Maricopa County, Arizona Internal Audit Performance Report Fiscal Year 2013 Letter from the County Auditor 1 What We Do 2 Our Financial Benefit 3 Independence and Objectivity 6 Honors and Awards 8 Year in Review 10 Significant Work of FY 2013 12 Performance Results 14 Meet Our Staff 16 Definition of Internal Auditing An independent, objective assurance and consulting activity designed to add value and improve the County’s operations. It helps the County accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Mission To provide objective information on the County’s system of internal controls to the Board of Supervisors so they can make informed decisions and protect the interests of County citizens. Vision To facilitate positive change throughout the County. Value Statement To promote the effective, efficient, economical, and ethical use of public resources. Motto Do the Right Things Right! Maricopa County Internal Audit 301 West Jefferson Street, Suite 660 Phoenix, AZ 85003-2148 Telephone: 602-506-1585 Facsimile: 602-506-8957 E-mail: thielew@mail.maricopa.gov Visit our website: www.maricopa.gov/internalaudit/ Follow us on... Annual Report Project Members Eve Murillo, CPA, MBA, CFE, ITIL, Deputy County Auditor Carla Harris, CPA, CIA, CFE, Audit Supervisor Jenny Chan, CIA, CGAP, Senior Auditor Stacy Aberilla, MPA, CGAP, Senior Auditor LETTER FROM THE COUNTY AUDITOR To: Andrew Kunasek, District III, Chairman Denny Barney, District I Steve Chucri, District II Clint L. Hickman, District IV Mary Rose Wilcox, District V From: Ross L. Tate, County Auditor Date: November 8, 2013 Our work provides insight and contributes to government transparency and accountability to County citizens. Fiscal Year 2013 was a period of productivity and achievement for Internal Audit. This report to the County Board of Supervisors summarizes our performance in 2013. Significant Work We published 16 reports last year. Some of the significant reports are listed below and a complete list appears on page 11. Our four major department audits are discussed on pages 12−13. Departments: Sheriff’s Office: Countywide:  Adult Probation  Equipment Services  Risk Management  Expenditures  IT Governance  Training Division     Annual Risk Assessment Financial Condition Report Internet Usage Procurement Card Internal Audit Issued 124 Recommendations We make recommendations that improve efficiency, economy, and operational effectiveness. Our recommendations also seek to ensure that controls are in place to deter fraud, waste, and abuse. Last year, we made 124 recommendations for improvement. Agency management concurred with all of our recommendations, which is a testament to the quality and usefulness of our recommendations. Departments Implemented 95% of Recommendations Within Three Years We track audit recommendations to ensure they are carried out effectively and timely. Ninety-five percent of all recommendations have been implemented within three years. Internal Audit Achieves Excellence For the fourth consecutive year, Internal Audit received the national Government Finance Officers Association Award for Outstanding Achievement in Popular Annual Financial Reporting. For more on this award, see page 8. We appreciate the Board of Supervisors, the Citizens’ Audit Advisory Committee, and County administration for their strong, continued support of the County’s internal audit function. 1 INTERNAL AUDIT PROVIDES VALUABLE SERVICES We Conduct Performance Audits Our performance audits provide objective analysis of County operations. We examine departments, programs, and processes for compliance with laws, regulations, policies, and best practices. We also assess whether effective systems are in place to ensure program effectiveness, economy, and efficiency. We publish our findings and recommendations for improvement in publicly available audit reports. Internal Audit assists County management in improving controls, processes, procedures, performance, and risk management. We Provide Objective Information Our reports provide independent and unbiased analysis and recommendations to the County Board of Supervisors and to County management. County managers and directors use our reports to improve program performance, accountability, transparency, and cost effectiveness. Additionally, our reports assist the County Board of Supervisors in making informed decisions in the interest of County residents. We Make Recommendations The value of our work is in our recommendations for improvement. In addition to simply reporting on areas that may be experiencing challenges or problems, we give recommendations that address the root cause of problems, which helps to prevent the same issues from recurring. We Facilitate Improvement The County and its citizens benefit from our work when County management implements our recommendations. Our staff assists in that effort by performing organized follow-up. We monitor the agencies’ progress in implementing our recommendations and determine the adequacy of action taken. We also provide an annual report to the Board of Supervisors on outstanding recommendations. 2 INTERNAL AUDIT IS A GOOD INVESTMENT We Pay for Ourselves Our Cost vs. Savings Produced Last 10 Years (FY 2004 − FY 2013) Our Cost $18.1M Actual Recoveries & Savings $20.1M $0 $5 $10 $15 $20 $25 Over the past 10 years, we have generated $20.1 million in actual savings to the County, versus $18.1 million in cost – a net savings of $2 million. Our savings averaged $2 million per year compared with average annual cost of approximately $1.8 million. Millions of Dollars We Identify Potential Savings Our Cost vs. Poten al Savings Last 10 Years (FY 2004 − FY 2013) Over the past 10 years, we have found $61.2 million in potential savings, which includes the avoidance or reduction of future costs. These savings included contracts, assets, payroll, and other areas. Our Cost $18.1M Poten al Savings $61.2M $0 $10 $20 $30 $40 $50 $60 $70 Millions of Dollars We Cost Less Than Consultants Our Cost vs. Outsourcing FY 2013 The County saves 61% by maintaining its own Internal Audit Department rather than outsourcing this vital function. During FY 2013, our cost was $77 per audit hour, a substantial savings over the $196 hourly rate that external firms charge on average for the same services. Our Cost $77 per hour Cost to Outsource $196 per hour $0 $25 $50 $75 $100 $125 $150 $175 $200 Hourly Rate 3 WE ARE THE RIGHT SIZE FOR OUR COUNTY Audit Budget as Proportion of Total County Budget Our budget is small compared to the total County budget. Our budget comprised only .08% of the total County budget in FY 2013, which is the average of six comparable counties. Audit Staffing Our staffing level is the right size for our County size. We employed 17 full time equivalent auditors in FY 2013; that is, 818 County employees per auditor. Six comparable counties averaged 874 county employees per auditor. Audit Dollars Spent per County Resident Maricopa County spent only 45¢ per resident on internal auditing in FY 2013, which is 54% less than the average spent by six comparable counties. Internal Audit Budget as Percent of Total County Budget FY 2013 0.24% 0.20% 0.16% 0.12% Average .08% 0.08% 0.04% 0.00% King 2,000 1,800 1,600 1,400 1,200 1,000 800 600 400 200 0 Harris Orange San Diego Maricopa Multnomah Salt Lake Audit Staff to County Employee Ra o FY 2013 Average 874 county employees per auditor King Multnomah Harris Salt LakeMaricopa Orange San Diego Audit Dollars Spent per County Resident FY 2013 $2.00 $1.80 $1.60 $1.40 $1.20 $1.00 $0.80 $0.60 $0.40 $0.20 $0.00 Average 98¢ Maricopa Harris 4 San Diego King Orange Multnomah Salt Lake WE FOCUS OUR EFFORTS ON HIGH RISK AREAS Countywide Risk Assessment Our risk assessment process yields an audit plan that maximizes coverage and minimizes risk. We assess risk by analyzing conditions that can impair the County’s ability to achieve key objectives and strategic goals. We review the County’s organization chart, financial data, Comprehensive Annual Financial Report, and other items to evaluate risk based on financial impact, leadership input, citizen impact, and other factors. We develop an audit plan based on the risk assessment, and the County Auditor presents the audit plan to the Citizens’ Audit Advisory Committee and the Board of Supervisors for approval annually. Sheriff’s Office (MCSO) MCSO is the largest operation in the County with 12% ($280 million) of the FY 2013 budget and 27% of its employees. To address this inherently high-risk operation, two full-time auditor positions are assigned to MCSO, in accordance with a June 2011 Board resolution. Using a devoted audit team has enhanced subject matter expertise, awareness of the governance, risk and control environment, audit effectiveness and efficiency, and our working relationship with MCSO. Information Technology (IT) The County budgeted $1.1 billion for capital IT projects in FY 2014, and spends an average of $120 million annually on IT applications, hardware, and personnel. To address the risks associated with this significant investment, we conducted 48 IT audits during the last five years, including agency IT systems, system security, system development, and governance. Agencies There are over 40 agencies and 13,000 employees in Maricopa County, consisting of County departments, elected officials, special districts, and the court system. We develop a working knowledge of the agencies on the audit plan and set our scope of work based on a risk assessment of key programs and activities. Countywide Countywide audits provide broader coverage with fewer resources, and focus on selected areas and/or transactions that cross agency boundaries. Past Countywide audits include procurement, payroll, and vehicle usage. Contracts The County spends hundreds of millions of dollars annually on contracts. We perform contract audits due largely to the risk of improper disbursements if contracts are not properly monitored. In fiscal years 2007 − 2012, we identified over $12 million in recoveries, savings, and cost avoidance. Special Requests We can provide specialized auditing and consulting services in addition to those identified on the Boardapproved annual audit plan. Special requests may be initiated by the Board or County officials throughout the year. Each year, a certain number of hours are set aside for special requests. 5 INTERNAL AUDIT IS INDEPENDENT Internal Audit Reports Directly to the Board of Supervisors Maricopa County Board of Supervisors Denny Barney Steve Chucri Andrew Kunasek Clint Hickman Mary Rose Wilcox District I District II District III (Chairman) District IV District V Citizens’ Audit Advisory Committee County Management Internal Audit Tom Manos Ross Tate County Manager County Auditor 6 ADVISORY COMMITTEE Citizens’ Audit Advisory Committee Provides Oversight Citizens’ Audit Advisory Committee Members Vacant Ralph Lamoreaux Janet Secor Matthew Breecher Ramon Ramirez District I District II District III (Chair) District IV District V Shelby Scharbach David Benton Ross Tate Jay Zsorey Maricopa County Assistant County Manager Maricopa County Attorney’s Office Maricopa County Auditor Office of the Auditor General ORGANIZATIONAL REPORTING STRUCTURE ENSURES OBJECTIVITY I nternal Audit’s organizational structure provides assurance that County officials cannot unduly influence the nature or scope of audit work performed and it affords the Board a direct line of communication with Internal Audit. Additionally, the Board-appointed Citizens’ Audit Advisory Committee assists the Board in fulfilling its oversight responsibilities by reviewing the County’s financial information, the established systems of internal controls, and the audit process. Committee members include accounting, business, and audit professionals. The Committee meets regularly to review and comment on audit reports, County financial statements, and other audit-related matters. For Committee member biographies, the Citizens’ Audit Advisory Committee Charter, and the Maricopa County Internal Audit Charter, see our website: www.maricopa.gov/internalaudit/about.aspx 7 AWARD FOR ANNUAL FINANCIAL REPORTING Chairman Kunasek and Supervisor Hickman congratulate Internal Audit. For the fourth consecutive year, the Government Finance Of icers Association (GFOA) of the United States and Canada has given an Award for Outstanding Achievement in Popular Annual Financial Reporting to Maricopa County Internal Audit for its Citizens’ Financial Condition Report for the iscal year ended June 30, 2012. The Award for Outstanding Achievement in Popular Annual Financial Reporting is a prestigious national award recognizing conformance with the highest standards for preparation of state and local government popular reports. In order to receive an Award for Outstanding Achievement in Popular Annual Financial Reporting, a government unit must publish a Popular Annual Financial Report, whose contents conform to program standards of creativity, presentation, understandability, and reader appeal. GFOA is a professional association of state/provincial and local inance of icers in the United States and Canada, and has served the public inance profession since 1906. Our award winning Citizens’ Financial Condition Reports are available on our website: http://www.maricopa.gov/InternalAudit/fcr.aspx 8 What our clients say about us…. “Thank you for your department’s expertise in keeping us in proper alignment.” “We appreciate your efforts in helping us remain on the correct path.” HONORS & AWARDS Associa on of Local Government Auditors  2010 Best Audit Report: Knighton Bronze Award “Your team has been fantastic to work with. The staff has been extremely professional, courteous and open minded.” for Vehicle Usage Review  2008 Best Audit Report: Knighton Bronze Award for Air Quality Audit  2008 Website Gold Award “We...fully support the work you do everyday.”  2007 Best Audit Report: Knighton Gold Award for Environmental Services Audit Na onal Associa on of Coun es  2010 Achievement Award for Tech Tips Training “You and your staff were positive and easy to work with throughout.” Program  2009 Best of Category Award & Achievement Award for Internal Controls Video Program Ins tute of Internal Auditors  2006 Recogni on of Commitment for Professional Excellence, Professional Quality and Professional Outreach Na onal Center for Civic Innova on  2007 Trailblazer Award Government Performance “Because of the feedback received we have made changes that will make for a better process going forward.” “The new [report] format of audit is great!” Repor ng Demonstra on Grant Program Associa on of Government Accountants  2006 Cer ficate of Excellence for Service Efforts and Accomplishments 9 “Keep up the great work with timely and accurate audits.” YEAR IN REVIEW − FY 2013 BY THE NUMBERS  16 audit reports/memos published  124 recommenda ons made with 100% client concurrence  128 recommenda ons implemented from current and prior years  100% Board sa sfac on ra ng  100% client sa sfac on ra ng  6 of 7 strategic goals met  GFOA award received  49 professional cer fica ons held  8 master’s degrees held  9 leadership posi ons held  2 speaking engagements  1 ar cle published Publications & Presentations 1 An ar cle by Sco Jarre and Ross Tate en tled, “Using Technology to Enhance Audit Planning,” was published in Local Government Audi ng Quarterly, Fall 2012. The ar cle discussed the importance of leveraging technology to assist in planning audits. Planning includes gathering and reviewing informa on, assessing risk, and determining the scope of poten al test work. 2 Patra Carroll and Paul Smedegaard (KPMG, LLC) gave a presenta on to the Informa on Systems Security Associa on on “Informa on System Implementa on.” They highlighted the importance of audi ng IT projects during all phases of development instead of only a er comple on. This proac ve approach reduces long‐term cost and allows issues to be addressed before they become serious. 10 3 County Auditor Ross Tate presented at the Ins tute of Internal Auditors Interna onal Conference in Boston in July 2012. His presenta on, “How Government Auditors Can Use the Latest Technologies to Revolu onize Their Efforts,” shared ways we use technology to enhance audit efforts, including social media, crowdsourcing, data mining, and analy cs. FY 2013 AUDIT REPORTS Agencies Adult Probation Department Adult Probation Minimum Accounting Standards Equipment Services Department Justice Courts Minimum Accounting Standards Risk Management Department Sheriff’s Office Expenditures Sheriff’s Office Information Technology Governance Sheriff’s Office Training Division Countywide Annual County Risk Assessment Citizens’ Financial Condition Report Contracts & Agreements:  Legal Arizona Workers Act  Pragmatica, LLC Elected Officials Exit/Entrance Internet Usage Review Procurement Card Transactions Single Audit − Grant Compliance Review For full reports, please see our website: www.maricopa.gov/internalaudit/reports.aspx, or contact the agency of interest. 11 SIGNIFICANT WORK OF FY 2013 SHERIFF’S OFFICE ADULT PROBATION Objectives As a result of our audits, MCSO will: Audit objectives included determining whether:  Intensive probationers were properly monitored in accordance with select Arizona Code of Judicial Administration (ACJA) requirements and department polices and procedures  IT general controls and critical application controls were effective Expenditures Methods We randomly selected 72 Intensive Probation Supervision (IPS) probationers and reviewed case files and other relevant records. We also reviewed select IT controls and evaluated their effectiveness. Improve accounts payable controls controls over ordering, receiving, and payment approvals Improve controls over contract monitoring and development Strengthen controls over inventory management and receiving of food purchases Work with the County Office of Procurement Services to implement controls for the disposal of used ammunition casings Strengthen Training Division Strengthen Results As a result of our audit, Adult Probation will:  Continue to ensure that IPS caseload ratios comply with statute  Administer IPS risk assessments within guidelines  Perform IPS supervisory reviews in accordance with policy  Complete IPS case plans within required time frames  Work with Court Technology Services to ensure law enforcement network security Improve controls over detention officer training the effectiveness of the Field Training Program Improve the development and documentation of training lesson plans Implement a new Records Management System to allow use of force and pursuit incidents to be tracked more effectively Work with County Risk Management to identify incident patterns that can be mitigated by training IT Governance Work to align IT and business strategies Implement a formal IT framework to guide IT operations Develop a project management methodology to prioritize IT investments Implement formal assessment tools to better meet IT service needs 12 SIGNIFICANT WORK OF FY 2013 RISK MANAGEMENT EQUIPMENT SERVICES Objectives Objectives Audit objectives included determining whether: Audit objectives included determining whether: A program is in place to review insurance  Fuel purchases are received, secured, and coverage limits, reduce exposure to liabilities, and dispensed in accordance with policies and assess and report environmental liabilities procedures Controls over claims processes are adequate  County agencies and intergovernmental Safety/Loss control programs are effective agreement customers are billed accurately Safety programs comply with County and  Parts and supplies for County vehicles are Occupational Safety and Health Administration accounted for properly requirements  User access to key computer applications is based Controls over the Legal Service Provider and on job responsibilities Workers’ Compensation contracts are adequate Methods IT general controls are effective We interviewed staff, reviewed inventories, The claims management application controls over reconciliations, fuel key reports, fuel billing and data confidentiality, integrity and availability, are dispensing reports, payments, warranty reports, part effective and adequate inventory and work order reports, and user access to Methods key computer applications. We conducted interviews with key staff and vendors, Results and reviewed claim files and related documents, As a result of our audit, Equipment Services will: safety-related documents and training records, Strengthen controls over fuel billing processes contracts and invoices, IT general controls, and and application user access claims management application controls. Improve controls over fuel tank reconciliations Results and parts inventory and usage As a result of our audit, Risk Management will: Improve claims processing Strengthen contract oversight Enhance safety programs Improve IT security and claims management application controls 13 PERFORMANCE MEASURES We met or exceeded 6 of 7 strategic goals for FY 2013 M Internal Audit has achieved a anaging for Results (MFR) is a comprehensive management system whereby employees and the organizational culture focus on achieving results for the customer. MFR provides direction for making good business decisions based on performance, and is one way agencies demonstrate accountability to the taxpayers and residents of Maricopa County. Internal Audit’s performance goals are designed with the Board of Supervisors and County citizens in mind. Our primary measures focus on the Board’s satisfaction with our work, whether we complete all projects on our annual audit plan, and the proportion of our recommendations that the agencies implement. We completed all 20 projects on time in FY 2013. Board satisfaction rating for the past nine years. Our goal is to maintain a 100% satisfaction rating from the Board of Supervisors, the Board’s Chiefs of Staff, and our Audit Advisory Committee. Audit Plan Comple on Audit Plan Completion Our goal is to complete 100% of the Board-approved audit plan and report this information to the Board no later than 90 days after fiscal year-end. 100% Most Recent Year: 100% 5‐Year Average: 99.2% Goal: 100% Goal: 98% Variance: 0% Variance: 1.2% 100% 100% 100% 96% 100% FY09 FY10 FY11 FY12 FY13 100% 90% 80% 70% 60% 50% Recommendations Implemented Our goal is to facilitate the implementation of 98% of our recommendations for improvement within three years of being reported. 1,017 of 1,075 (95%) recommendations have been implemented within three years. Recommenda ons Implemented Most Recent Year: 94.6% 5‐Year Average: 93.2% 100% Goal: 98% Goal: 96.8% Variance: ‐3.4% Variance: ‐3.6% 98% 90% 90% 92% 92% FY11 FY12 95% 80% 70% 60% 50% FY09 14 FY10 FY13 County Management Sa sfac on Ra ng Most Recent Year: 100% 5‐Year Average: 98% 99% 100% 97% Goal: 90% Goal: 90% Client Satisfaction Variance: 10% Variance: 8% 100% 99% 97% 90% 80% We have exceeded our goal of 90% satisfaction rating for the last nine years. 70% 60% 50% FY09 FY10 FY11 FY12 FY13 County Leadership Sa sfac on Most Recent Year: 97.2% 5‐Year Average: 93.1% 100% 92% Goal: 90% Goal: 90% County Leadership Satisfaction Variance: 7.2% Variance: 3.1% 94% Agency Directors participate in an annual County satisfaction survey. 97% 94% 89% 90% Although they are not our primary customers, we monitor feedback from Agency Directors, and implement improvements when possible. 80% 70% 60% 50% FY09 FY10 FY11 FY12 FY13 Auditor Produc vity Rate Most Recent Year: 76.7% 100% 5‐Year Average: 78.6% Goal: 75% Goal: 75% 80% 80% 79% Auditor Productivity Variance: 1.7% Variance: 3.6% 90% 81% 77% Productive time is spent working on audits; staff meetings, training, and vacation are not counted as productive time. 77% Our goal is to reach a 75% productivity rate, which is an industry average. 70% 60% We have exceeded our goal for the last six years. 50% FY09 FY10 FY11 FY12 FY13 Internal Audit Staff Sa sfac on* Most Recent Year: 91% 5‐Year Average: 94.5% 100% 90% 80% 70% 60% 50% We send satisfaction surveys to the County Manager, Deputy and Assistant County Managers, and Agency Directors with each audit report. 99% 79% FY 09 96% 78% Internal Staff Satisfaction IA Goal: 90% Variance: 1% IA Goal: 90% Variance: 4.5% 94% 77% FY10 FY11 County Average 92% 77% 91% 77% FY12 Audit * Ra ngs adjusted based on Research & Repor ng’s change in methodology. 15 FY13 Internal Audit has consistently maintained a high employee satisfaction rating on the County Office of Research and Reporting’s annual survey. For the last five years, Internal Audit staff has rated their workplace satisfaction an average of 17 points higher than the County’s average. OUR STAFF IS HIGHLY QUALIFIED We hold numerous professional cer fica ons and advanced degrees O NUMBER OF CERTIFICATIONS & ADVANCED DEGREES ur staff members have extensive familiarity with professional auditing standards, methods, and techniques, as well as specialized training in information systems, business and government management, accounting, and fraud detection and deterrence. Cer fied Law Enforcement Auditor (CLEA) 11 Cer fied Internal Auditor (CIA) 8 Cer fied Government Audi ng Professional (CGAP) 6 Cer fied Public Accountant (CPA) 5 IT Service Management (ITIL) 5 Cer fied Fraud Examiner (CFE) 3 Master of Business Administra on Degree (MBA) 3 Our staff of 19 hold 57 professional certifications and advanced degrees, as shown at right. Master of Public Administra on Degree (MPA) 3 Cer fied Informa on Systems Auditor (CISA) 2 Cer fied Informa on Technology Professional (CITP) 2 Additionally, most participate in a variety of professional organizations. Many serve in leadership positions as committee chairs and governing board members, as shown on page 17. Cer fica on in Risk Management Assurance (CRMA) 2 ISO/IEC 20000 Founda on 2 Master of Science in Informa on Management (MSIM) 2 Cer fied ACL Data Analyst (ACDA) 1 Cer fied Government Financial Manager (CGFM) 1 Cer fied Management Accountant (CMA) 1 TOTAL 57 New Certi ications Congratulations on your achievements! Top: Toni Sage and Jenny Chan earned CIA and CGAP certi ications. Bottom: Christina Black and Stella Fusaro earned CRMA certi ication. 16 OUR STAFF PROVIDES LEADERSHIP We serve in leadership posi ons in several professional organiza ons LEADERSHIP POSITIONS IN PROFESSIONAL ORGANIZATIONS Associa on of Local Government Auditors (ALGA): Past President Advocacy Committee Awards Committee Publications Committee Informa on Systems Audit and Control Associa on (ISACA): Co‐Chair, Academic Affairs Committee Academic Affairs Committee Registration Coordinator Ins tute of Internal Auditors (IIA): Website Administrator Secretary PROFESSIONAL ORGANIZATION MEMBERSHIPS American Ins tute of Cer fied Public Accountants (AICPA) Arizona City/County Management Associa on (ACMA) Arizona Society of Cer fied Public Accountants (ASCPA) Associa on of Cer fied Fraud Examiners (ACFE— Na onal and Arizona Chapters) Associa on of Government Accountants (AGA) Associa on of Local Government Auditors (ALGA) Audit Command Language (ACL) Users Group Informa on Systems Audit and Control Associa on (ISACA) Ins tute of Internal Auditors (IIA—Na onal and Phoenix Chapter) Ins tute of Management Accountants (IMA) Interna onal City/County Management Associa on (ICMA) Interna onal Law Enforcement Auditors Associa on (ILEAA) Na onal Associa on of Construc on Auditors (NACA) 17 STAFF BIOGRAPHIES We are highly creden aled and experienced professionals Ross L. Tate, County Auditor Mr. Tate is a Certified Internal Auditor, Certified Management Accountant, and Certified Government Financial Manager. He has a bachelor’s degree from Brigham Young University in business operations and systems analysis, with 27 years of professional internal auditing experience. Mr. Tate joined the Maricopa County Internal Audit Department in 1989 and has been County Auditor since 1994. He is a member of the Institute of Internal Auditors, and a past president of the Association of Local Government Auditors. D. Eve Murillo, Deputy County Auditor Ms. Murillo is a CPA, Certified Fraud Examiner, Certified Law Enforcement Auditor, Certified Information Technology Professional, and is certified in ITIL v3 Foundation and ISO/IEC 20000. She has a bachelor's degree from the University of Illinois, a master’s degree from the Florida Institute of Technology, and 20 years of accounting and auditing experience. She is a member of AICPA, Association of Certified Fraud Examiners, Institute of Internal Auditors, and the Information Systems Audit & Control Association. Richard L. Chard, Deputy County Auditor Mr. Chard is a CPA. He graduated from the University of Redlands with a degree in history, sociology, and political science, with postgraduate work in accounting and public administration. Mr. Chard worked as a financial auditor for CPA firms in Los Angeles and Phoenix before joining the Maricopa County Department of Finance in 1991. For the past 16 years, he has enjoyed working for the County Auditor. Mr. Chard is a long standing and active member of Toastmasters International. He retired in 2013 after 22 years of service with the County. Carla Harris, Audit Supervisor Ms. Harris is a CPA, Certified Internal Auditor, and Certified Fraud Examiner. She has a bachelor’s degree in business administration with a major in accounting. Ms. Harris has more than 20 years of experience in internal auditing and accounting. She is a former board member and training director for the Arizona Chapter of the Association of Certified Fraud Examiners, and is a member of the National Chapter of the Association of Certified Fraud Examiners and the Institute of Internal Auditors. 18 Christina Black, Audit Supervisor Ms. Black is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has over 16 years of professional internal audit experience and 10 years of accounting and auditing experience. She has a bachelor's degree in accounting from Missouri Western State College. Ms. Black serves as a secretary for the Institute of Internal Auditors and is a member of the Association of Certified Fraud Examiners and Association of Local Government Auditors. Stella J. Fusaro, Audit Supervisor Ms. Fusaro is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Fraud Examiner, Certified Law Enforcement Auditor, and is Certified in Risk Management Assurance. She has a bachelor’s degree in business administration with an accounting concentration from California State University, Fullerton, and she has over 20 years of auditing experience. She is a member of the Institute of Internal Auditors, Association of Certified Fraud Examiners, and the Association of Local Government Auditors. Patra E. Carroll, IT Audit Supervisor Ms. Carroll is a CPA, Certified Internal Auditor, Certified Information Technology Professional, and Certified Law Enforcement Auditor with 17 years of public sector performance and IT auditing experience. She is ITIL v3 Foundation and ISO 20000 Foundation certified. She has a bachelor's degree from Arizona State University and a master’s degree in information management. Ms. Carroll serves on the Association of Local Government Auditors Advocacy Committee and the local ISACA Academic Relations Committee. Toni Sage, Law Enforcement Audit Supervisor Ms. Sage is a Certified Internal Auditor, Certified Government Auditing Professional, and Certified Law Enforcement Auditor. She has a bachelor's degree in psychology from the City University of New York, an MBA from Fairleigh Dickinson University, and postgraduate work in public administration at Arizona State University. She has 13 years of IT management experience in the private sector and seven years of performance, IT, and law enforcement auditing experience at Maricopa County. She is a member of ALGA, IIA, and ILEAA. Kimmie Wong, Senior Auditor Ms. Wong is a Certified Law Enforcement Auditor. She has a bachelor's degree in business administrative services from Arizona State University and a master’s degree in public administration from Western International University. She has a business background and professional internal auditing experience. Ms. Wong is a member of the Association of Local Government Auditors, Association of Certified Fraud Examiners, Institute of Internal Auditors, and International Law Enforcement Auditors Association. 19 Lisa Scott, Senior Data Analyst Ms. Scott is a Certified Information Systems Auditor, Certified ACL Data Analyst, Certified Law Enforcement Auditor, and is certified in ITIL v3 Foundation. She has a bachelor’s degree in computer science from Jacksonville State University and a post-baccalaureate certificate in accountancy from Arizona State University. Ms. Scott is a member of the Association of Local Government Auditors, Information Systems Audit and Control Association, and International Law Enforcement Auditors Association. Ronda Jamieson, Senior Auditor Ms. Jamieson is a CPA, Certified Government Auditing Professional, and Certified Law Enforcement Auditor. She has a bachelor’s degree in accounting from Rocky Mountain College, Montana. She has 12 years of governmental auditing and eight years of general ledger experience. Ms. Jamieson is a member of the Institute of Internal Auditors, Arizona Society of Certified Public Accountants, Association of Certified Fraud Examiners, and the International Law Enforcement Auditors Association. Jenny M. Chan, Senior Auditor Ms. Chan is a Certified Internal Auditor and Certified Government Auditing Professional, with six years of professional internal auditing experience. She started as an Internal Audit intern in May of 2007 and became a staff auditor in October of 2007. She has a bachelor’s degree in accountancy and computer information systems from the W.P. Carey School of Business at Arizona State University. Ms. Chan is a member of the Institute of Internal Auditors and the Association of Local Government Auditors. Stacy Aberilla, Senior Auditor Ms. Aberilla is a Certified Government Auditing Professional. She holds a master’s degree in public administration from the Arizona State University School of Public Affairs where she was a member of the Pi Alpha Alpha national honor society. She graduated from ASU magma cum laude with a bachelor’s degree in sociology and minor in women’s studies. She is a member of the Association of Government Accountants, the Association of Local Government Auditors, and the Institute of Internal Auditors. Susan Adams, Senior Information Technology Auditor Ms. Adams is a Certified Information Systems Auditor and a Certified Law Enforcement Auditor. She has a bachelor's degree in accounting from Utah State University and a master’s degree in business administration from the University of Utah. She has 20 years of professional auditing experience, with 14 years as an information systems auditor. Ms. Adams serves on the ISACA Phoenix Chapter’s Academic Relations committee and is a member of the Association of Local Government Auditors and the Institute of Internal Auditors. 20 Jacob Pacini, Senior Information Technology Auditor Mr. Pacini started working for the Maricopa County Department of Finance in February 2006. He made the transition to Internal Audit in July 2011. Mr. Pacini has a bachelor’s degree in accounting and a master’s degree in information management from the W.P. Carey School of Business at Arizona State University in Tempe, Arizona. Mr. Pacini is a member of ISACA and the International Law Enforcement Auditors Association. He is currently working towards the Certified Information System Auditor certification. Scott Jarrett, Senior Law Enforcement Auditor Mr. Jarrett is a Certified Internal Auditor, Certified Government Auditing Professional, Certified Law Enforcement Auditor, and is certified in ITIL v3 Foundation. He has a bachelor’s degree in accounting from Arizona State University. He served four years in the United States Coast Guard and has seven years of professional internal auditing experience. Mr. Jarrett is a member of the Institute of Internal Auditors and he participates on the Awards Committee for the Association of Local Government Auditors. Ryan Barber, Associate Auditor Mr. Barber joined Internal Audit in January 2012. He has a bachelor’s degree in accounting from Brigham Young University – Idaho. He has one year of public accounting experience and three years of government auditing experience. Mr. Barber is a member of the Institute of Internal Auditors, the Association of Local Government Auditors, and the Arizona Chapter of the Association of Certified Fraud Examiners. Kristofer Wright, Staff Auditor Mr. Wright joined Internal Audit in January 2012. He has a master’s degree in public administration from the Arizona State University School of Public Affairs, where he was a member of the Phi Kappa Phi national honor society. He graduated from Brigham Young University with a bachelor’s degree in history. He is a member of the Association of Government Accountants, Association of Local Government Auditors, and the Institute of Internal Auditors. Wendy Thiele, Executive Assistant Ms. Thiele joined Internal Audit in December 2006. Prior to relocating to Phoenix, she performed medical chart audits for a major healthcare system in Milwaukee, WI. She has 15 years of experience in internal auditing. She also has experience in human resources and home health care within a hospital setting. Ms. Thiele is a member of the Arizona Chapter of the Association of Certified Fraud Examiners and has also attended numerous auditing conferences and seminars, which has contributed to her overall knowledge of the audit process. 21 FY 2013 ORGANIZATIONAL CHART Board of Supervisors Citizens’ Audit Advisory Committee Ross Tate County Auditor Eve Murillo Richard Chard Deputy County Auditor Deputy County Auditor Wendy Thiele Executive Assistant Toni Sage Law Enforcement Audit Supervisor Patra Carroll IT Audit Supervisor Scott Jarrett Senior Law Enforcement Auditor Susan Adams Senior IT Auditor Stella Fusaro Audit Supervisor Christina Black Audit Supervisor Carla Harris Audit Supervisor Kristofer Wright Staff Auditor Ronda Jamieson Senior Auditor Kimmie Wong Senior Auditor Lisa Scott Senior Data Analyst Jenny Chan Senior Auditor Jacob Pacini Senior IT Auditor Stacy Aberilla Senior Auditor Ryan Barber Associate Auditor 22 QUALITY ASSURANCE & IMPROVEMENT PROGRAM Internal Audit provides high quality deliverables to the Board of Supervisors, County leadership, and the public. In order to ensure high standards of quality, we have developed a Quality Assurance and Improvement Program that covers all aspects of the operation and management of the department. Our quality assurance program assesses the efficiency and effectiveness of our operations and includes internal and external assessments, in accordance with the International Standards for the Professional Practice of Internal Auditing, as discussed below. Quality Assurance and Improvement Program Internal Assessments External Assessments  Ongoing Monitoring At least every 5 years  Periodic Self-Assessments Internal Assessments External Assessments Internal Assessments include ongoing monitoring and periodic self-assessments of our audit work. An external assessment must be conducted at least every five years by a qualified, independent assessor or assessment team from outside the organization. The Maricopa County Citizens’ Audit Advisory Committee oversees these reviews. The FY 2000, FY 2003, FY 2006, FY 2009, and FY 2012 reviews by a local CPA firm were positive and showed no findings.  Ongoing monitoring is an integral part of the day-to-day supervision, review, and measurement of our work, and is incorporated into our internal policies and procedures.  Periodic internal self-assessments are conducted to evaluate conformance with the International Standards for the Professional Practice of Internal Auditing, the Definition of Internal Auditing, and the Code of Ethics promulgated by The Institute of Internal Auditors. The results of our ongoing monitoring and most recent self-assessment show that we generally conform with the Standards. “Generally conform” means our charter, policies, and processes are in accordance with the Standards. 23 RETIREMENT ANNOUNCEMENT Internal Audit thanks Richard Chard for his 22 years of service I nternal Audit wishes Mr. Richard Chard congratulations on his retirement after 22 years of dedicated service to Maricopa County. Mr. Chard worked for the County Auditor for the past 16 years. Prior to working as a staff auditor, and ultimately, Deputy County Auditor, he worked as an accountant for the County health system and the County Department of Finance. He developed a strong skill set that he used to manage many audits during his tenure. His experience and expertise undoubtedly contributed to positive change throughout the County. He was a mentor to many audit staff members, always offering guidance, encouragement, and perspective. He is a well-respected and admired member of our office. Internal Audit wishes him good luck and farewell. top: Richard a ends an ALGA conference in 2007. middle: Richard in 2001. bo om: Richard shows his fun and easy going spirit. above: Former Deputy County Auditor Richard Chard, County Auditor Ross Tate, and Deputy County Auditor Eve Murillo pose with the issue of Government Finance Review in which their ar cle was published in 2003. 24 MARICOPA COUNTY’S INTERNAL AUDIT DEPARTMENT PLAYS A VITAL ROLE ON BEHALF OF COUNTY CITIZENS  Internal Audit helps keep the County accountable to the public by measuring the effectiveness, economy, and efficiency of County operations.  Internal Audit provides objective assurance about the reliability and creditability of information produced by management.  Internal Audit helps Maricopa County achieve its goals and objectives by improving organizational systems and services.  Internal Audit’s presence helps protect Maricopa County assets by deterring fraud, waste, and abuse.  Internal Audit helps employees improve their overall job performance and adherence to established controls.