Maricopa County, Arizona Internal Audit Performance Report Fiscal Year 2015 Letter from the County Auditor 1 What We Do 2 Our Financial Benefit 3 Independence and Objectivity 6 Honors and Awards 8 Year in Review 10 Significant Work of FY 2015 12 Performance Results 14 Meet Our Staff 16 Definition of Internal Auditing An independent, objective assurance and consulting activity designed to add value and improve the County’s operations. It helps the County accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Mission To provide objective information on the County’s system of internal controls to the Board of Supervisors so they can make informed decisions and protect the interests of County citizens. Vision To facilitate positive change throughout the County. Value Statement To promote the effective, efficient, economical, and ethical use of public resources. Motto Do the Right Things Right! MARICOPA COUNTY’S INTERNAL AUDIT DEPARTMENT PLAYS A VITAL ROLE ON BEHALF OF COUNTY CITIZENS  Internal Audit helps keep the County accountable to the public by measuring the effectiveness, economy, and efficiency of County operations.  Internal Audit provides objective assurance about the reliability and creditability of information produced by management.  Internal Audit helps Maricopa County achieve its goals and objectives by improving organizational systems and services.  Internal Audit’s presence helps protect Maricopa County assets by deterring fraud, waste, and abuse.  Internal Audit helps employees improve their overall job performance and adherence to established controls. LETTER FROM THE COUNTY AUDITOR To: Denny Barney, District I Steve Chucri, District II, Chairman Andrew Kunasek, District III Clint L. Hickman, District IV Steve Gallardo, District V From: Ross L. Tate, County Auditor Date: November 4, 2015 The County’s Internal Audit Department promotes accountability and transparency by independently reviewing the County’s internal control environment, and making recommendations for improvement. Our dedicated team of audit professionals worked diligently in Fiscal Year 2015 to provide the Board of Supervisors and the public with useful, objective information. Significant Work of Fiscal Year 2015 We published 18 reports. Some of the significant reports are listed below, and a complete list appears on page 11. Our four major audits are discussed on pages 12-13. Departments:  Enterprise Technology  Public Fiduciary Sheriff’s Office:  Support Services (Property & Evidence, Records, Cash, and Information Technology) Countywide:  Customer Satisfaction  Financial Condition Report Internal Audit Issued 127 Recommendations We make recommendations that improve efficiency, economy, and operational effectiveness. Our recommendations also strengthen controls that deter fraud, waste, and abuse. Last year, we made 127 recommendations for improvement. Agency management concurred with 99% of our recommendations, which is a testament to the quality and usefulness of our recommendations. Departments Implemented 94% of Recommendations Within Three Years We track audit recommendations to ensure they are carried out effectively and timely; 94% percent of our recommendations were implemented within three years. This year, the County collected $757,988 on a recommendation from our FY 2014 Department of Finance jail per diem billing audit. Internal Audit Achieves Excellence For the sixth consecutive year, Internal Audit received the national Government Finance Officers Association Award for Outstanding Achievement in Popular Annual Financial Reporting. For more on this award, see page 8. We appreciate the Board of Supervisors, the Citizens’ Advisory Committee, and County administration for their strong, continued support of the County’s internal audit function. 1 INTERNAL AUDIT PROVIDES VALUABLE SERVICES We Conduct Performance Audits Our performance audits provide objective analysis of County operations. We examine departments, programs, and processes for compliance with laws, regulations, policies, and best practices. We also assess whether effective systems are in place to ensure program effectiveness, economy, and efficiency. We issue our findings and recommendations for improvement in publicly available audit reports. We Provide Objective Information Internal Audit assists County management in improving controls, processes, procedures, performance, and risk management. Our reports provide independent and unbiased analysis and recommendations to the County Board of Supervisors and to County management. County directors and staff use our reports to improve program performance, accountability, transparency, and cost effectiveness. Additionally, our reports assist the County Board of Supervisors in making informed decisions in the interest of County residents. We Make Recommendations The value of our work is in our recommendations for improvement. In addition to reporting on areas that may be experiencing challenges or problems, we work with County leadership on recommendations that address the root cause of problems, which helps to prevent the issues from recurring. We Facilitate Improvement The County and its citizens benefit from our work when County management implements our recommendations. Our staff assists in that effort by performing organized follow-up. We monitor the agencies’ progress in implementing our recommendations and determine the adequacy of action taken. We also provide an annual report to the Board of Supervisors on outstanding recommendations. 2 INTERNAL AUDIT IS A GOOD INVESTMENT Our Cost vs Savings Produced Last 10 Years (FY 2006 − FY 2015) Our Cost $16.6 Million Actual Recoveries & Savings $17.1 Million Our Cost vs Poten al Savings Last 10 Years (FY 2006 − FY 2015) We Pay for Ourselves Over the past 10 years, we have generated $17.1 million in actual savings to the County, versus $16.6 million in budget cost—a net savings of half a million. For every $10,000 in department costs, we have produced $10,303 in savings. This excludes the potential savings depicted below. We Identify Potential Savings Our Cost $16.6 Million Over the past 10 years, we have found $49.3 million in potential savings, which includes the avoidance or reduction of future costs. These savings involve contracts, assets, payroll, and other areas. Poten al Savings $49.3 Million Our Cost vs Outsourcing FY 2015 We Use Consultants Wisely Our Cost $88 per hour We do everything we can with less costly internal resources. We use outside expertise only when necessary. Cost to Outsource $148 per hour 3 WE ARE THE RIGHT SIZE FOR OUR COUNTY Audit Budget as Proportion of Total County Budget Our budget is small compared to the total County budget. Our budget comprised only .08% of the total County budget in FY 2015, which is slightly above the average of seven comparable counties. Audit Staffing Our staffing level is the right size for our County size. We employed 17 full-time equivalent auditors in FY 2015; that is, 770 County employees per auditor. Seven comparable counties averaged 992 county employees per auditor. Audit Dollars Spent per County Resident Our resources are utilized very effectively and efficiently. Maricopa County spent only 41¢ per resident on internal auditing in FY 2015, which is 62% less than the average spent by seven comparable counties. 4 WE FOCUS OUR EFFORTS ON HIGH RISK AREAS Countywide Risk Assessment We develop our annual audit plan using a risk assessment process that maximizes coverage and minimizes risk. We assess risk by analyzing conditions that can impair the County’s ability to achieve its key objectives and strategic goals. We review the County’s organization, financial data, Annual Financial Report, and other items and consider financial impact, leadership input, citizen impact, and other factors. The County Auditor presents the resulting audit plan to the Citizens’ Audit Advisory Committee and the Board of Supervisors for approval annually. Sheriff’s Office (MCSO) MCSO is the largest operation in the County with 15.4% ($341 million) of the FY 2015 budget and 27% of its employees. To address this high-risk operation, two auditor positions are assigned to MCSO. This approach has enhanced our subject matter expertise, awareness of the governance, risk and control environment, audit effectiveness, and our working relationship with MCSO. Information Technology (IT) The County budgeted $152 million for capital IT projects in FY 2015 and annually spends significant amounts on IT applications, hardware, and personnel. Given the significant investment and associated IT risks, we conducted 55 IT audits since FY 2009. Countywide Countywide audits provide broader coverage with fewer resources, and focus on areas or transactions that cross agency boundaries. Examples are procurement, contracts, and network security audits. Contracts The County spends hundreds of millions of dollars annually on contracts. We regularly audit contracts due to the risk of improper payments if contracts are not properly monitored. In fiscal years 2006 – 2015, we identified over $12.6 million in recoveries, savings, and cost avoidance. Special Requests We can provide specialized auditing and consulting services in addition to those identified on the Boardapproved annual audit plan. We set aside a number of hours for special requests, which may be initiated by the Board or County officials during the year. 5 INTERNAL AUDIT IS INDEPENDENT Internal Audit Reports Directly to the Board of Supervisors Maricopa County Board of Supervisors Denny Barney Steve Chucri Andrew Kunasek Clint Hickman Steve Gallardo District I District II District III District IV District V (Chairman) Citizens’ Audit Advisory Committee County Management Internal Audit Tom Manos Ross Tate County Manager County Auditor ORGANIZATIONAL INDEPENDENCE Internal Audit reports directly to the Board of Supervisors. This organizational structure provides assurance that County officials cannot unduly influence the nature or scope of the audit work and gives the Board a direct line of communication with Internal Audit. The Board-appointed Citizens’ Audit Advisory Committee assists the Board with its oversight responsibilities by reviewing the County’s financial information, the established systems of internal controls, and the audit process. Committee members include accounting, business, and audit professionals. The Committee meets regularly to review and comment on audit reports, County financial statements, and other audit-related matters. 6 ADVISORY COMMITTEE Citizens’ Audit Advisory Committee Provides Oversight Citizens’ Audit Advisory Committee Members Vacant Ryan Wimmer Dawn von Epp Barbara Coppage Ramon Ramirez District I District II (Chair) District III District IV District V Shelby Scharbach Bruce White Ross Tate Jay Zsorey Maricopa County Assistant County Manager Maricopa County Attorney’s Office Maricopa County Auditor Office of the Auditor General For Committee member biographies, the Citizens’ Audit Advisory Committee Charter, and the Maricopa County Internal Audit Charter, see our website: www.maricopa.gov/InternalAudit/cac.aspx. AUDITOR INDEPENDENCE AND OBJECTIVITY Internal auditors must be independent and objective in performing their work. To help ensure this, we require all auditors to sign Qualifications and Independence Statements certifying that they have no personal impairments prior to beginning an audit. Auditor independence is also confirmed during regularly scheduled team meetings. If independence or objectivity is impaired in fact or appearance, the details of the impairment must be disclosed, and auditors with impairments that affect objectivity are not assigned to an engagement. If an impairment arises during the course of an audit, the details of the impairment must be disclosed. Auditors with impairments that affect objectivity are reassigned. In FY 2015, there were no breaches to organizational or auditor independence. 7 AWARD FOR ANNUAL FINANCIAL REPORTING Chairman Chucri congratulates Internal Audit. For the sixth consecutive year, the Government Finance Of icers Association (GFOA) of the United States and Canada has given an Award for Outstanding Achievement in Popular Annual Financial Reporting to Maricopa County Internal Audit for its Citizens Financial Condition Report for the iscal year ended June 30, 2014. The Award for Outstanding Achievement in Popular Annual Financial Reporting is a prestigious national award recognizing conformance with the highest standards for preparation of state and local government popular reports. In order to receive an Award for Outstanding Achievement in Popular Annual Financial Reporting, a government unit must publish a Popular Annual Financial Report whose contents conform to program standards of creativity, presentation, understandability, and reader appeal. GFOA is a professional association of state/provincial and local inance of icers in the United States and Canada, and has served the public inance profession since 1906. Our award winning Citizens Financial Condition Reports are available on our website: http://www.maricopa.gov/InternalAudit/fcr.aspx 8 What our clients say about us…. “The audit team was punctual, professional, and very well prepared to analyze the varied areas and provide positive responses and recommendations.” HONORS & AWARDS Government Finance Officers Associa on Award for Outstanding Achievement in Popular Financial Repor ng for Ci zens Financial Condi on Report  2015, 2014, 2013, 2012, 2011, 2010 Associa on of Local Government Auditors  2010 Best Audit Report: Knighton Bronze Award for “We appreciate the professionalism, thoroughness and effective communication demonstrated throughout the process. Thank you.” “Timely & relevant info. Nice job!” Vehicle Usage Review  2008 Best Audit Report: Knighton Bronze Award for Air Quality Audit  2008 Website Gold Award  2007 Best Audit Report: Knighton Gold Award for Environmental Services Audit Na onal Associa on of Coun es  2010 Achievement Award for Tech Tips Training Program  2009 Best of Category Award & 2009 Achievement Award “This audit is a good example of the work auditors do to ensure the County is financially protected. Nice job.” “Very nice job in presenting info in an easy to read, understandable format.” for Internal Controls Video Program Ins tute of Internal Auditors  2006 Recogni on of Commitment for Professional Excellence, Professional Quality and Professional Outreach Na onal Center for Civic Innova on  2007 Trailblazer Award Government Performance Repor ng Demonstra on Grant Program Associa on of Government Accountants  2006 Cer ficate of Excellence for Service Efforts and Accomplishments 9 “Glad to see the insight given to the public to help them understand the process.” “You made what could be a complex subject easy to understand, especially for us nonfinancial people. The format was easy to read and exceptionally well organized. Thank you!” YEAR IN REVIEW − FY 2015 BY THE NUMBERS  18 audit reports/memos published  127 recommenda ons made with 99% client concurrence  80 recommenda ons implemented from current and prior years  100% Board sa sfac on  5 of 5 strategic goals met  GFOA award received  72 professional cer Ross received the first “Chief Audit Executive’” Award of the month from the Institute of Internal Auditors ‘to pave the road and lead the way.’ fica ons held  10 master’s degrees held  8 leadership posi ons held  2 speaking engagements  1 Chief Audit Execu ve award Presentations 1 County Auditor Ross Tate presented “Driving Audit Impact” at the Association of Local Government Auditor’s annual conference in May 2015. At the San Diego conference, Ross shared guidance for generating audit impact through outreach and education programs, relationship building, and capturing the reader’s attention. 2 Ross also participated on a panel discussion with other Chief Audit Executives on the topic of “How to Become a Value Added Business Partner.” This program by the Institute of Internal Auditors was very well attended in May 2015. 10 Anthony Reyes, Pinnacle West Capital Corporation; Ann Scovil, GoDaddy.com; Ross Tate, Maricopa County FY 2015 AUDIT REPORTS Agencies Clerk of the Superior Court Minimum Accounting Standards Education Service Agency Special Request Human Resources Justice Courts Minimum Accounting Standards Office of Enterprise Technology Public Fiduciary Sheriff’s Office Support Services Treasurer – Investment Services Countywide Annual County Risk Assessment Audit Follow-Up Citizens’ Financial Condition Report Contracts & Agreements:  IT Consultants  Legal Arizona Workers Act  Temporary Staffing Customer Satisfaction Survey Single Audit – Grant Compliance Review For full reports, please see our website: www.maricopa.gov/internalaudit/reports.aspx, or contact the agency of interest. 11 SIGNIFICANT WORK OF FY 2015 ENTERPRISE TECHNOLOGY HUMAN RESOURCES Objectives Audit objectives included determining whether: Objectives Audit objectives included determining whether:  Controls are sufficient to ensure compliance with key Federal and State laws and regulations, and with County and HR policies and procedures  Controls over HR records are sufficient to ensure confidentiality, security, and compliance with applicable requirements  Controls over select manual payroll procedures are sufficient to accurately account for garnishments, pay adjustments, benefit repayments, and employee reimbursements  Select areas of the recruitment process are performed in accordance with applicable requirements  Controls over hiring software access, interfaces, and reports are sufficient to ensure the accuracy and completeness of data  Expenditures are properly approved and paid in accordance with contract terms and conditions  Controls are in place over adding, changing, and removing user access to County IT resources Methods We interviewed key personnel, and reviewed policies, contracts, and supporting documentation. Results As a result of our audit, the Office of Enterprise Technology will:  Ensure retainage funds are appropriately withheld from contract expenditures (a $781,457 check has been received from one vendor to bring retainage current)  Ensure Methods We interviewed key personnel, observed processes, reviewed documentation, and reviewed laws, regulations, policies, and procedures. the propriety of contract expenditures  Strengthen controls over expenditure coding and receiving of goods  Strengthen controls over user access management Results As a result of our audit, Human Resources will:  Strengthen controls to ensure that user accounts for terminated employees are disabled timely  Strengthen compliance with laws and policies  Enhance internal controls over confidential information  Improve tuition repayment procedures  Work with agencies to strengthen controls over the recruitment software  Review system accounts to ensure that inappropriate generic accounts are removed 12 SIGNIFICANT WORK OF FY 2015 SHERIFF’S OFFICE PUBLIC FIDUCIARY Objectives Audit objectives included determining whether:  Fiduciaries are making required visits to wards at least quarterly  Vendors are approved and managed in accordance with internal policy and procedures  Adequate controls are in place over the expenditure of client monies  Bank accounts are properly reconciled Methods We interviewed key personnel, reviewed regulations, and analyzed visit records, procurement records, client expenditures, and bank statements. Results As a result of our audit, Public Fiduciary will:  Ensure that wards visits are conducted at least quarterly  Revise its vendor selection policy and ensure that vendors are properly approved and managed  Ensure that adequate controls are in place over the expenditures of client monies  Ensure that bank accounts are properly reconciled Objectives Audit objectives included determining whether:  Property and evidence are maintained and documented in accordance with regulations  The Records Division has established effective record keeping controls over key records  Controls over the arrest fingerprinting process are sufficient  Cash handling procedures are sufficient to safeguard cash receipts for the Property and Evidence, Records, and Civil Divisions Methods We interviewed MCSO personnel, toured MCSO facilities, examined records, reports, and processes, and performed appropriate test work. Results As a result of our audit, MCSO will:  Formalize policies and procedures, implement regular inventories and audits, and strengthen controls over property release procedures  Establish operations manuals, determine the feasibility of consolidating incident report databases, ensure incident reports are submitted timely, and develop a plan to improve timeliness of warrant entry  Ensure cash receipts are effectively safeguarded by consolidating operations, improving operating procedures, and performing regular reviews and audits  Formalize data center, user access, and change management protocols. 13 PERFORMANCE MEASURES We met or exceeded 3 of 5 strategic goals for FY 2015 M anaging for Results (MFR) is a management system that provides direction for making good business decisions based on performance. Using MFR is one way agencies demonstrate accountability to the taxpayers and residents of Maricopa County. Internal Audit’s performance goals are designed with the Board of Supervisors and County citizens in mind. Our primary measures focus on the Board’s satisfaction with our work, whether we complete all projects on our annual audit plan, and the proportion of our recommendations that the agencies implement. Internal Audit has achieved a 100% Board satisfaction rating for the past eleven years. Our goal is to maintain a 100% satisfaction rating from the Board of Supervisors, the Board’s Chiefs of Staff, and our Audit Advisory Committee. Audit Plan Completion Our goal is to complete 100% of the Board-approved audit plan and report this information to the Board no later than 180 days after fiscal year-end. We completed all 18 projects on time in FY 2015. 14 Recommendations Implemented Our goal is to facilitate the implementation of 95% of our recommendations for improvement within three years of being reported. 424 of 453 (94%) recommendations have been implemented within three years. Client Satisfaction We send satisfaction surveys to the County Manager, Deputy and Assistant County Managers, and Agency Directors with each audit report. We have exceeded our goal of a 90% satisfaction rating for the last ten years. Audit Staff Productivity Productive time is spent working on audits. Training, staff meetings, and vacation are not counted as productive time. Our goal is to achieve a 75% productivity rate, which is an industry average. We have met or exceeded our goal for the seven years prior to Fiscal Year 2015. The lower rate in FY15 is due to four vacancies, and the time spent time recruiting and training new staff. 15 OUR STAFF IS HIGHLY QUALIFIED We hold professional cer fica ons and advanced degrees O NUMBER OF CERTIFICATIONS & ADVANCED DEGREES ur staff members have extensive familiarity with professional auditing standards, methods, and techniques, as well as specialized training in information systems, business and government management, accounting, and fraud detection and deterrence. Cer fied Law Enforcement Auditor (CLEA) 11 Cer fied Internal Auditor (CIA) 10 Cer fied Government Audi ng Professional (CGAP) 8 Cer fied Fraud Examiner (CFE) 5 Cer fied Public Accountant (CPA) 5 IT Service Management (ITIL) 5 Cer fied Informa on Systems Auditor (CISA) 4 Master of Business Administra on Degree (MBA) 4 Cer fica on in Risk Management Assurance (CRMA) 3 Master of Public Administra on Degree (MPA) 3 Our staff hold 72 professional certifications and advanced degrees, as shown to the right. Cer fied Informa on Technology Professional (CITP) 2 ISO/IEC 20000 Founda on 2 Master of Accountancy Degree (MACC) 2 Cer fica on in Quality Assessment Program Accredita on 1 Additionally, most participate in a variety of professional organizations. Many also serve in leadership positions as committee chairs and governing board members, as shown on page 17. Cer fied ACL Data Analyst (ACDA) 1 Cer fied Government Financial Manager (CGFM) 1 Cer fied Management Accountant (CMA) 1 Cer fied in Risk and Informa on Systems Control (CRISC) 1 GIAC Security Essen als Cer fica on (GIAC) 1 GIAC Systems and Network Auditor (GSNA) 1 Master of Science in Informa on Management (MSIM) TOTAL 1 72 Congratulations on your achievements! New Certi ications Congratulations on your achievements! Lisa Scott and Scott Jarrett earned CFE certi ications. 16 OUR STAFF PROVIDES LEADERSHIP We serve in leadership posi ons in professional organiza ons LEADERSHIP POSITIONS IN PROFESSIONAL ORGANIZATIONS Associa on of Local Government Auditors (ALGA): Past President Audit Command Language (ACL) Users Group: Secretary/Treasurer Informa on Systems Audit and Control Associa on (ISACA): Board of Directors Membership Director Academic Relations Committee Ins tute of Internal Auditors (IIA): Past President Phoenix Chapter Board of Governors (Two members) PROFESSIONAL ORGANIZATION MEMBERSHIPS American Ins tute of Cer fied Public Accountants (AICPA) Arizona Society of Cer fied Public Accountants (ASCPA) Associa on of Cer fied Fraud Examiners (ACFE – Na onal and Arizona Chapter) Associa on of Government Accountants (AGA) Associa on of Local Government Auditors (ALGA) Audit Command Language (ACL) Users Group Informa on Systems Audit and Control Associa on (ISACA – Na onal and Phoenix Chapter) Ins tute of Internal Auditors (IIA – Na onal and Phoenix Chapter) Ins tute of Management Accountants (IMA) Interna onal Law Enforcement Auditors Associa on (ILEAA) 17 STAFF BIOGRAPHIES We are highly creden aled and experienced professionals Ross L. Tate, County Auditor Mr. Tate is a Certified Internal Auditor, Certified Management Accountant, Certified Government Auditing Professional, and Certified Government Financial Manager. He has a bachelor’s degree from Brigham Young University in business operations and systems analysis, with 29 years of professional auditing experience. Mr. Tate joined Internal Audit in 1989 and has been County Auditor since 1994. He is a past president of the Association of Local Government Auditors. Mr. Tate is a member of the IIA, and is currently serving as a Governing Board member for the Phoenix Chapter. D. Eve Murillo, Deputy County Auditor Ms. Murillo is a CPA, Certified Fraud Examiner, Certified Law Enforcement Auditor, Certified Information Technology Professional, and is certified in ITIL v3 Foundation and ISO/IEC 20000. She has a bachelor's degree from the University of Illinois, a master’s degree from the Florida Institute of Technology, and 20 years of accounting and auditing experience. She is a member of the AICPA, Association of Certified Fraud Examiners, the Institute of Internal Auditors, and the Information Systems Audit & Control Association. Carla Harris, Audit Manager Ms. Harris is a CPA, Certified Internal Auditor, and Certified Fraud Examiner. She has a bachelor’s degree in business administration with a major in accounting. Ms. Harris has more than 20 years of experience in internal auditing and accounting. She is a former board member and training director for the Arizona Chapter of the Association of Certified Fraud Examiners, and is a member of the National Chapter of the Association of Certified Fraud Examiners and the Institute of Internal Auditors. Toni Sage, Audit Manager Ms. Sage is a Certified Internal Auditor, Certified Government Auditing Professional, and is Certified in Risk Management Assurance. She has a bachelor’s degree in psychology from the City University of New York and an MBA from Fairleigh Dickinson University. Ms. Sage has nine years of law enforcement, performance, and IT auditing experience at Maricopa County and 13 years of IT management experience in the private sector. She is a member of the Institute of Internal Auditors, Association of Local Government Auditors, and ILEAA. 18 Stella J. Fusaro, Audit Manager Ms. Fusaro is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Fraud Examiner, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has a bachelor’s degree in business administration with an accounting concentration from California State University, Fullerton, and she has over 20 years of auditing experience. She is a member of the Institute of Internal Auditors, Association of Certified Fraud Examiners, and the Association of Local Government Auditors. Christina Black, Audit Supervisor Ms. Black is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has over 18 years of professional internal audit experience and 10 years of accounting and auditing experience. She has a bachelor's degree in accounting from Missouri Western State College. Ms. Black serves as a Board of Governor for the Institute of Internal Auditors and is a member of the Association of Certified Fraud Examiners and Association of Local Government Auditors. Patra E. Carroll, IT Audit Supervisor Ms. Carroll is a CPA, Certified Internal Auditor, Certified Information System Auditor, Certified in Risk and Information Systems Control, Certified Information Technology Professional, and Certified Law Enforcement Auditor with 19 years of public sector performance and IT auditing experience. She is ITIL v3 Foundation and ISO 20000 Foundation certified. Ms. Carroll has a master’s degree in information management from the Arizona State University WP Carey School of Business. Kimmie Wong, Senior Auditor Ms. Wong is a Certified Law Enforcement Auditor. She has a bachelor's degree in business administrative services from Arizona State University and a master’s degree in public administration from Western International University. She has a business background and professional internal auditing experience. Ms. Wong is a member of the Association of Local Government Auditors, Association of Certified Fraud Examiners, Institute of Internal Auditors, and International Law Enforcement Auditors Association. Susan Adams, Senior Information Technology Auditor Ms. Adams is a Certified Information Systems Auditor and a Certified Law Enforcement Auditor. She has a bachelor's degree in accounting from Utah State University and a master’s degree in business administration from the University of Utah. She has 22 years of professional auditing experience, with 16 years as an information systems auditor. Ms. Adams is a member of ISACA and serves on the ISACA Phoenix Chapter’s Academic Relations committee. She is also a member of the Association of Local Government Auditors and the Institute of Internal Auditors. 19 Lisa Scott, Senior Data Analyst Ms. Scott is a Certified Information Systems Auditor, Certified ACL Data Analyst, Certified Law Enforcement Auditor, Certified Fraud Examiner, and is certified in ITIL v3 Foundation. She has a bachelor’s degree in computer science from Jacksonville State University and a post-baccalaureate certificate in accountancy from Arizona State University. Ms. Scott is a member of the Association of Local Government Auditors, Association of Certified Fraud Examiners, Information Systems Audit and Control Association, and ILEAA. Ronda Jamieson, Senior Auditor Ms. Jamieson is a CPA, Certified Government Auditing Professional, and Certified Law Enforcement Auditor. She has a bachelor’s degree in accounting from Rocky Mountain College, Montana. She has 13 years of governmental auditing and eight years of general ledger experience. Ms. Jamieson is a member of the Institute of Internal Auditors, Arizona Society of Certified Public Accountants, Association of Certified Fraud Examiners, and the International Law Enforcement Auditors Association. Jenny M. Chan, Senior Auditor Ms. Chan is a Certified Internal Auditor and Certified Government Auditing Professional, with eight years of professional internal auditing experience. She started as an Internal Audit intern in May of 2007 and became a staff auditor in October of 2007. She has a bachelor’s degree in accountancy and computer information systems from the W.P. Carey School of Business at Arizona State University. Ms. Chan is a member of the Institute of Internal Auditors and the Association of Local Government Auditors. Scott Jarrett, Senior Auditor Mr. Jarrett is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, Certified Fraud Examiner, and is certified in ITIL v3 Foundation. He has a bachelor’s degree in accounting from Arizona State University. He served four years in the United States Coast Guard and has seven years of professional internal auditing experience. Mr. Jarrett is a member of the Institute of Internal Auditors, Association of Local Government Auditors, and International Law Enforcement Auditors Association. Stacy Aberilla, Senior Law Enforcement Auditor Ms. Aberilla is a Certified Government Auditing Professional. She holds a master’s degree in public administration from the Arizona State University School of Public Affairs where she was a member of the Pi Alpha Alpha national honor society. She graduated from ASU magma cum laude with a bachelor’s degree in sociology and minor in women’s studies. She is a member of the Association of Government Accountants, the Association of Local Government Auditors, and the Institute of Internal Auditors, and the International Law Enforcement Auditors Association. 20 Jennifer Sigüenza, Senior Law Enforcement Auditor Ms. Sigüenza is a Certified Public Accountant and a Certified Law Enforcement Auditor who joined Internal Audit in February 2014 after four and a half years in public accounting as an external auditor. She graduated from the W.P. Carey School of Business at Arizona State University with bachelor’s and master’s degrees in accounting. She is a member of the Arizona Society of CPAs and the International Law Enforcement Auditors Association. She is currently pursuing certification as a Certified Internal Auditor. Daniel Ng, Senior Auditor Mr. Ng has a bachelor’s degree in communications with an emphasis in print journalism from Brigham Young University (BYU) and a master’s degree in public administration from the Marriott School of Management at BYU. Mr. Ng has experience in print journalism, sports administration, and healthcare administration. Prior to joining Internal Audit, he held several process improvement and quality outcome positions within the healthcare field. He is a member of AHIA, IIA, ALGA, and the Arizona Chapter of Certified Fraud Examiners. Mona L. Andrews, Senior Information Technology Auditor Ms. Andrews is a Certified Internal Auditor, Certified Information Systems Auditor, and holds Global Information Assurance Certifications for Security Essentials, and Systems and Network Auditor. She has a bachelor’s degree from Arizona State University in Business Information Systems, with 18 years of professional internal auditing experience. Ms. Andrews joined Internal Audit in 2014. She is a member of the Institute of Internal Auditors and the Information Systems Audit and Control Association. Timothy Lockinger, Senior Auditor Mr. Lockinger joined Internal Audit in May 2015. He has a bachelor’s degree from the University of Nevada, Las Vegas in business administration. He has over 30 years of progressive accounting and supervisory experience within the highly regulated gaming industry. He is also experienced in the analysis and development of systems of internal controls. Mr. Lockinger is a member of the Association of Local Government Auditors, the Institute of Internal Auditors, and the Arizona Chapter of Certified Fraud Examiners. Dan Griedl, Senior Auditor Mr. Griedl joined Internal Audit in May 2015 and is a Certified Internal Auditor. He has a bachelor of business administration degree majoring in accounting from the University of Wisconsin-Oshkosh with over 30 years of audit experience. He was a consultant on a large contract compliance and cost recovery project. He has experience in public utilities, oil and gas, real estate investments, securities, and public accounting. Mr. Griedl is a member of the Institute of Internal Auditors and is a Past President of the Phoenix Chapter of the Institute of Internal Auditors. 21 Kenton Schaben, Internal Auditor Mr. Schaben joined Internal Audit in May 2015. He graduated cum laude from the W.P. Carey School of Business at Arizona State University with a bachelor’s degree in finance. He has two years experience as an auditor in the private sector and prior to that worked in finance for three years at a large financial institution. Mr. Schaben is a member of the Association of Local Government Auditors, the Institute of Internal Auditors, and the Arizona Chapter of Certified Fraud Examiners. Michael Ritzler, Associate Auditor Mr. Ritzler joined Internal Audit in June 2013. He has a bachelor’s degree in mathematics from Arizona State University and a master’s degree in accountancy from the University of Phoenix. He has four years of government auditing experience from working as a Senior Revenue field Auditor at the AZ Department of Transportation. He also worked at Bank of America as a Business Support Lead. Mr. Ritzler is a member of the Institute of Internal Auditors and the Association of Local Government Auditors. Eva Becker, Staff Auditor Ms. Becker joined Internal Audit in October 2013. She has a master’s in business administration from the W. P. Carey School of Business at Arizona State University. In addition to teaching high school for 5 years, she also worked briefly as an auditor for the Office of the Auditor General and as a grants coordinator for Maricopa County’s Air Quality Department. Ms. Becker is a member of the Association of Local Government Auditors, the Institute of Internal Auditors, and an affiliate member of the Arizona Chapter of Certified Fraud Examiners. Wendy Thiele, Executive Assistant Ms. Thiele joined Internal Audit in December 2006. Prior to relocating to Phoenix, she performed medical chart audits for a major healthcare system in Milwaukee, WI. She has 15 years of experience in internal auditing. She also has experience in human resources and home health care within a hospital setting. Ms. Thiele is a member of the Arizona Chapter of the Association of Certified Fraud Examiners and has also attended numerous auditing conferences and seminars, which has contributed to her overall knowledge of the audit process. 22 FY 2015 ORGANIZATIONAL CHART Board of Supervisors Citizens’ Audit Advisory Committee Ross Tate County Auditor Wendy Thiele Executive Assistant Eve Murillo Deputy County Auditor Toni Sage Audit Manager Carla Harris Audit Manager Stella Fusaro Audit Manager Lisa Scott Senior Data Analyst Kimmie Wong Senior Auditor Christina Black Audit Supervisor Scott Jarrett Senior Auditor Ronda Jamieson Senior Auditor Patra Carroll IT Audit Supervisor Stacy Aberilla Senior Law Enforcement Auditor Timothy Lockinger Senior Auditor Jenny Chan Senior Auditor Susan Adams Senior IT Auditor Daniel Ng Senior Auditor Mona Andrews Senior IT Auditor Dan Griedl Senior Auditor Eva Becker Staff Auditor Michael Ritzler Associate Auditor Jennifer Siguenza Senior Law Enforcement Auditor Kenton Schaben Internal Auditor 23 QUALITY ASSURANCE & IMPROVEMENT PROGRAM Internal Audit provides high quality deliverables to the Board of Supervisors, County leadership, and the public. In order to ensure high standards of quality, we have developed a Quality Assurance & Improvement Program that covers all aspects of the operation and management of the department. Our quality assurance program assesses the efficiency and effectiveness of our operations and includes internal and external assessments, in accordance with the International Standards for the Professional Practice of Internal Auditing, as discussed below. Quality Assurance & Improvement Program External Assessments  At least every 5 years An external assessment must be conducted at least every five years by a qualified, independent assessor or assessment team from outside the organization. The Maricopa County Citizens’ Audit Advisory Committee oversees these reviews. The FY 2000, FY 2003, FY 2006, FY 2009, and FY 2012 reviews by a local CPA firm were positive and showed no findings. The next external assessment is scheduled for FY 2017. Internal Assessments  Ongoing Monitoring  Periodic Self-Assessments Internal assessments include ongoing monitoring and periodic assessments of our audit work.  Ongoing monitoring is an integral part of the day-to-day supervision, review, and measurement of our work, and is incorporated into our internal policies and procedures.  Periodic internal self-assessments are conducted to evaluate conformance with the International Standards for the Professional Practice of Internal Auditing, the Definition of Internal Auditing, and the Code of Ethics promulgated by The Institute of Internal Auditors. Our internal assessments also include procedures to verify compliance with internal policies and procedures. For FY 2015, we reviewed 3 audit projects (21%) and found no significant deficiencies.  The results of our internal assessments for FY 2014 and FY 2015 show full conformance with the International Standards for the Professional Practice of Internal Auditing. 24 Maricopa County Internal Audit 301 West Jefferson Street, Suite 660 Phoenix, AZ 85003-2148 Telephone: 602-506-1585 Facsimile: 602-506-8957 E-mail: thielew@mail.maricopa.gov Visit our website: www.maricopa.gov/internalaudit/ Follow us on... Annual Report Project Members Carla Harris, Audit Supervisor, CPA, CIA, CFE Kimmie Wong, Senior Auditor, MPA, CLEA