Hoosier Economy Audit Watch: Details of the audit

Audit Watch: Details of the audit

SHARE

So what can we  expect from the independent audit approved by the State Budget Committee in April?

Step One: Initial Risk Assessment

Expected to be completed for the State Budget Committee’s July meeting.

First, Deloitte will conduct a “Financial Operational Risk Assessment,” which will include the following:

1. The adequacy of the DOR’s internal IT and financial controls

2. The adequacy of the DOR’s current IT systems, policies and procedures

3. The adequacy of the DOR’s current financial policies and procedures

4. The adequacy of the IT, financial and auditing organizational structure

“The risk assessment should incorporate the various aspects of risk, including, but not limited to, size (both dollars and number of transactions), complexity of operations, control weaknesses, and the propensity for human error.  Given that the scope of the audit could be fairly broad, the selected firm will be asked to assist in prioritizing the review of the DOR’s numerous processes, IT programs, and funds.” (Quoted from the state’s Request for Information.)

Step Two: Draft Audit Plan

Next, based on the results of the initial risk assessment,  a “Draft Audit Plan” will be completed detailing the proposed scope of the audit, including a timeline and a specific list of deliverables.

Step Three: Audit

Finally, the Dept. of Revenue’s (DOR) internal controls as well as IT and financial policies and procedures will be audited. Highlights of what the audit will include as described in the state’s Request for Information:

  • Determine whether proper controls (IT and financial) are in place and are working as they should.
  • Determine whether the DOR’s organizational structure is appropriate.
  • Determine whether the DOR’s internal audit structure and procedures (e.g.,  criteria and methodologies for selecting audit work) are appropriate and adequate.
  • Review DOR’s interactions with other state agencies that manage revenues. Determine whether adequate communications and collaboration exists.  Also determine whether lines of responsibility and accountability are clear between state agencies.  Evaluate whether sufficient “checks and balances” exist.
  • Assessment of the revenues flowing into and out of the collections fund, including a reconciliation of the fund.  Ensure that all revenue streams flowing into the fund have been properly identified.  Ensure that all revenue streams are being properly and timely transferred to their appropriate funds.
  • Review of the collection and distribution processes for other local revenues.
  • Recommendations that can be implemented to reduce risk associated with such complex systems in the future.  The recommendations may include administrative and legislative changes, and should include both preventive and detective controls in order of priority that can be implemented or strengthened.