Maricopa County, Arizona Internal Audit Performance Report Fiscal Year 2016 Letter from the County Auditor 1 What We Do 2 Our Financial Benefit 3 Independence and Objectivity 6 Awards and Honors 8 Year in Review 10 Significant Work of FY 2016 12 Performance Results 14 Meet Our Staff 16 Definition of Internal Auditing An independent, objective assurance and consulting activity designed to add value and improve the County’s operations. It helps the County accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Mission To provide objective information on the County’s system of internal controls to the Board of Supervisors so they can make informed decisions and protect the interests of County citizens. Vision To facilitate positive change throughout the County. Value Statement To promote the effective, efficient, economical, and ethical use of public resources. Motto Do the Right Things Right! MARICOPA COUNTY’S INTERNAL AUDIT DEPARTMENT PLAYS A VITAL ROLE ON BEHALF OF COUNTY CITIZENS  Internal Audit helps keep the County accountable to the public by measuring the effectiveness, economy, and efficiency of County operations.  Internal Audit provides objective assurance about the reliability and credibility of information produced by management.  Internal Audit helps Maricopa County achieve its goals and objectives by improving organizational systems and services.  Internal Audit’s presence helps protect Maricopa County assets by deterring fraud, waste, and abuse.  Internal Audit helps employees improve their overall job performance and adherence to established controls. LETTER FROM THE COUNTY AUDITOR To: Denny Barney, District I Steve Chucri, District II Andrew Kunasek, District III Clint L. Hickman, District IV, Chairman Steve Gallardo, District V From: Ross L. Tate, County Auditor Date: October 31, 2016 The County’s Internal Audit Department promotes accountability and transparency by independently reviewing the County’s internal control environment, and making recommendations for improvement. Our dedicated team of audit professionals worked diligently in fiscal year (FY) 2016 to provide the Board of Supervisors and the public with useful, objective information. Significant Work of Fiscal Year 2016 We published 26 reports; four major audits are discussed on pages 12-13. Some of the significant reports are listed below, and a complete list appears on page 11. Departments: Sheriff’s Office: Countywide:      Medical Examiner Parks & Recreation Public Health   Crime Lab Inmate Funds & Programs System Implementation   Cybersecurity Assessment Expenditures (Procurement Card) Financial Condition Report Internal Audit Issues 209 Recommendations We make recommendations that improve efficiency, economy, and operational effectiveness. Our recommendations also strengthen controls that deter fraud, waste, and abuse. Last year, we made 209 recommendations for improvement. Agency management concurred with 100% of our recommendations, which is a testament to the quality and usefulness of our recommendations. Internal Audit Produces Two Humorous Internal Control Videos You might be asking yourself how can “humor” and “audit” be in the same sentence? It is possible! Check out our videos on Contingency Planning and Supervisory Approvals. http://www.maricopa.gov/ InternalAudit/controls.aspx Internal Audit Thanks You for Your Support We appreciate the Board of Supervisors, the Citizens’ Audit Advisory Committee, and County administration for their strong, continued support of the County’s internal audit function. 1 INTERNAL AUDIT PROVIDES VALUABLE SERVICES We Conduct Performance Audits Our performance audits provide objective analysis of County operations. We examine agencies, programs, and processes for compliance with laws, regulations, policies, and best practices. We also assess whether effective systems are in place to ensure program effectiveness, economy, and efficiency. We issue our findings and recommendations for improvement in publicly available audit reports. We Provide Objective Information Internal Audit assists County management in improving controls, processes, procedures, performance, and risk management. Our reports provide independent and unbiased analysis and recommendations to the County Board of Supervisors and to County management. County directors and staff use our reports to improve program performance, accountability, transparency, and cost effectiveness. Additionally, our reports assist the County Board of Supervisors in making informed decisions in the interest of County residents. We Make Recommendations The value of our work is in our recommendations for improvement. In addition to reporting on areas that may be experiencing challenges or problems, we work with County leadership on recommendations that address the root cause of problems, which helps to prevent the issues from reoccurring. We Facilitate Improvement The County and its citizens benefit from our work when County management implements our recommendations. Our staff assists in that effort by performing organized follow-up procedures. We monitor agencies’ progress in implementing our recommendations, and determine the adequacy of action taken. We also provide an annual report to the Board of Supervisors on recommendations outstanding. 2 INTERNAL AUDIT IS A GOOD INVESTMENT Our Cost vs Savings Produced We Pay for Ourselves Over the past 15 years, we have generated $26.8 million in actual savings to the County, versus $22.5 million in budget cost—a net savings of $4.3 million. For every $10,000 in department costs, we have produced $11,912 in savings. This excludes the potential savings depicted below. Our Cost $22.5 Million Actual Recoveries & Savings $26.8 Million Our Cost vs PotenƟal Savings We Identify Potential Savings Our Cost $22.5 Million Over the past 15 years, we have found $65.8 million in potential savings, which includes the avoidance or reduction of future costs. These savings involve contracts, assets, payroll, and other areas. PotenƟal Savings $65.8 Million Our Cost vs Outsourcing FY 2016 We Use Consultants Wisely Our Cost $91 per hour We do everything we can with less costly internal resources. We use outside expertise only when necessary. Cost to Outsource $215 per hour 3 WE ARE THE RIGHT SIZE FOR OUR COUNTY Audit Budget as Proportion of Total County Budget Our budget is adequate compared to the total County budget. Our budget comprises .08% of the total County budget in FY 2016, which is slightly above the average of seven comparable counties. Audit Staffing Our staffing level is the right size for our County size. We employed 16.5 full-time equivalent auditors in FY 2016; that is, 859 County employees per auditor. Seven comparable counties averaged 919 county employees per auditor. Audit Dollars Spent per County Resident Our resources are utilized very effectively and efficiently. Maricopa County spent only 45¢ per resident on internal auditing in FY 2016, which is 57% less than the average spent by seven comparable counties. 4 WE FOCUS OUR EFFORTS ON HIGH RISK AREAS Countywide Risk Assessment Sheriff’s Office (MCSO) We develop our annual audit plan using a risk assessment process that maximizes coverage and minimizes risk. We assess risk by analyzing conditions that can impair the County’s ability to achieve its key objectives and strategic goals. We review the County’s organization, financial data, Annual Financial Report, and other items. We consider financial impact, leadership input, citizen impact, and other factors. Annually, the County Auditor presents the resulting audit plan to the Citizens’ Audit Advisory Committee and the Board of Supervisors for approval. MCSO is the largest operation in the County with 15.8% ($352 million) of the County’s FY 2016 budget, and 27% of its employees. To address this high-risk operation, two auditor positions are assigned to MCSO. This approach has enhanced our subject matter expertise; our awareness of the governance, risk and control environment; our audit effectiveness; and our working relationship with MCSO. Contracts The County spends hundreds of millions of dollars annually on contracts. We regularly audit contracts due to the risk of improper payments if contracts are not properly monitored. In fiscal years 2006 through 2016, we identified over $12.6 million in recoveries, savings, and cost avoidance. Information Technology (IT) The County budgeted $7.6 million for capital IT projects in FY 2016 and spends significant amounts on IT applications, hardware, and personnel, each year. Given the significant investment and associated IT risks, we have conducted 64 IT audits since FY 2009. Special Requests We can provide specialized auditing and consulting services in addition to those identified on the Board-approved annual audit plan. We set aside a number of hours for special requests, which may be initiated by the Board or County officials during the year. Countywide Audits Countywide audits provide broader coverage with fewer resources, and focus on areas or transactions that cross agency boundaries. Examples include procurement, contract, and network security audits. 5 INTERNAL AUDIT IS INDEPENDENT Internal Audit Reports Directly to the Board of Supervisors Maricopa County Board of Supervisors Denny Barney Steve Chucri Andrew Kunasek Clint Hickman Steve Gallardo District I District II District III District IV (Chairman) District V Citizens’ Audit Advisory Committee County Management Internal Audit Joy Rich Ross Tate County Manager County Auditor ORGANIZATIONAL INDEPENDENCE Internal Audit reports directly to the Board of Supervisors. This organizational structure provides assurance that County officials cannot unduly influence the nature or scope of the audit work, and gives the Board a direct line of communication with Internal Audit. The Board-appointed Citizens’ Audit Advisory Committee assists the Board with its oversight responsibilities by reviewing the County’s financial information, the established systems of internal controls, and the audit process. Committee members include accounting, business, and audit professionals. The Committee meets regularly to review and comment on audit reports, County financial statements, and other audit-related matters. 6 ADVISORY COMMITTEE Citizens’ Audit Advisory Committee Provides Oversight Citizens’ Audit Advisory Committee Members Photo Not Available Ryan Wimmer Dawn von Epp Barbara Coppage Ramon Ramirez Joseph Losada District I District II District III District IV (Chairman) District V Shelby Scharbach Michelle Wood Ross Tate Jay Zsorey Maricopa County Assistant County Manager Maricopa County Attorney’s Office Maricopa County Auditor Office of the Auditor General For Committee member biographies, the Citizens’ Audit Advisory Committee Charter, and the Maricopa County Internal Audit Charter, see our website: www.maricopa.gov/InternalAudit/cac.aspx. AUDITOR INDEPENDENCE AND OBJECTIVITY Internal auditors must be independent and objective in performing their work. To help ensure this, we require all auditors to sign Qualifications and Independence Statements certifying that they have no personal impairments prior to beginning an audit. Auditor independence is also confirmed during regularly scheduled team meetings. If independence or objectivity is impaired in fact or appearance, the details of the impairment must be disclosed, and auditors with impairments that affect objectivity are not assigned to an engagement. If an impairment arises during the course of an audit, the details of the impairment must be disclosed. Auditors with impairments that affect objectivity are reassigned. In FY 2016, there were no breaches to organizational or auditor independence. 7 AWARD FOR ANNUAL FINANCIAL REPORTING Chairman Hickman congratulates Internal Audit. For the seventh consecutive year, the Government Finance Of icers Association (GFOA) of the United States and Canada has given an Award for Outstanding Achievement in Popular Annual Financial Reporting to Maricopa County Internal Audit for its Citizens Financial Condition Report for the iscal year ended June 30, 2015. The Award for Outstanding Achievement in Popular Annual Financial Reporting is a prestigious national award recognizing conformance with the highest standards for preparation of state and local government popular reports. In order to receive an Award for Outstanding Achievement in Popular Annual Financial Reporting, a government unit must publish a Popular Annual Financial Report whose contents conform to program standards of creativity, presentation, understandability, and reader appeal. GFOA is a professional association of state/provincial and local inance of icers in the United States and Canada, and has served the public inance profession since 1906. Our award winning Citizens Financial Condition Reports are available on our website: http://www.maricopa.gov/InternalAudit/fcr.aspx 8 What our clients say about us…. AWARDS & HONORS “We appreciate the assistance. The review and recommendations truly help keep us in compliance. The cooperative atmosphere surrounding continuous quality improvement is a spirit well received here.” “The audit process went very smooth, and was done with a high level of professionalism.” Government Finance Officers Associa on Award for Outstanding Achievement in Popular Financial Repor ng for Ci zens Financial Condi on Report  2016, 2015, 2014, 2013, 2012, 2011, 2010 Associa on of Local Government Auditors  2010 Best Audit Report: Knighton Bronze Award for Vehicle Usage Review “I really appreciate the information. It will help us improve our operation and continue to strengthen the service we provide to the public.”  2008 Best Audit Report: Knighton Bronze Award for Air Quality Audit  2008 Website Gold Award  2007 Best Audit Report: Knighton Gold Award for “Very nice working with you all. I appreciate the time you took to review things and involve us in the process.” Environmental Services Audit Na onal Associa on of Coun es  2010 Achievement Award for Tech Tips Training Program  2009 Best of Category Award & 2009 Achievement Award for Internal Controls Video Program Na onal Center for Civic Innova on “I very much appreciate the way your department conducts its audits. My assistant felt that everyone helped her learn how to improve her compliance and not just point out deficiencies. Thanks again.”  2007 Trailblazer Award Government Performance “The review was a confirmation that we are on the right track in my division.” Repor ng Demonstra on Grant Program Ins tute of Internal Auditors  2006 Recogni on of Commitment for Professional Excellence, Professional Quality and Professional Outreach Associa on of Government Accountants  2006 Cer ficate of Excellence for Service Efforts and Accomplishments 9 “The assessment was very fair and I completely agree with the evaluation. As a result, we will begin work in those areas that were pointed out. I look forward to working with your staff in the future!” YEAR IN REVIEW − FY 2016 BY THE NUMBERS  26 audit reports/memos published  2 web videos  209 recommenda ons made with 100% client concurrence  153 recommenda ons implemented from current and prior years  100% Board sa sfac on  4 of 5 strategic goals met  GFOA award received  57 professional cer fica ons held  12 master’s degrees held  5 leadership posi ons held  1 speaking engagement Presentation County Auditor Ross Tate was invited to give a presentation on “Innovative Reporting” at the Association of Local Government Auditors annual conference in May 2016. At the Austin, Texas conference, Ross shared guidance for using innovative formats and techniques in audit reports to capture the attention of decision-makers and citizens. Be sure to ask Mr. Tate why he is wearing an aluminum foil hat! 10 FY 2016 AUDIT REPORTS Agencies Adult Probation Minimum Accounting Standards Animal Care & Control Task Force Validation Special Request Justice Courts Minimum Accounting Standards Medical Examiner Parks & Recreation Protective Services Public Health Sheriff’s Office Crime Lab Sheriff’s Office Information Technology Shield System Implementation Sheriff’s Office Inmate Funds and Programs Treasurer’s Accounting Operations Special Request Countywide Annual County Risk Assessment Audit Follow-Up Citizens Financial Condition Report Cybersecurity Assessment Contracts & Agreements:  Asphalt Service  Legal Arizona Workers Act  Furniture  Painting Services Travel Enterprise Resource Planning System Expenditures (Procurement Card) Single Audit – Monitoring Review For full reports, please see our website: www.maricopa.gov/internalaudit/reports.aspx, or contact the agency of interest. 11 SIGNIFICANT WORK OF FY 2016 PARKS & RECREATION MEDICAL EXAMINER Objectives Objectives Audit objectives included determining that: Audit objectives included determining that:  The postmortem quality assurance process is adequate and aligns with national standards.  Medical  Visitor satisfaction goals and safety requirements are being met. examiner credentials are current and  Controls are sufficient to ensure revenues are calculated accurately and collected in full. valid.  Legal jurisdiction determinations are appropriate and align with state statute, office policy, and industry standards.  Information technology controls over data confidentiality, integrity, and availability are effective and adequate.  Medical death investigation reports and management statistical reports are accurate.  Cash controls are sufficient and used consistently.  Procedures for collecting, maintaining, securing, tracking, and releasing evidence align with state Methods statute, office policy, and industry standards. We interviewed Parks and concessionaire personnel, and conducted site visits. We reviewed supporting Methods documentation, including information technology We interviewed personnel, reviewed contracts, concessionaire agreements, payments, and documentation, and reviewed relevant statutes, certificates of insurance. policies, and procedures. Results Results As a result of our audit, Parks & Recreation will: As a result of our audit, the Office of the Medical  Enhance policies and procedures. Examiner will:  Strengthen  Improve its quality assurance program and develop a methodology to improve autopsy caseloads. concessionaire monitoring.  Improve information technology strategic planning and security awareness.  Update policies and clarify policies for determining jurisdiction. We found that:  Improve  Facilities procedures for collecting, packaging, tracking, releasing, and storing evidence and medications.  Strengthen  Cash are clean and well maintained. controls are reasonable and used consistently. technology system controls. 12 SIGNIFICANT WORK OF FY 2016 SHERIFF’S OFFICE PUBLIC HEALTH Objectives Objectives Audit objectives included determining that: Audit objectives included determining that:  Inmate  Public trust funds are accounted for and managed in accordance with statute and policies. Health is in compliance with the Health Insurance Portability and Accountability Act (HIPAA) requirements.  Adequate controls are in place to ensure vendor compliance with the Inmate Telephone System Contract payment requirements.  Sexually transmitted disease diagnostic and treatment services, case reviews, and follow-up are performed in accordance with established guidelines.  Fees  Sufficient controls are in place to ensure inmate programs support inmate development, align with the inmate population needs, and are evaluated in accordance with policy. are properly approved. Methods Methods We interviewed personnel, reviewed documentation, We interviewed personnel, reviewed documentation, and reviewed relevant statutes, policies, and and reviewed relevant statutes, policies, and procedures. procedures. Results Results As a result of our audit, Public Health will: As a result of our audit, the Sheriff’s Office will:  Improve compliance with HIPAA rules.  Establish a policy to ensure Inmate Fund   expenditures align with state statutes. Update the sexually transmitted disease policies to better reflect current procedures.  Implement contract management procedures and update the Inmate Telephone System Contract with accurate rates, fees, and commissions. Establish policies and procedures to formalize the fee approval process.  Improve procedures for receiving and depositing inmate funds.  Improve planning and development for inmate programs, update screening procedures, and improve the accuracy of management reporting.  Improve procedures for inventory management, product write-offs, and processing inmate grievances. 13 PERFORMANCE MEASURES We met or exceeded 4 of 5 strategic goals for FY 2016 M anaging for Results (MFR) is a management system that provides direction for making good business decisions based on performance. Using MFR is one way agencies demonstrate accountability to taxpayers and residents of Maricopa County. Internal Audit’s performance goals are designed with the Board of Supervisors and County citizens in mind. Our primary measures focus on the Board’s satisfaction with our work, whether we complete all projects on our annual audit plan, and the proportion of our recommendations that the agencies implement. Internal Audit has achieved a 100% Board satisfaction rating for the past twelve years. Our goal is to maintain a 100% satisfaction rating from the Board of Supervisors, the Board’s Chiefs of Staff, and our Citizens’ Audit Advisory Committee. Audit Plan Completion Our goal is to complete 100% of the Board-approved audit plan and report this information to the Board no later than 180 days after fiscal year-end. We completed all 26 projects on time in FY 2016. 14 Recommendations Implemented Our goal is to facilitate the implementation of 95% of our recommendations for improvement within three years of being reported. 318 of 351 (91%) recommendations have been implemented within three years. Client Satisfaction We send satisfaction surveys to the County Manager, Deputy and Assistant County Managers, and Agency Directors with each audit report. We have exceeded our goal of a 90% satisfaction rating for the last eleven years. Audit Staff Productivity Productive time is spent working on audits. Training, staff meetings, and vacation are not counted as productive time. Our goal is to achieve a 75% productivity rate, which is an industry average. Note: FYs 2014 & 2015 were restated. 15 OUR STAFF IS HIGHLY QUALIFIED We hold professional cer fica ons and advanced degrees NUMBER OF CERTIFICATIONS & ADVANCED DEGREES O ur staff has extensive familiarity with professional auditing standards, methods, and techniques, as well as specialized training in information systems, business and government management, accounting, and fraud detection and deterrence. Our staff holds 69 professional certifications and advanced degrees, as shown to the right. Additionally, most participate in a variety of professional organizations. Many also serve in leadership positions as committee chairs and governing board members, as shown on page 17. Cer fied Internal Auditor (CIA) 10 Cer fied Law Enforcement Auditor (CLEA) 9 Cer fied Government Audi ng Professional (CGAP) 7 Cer fied Fraud Examiner (CFE) 7 Cer fied Informa on Systems Auditor (CISA) 4 IT Service Management (ITIL) 4 Master of Business Administra on Degree (MBA) 4 Cer fica on in Risk Management Assurance (CRMA) 3 Cer fied Public Accountant (CPA) 3 Master of Public Administra on Degree (MPA) 3 Cer ficate in Execu ve Leadership 1 Cer fica on in Quality Assessment Program Accredita on 1 Cer fied ACL Data Analyst (ACDA) 1 Cer fied Government Financial Manager (CGFM) 1 Cer fied in Risk and Informa on Systems Control (CRISC) 1 Cer fied Informa on Technology Professional (CITP) 1 Cer fied Management Accountant (CMA) 1 GIAC Security Essen als Cer fica on (GIAC) 1 GIAC Systems and Network Auditor (GSNA) 1 ISO/IEC 20000 Founda on 1 Juris Doctor (JD) 1 Master of Accountancy Degree (MACC) 1 Master of Educa on (MEd) 1 Master of Laws (LLM) 1 Master of Science in Informa on Management (MSIM) TOTAL 1 69 16 OUR STAFF PROVIDES LEADERSHIP We serve in leadership posi ons in professional organiza ons LEADERSHIP POSITIONS IN PROFESSIONAL ORGANIZATIONS Associa on of Local Government Auditors (ALGA): Past President Informa on Systems Audit and Control Associa on (ISACA): Board of Directors Membership Director Ins tute of Internal Auditors (IIA): Past President Phoenix Chapter Board of Governors PROFESSIONAL ORGANIZATION MEMBERSHIPS American Ins tute of Cer fied Public Accountants (AICPA) Arizona Society of Cer fied Public Accountants (ASCPA) Associa on of Cer fied Fraud Examiners (ACFE – Na onal and Arizona Chapter) Associa on of Government Accountants (AGA) Associa on of Local Government Auditors (ALGA) Informa on Systems Audit and Control Associa on (ISACA – Na onal and Phoenix Chapter) Ins tute of Internal Auditors (IIA – Na onal and Phoenix Chapter) Ins tute of Management Accountants (IMA) Interna onal Law Enforcement Auditors Associa on (ILEAA) Congratulations on your achievements! Ross Tate received the Certi ied Fraud Examiner credential. Christina Black received a Certi icate in Executive Leadership from Arizona State University. 17 STAFF BIOGRAPHIES We are highly creden aled and experienced professionals Ross L. Tate, County Auditor Mr. Tate is a Certified Internal Auditor, Certified Management Accountant, Certified Government Auditing Professional, Certified Government Financial Manager, and Certified Fraud Examiner. He has a bachelor’s degree from Brigham Young University in business operations and systems analysis. Mr. Tate joined Internal Audit in 1989 and has been County Auditor since 1994. He is a past president of the Association of Local Government Auditors. He is a member of the Institute of Internal Auditors, and is a Governing Board member for the Phoenix Chapter. Carla Harris, Audit Manager Ms. Harris is a Certified Public Accountant, Certified Internal Auditor, and Certified Fraud Examiner. She has a bachelor’s degree in business administration with a major in accounting. Ms. Harris has more than 20 years of experience in internal auditing and accounting. She is a former board member and training director for the Arizona Chapter of the Association of Certified Fraud Examiners, and is a member of the National Chapter of the Association of Certified Fraud Examiners, Institute of Internal Auditors, and Association of Local Government Auditors. Toni Sage, Audit Manager Ms. Sage is a Certified Internal Auditor, Certified Government Auditing Professional, and is Certified in Risk Management Assurance. She has a bachelor’s degree in psychology from the City University of New York and an MBA from Fairleigh Dickinson University. Ms. Sage has 10 years of law enforcement, performance, and IT auditing experience at Maricopa County and 13 years of IT management experience in the private sector. She is a member of the Institute of Internal Auditors and the Association of Local Government Auditors. Stella J. Fusaro, Audit Manager Ms. Fusaro is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Fraud Examiner, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has a bachelor’s degree in business administration with an accounting concentration from California State University, Fullerton, and she has over 25 years of auditing experience. She is a member of the Institute of Internal Auditors, Association of Certified Fraud Examiners, and Association of Local Government Auditors. 18 Christina Black, Audit Supervisor Ms. Black is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has over 19 years of professional internal audit experience and 10 years of accounting and auditing experience. She has a bachelor's degree in accounting from Missouri Western State College. Ms. Black is a member of the Institute of Internal Auditors, Association of Certified Fraud Examiners, and Association of Local Government Auditors. Patra E. Carroll, IT Audit Supervisor Ms. Carroll is a Certified Public Accountant, Certified Internal Auditor, Certified Information Systems Auditor, Certified in Risk and Information Systems Control, Certified Information Technology Professional, and Certified Law Enforcement Auditor with 20 years of public sector performance and IT auditing experience. She is ITIL v3 Foundation and ISO 20000 Foundation certified. Ms. Carroll has a master’s degree in information management from the Arizona State University WP Carey School of Business. Kimmie Wong, Senior Auditor Ms. Wong is a Certified Law Enforcement Auditor. She has a bachelor's degree in business administrative services from Arizona State University and a master’s degree in public administration from Western International University. She has a business background, professional internal auditing experience, and supervisory experience. Ms. Wong is a member of the Association of Local Government Auditors, Arizona Chapter of Certified Fraud Examiners, Institute of Internal Auditors, and International Law Enforcement Auditors Association. Susan Adams, Senior Information Technology Auditor Ms. Adams is a Certified Information Systems Auditor and a Certified Law Enforcement Auditor. She has a bachelor's degree in accounting from Utah State University and a master’s degree in business administration from the University of Utah. She has 23 years of professional auditing experience, with 17 years as an information systems auditor. Ms. Adams is a member of ISACA and serves on the ISACA Phoenix Chapter’s Academic Relations committee. She is also a member of the Association of Local Government Auditors and the Institute of Internal Auditors. Lisa Scott, Senior Data Analyst Ms. Scott is a Certified Information Systems Auditor, Certified ACL Data Analyst, Certified Law Enforcement Auditor, Certified Fraud Examiner, and is certified in ITIL v3 Foundation. She has a bachelor’s degree in computer science from Jacksonville State University and a post-baccalaureate certificate in accountancy from Arizona State University. Ms. Scott is a member of the Association of Local Government Auditors, Association of Certified Fraud Examiners, and Information Systems Audit and Control Association. 19 Jenny M. Chan, Senior Auditor Ms. Chan is a Certified Internal Auditor and Certified Government Auditing Professional, with nine years of professional internal auditing experience. She started as an Internal Audit intern in May of 2007 and became a staff auditor in October of 2007. She has a bachelor’s degree in accountancy and computer information systems from the W.P. Carey School of Business at Arizona State University. Ms. Chan is a member of the Institute of Internal Auditors, Association of Local Government Auditors, and Arizona Chapter of Certified Fraud Examiners. Scott Jarrett, Senior Law Enforcement Auditor Mr. Jarrett is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, Certified Fraud Examiner, and is certified in ITIL v3 Foundation. He has a bachelor’s degree in accounting from Arizona State University. He served four years in the United States Coast Guard and has eight years of professional internal auditing experience. Mr. Jarrett is a member of the Institute of Internal Auditors, International Law Enforcement Auditors Association, and Association of Local Government Auditors. Stacy Aberilla, Senior Law Enforcement Auditor Ms. Aberilla is a Certified Government Auditing Professional. She holds a master’s degree in public administration from the Arizona State University School of Public Affairs where she was a member of the Pi Alpha Alpha national honor society. She graduated from ASU magma cum laude with a bachelor’s degree in sociology and minor in women’s studies. She is a member of the Association of Government Accountants, Association of Local Government Auditors, International Law Enforcement Auditors Association, and Institute of Internal Auditors. Jennifer Sigüenza, Senior Law Enforcement Auditor Ms. Sigüenza is a Certified Public Accountant and a Certified Law Enforcement Auditor with over seven years of professional audit experience. She joined Internal Audit in February 2014 after four and a half years in public accounting as an external auditor. She graduated from the W.P. Carey School of Business at Arizona State University with bachelor’s and master’s degrees in accounting. She is a member of the Arizona Society of CPAs, Institute of Internal Auditors, International Law Enforcement Auditors Association, and Association of Local Government Auditors. Daniel Ng, Senior Auditor Mr. Ng has a bachelor’s degree in communications with an emphasis in print journalism from Brigham Young University (BYU) and a master’s degree in public administration from the Marriott School of Management at BYU. Mr. Ng has experience in print journalism, sports administration, and healthcare administration. Prior to joining Internal Audit, he held several process improvement and quality outcome positions within the healthcare field. He is a member of the Institute of Internal Auditors and the Arizona Chapter of Certified Fraud Examiners. 20 Dan Griedl, Senior Auditor Mr. Griedl joined Internal Audit in May 2015 and is a Certified Internal Auditor. He has a bachelor of business administration degree majoring in accounting from the University of Wisconsin-Oshkosh with over 30 years of audit experience. He was a consultant on a large contract compliance and cost recovery project. He has experience in public utilities, oil and gas, real estate investments, securities, and public accounting. Mr. Griedl is a member of the Institute of Internal Auditors and is a Past President of the Phoenix Chapter of the Institute of Internal Auditors. Timothy Lockinger, Senior Auditor Mr. Lockinger joined Internal Audit in May 2015. He has a bachelor’s degree from the University of Nevada, Las Vegas in business administration. He has over 30 years of progressive accounting and supervisory experience within the highly regulated gaming industry. He is also experienced in the analysis and development of systems of internal controls. Mr. Lockinger is a member of the Association of Local Government Auditors, Institute of Internal Auditors, and Arizona Chapter of Certified Fraud Examiners. Megan M. McPherson, Senior Auditor Ms. McPherson joined Internal Audit in February 2016. She graduated from the W.P. Carey School of Business at Arizona State University with a bachelor’s degree in finance, and holds a master’s degree in teaching economics and business. She began her audit career with Wells Fargo Bank and has seven years of professional internal auditing experience. She is a member of the Institute of Internal Auditors, and is currently pursuing certification as a Certified Internal Auditor. Brian Nesvig, Senior Auditor Mr. Nesvig is a Certified Fraud Examiner who joined Internal Audit in August 2016. Prior to Maricopa County, he gained more than five years of internal auditing experience, including time in both public (San Diego County) and private (Target Corporation & Honeywell International) sectors. He has a Juris Doctor, a Master of Laws in taxation from the University of San Diego School of Law, and a bachelor’s degree in economics from St. Olaf College. Mr. Nesvig is a member of the Institute of Internal Auditors and the Association of Local Government Auditors. Kenton Schaben, Internal Auditor Mr. Schaben joined Internal Audit in May 2015. He graduated cum laude from the W.P. Carey School of Business at Arizona State University with a bachelor’s degree in finance. He has two years of professional experience as an auditor in the private sector, and prior to that he worked in finance for three years at a large financial institution. Mr. Schaben is a member of the Association of Local Government Auditors, Institute of Internal Auditors, and Arizona Chapter of Certified Fraud Examiners. 21 Athena Dobell-Garcia, Internal Auditor Ms. DoBell-Garcia is a Certified Fraud Examiner, who joined Internal Audit in September 2015, after five years in private accounting as an internal auditor. She graduated from the University of Phoenix with a bachelor’s degree in accounting, and from Grand Canyon University with a master’s in business administration. She is a member of the Institute of Internal Auditors and the Association of Certified Fraud Examiners. She is currently pursuing certification as a Certified Internal Auditor. Wendy Thiele, Executive Assistant Ms. Thiele joined Internal Audit in December 2006. Prior to relocating to Phoenix, she performed medical chart audits for a major healthcare system in Milwaukee, WI. She has 16 years of experience in internal auditing. She also has experience in human resources and home health care within a hospital setting. Ms. Thiele is a member of the Arizona Chapter of the Association of Certified Fraud Examiners and has attended numerous auditing conferences and seminars, which has contributed to her overall knowledge of the audit process. 22 FY 2016 ORGANIZATIONAL CHART Board of Supervisors Citizens’ Audit Advisory Committee Ross Tate County Auditor Wendy Thiele Executive Assistant Carla Harris Audit Manager Stella Fusaro Audit Manager Toni Sage Audit Manager Patra Carroll IT Audit Supervisor Christina Black Audit Supervisor Kimmie Wong Senior Auditor Susan Adams Senior IT Auditor Stacy Aberilla Senior Law Enforcement Auditor Jenny Chan Senior Auditor Dan Griedl Senior Auditor Timothy Lockinger Senior Auditor Megan McPherson Senior Auditor Athena DoBell-Garcia Internal Auditor Kenton Schaben Internal Auditor Jennifer Siguenza Senior Law Enforcement Auditor Lisa Scott Senior Data Analyst Scott Jarrett Senior Auditor Daniel Ng Senior Auditor 23 QUALITY ASSURANCE &IMPROVEMENT PROGRAM Internal Audit provides high quality deliverables to the Board of Supervisors, County leadership, and the public. In order to ensure high standards of quality, we have developed a Quality Assurance & Improvement Program that covers all aspects of the operation and management of the department. Our quality assurance program assesses the efficiency and effectiveness of our operations and includes internal and external assessments, in accordance with the International Standards for the Professional Practice of Internal Auditing, as discussed below. Quality Assurance & Improvement Program External Assessments  At least every 5 years An external assessment must be conducted at least every five years by a qualified, independent assessor or assessment team from outside the organization. The Maricopa County Citizens’ Audit Advisory Committee oversees these reviews. The FY 2000, FY 2003, FY 2006, FY 2009, and FY 2012 reviews by a local CPA firm were positive and showed no findings. The next external assessment is scheduled for FY 2017. Internal Assessments  Ongoing Monitoring  Periodic Self-Assessments Internal assessments include ongoing monitoring and periodic assessments of our audit work.  Ongoing monitoring is an integral part of the day-to-day supervision, review, and measurement of our work, and is incorporated into our internal policies and procedures.  Periodic internal self-assessments are conducted to evaluate conformance with the International Standards for the Professional Practice of Internal Auditing, the Definition of Internal Auditing, and the Code of Ethics promulgated by The Institute of Internal Auditors. Our internal assessments also include procedures to verify compliance with internal policies and procedures. In FY 2015, we reviewed 3 audit projects (21%) and found no significant deficiencies. For FY 2016, we reviewed 3 audit projects (16%) and found 100% compliance.  The results of all internal assessments show full conformance with the International Standards for the Professional Practice of Internal Auditing. 24 Dawn von Epp, 2015 Chair of the Citizens’ Audit Advisory Committee, receives a plaque for her service from Ramon Ramirez, incoming 2016 Chair, and Ross Tate, County Auditor. Maricopa County Internal Audit 301 West Jefferson Street, Suite 660 Phoenix, AZ 85003-2148 Telephone: 602-506-1585 Facsimile: 602-506-8957 E-mail: thielew@mail.maricopa.gov Visit our website: www.maricopa.gov/internalaudit/ Follow us on... Annual Report Project Members Carla Harris, Audit Supervisor, CPA, CIA, CFE Kimmie Wong, Senior Auditor, MPA, CLEA McDowell Mountain Regional Park photo on page 12, courtesy of Weldon Wong