Skip to main content
City of Santa Clara logo

Legislative Public Meetings

File #: 23-734    Version: 1 Name:
Type: Consent Calendar Status: Agenda Ready
File created: 5/23/2023 In control: Council and Authorities Concurrent Meeting
On agenda: 6/27/2023 Final action: 6/27/2023
Title: Overview of the Citywide Risk Assessment and Proposed 2023 and 2024 Internal Audit Work Plans
Attachments: 1. City of Santa Clara - Citywide Risk Assessment and 2023 and 2024 Audit Work Plan

REPORT TO COUNCIL

SUBJECT

Title

Overview of the Citywide Risk Assessment and Proposed 2023 and 2024 Internal Audit Work Plans

 

Report

BACKGROUND

Per Section 909 of the City Charter, and SCCC Section 2.29.010, the City Auditor’s duties and responsibilities include conducting in-depth financial and performance audits, overseeing the City’s performance management system, auditing and approving all bills, invoices, payrolls, demands or charges against the City government before payment and, with the advice of the City Attorney, making reports to the City Council as to the regularity, legality and correctness of such claims, demands or charges. The City Auditor’s Office conducts its work under the auditing standards prescribed by the Institute of Internal Auditors (IIA).  The IIA International Standards for the Professional Practice of Internal Auditing (Standards) requires the City Auditor’s Office to “establish a risk-based plan to determine the priorities of the internal audit activity, consistent with the organization’s goals” and consider the input from senior management and a governing board.

 

DISCUSSION

The City Auditor’s Office engaged Baker Tilly US, LLP (Baker Tilly) to conduct a citywide risk assessment and prepare an annual audit work plan for the next five years. The purpose of the internal audit function’s risk assessment is to develop an audit plan that assigns internal audit resources to the activities that add the most value to the City. The risk assessment process involves identifying and measuring risks associated with the audit universe (a list of specific departments, functions, processes, programs, etc. that can be subject to an audit, i.e. auditable units). Risk is defined as “the possibility of an event or condition occurring that will have an impact on the ability of an organization to achieve its objectives.”  The risk assessment is an ongoing process and will be updated each year.  These updates may alter previously identified audit plans based on these ongoing assessments.

 

This report summarizes Baker Tilly’s risk assessment methodology, analysis, and results. The 2023-2024 audit plan proposed in this report is based on the results of this risk assessment. The risk assessment involved collaboration with City Council and executive management from 14 main departments across the organization. In conducting the risk assessment, the following activities occurred:

 

                     Developed an understanding of the City’s environment, businesses, and objectives

                     Met with members of City Council and the Executive Management Team representing the major operations and administrative functions of the City

                     Reviewed key documentation such as the City Council Priority Matrix, the annual budget documents, financial statements, departmental strategic plans, and prior audit reports

                     Evaluated the results of interviews and documentation reviews and considered industry factors to identify areas of risk to the City

 

In developing the 2023 and 2024 Audit Plan, the following were considered:

 

                     Risk assessment - Internal audit activities to target high and moderate risk areas based on the results of the risk assessment

                     Adding value - Internal audit activities to add value through independent and objective analysis

                     City Council - The City Auditor’s Office reports to the City Council and seeks input on audit priorities

                     Coverage and other audits - Consideration of prior and other audits as well as pervasiveness of the process or control to ensure audit coverage and to avoid duplication of efforts

                     Scheduling - Consideration of the timing of an audit and other on-going initiatives to avoid putting an undue burden on City staff that may exacerbate the risk at hand or other interrelated risks

 

Staff and Baker Tilly, LLC presented the results of the risk assessment to the Audit Committee and presented the audit work plan for input and approval.  After discussion, the Audit Committee recommended staff proposed revisions so that items from the 2024 work plan could be advanced to the current year workplan.  The Committee accepted the report and proposed workplan and moved to bring it to the City Council for note and file.

 

ENVIRONMENTAL REVIEW

The action being considered does not constitute a “project” within the meaning of the California Environment Quality Act (“CEQA”) pursuant to CEQA Guidelines section 15378(a)(4) in that it is a fiscal activity that does not involve any commitment to any specific project which may result in a potential significant impact on the environment.

 

FISCAL IMPACT

Costs associated with the preparation of this report are included in the City’s FY 2022/23 Adopted Operating Budget.

 

COORDINATION

This report has been coordinated with the City Manager’s Office and City Attorney’s Office.

 

PUBLIC CONTACT

Public contact was made by posting the Council agenda on the City’s official-notice bulletin board outside City Hall Council Chambers. A complete agenda packet is available on the City’s website and in the City Clerk’s Office at least 72 hours prior to a Regular Meeting and 24 hours prior to a Special Meeting. A hard copy of any agenda report may be requested by contacting the City Clerk’s Office at (408) 615-2220, email clerk@santaclaraca.gov <mailto:clerk@santaclaraca.gov> or at the public information desk at any City of Santa Clara public library.

 

RECOMMENDATION

Recommendation

Note and file the citywide risk assessment report from Baker Tilly, LLC and note the proposed 2023 and 2024 audit work plans as approved by the Audit Committee.

 

Staff

Reviewed and Approved by: David Noce, Audit Manager

 

ATTACHMENTS

1. City of Santa Clara - Citywide Risk Assessment and 2023 and 2024 Audit Work Plan