Frequently Asked Questions
How was my agency selected for an audit?
Most audits are scheduled as a result of Internal Audit’s annual risk assessment process. If your agency is placed in the high-risk category as a result of this process, it may be selected for an audit.
Why is an agency considered high risk?
Internal Audit calculates risk by reviewing and analyzing key risk factors, such as: size of an agency’s budget, time since the last audit, results of the last audit, changes in management, etc.
How often do you audit agencies?
The frequency of agency audits usually depends on the level of risk associated with the agency. A high-risk agency may be audited more frequently than a low-risk agency.
Who audits the auditor?
Every three years, an independent team of auditors (usually a local accounting/consulting firm) is hired to conduct an external quality review of Internal Audit. The County’s independent audit committee oversees this audit work. A report with findings and recommendations for improvement is issued to the Board of Supervisors and is posted on this website. See “About The Office” / “Peer Review”
What does scope mean?
The scope of an audit refers to the breadth of the review (how many processes/functions are included). Most audits include an initial planning phase in which the agency’s control environment is reviewed at a high level. Areas that appear to have weak controls are selected for audit testing (i.e., included in the audit scope).
What is an audit finding?
If a significant issue is identified during the audit of an agency (such as an overpayment to a vendor), Internal Audit reports this situation as a finding (the term “issue” is used in most audit reports). Findings have certain elements: (1) criteria--the basis for determining that a problem exists, (2) condition--the situation that was observed, (3) effect--the impact of the condition, and (4) cause of the problem, to the extent that it can be determined. Findings usually result in recommendations that the agency resolve the issue and strengthen corresponding controls.
What is a performance audit?
A performance audit is an independent assessment of the performance of a program or agency evaluating its economy, efficiency, program effectiveness, management controls, and compliance with legislative goals.
Who receives audit reports?
When complete, audit reports are usually sent to The Board of Supervisors, the County Manager, the Citizen’s Audit Advisory Committee, the audited agency, and other interested parties. Reports are also available to the public and are displayed on our web site.
To whom does the County Auditor report?
The Director of Internal Audit (County Auditor) reports directly to the County Board of Supervisors, with an advisory reporting relationship to the Board-Appointed, Citizen’s Audit Advisory Committee.
What is the difference between the Auditor General and Internal Audit?
The County Board of Supervisors established an Internal Audit department to provide an objective and independent assessment of the County's system of internal controls. This assessment is carried out by Internal Audit through financial, performance, and information systems audits and reviews. Internal Audit evaluates the adequacy of the internal control environment, the operating environment, related accounting, financial, and operational policies, and reports the results accordingly.
The Auditor General is an Office of the State of Arizona. It is primarily responsible for an annual audit of the financial statements produced by the County (Comprehensive Annual Financial Report).