG Cruise Terminal of America (CTA) Pier 86 Grain Terminal *As of to date, Internal Audit has recovered approximately $6.5 million in underreporting concession fees. Greater transparency through assurance and accountability *financial data used in this presentation is for planning purposes only and may not tie/agree with the Port year-end financial statements. Source: PeopleSoft & PropWorks as of December 07, 2015. Internal Audit 2016 Page 15 Limited Operational Programs The focus of this audit category is efficiency and effectiveness of Port-wide programs, including compliance, accountability, and reporting. Such Port-wide programs include: Port travel, purchasing P- card program, inventory program, cost allocation, janitorial services, small business initiative etc. Commission directives and Port objectives are carried out in these Port programs or activities Key Risk Strategic/Governance Operational Accountability/Transparency Reporting Information Technology Compliance Proposed 2016 Work Plan Airport Centralized International Support Services Program Airport Janitorial Services Program Capital Program Greater transparency through assurance and accountability Internal Audit 2016 Page 16 Limited Operational Program Capital Program The 2016 Capital Budget reflects the Port's continuing commitment through investment of $408.4 million in development, expansion, and renewal of Port facilities. Major projects include: NorthStar International Arrivals Facility Reconstruction of Center Runway Baggage System Committed Capital Projects 2016 2016-2020 ($ in 000's) Budget CIP Aviation Division 307,933 1,609,764 Key Risks Maritime Division 23,469 47,084 Strategic/Governance Operational Economic Development Division 11,513 17,403 Accountability/Transparency Corporate & Capital Development 5,118 21,048 Compliance Total Committed 348,033 1,695,299 Business Plan Prospective Projects 60,412 533,009 Proposed 2016 Work Plan Total CIP 408,445 2,228,308 Reconstruction of Center Runway Greater transparency through assurance and accountability *Source: Port of Seattle 2016 Budget and Business Plan Internal Audit 2016 Page 17 Information Technology The Port uses technology for innovation and to drive success of its strategies and programs. Therefore, information technology is critical to Port success, and is an integral part of the Internal Audit annual work plans. Like in the past years, Internal Audit information technology projects are outsourced to external IT firms. These audits are managed by internal audit staff. Key Risk Information technology Proposed 2016 Work Plan Per Information Technology Risk Assessment End-Point Security IT Asset Management/Radio Communication Equipment Health Insurance Portability and Accountability Act (HIPAA) Working cross functionally to achieve the Port's Goals Internal Audit 2016 Page 18 Consulting Services & Contingency Proposed 2016 Work Plan We partner and provide consulting services to Port management in order to improve Port programs and/or services. In consulting services, Port management owns and takes accountability of the projects. The following is a list of consulting services we propose to provide in 2016. Consulting Projects Finance / AFR Selection of External Financial Auditor Maritime Implemented of a Port-wide moorage system to ensure effective controls Seaport Alliance Seaport Alliance Aviation Transportation Network Companies (TNCs) -- potential agreements to pick up at the airport. Follow-up of 2015 Yellow Cab Audit Others as needed A partnership approach maximizes benefits to the Port Internal Audit 2016 Page 19 Internal Audit Team Joyce Kirangi, Director Internal Audit Certifications: CPA, CGMA Pam Bailey, Sr. Administrative Assistant Internal Audit Manager OPEN Dan Chase, Senior Auditor Brian Nancekivell, Senior Margaret Songtantaruk, Senior Certifications: CPA, CIDA Ruth Riddle, Senior Auditor Auditor Auditor Certifications: CPA, CIA, CFE Certifications: CPA-CGA, CIA, Certifications: CFE, CB CISA Joseph Anderson, Internal Auditor Roneel Prasad, Internal Auditor Certifications: CPA, CGMA Internal Audit 2016 Page 20 Questions? Internal Audit 2016 Page 21
Limitations of Translatable Documents
PDF files are created with text and images are placed at an exact position on a page of a fixed size.
Web pages are fluid in nature, and the exact positioning of PDF text creates presentation problems.
PDFs that are full page graphics, or scanned pages are generally unable to be made accessible, In these cases, viewing whatever plain text could be extracted is the only alternative.