Audit Seaport Security

Internal Audit Report

Seaport Security Department
Audit Period
January 1, 2006 through December 31, 2008




Issue Date: June 2, 2009
Report No. 2009-09

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Table of Contents

Internal Auditor's Report .............................................................................................. 3 
Executive Summary ...................................................................................................... 4 
Background ................................................................................................................... 5 
Audit Objectives ............................................................................................................ 6 
Audit Scope ................................................................................................................... 6 
Audit Approach ............................................................................................................. 6 
Conclusion ..................................................................................................................... 7 









2

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Internal Auditor's Report

We have completed an audit of Seaport Security Department. Seaport Department
Management has the primary responsibility to establish and implement effective internal
controls surrounding security plans for Port-owned and operated facilities, administering and
monitoring security grant projects, maintaining control over Port owned security assets,
initiating security training, and increasing Seaport security awareness.
We conducted the audit using due professional care. The audit was planned and performed to
obtain reasonable assurance that department controls are adequate and operating effectively as
intended.
Based on the audit procedures performed, Seaport Security Department has adequate and
effective controls to meet its objectives.
We extend our appreciation to the Seaport Security Department Management and staff for their
assistance and cooperation during the audit.


Joyce Kirangi, CPA
Internal Audit Manager








3

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Executive Summary
Audit Scope and Objective  The purpose of the audit was to determine whether:
1) Management's monitoring systems have controls to ensure that Seaport Security
projects and grants are adequately monitored.
2) Management oversight over procurement and expenses includes proper reviews and
approvals to ensure compliance with Port policies and procedures.
3) Seaport Security assets and equipment are properly accounted for and tracked.

Background The Department goals and objectives include:
Ensure compliance with federal security regulations
Provide a leadership role in the implementation of security projects
Partner with other Puget Sound Ports to enhance overall maritime security
Comply with all maritime regulatory security requirements at Port-owned and operated
facilities.

Audit Result Summary  Seaport Security Department has adequate and effective controls to
monitor its security projects and assets, and to ensure compliance with Port policies and
procedures.








4

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Background
The Department goals and objectives include:
Ensure compliance with federal security regulations
Provide a leadership role in the implementation of security projects
Partner with other Puget Sound Ports to enhance overall maritime security
Comply with all regulatory security requirements at Port-owned and operated facilities.
The Seaport Security Department is a participant in the Port Security Grant Program (PSGP)
under the auspices of FEMA and the Department of Homeland Security. Federal funds have
been granted to the Port for the protection of the infrastructure from terrorism. The Seaport
Security Department has utilized these funds to enhance maritime domain awareness, enhance
risk management capabilities to prevent, detect, respond to and recover from attacks involving
improvised explosive devices (IEDs), weapons of mass destruction (WMDs) and other nonconventional
weapons, as well as training, safety exercises and Transportation Worker
Identification Credential (TWIC) implementation.

The Port has several stakeholders in its Seaport Security program. In addition to the Seaport
Security Department (SSD), the following play a major role in ensuring that Seaport security
goals and strategies are met:
ICT Department
Seaport Project Management
Contracted Grant Administrator
Port-owned and operated terminals
Container and Maritime Tenants of the Port of Seattle (i.e., Louis Dreyfus, Total Terminals)
United States Coast Guard who is responsible for overall Puget Sound Port security
Seattle Police and Fire Departments
Other Sub-grantees, such as the Ports of Tacoma and Everett
Department's operating budget and significant expense categories are summarized as follows:
Table 1  Operating Budget (in 000s)
2008     2009
(actual)  (budget)
Operating Revenue                  $850       $0 
Operating & Maintenance Expense        1,574      280 
Corporate Administrative Expense           62        0 
Total Operating Expense    1,636      280 
Net Operating Income before Depreciation   ($786)     ($280) 
Source: PeopleSoft


5

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Table 2  Significant Actual Expenses (in 000s)
Description          2006    2007    2008 
General Expenses             $35   $1,091      $2 
Outside Services              2,468      48     667 
Salaries & Benefits               449     538     580 
Department Equipment Expense      34      37     261 
Travel & other related expense        56      44      37 
Source: PeopleSoft

Audit Objectives
The purpose of the audit was to determine whether: 
1) Department management's monitoring systems have adequate controls to ensure
that Seaport Security projects and grants are adequately monitored.
2) Management oversight over procurement and expenses includes proper reviews and
approvals to ensure compliance with Port policies and procedures.
3) Seaport Security equipment are properly accounted for and tracked.

Audit Scope
The scope of the audit covered the period January 1, 2006 through December 31, 2008.

Audit Approach
We performed the following audit procedures:
Determined whether SSD management has established procedures and processes to
ensure that monitoring and oversight of in-process Security projects and the contracted
Grant Administrator is adequate and performed consistently.
Evaluated SSD management role in the procurement process and verified proper
documentation and approved.
Evaluated management controls over monitoring and approving of invoices.
Assessed the controls SSD management has established pertaining to asset
management of Security equipment.
Determined whether Management has established adequate controls over its expenses.


6

Internal Audit Report
Seaport Security Department
Audit Period January 1, 2006  December 31, 2008

Conclusion
Seaport Security Department has adequate and effective controls to monitor its projects and
assets, and to ensure compliance with Port policies and procedures. The controls are adequate
to allow the department to meet its objectives. 















7

Limitations of Translatable Documents

PDF files are created with text and images are placed at an exact position on a page of a fixed size.
Web pages are fluid in nature, and the exact positioning of PDF text creates presentation problems.
PDFs that are full page graphics, or scanned pages are generally unable to be made accessible, In these cases, viewing whatever plain text could be extracted is the only alternative.