sps annual risk assessment and audit plan - october 2011

8/2/2019 SPS Annual Risk Assessment and Audit Plan - October 2011

1/47

Seattle Public Schools

Annual Risk Assessment and Audit Plan

Presented ByThe Office of Internal Audit

October 11, 2011 through August 31, 2012

Issue Date: October 11, 2011


2/47

Seattle Public Schools Office of Internal Audit


2011-2012

TABLE OF CONTENT

EXECUTIVE SUMMARY.. 1

Significant Risks

Assessment

Audit Plan

BACKGROUND INFORMATION. 4

Purpose

Scope

The Office of Internal Audit

Risk Considerations

Internal Controls

Internal Audit Process

PROCEDURES PERFORMED. 7Audit Universe

Compliance Impact

Financial Impact

Prior Audit Exceptions

Overall Risk Assessment

Planned Control Monitoring

Current or Planned Activities

Audit Plan

AUDIT PLAN....................... 12

Full-Scope AuditsFollow-Up Audits

Limited Site-Based Procedures

Other Projects

Calendar

Areas Not Selected for Audit

Appendices

Appendix AUniverse.. 17

Appendix BElimination of Low Risk Audit Areas. 25

Appendix C Risk Assessment and Audit Plan. 33

Appendix DAvailable Audit Resources.. 35

Appendix EInternal Audit Process Flowchart 36

Appendix FInternal Audit Staff Biographies.. 37

Appendix GAudit Plan Timeline. 38

Appendix HOrganization Chart.. 39

Appendix IInternal Audit Policy. 40

Appendix J Internal Audit Procedure.. 42


3/47

Executive Summary

The Office of Internal Audit conducts audits to support and promote integrity, openness and

transparency with respect to internal financial controls and compliance of the district. To accomplish

this goal, the Office of Internal Audit, adhering to Generally Accepted Government Auditing Standards,

shall identify areas of risk on an annual basis and test for compliance based on an annual audit plan.The following information summarizes the significant risks impacting the District, as well as the current

year audit plan.

Significant Risks

Decentralized Environment

One of the biggest risks to the District is its decentralized environment. This environment creates

situations where central office managers and supervisors are responsible for employees that they

rarely see because these employees are assigned to schools. It also means that several central office

functions, such as contract approval, equipment tracking, payroll, accounts payable, and risk

management, rely heavily on the procedures performed at outlying sites and schools. For example,

although accounts payable may process payments to vendors, they rely on individual departments

and schools to perform a thorough review of the vendors invoice. The centralized accounts payable

staff does not have direct knowledge of the transaction, so they rely on the responsible

departments and schools to determine if an invoice is appropriate to pay. This environment

increases the risk that employees will not follow procedures because they know that they are not

being adequately monitored. There is also the risk that central office staff will not effectively

communicate key control activity requirements to the outlying sites and schools, or provide them

with the resources they need to perform the control activity properly.

Leadership Turnover and Few Formalized Written Procedures

The majority of the Districts leadership team is new. Several key leaders are either new to the

District or are new to their current position. Also, a handful of leadership positions are still filled by

interim personnel. Although these leaders appear to be competent, accountable, and transparent,this situation still increases the risk that internal controls will not be clearly established, or that they

will not be assigned clear ownership. This environment is further complicated by the condition that

few formalized written procedures are available to the new leadership team. This increases the risk

that institutional knowledge held by previous leaders has left the District.

Budget Constraints and Reduction in Force

Due to budget constraints, reductions in force have occurred over the last several years. There is a

risk that control activities were not adequately transitioned to the remaining employees. In addition,

employees are now asked to take on an increased workload. Instead of rewarding high-performers

with additional compensation or benefits, they have been given the responsibilities previously

performed by someone else. Having more procedures performed by fewer people increases risk thatkey control activities will not be performed. Employees may not have sufficient time or resources to

perform their due diligence. Worse yet, employees may take advantage of the lack of monitoring

because they believe they are owed something for their increased workload. This situation can

also have a negative impact on employee retention, as high-performing employees begin to look for

more rewarding employment opportunities. This risk is only expected to increase with the States

recent negative economic projection.

Page 1 of 45


4/47

Assessment

The risks summarized above may not individually necessitate an internal audit, but they can all have a

negative impact on key internal controls. Due to the above risks, there is an increased likelihood that:

Key controls are not effectively designed

Key controls are not visibly communicated to staff

Key controls are not being performed properly

Key controls are not adequately monitored by District management

Key controls are not clearly prioritized against other job responsibilities

Due to this increased risk associated with key controls, the Office of Internal Audit has an obligation to

audit the areas where the key controls are actually performed. Even if an audit is being conducted of a

centralized function, internal audit best practices require that key controls and transactions be verified

at the source. Thus, any plan designed by the Office of Internal Audit should include procedures to verify

key controls where they are performed.

The significant risks identified above are also deemed to be universal, meaning they are not specific to

any one area within the District. Thus, the Office of Internal Audits effectiveness in mitigating risk is

diminished by the fact that any single audit will only mitigate the risks for that one specific area. In order

for the Office of Internal Audit to have a measurable impact on risk mitigation they should develop a

plan that provides coverage to as many different audit areas as possible.

Audit Plan

Based on the significant risks identified above, and their potential to negatively impact key internal

controls, this years audit plan will include procedures to verify key controls at the source, while also

providing coverage to multiple audit areas. The Office of Internal Audit has devised a plan to accomplish

this by combining the following types of engagements:

Full-Scope Audits Conducted of central administration functionsLimited Site-Based Procedures - Conducted at schools

Follow-Up Audits Conducted in audit areas where management recently remedied past audit

issues

These different types of audits will leverage off of one another, and will increase audit efficiency.

Although some procedures will be conducted at schools, the audits will have a holistic approach to the

overall system. The focus will be on improving entity-wide systems, and the audits will have an added

benefit of highlighting those areas where schools do not receive adequate support from central

administration.

As previously noted, key internal controls will need to be verified at the source. The Office of InternalAudit will leverage the time spent at a school by also gathering data and information related to a wide-

variety of activities. The limited procedures will cover multiple audit areas, but they will also have a

minimal impact on school staff. Although the audit scope of some areas will be limited, the different

audit areas that will be covered by this years audit plan include:

Page 2 of 45


5/47

Office of Internal Audit


2011-2012

Human Resources

Centralized ASB

Technology Services

Inventory/Equipment Tracking

Personal Service Contracts

Transportation

Payroll and Leave Time Reporting

Enrollment/Student Counts

School Security

Risk Management

Grants and Fiscal Compliance

Purchasing & Contracting

Nutrition Services

Volunteering with SPS

Rentals/Facility Usage

Time & Effort Reporting

Donations

Athletics

Expense Reimbursements

Travel Expenditures

Kindergarten Tuition

ASB and Self Help at Schools

Class Fees & Student Fines

Loss Reporting to the SAO

Booster Clubs

The biggest benefit of performing site-based key control verifications in these areas is that it will allow

the Office of Internal Audit to identify potential problem areas now, rather than waiting until a Full-

Scope Audit can be performed sometime in the future. Even though the procedures will be limited, they

will still identify the key deficiencies that could be indicative of a major system weakness. Identifying

these risks sooner, rather than later, will provide the School Board, District Leadership, and the Office of

Internal Audit advanced warning of impending problem areas. In essence, the Limited Site-Based

Procedures are a proactive approach to prevent potential problem areas from going undetected for a

long period of time.

Specific details of this years audit plan can be found in theAudit Plansection of this document. The

Audit Plansection elaborates on the type of coverage each audit area will receive, and also documents

how the areas selected for a Full-Scope Audit were selected. A summary of the audit plan schedule is

also illustrated in a Gantt chart located atAppendix G.

Subsequent Years

As of today, this years plan is envisioned as having a multi-year aspect. Limited audit procedures will

continue to be conducted at schools with the results contributing towards entity-wide risk assessments

and any centralized audits that are also being performed. Ideally, the planning procedures performed

this year will only have to be refreshed for next years Annual Risk Assessment and Audit Plan. However,

the Office of Internal Audit will conduct a comprehensive risk assessment each year, and will alter the

plan as needed.

Page 3 of 45


6/47



2011-2012

BACKGROUND INFORMATION

Purpose

The Office of Internal Audit is committed to conducting risk-based audits. This process increases the

likelihood that internal audits will be conducted in the areas with the greatest need. This Annual Risk

Assessment and Audit Plan is an effort by the Office of Internal Audit to assist the District in mitigating

risks. This document summarizes the risks impacting the District, and it includes an audit plan detailing

which areas will be audited this year.

Scope

This document covers the period from October 2011 through August 2012. In subsequent years the

audit plan will cover a full year Beginning September 1 and ending August 31.

The Office of Internal Audit

The Office of Internal Audit was created in 2011 to promote integrity and accountability. It is considered

an essential function of the District and reports directly to the Chair of the Audit and FinanceCommittee. This reporting structure was established to ensure that the Office of Internal Audit remains

independent of District Management. Independence is essential to ensure that audit results are

objective, and are communicated directly to the School Board. The Office of Internal Audit provides

recommendations only, and does not have any authority to implement operational policies or

procedures on behalf of the District. Upon completion of an audit, the results are communicated to the

Audit and Finance Committee, which ensures full transparency of the internal audit function. The Policy

and Procedure governing the Office of Internal Audit are included at Appendix I (Policy) and Appendix J

(Procedure)

The Office of Internal Audit also has an administrative reporting structure directly to the

Superintendant, which is necessary to accommodate paychecks, reimbursements, provisions for office

space, and approval of leave time. A flowchart showing the Office of Internal Audits reporting structure

is located atAppendix H.

The Office of Internal Audit is currently staffed by one Director, but is expected to expand to a staff of

three total employees during the current year. Staff biographies are located inAppendix F.Appendix D

illustrates the departments available resources, assuming two staff auditors begin employment with the

District on January 3, 2012.

Risk Considerations

A risk is a set of circumstances that can hinder an objective. Throughout the preparation of this

document, the Office of Internal Audit was aware of the following risks and circumstances that

contributed to our final risk assessment and audit plan. This list is not intended to be all-inclusive, but itis intended to illustrate the numerous considerations that have gone into this risk assessment.

Control Environment The attitudes, values, actions, philosophies, and policies that set the culture

for an organization. Sometimes referred to as the Tone at the Top.

Inherent Risks The risk that would exist even if no internal controls or mitigating factors were put

in place. For example, cash handling has a high inherent risk.

Page 4 of 45


7/47



2011-2012

Control risks The risk that an internal control procedure will not be effective in mitigating risk.

Simply having a control in place does not ensure that it will be effective.

Reputational risk Risk that key customers and stakeholders will lose confidence in the

organization. This could have a negative impact on the Districts enrollment numbers and its chances

of passing future levies.

Compliance risk The risk of sanctions, financial loss, or loss of reputation resulting from failure to

comply with laws, regulations, codes of conduct, or standards. The District has a significant amount

of compliance requirements applicable to K-12 districts, and resulting from Federal, State, and grant

funding.

Financial risk The risk of losing funding or cash flow. There are a wide variety of circumstances that

could cause the District to lose public funds or property.

Operational risks The risk of loss resulting from a breakdown in internal controls, operations, or

procedures.

The following list identifies some of the risk considerations that are taken into account when assessing

risk. Each of the following situations would result in a higher risk rating:

Cash Areas that handle cash, or have a billing and collection function

Prior Audit Findings and Exceptions Areas prone to audit findings

Discretionary Budgets Areas that have large expenditures for contracts, purchases, or overtime

Turnover Areas that have recently experienced significant turnover

Policies and Procedures Areas without clearly defined and available written policies and

procedures

Certain significant risks associated with the District have been summarized in theExecutive Summary

section of this document. Throughout the preparation of this document, the Office of Internal Audit has

maintained a degree of professional skepticism, and will continue to do so as audits are conducted.

Internal Controls

In response to risks, organizations implement internal controls to mitigate those risks to an acceptable

level. The Office of Internal Audit has considered the Districts internal controls during the preparation

of this document.

The most widely used framework for internal control in the United States, and around the world, is

COSO. COSO stands for the Committee of Sponsoring Organizations of the Treadway Commission and it

is dedicated to providing guidance to executive management and governance entities on critical aspects

of organizational governance. COSO defines internal control as a process, effected by an entity's board

of directors, management, and other personnel, designed to provide reasonable assurance regardingthe achievement of objectives in the following categories: a) Effectiveness and efficiency of operations;

b) Reliability of financial reporting; and c) Compliance with laws and regulations. COSO defines internal

control as having five components:

1. Control Environment - Sets the tone for the organization, influencing the control consciousnessof its people. It is the foundation for all other components of internal control.

Page 5 of 45


8/47



2011-2012

2. Risk Assessment - The identification and analysis of relevant risks to the achievement ofobjectives, forming a basis for how the risks should be managed.

3. Information and Communication - Systems or processes that support the identification, capture,and exchange of information in a form and time frame that enable people to carry out their

responsibilities.

4. Control Activities - The policies and procedures that help ensure management directives arecarried out.

5. Monitoring - Processes used to assess the quality of internal control performance over time.Internal Audit Process

Appendix Eshows the process of creating an annual plan, conducting audits, communicating with

District staff and management, and finally reporting audit results directly to the Audit and Finance

Committee. It is not intended to show reporting structure, but rather to summarize the process that the

Office of Internal Audit goes through.

Page 6 of 45


9/47



2011-2012

PROCEDURES PERFORMED

The following procedures were followed in the completion of this Annual Risk Assessment and Audit

Plan:

1. Create an Audit UniverseIn order to start assessing risks and identifying which areas to audit, it is necessary to first identify all

the areas that could be selected for an audit. The audit universe serves as a starting point for

selecting areas to audit, and it includes all departments, programs, systems, and activities of the

District. The creation of an audit universe has an added benefit of providing knowledge about the

different functions the District performs. The knowledge gained during this process will be

instrumental in assessing risks.

The audit universe is a constantly evolving document that will be updated throughout the year to

reflect the creation or deletion of District programs. The audit universe used for this years audit

planning is attached inAppendix A, and is considered current as of September 23, 2011. Thefollowing items were reviewed and evaluated in order to compile the audit universe:

Districts Public Internet Site

Districts Internal Intranet Site

Districts Organizational Charts

Financial Reports

Prior Audit Reports and Workpapers

District Publications

Districts Policies & Procedures

The Accounting Manual for Public School

DistrictsDistrict Training Material

Observation of District Facilities

The Audit Universe and Annual Plans for

Other School Districts

Internal Audit Guides and Publications

The Washington Association of School

Business Officials Website and

Publications

Media Communications

The Office of the Superintendant of PublicInstruction Website and Publications

In addition to reviewing the above items, meetings were also conducted with the following groups:

School Board Directors

District Leaders and Managers

The State Auditors Office

The City of Seattles Ethics and Elections

Commission

2. Eliminate Low Risk Audit AreasAs indicated above, the audit universe includes all departments, programs, systems, and activities of

the District. This includes all academic and partnership programs, which are not likely to have largediscretionary budgets or cash receipting functions. Since these types of programs consist mainly of

salaries and are focused primarily on the education of students, they are less likely to be selected for

audit this year. There is the potential to audit these academic areas in future years to evaluate their

efficiency and effectiveness; however, this years audit plan will focus heavily on financial controls

and compliance. The Internal Audit Policy(G.23.00) states that the Office of Internal Audit is, to

conduct performance audits to support and promote integrity, openness and transparency with

Page 7 of 45


10/47



2011-2012

respect to internal financial controls and compliance of the district. Thus, the audit universe can be

scaled back to only include those areas that involve financial controls and compliance.

Appendix Bshows those areas that are being eliminated from the audit universe because they are

deemed to be low risk with respect to financial controls and compliance. Areas predominately

associated with a financial statement audit are also eliminated, since the State Auditors Office

conducts a financial audit annually. Some of the attributes used to determine if an area should be

automatically excluded from this years audit plan include:

Lack of a Discretionary Budget

Lack of a Cash Handling or Billing Function

Limited Compliance Requirements

Goals & Objectives are Primarily Academic

3. Condense Audit Universe into Major Audit AreasIn order to make the audit universe more manageable for risk assessment purposes, it will be

condensed into major audit areas. The original audit universe contained numerous audit areas

within the same department. For example, the Department of Technology Services (DoTS) has morethan twenty different areas listed as potential audit candidates. However, if DoTS is ultimately

selected for audit, it will not include procedures for all twenty areas. Only those areas deemed to be

the most risky would be audited. The excluded areas would be considered for an audit in

subsequent years. The specific risk areas to be audited within one department will be determined

during the planning phase of that audit. SeeAppendix Efor an illustration of the planning process.

Based on the same procedures and meetings documented in step #1 above, the remaining audit

universe was condensed into major audit areas. These major audit areas are documented in the first

column ofAppendix C. Each major audit area is deemed to have a risk related to financial controls

and/or compliance. This condensed audit universe will be the basis for a formal risk assessment that

will determine which areas to include in this years audit plan.

4. Compliance ImpactColumn #2 ofAppendix Cassesses the compliance impact of each major audit area. An assessment

of Low, Medium, or High was made, depending on the volume of compliance requirements

associated with each area. The compliance requirements include District policies and procedures, as

well as Federal and State laws and regulations.

5. Financial ImpactColumn #3 ofAppendix Cassesses the financial impact of each major audit area. Each area is rated

as having a Low, Medium, or High financial impact to the District. An exact dollar threshold is not

utilized because there are many uncertainties and factors that can affect the financial impact.

Specifically, certain areas can have a large financial impact despite having a relatively small budget.

For example, rentals/facility usage is not a significant funding source for the District; however, the

potential financial impact associated with liability lawsuits resulting from an injury sustained on

District property, escalates this audit area to a high financial impact. Another example is District

volunteers. There is little financial impact with performing background checks on volunteers;

however, the potential impact associated with allowing someone with a criminal background to

interact with students is high. Since financial data alone cannot be used to assess the financial

impact to the District, these assessments were reviewed by a committee consisting of the Interim

Page 8 of 45


11/47



2011-2012

Assistant Superintendant of Business of Finance, the Executive Director of Finance, the Risk

Management and Insurance Manager, the Audit Response Manager, and the Accounting Manger.

The assessments were first made by the Office of Internal Audit and were then reviewed by this

Committee. Adjustments were made where necessary, but the final assessment rests with the Office

of Internal Audit. In subsequent years, when the Office of Internal Audit is more knowledgeable of

the District, the Office of Internal Audit will take more ownership of this assessment to ensure its

ongoing independence.

6. Prior Audit ExceptionsIn addition to the Internal Audit Function, the District is audited frequently by various State and

Federal agencies, as well as the occasional independent contractor. Columns 4, 5, and 6 ofAppendix

Cidentify whether or not any exceptions were noted in these audits. The reporting agency is

identified in the year that the audit report was issued, and past audit exceptions include audit

findings, management letters items, or exit conference notifications. These columns are intended to

highlight those areas that may be prone to audit findings. They may also help identify those areas

that are audited frequently, but do not have any audit exceptions. The major programs audited bythe State Auditors Office during their Financial and Single Audit engagements are identified below.

If any exceptions were noted in these audits, that fact has been documented inAppendix C:

Major Program 2009 2010 2011

Title I Grants to Local Educational Agencies X X X

Special Education - Grants to States X X

Indian Education X X

Special Education - Preschool Grants X

ARRA - Title I Grants to Local Educational Agencies,

Recovery ActX

ARRA - Special Education Grants to States,Recovery Act

X X

ARRA - Special Education - Preschool Grants,

Recovery ActX

ARRA State Fiscal Stabilization Fund Education

State Grants,

Recovery Act

X X

Head Start X X X

ARRA - Head Start X

Child Nutrition Cluster X

Improving Teacher Quality X

Education and Human Resources XSafe and Drug Free Schools and Communities

State Grants

X

Reading First X

7. Overall Risk AssessmentBased upon all the information obtained to date, the Office of Internal Audit then assessed the

overall risk for each major audit area. This assessment is based on the items documented in

Page 9 of 45


12/47



2011-2012

Appendix C(Compliance Impact, Financial Impact, and exceptions noted in prior audit

engagements), and upon all the knowledge gained while performing each of the above procedures.

All of theRisk Considerationsdocumented in the Background section of this document play an

important role in the overall risk assessment. However, in the absence of any additional

information, the following table illustrates how risk is assessed if relying solely upon the financial

and compliance impact of each audit area:

Overall Risk Assessment

Financial

Impact High Medium High High

Medium Medium Medium Medium

Low Low Low Medium

Low Medium High

Compliance Impact

As this table illustrates, a slightly higher emphasis is placed on financial impact than compliance

impact.

8. Planned Control MonitoringThe Districts Board of Directors is taking a proactive approach to ensure adequate internal controls.

Several departments have been placed on a rotating schedule to appear before the School Boards

Oversight Work Session. During these sessions, the departments identify their key internal control

procedures, risks, and major initiatives. The Audit & Finance Committee also brings various

departments forward to discuss risks, controls, and initiatives. The schedule of upcoming and recent

sessions is documented in column #8 ofAppendix C. The departments presentations in these

sessions contain valuable information to the Office of Internal Audit, and will be used in ongoing risk

assessments. In addition, the dates of these sessions can impact the timing of internal audit

engagements. A department that has not gone through the practice of identifying risks and controls

may be in a greater need of an internal audit. On the other hand, a department that has already

presented their risks and controls may benefit from an audit soon after their presentation to

determine if their major initiatives are working as intended.

9. Current or Planned ActivitiesThe Districts leadership team is also taking the initiative in mitigating risks and ensuring adequate

internal controls. Column #9 inAppendix Cidentifies any current or planned activities that the

District is undertaking with respect to the major audit areas. This step was completed by the

Districts Audit Response Manager who is familiar with these initiatives, and was also reviewed by

the same committee identified in step #5 above. This column also identifies any future engagementsplanned by the State Auditors Office or other governing body. This information is helpful in planning

the timing of internal audit engagements. An area that is actively working to change and improve

their procedures may be best suited for an internal audit six to nine months after the improvements

are implemented. This would provide the audit area with valuable information as to whether or not

their procedures were adequate, and if they are working as intended.

Page 10 of 45


13/47



2011-2012

10.Audit PlanBased on the results of all planning procedures performed to date, the final step associated with

Appendix Cis to determine which areas to include in this years audit plan. An examination of

Appendix Creveals that 30 audit areas are rated as High Risk. However, given the Office of Internal

Audits available resources, as discussed in theBackground sectionof this document, only a few of

these high risk areas can be audited in the first year. In response to this limitation, the Office of

Internal Audit has developed a plan that will provide coverage to 15 high risk audit areas and 10

medium risk audit areas in the first year alone. The plan involves a hybrid approach between Full-

Scope Audits, Follow-Up Audits, and Limited Site-Based Procedures. Column #10 ofAppendix C

identifies the major audit areas that will be covered by each type of audit. Detailed information

about the different types of audits to be performed, and the areas selected for each type, is

included in theAudit Plansection of this document.

Page 11 of 45


14/47



2011-2012

AUDIT PLAN

Column #10 inAppendix Cidentifies the different types of audits that will be conducted this year,

along with the major audit areas to be covered by each engagement type. This section of the Annual

Risk Assessment and Audit Plan explains the different types of engagements, and also documentswhy each area was selected to be included in the final audit plan. Once approved, the final audit

plan will guide the Office of Internal Audits activities for the upcoming year. Any unforeseen

changes to the plan will be communicated to the Audit and Finance Committee as soon as possible.

If a school Board Member wishes to alter the approved audit plan, the proposal must be submitted

by two Board Directors, and ultimately approved by the Audit and Finance Committee. These

procedures will ensure the Office of Internal Audits independence and prevent the Office from

being used to promote a personal agenda.

Full-Scope Audits

The Full-Scope audits will involve a comprehensive review of the operation or system as a whole.

The focus will be on whether or not the operation or system is meeting its compliance requirements

while also providing effective financial internal controls. Depending on the area audited, fieldwork

procedures may also involve sampling various outlying schools and locations. This may be necessary

since some of the key control procedures may be performed outside of the central administration

building. A prime example of this is the Payroll system. Although Payroll is a centralized system, the

central office staff does not have direct knowledge of most employees work schedules. As a result

they rely heavily on the outlying Managers and Principals to conduct a thorough review of their

staffs payroll entry. When sampling of outlying schools is necessary, the procedures will leverage

off of the Limited Site-Based Procedures discussed below. In short, the Limited Site-Based

Procedures will include tests of transactions that will directly relate to these Full-Scope audits.

The following audit areas have been selected to receive a Full-Scope Audit:

Human Resources

The Districts largest operating expenditures are salaries and benefits. Human resources is

not only responsible for the hiring of new employees, but they are also instrumental in

providing internal controls to ensure that only legitimate employees are entered into the

payroll system. They also administer the employee benefits contracts, and ensure

compliance with numerous Federal, State, and local requirements. Significant financial

implications could be caused by fines or litigation resulting from non-compliance with

requirements relating to fair labor standards, discrimination, harassment, or the Family

Medical Leave Act. The Human Resources function is also responsible for maintaining data

related to teacher experience and qualifications, which has a material impact on the

apportionment funding that the District receives from the State. All of these factors upholdthe notion that Human Resource has an extremely high compliance and financial impact to

the District.

In addition to the compliance and financial impacts noted above, the Human Resources

function has endured twelve different changes to the top leadership position during the last

thirteen years. This alarming rate of turnover in a key leadership position increases the risk

that responsibilities and expectations are not clearly understood or aligned with District

Page 12 of 45


15/47



2011-2012

initiatives. It also increases the risk that institutional knowledge has left the District with

these previous employees, and that current staff are unaware of key internal control

requirements. The current Executive Director of Human Resources is in the midst of

restructuring and improving the Human Resources function, but has also indicated that the

Office of Internal Audit can be of value at the same time.

Centralized ASB (Associated Student Body Fund)

Numerous interviews were conducted with District staff to determine where the Districts

significant risks are. The one audit area that was mentioned most frequently as an area of

concern was ASB funds. There is widespread belief that problems exist with ASB funds. This

is further substantiated by recent ASB fund exceptions noted by the State Auditors Office.

There is a high likelihood of errors noted with ASB funds; however, the financial impact is

less certain. The total value of the ASB fund is approximately $4 million, which is less than

1% of the Districts general fund amount. However, the ASB fund represents monies that are

generated by students. Finding cost savings in the ASB fund will not increase the available

resources to the District, because those funds belong to students. However, as a steward to

these funds, the District has an obligation to ensure they are safe. Also, failure to properly

account for these funds can negatively impact the Districts reputation. Reputational risk is

difficult to quantify, but the long term impact of negative publicity could impact future

enrollment numbers as well as the Districts ability to pass upcoming levies. Safeguarding

the Districts reputation is increasingly important, due to the negative publicity received

within the past year.

The Limited Site-Based Procedures conducted at schools will include procedures relating to

ASB funds, including a surprise cash count. The results of these school audits will be used to

support an audit of the centralized ASB system, which will be conducted during the summer

months when schools are on break. The focus of this centralized system audit will be to

determine if the central office is properly accounting for all school ASB funds, and to ensurethat Central Administration is adequately supporting the schools. The Interim

Superintendants 4thPillar of Success calls for Central Office Staff Serving and Supporting

Schools and Families. One way that the Office of Internal Audit will be contributing to this

initiative is by ensuring that other centralized functions are adequately supporting schools

as well.

Technology Services

The Department of Technology Services takes up a significant portion of the Districts

general fund. The department also has capital expenditures associated with the Building,

Technology, and Academics levy. An interim Director was recently appointed, and the

department is not currently scheduled for any appearances before the Audit and FinanceCommittee or the Oversight Work Sessions. In addition, there have not been any recent

audits completed in this area. All of these factors indicate that the Department of

Technology Services could benefit from an internal audit.

Follow-Up Audits

The Follow-Up Audits will focus solely on those problem areas identified in previous audit reports. A

good candidate for a Follow-Up Audit will be an audit area that has received significant or numerous

Page 13 of 45


16/47



2011-2012

prior audit exceptions, and has recently implemented corrective actions to resolve those exceptions.

The primary objective of a Follow-Up Audit will be to determine if the newly implemented corrective

action plans are working as intended.

The following audit areas have been selected to receive a Follow-Up Audit:

Inventory/Equipment Tracking

Personal Service Contracting

Limited Site-Based Procedures

The Limited Site-Based Procedures will focus on the key compliance and financial controls expected

to be completed at schools. In addition to providing data to support the Full-Scope Audits and the

Follow-Up Audits that are already scheduled, they will also include procedures to ensure compliance

and financial accountability in a wide variety of other areas. By overlapping these audits and

leveraging off of the time spent at schools, the Office of Internal Audit will increase efficiency and be

able to provide coverage to more audit areas while limiting the amount of time required fromschool-based employees.

These procedures will be limited in duration, and will overlap with the Full-Scope Audits and Follow-

Up Audits that are also being conducted. As indicated in theFull-Scope Audits section above,

auditing procedures will most likely involve visits to outlying schools in order to verify certain key

controls. Since schools must be visited anyway, the Limited Site-Based Procedures are going to

leverage off of these school visits. In addition to verifying the key controls specific to the current

Full-Scope and Follow-Up Audits, the time spent at schools will also include procedures to gather

information about other key controls that the schools are expected to be following. Essentially, the

Office of Internal Audit will be using the time spent at schools to accomplish more than one

objective. TheExecutive Summaryalso discusses the importance of verifying key internal controls at

the source.

An individual audit report will be issued after each school visit; however, the intent of the report is

not to highlight the deficiencies of specific schools, but rather to shed light on those areas that may

represent a system-wide failure of internal controls. In fact, these engagements will actually offer

the schools an opportunity to articulate the challenges they face, and identify the areas where they

do not get enough support from Central Administration.

The results of these engagements will also be tracked and summarized in the Office of Internal

Audits Annual Summary. These results will be used to identify potential audit areas in subsequent

years. This plan provides a great opportunity to identify those areas where key controls are not

being adequately followed, or perhaps have not been adequately communicated to the schools. Itcould also identify those situations where schools do not have the support they need from central

administration, or where insufficient resources are available to perform the control procedures

properly.

The biggest benefit of these site-based key control verifications is that it will allow the Office of

Internal Audit to identify these potential problem areas now, rather than waiting until a Full-Scope

Audit can be performed sometime in the future. Even though the procedures will be limited, they

Page 14 of 45


17/47



2011-2012

will still identify the key deficiencies that could be indicative of a major system weakness. Identifying

these risks sooner, rather than later, will provide the School Board, District Leadership, and the

Office of Internal Audit advanced warning of impending problem areas. Corrective action plans can

be put in place before these impending problem areas escalate even further. In essence, the Limited

Site-Based Procedures are a proactive approach to prevent potential problem areas from goingundetected for a long period of time.

A total of six site-based audits are planned for this year, and will be conducted at various schools

dispersed throughout the district. The Office of Internal Audit will attempt to select schools from

different regions, and will divide them equally among high schools, middle schools, and elementary

schools. The identity of the schools selected will be kept confidential until after the engagement has

begun. This will allow the Office of Internal Audit to begin each engagement with a surprise cash

count.

The major audit areas to be covered by these Limited Site-Based Procedures include:

Transportation


Enrollment/Student Counts

School Security

Risk Management

Grants and Fiscal Compliance

Purchasing & Contracting

Nutrition Services



Time & Effort Reporting

Donations

Athletics

Expense Reimbursements

Travel Expenditures


ASB and Self Help at Schools

Class Fees & Student Fines


Booster Clubs

Other Projects

In addition to the audits noted above, the Office of Internal Audit will have other projects to complete as

well. Some of these projects, such as maintaining a department website and preparing an annual

summary for the School Board, will be ongoing projects from year to year. However, other projects, such

as hiring new staff auditors and creating a department Policy and Procedures Manual, are one-time

projects associated with setting up a new department. The following list is presented to identify the

non-audit projects that will incur internal audit resources this year:

Hiring of New Staff Members

Supervision of Staff Auditors

Continuing Professional Education Training

Special Requests and Investigations

Creating Protocols for Accepting Special Requests

Developing Department Mission, Goals, and Objectives

Developing Department Policy and Procedures Manual

Documenting Generally Accepted Government Auditing Standards (Yellow Book) Compliance

Creating & Maintaining a Department Website

Preparing the Internal Audit Annual Summary

Page 15 of 45


18/47



2011-2012

Developing Subsequent Years Annual Risk Assessment and Audit Plan

With regard to Special Requests and Investigations, the Office of Internal Audit will include a customer

service aspect in its audit plan. Resources will be made available to support schools should they

encounter a situation that requires internal audit expertise. Offering this service will accomplish twoobjectives. First, it will support the Interim Superintendants 4

th Pillar or Success Central Office Staff

Serving and Supporting Schools and Families. Second, it will serve to break down the barriers associated

with audits, and demonstrate to schools that the Office of Internal Audit can be viewed as a resource

and a partner. However, to ensure independence and the proper use of internal audit resources, special

requests must demonstrate why internal audits expertise or objectivity is necessary.

Calendar

Appendix Gis a Gantt chart illustrating the timing of this years audit plan. The calendar is simply an

estimate based on certain facts and assumptions as of October 2011. Updates to the calendar will be

made as necessary.

Areas Not Selected for Audit

One high risk area that is not selected for audit at this time is Capital. Although Capital is rated as a high

risk area, and has had recent audit findings cited, it is not included in this years audit plan due to timing.

The District is currently making significant changes to the Capital department, and is contracting with

the Educational Service District (ESD) to provide restructuring recommendations. The ESD is providing

consulting services related to the department reorganization, and is also conducting reviews of potential

problem areas. An internal audit conducted during this transitional phase would likely identify problem

areas that are already known to exist, and have already been identified for corrective action. A better

alternative would be to audit this area once a majority of the restructuring is complete, and the

department has had some time to implement and modify its new procedures. In addition, the State

Auditors Office has indicated Capital is going to be a main area of focus for their current audit. An

internal audit at this point could be a duplication of efforts, and would be an unnecessary burden to theCapital department employees.

Page 16 of 45


19/47



2011-2012

Appendix A Audit Universe

Audit Universe

The audit universe serves as a starting point for selecting areas to audit, and it includes all departments,

programs, systems, and activities of the District.

Department/Program

Superintendants Office

Administration

Control Environment (Strategic Plan and Tone at the Top)

Reflected in staffing decisions, budgets, and dept goals, objectives, & procedures?

Policies and Procedures, internal communication, safety, evaluations, etc

Academics/Teaching & Learning

Executive Director Offices

Research, Evaluation & Assessment-SISO

Reliability and usefulness of data in analyzing program effectiveness

MAP Assessment

Student Information Services Office (SISO)

Testing Integrity

Enrollment Reporting/Student Counts

e-SIS Phase Out Plan

English Language Learners (ELL)

Bilingual Family Center

Migrant Education

Refugee Impact

International Education

Special EducationAdministration/Contracting

Reporting/Compliance

Student Discipline

Individualized Education Plan (IEP)

Physical Therapy

School Psychologists

Speech Language Pathology Audiology

Career & Technical Education

Agriculture, Arts, Media, Science, & Engineering

Business, Marketing, & IT

Special Population City Campus CounselingHealth & Human Services and Family & Consumer Science

Career Academics

Counselor Nontraditional

Program Analyst

Auto Shop

College & Career Readiness

Curriculum & Instruction

Page 17 of 45


20/47



2011-2012

Department/Program

Math & Science

Science Materials Center

Literacy & Social Studies

Library Services & TechnologyInstructional Support

Head Start

Physical Ed & Health Literacy

Professional Development & PLC

Native American Education (Federal Funding)

Visual & Performing Arts

Merit & School Improvement Grants

Early Learning

Advanced Learning

Alternative Programs (Southlake, Interagency, Pinehurst, Pathfinder)

Alternative Learning Experience

Adequate documentation to support funding?

Traffic Education

All City Band

Approved Instructional Materials Catalog

Professional Library

Huchoosedah Indian Education

Booster Clubs

STAR Program

ASB at Schools

Cash Handling

Classes, Clubs, Private Monies

AthleticsClass fees

Graduation Requirements

Effectiveness of Academic Programs(Working or can they be cut entirely?)

Intervention ProgramsDoes an intervention program such as math really improve a students

performance?

KNHC Radio

Instructional Broadcast Center

Partnerships, Policy, & Communications

School & Community Partnerships

Community Schools Grant CoordinatorAcceptable Expenditures Out of Community Schools

Alignment Initiative Coordinator

Supplemental Education Services

Communications Office

Board Office

Board Policies

School Family Partnerships

Page 18 of 45


21/47



2011-2012

Department/Program

Outreach & Training Specialist

Readiness to Learn

Family & Community Engagement

Building and Ground UseRental/Lease Rates

Outside organization in the classroom and after school programs


Background checks

Government Relations

PDC Reports and Quarterly L-5s

Operations

Logistics/ Procurement & Distribution Services

Purchasing

Contracting Services/Bid Compliance

Warehouse & Distribution

Mail Services

Fleet Management

Vehicle Usage

Transportation

Operations/Efficiency

ORCA Cards

Enrollment & Customer Services

Open Enrollment

Facilities Operations

Operations (Property Mgmt/Grounds)

MaintenanceInter-dept billing

Prioritizing Projects 1st come/1st served, or based on need or ability to pay?

Custodial Services


Buildings and Grounds Use (Also related to Partnerships, Policy, & Communications)

Insurance Requirement

Self Help

Energy Conservation (Reduction of utility costs)

Environmental Services

Surplus Warehouse

Major Preventive MaintenanceWork Management System (WMS)

Capital Projects & Planning

Capital Facilities

Capital Project Management

Capital Planning Coordination

Capital Facilities Communication

Capital Document Control

Page 19 of 45


22/47



2011-2012

Capital Financial Controls

Building Excellence (BEX)

Buildings, Technology & Academics (BTA)

Small Works

Capitalization/ValuationCIP

Appropriate Usage of Capital Funds

Staffing

Supplies and textbooks

Storage of Furniture and Portables

Technology

Board Disclosure Public Bids/Splitting of Contracts/Change Orders

Project Planning/Design

Current capacity vs. future need

Change Orders

Disclosure of Known Conditions Upfront

Planning for Unknown Conditions

Impact of Enrollment Projections

Levy Planning Process

Overpayments to Vendors

Invoice Standardization

Asset Management

Technology Services (DoTS)

Tech Plan Long term strategies for upgrades and replacement

System Security & Access

Backup & Recovery Procedures

Data Disaster Recovery (Also relates to Continuity of Operations)

Equipment PurchasingEquipment Tracking

Equipment Surplus

Software Licenses

Publishing Services

Project Management

Application Services

Customer Support/TechLine

Operations/Network Services

Web Publishing Support

Classroom Technology

Proper Use of Capital FundsUse of Contractors vs. Hiring of Employees

Telephones (Telecommunications)

Voicemail

Standard Course Catalog Search

eSIS Student Reporting System

Records Management

Archives (Legal?)

Page 20 of 45


23/47



2011-2012

School Record Retention

Student Records

Safety & Emergency Management

Emergency Communications

Alarm ResponseFingerprinting

School Security

Key Inventory

Athletics

Gate Receipts

Tournaments


Fundraising/ASB Compliance

Recruiting

Academic Integrity

Coordinated School Health

School Nurses

Nutrition Services

Cash Handling

Expenditure Cycle

Fixed Assets

Inventory Controls

Inter-dept billing

Federal and State Health Regulations Compliance

Centralized Cooking Did it reduce costs? Did it also reduce sales?

Family Support Program

Health Intervention

TruancyDiscipline

Intervention

Homelessness

Health Network

Operations Analysis & Special Projects

Management Systems

Professional Development

Tracking & Compliance

Administration/Course Offerings

Data Analysis-Grants Management

Asst Superintendant Business & Finance

Accounting/Finance

Audit Response

Budget Office

Development

Monitoring

Transfers

Page 21 of 45


24/47



2011-2012


Scope of Work

Management of Contract/Invoice Review

Insurance/Liability

Accounts PayableEmployee Expense Reimbursements (Avenue to bypass purchasing procedures?)

Travel Agent & Expenditures

Purchasing Cards???


Billing

Accounts Receivable/Collections

General Ledger/Financial Reporting

Grant Accounting

Cash Collection

Treasury/Investment Management (King County)

Centralized ASB Procedures

Purchasing (1/1/12)

Contracting Services/Bid Compliance (1/1/12)

Debt Service Fund

Bonds



Furlough Administration

Risk Management

Enterprise Risk Management

Insurance Claims & Processing

Safety DOSH Compliance

Workers Compensation (Also related to HR)Administration

Disability Payments

School Health Rules DOH

Student Safety

Insurance WORMP

Incident/Accident Reviews

Safe Routes to School

DOT Random drug/alcohol screening

Medicare Secondary Payout

On-school Activities (Bouncy Houses, Dunk Tanks, etc)

Fire PreventionHIV/AIDS Education Compliance

School Site Emergency Mgmt Plan/Critical Incident Mgmt for School Training

Asbestos Management Plan

Continuity of Operations

Plan in place for disasters, loss of facilities, pandemics, loss of key personnel?

Enrollment

Planning and Projections

Page 22 of 45


25/47



2011-2012

Impact on Staffing (# of Teachers Impact to Principals and HR)

Impact on zoning, construction, & school resources (equip, lunches, books)

Local Levies

Time & Effort Reporting Federal Funds

Deputy Superintendants Office

General Counsel

Public Records Requests

Section 504 Coordinator

Contracting

Human Resources and Employment

Recruitment & Selection

Position Control

Staff Mix S-275 Reporting

Transfers & Promotions

Performance Evaluations

Terminations/Retirements

Temporary Contracts (Are they really an employee?)

Personnel Records

Professional Certification

Employee Labor Relations/Discipline

Timeliness of investigations/resolutions

Quality of investigations

Severance Packages

Substitutes

Compensation

Benefits

Regular bidding of providers and administrator contractsEmployee Assistance Program (EAP)

Compliance (FMLA, Harassment, etc)

Adding/Removing Employees from Payroll System

File Room

Professional Growth & Leadership

Teacher Consulting

SIG Schools

Principal Consulting

Teacher Incentive Fund (TIF)

Career Advancement, Growth and Support


Internal Audit Peer Review

Additional Audit Areas (Not Identified on the Org Charts)

Grants and Fiscal Compliance(Part of Teaching & Learning Merit & School Improvement

Grants or part of Partnership, Policy, & Communications Community Schools Grant

Coordinator or part of Operations Data Analysis Grants Mgmt?)

Page 23 of 45


26/47



2011-2012

Inventory(Part of Nutrition Services, warehouse, or ICT? What is accountings role?)

Physical Inventories/Tracking

Valuation

Surplus/Retirements

Small and Attractive AssetsScrap Metal

National Board Certification(Part of Teaching & Learning or HR?)

Service Learning

Inter-department billing

Source

Teach for America

Reduction in Force Planning

Self Help Accounting

Contract Negotiations (An audit could be valuable in an area is due for negotiation soon.)

Seattle Schools Scholarship Fund Outside Agency

Alliance for Education Outside Agency

Public Education Foundations???

DonationsIs there a centralized donation office? Does central office know when a school receives

a donation?

Other Projects to Include in the Audit Plan

1. Special Requests, investigations, and hotline referrals2. SAO Loss Reporting and Restitution Agreements3. Hiring of new staff members4. Developing department Mission, goals, and objectives5. Developing department policy and procedures manual6. Documenting GAGAS (Yellow Book) compliance7. Department Website creation8. Audit Plan Development9. Annual Summary for School Board10. Internal Audit Administrative Duties11.Professional Development

Page 24 of 45


27/47



2011-2012

Appendix B

Appendix B shows those areas that are being eliminated from the audit universe because they are

deemed to be low risk with respect to financial controls and compliance. Areas eliminated are lined out:

Department/Program

Superintendants Office

Administration

Control Environment (Strategic Plan and Tone at the Top)

Reflected in staffing decisions, budgets, and dept goals, objectives, & procedures?

Policies and Procedures, internal communication, safety, evaluations, etc

Academics/Teaching & Learning

Executive Director Offices

Research, Evaluation & Assessment-SISO

Reliability and usefulness of data in analyzing program effectiveness

MAP Assessment

Student Information Services Office (SISO)

Testing Integrity

Enrollment Reporting/Student Counts

e-SIS Phase Out Plan

English Language Learners (ELL)

Bilingual Family Center

Migrant Education

Refugee Impact

International Education

Special Education

Administration/ContractingReporting/Compliance

Student Discipline

Individualized Education Plan (IEP)

Physical Therapy

School Psychologists

Speech Language Pathology Audiology

Career & Technical Education

Agriculture, Arts, Media, Science, & Engineering

Business, Marketing, & IT

Special Population City Campus Counseling

Health & Human Services and Family & Consumer ScienceCareer Academics

Counselor Nontraditional

Program Analyst

Auto Shop

College & Career Readiness

Curriculum & Instruction

Math & Science

Page 25 of 45


28/47



2011-2012

Department/Program

Science Materials Center

Literacy & Social Studies

Library Services & Technology

Instructional SupportHead Start

Physical Ed & Health Literacy

Professional Development & PLC

Native American Education (Federal Funding)

Visual & Performing Arts

Merit & School Improvement Grants

Federal Grants/Title 1

Early Learning

Advanced Learning

Alternative Programs (Southlake, Interagency, Pinehurst, Pathfinder)

Alternative Learning Experience

Adequate documentation to support funding?

Traffic Education

All City Band

Approved Instructional Materials Catalog

Professional Library

Huchoosedah Indian Education

Booster Clubs

STAR Program

ASB at Schools

Cash Handling

Classes, Clubs, Private Monies

AthleticsClass fees

Graduation Requirements

Effectiveness of Academic Programs(Working or can they be cut entirely?)

Intervention ProgramsDoes an intervention program such as math really improve a students

performance?

KNHC Radio

Instructional Broadcast Center

Partnerships, Policy, & Communications

School & Community Partnerships

Community Schools Grant CoordinatorAcceptable Expenditures Out of Community Schools

Alignment Initiative Coordinator

Supplemental Education Services

Communications Office

Board Office

Board Policies

School Family Partnerships

Page 26 of 45


29/47



2011-2012

Department/Program

Outreach & Training Specialist

Readiness to Learn

Family & Community Engagement

Building and Ground UseRental/Lease Rates

Outside organization in the classroom and after school programs


Background checks

Government Relations

PDC Reports and Quarterly L-5s

Operations

Logistics/ Procurement & Distribution Services

Purchasing

Contracting Services/Bid Compliance

Warehouse & Distribution

Mail Services

Fleet Management

Vehicle Usage

Transportation

Operations/Efficiency

ORCA Cards

Enrollment & Customer Services

Open Enrollment

Facilities Operations

Operations (Property Mgmt/Grounds)

MaintenanceInter-dept billing

Prioritizing Projects 1st come/1st served, or based on need or ability to pay?

Custodial Services


Buildings and Grounds Use (Also related to Partnerships, Policy, & Communications)

Insurance Requirement

Self Help

Energy Conservation (Reduction of utility costs)

Environmental Services

Surplus Warehouse

Major Preventive MaintenanceWork Management System (WMS)

Capital Projects & Planning

Capital Facilities

Capital Project Management

Capital Planning Coordination

Capital Facilities Communication

Capital Document Control

Page 27 of 45


30/47



2011-2012

Department/Program

Capital Financial Controls

Building Excellence (BEX)

Buildings, Technology & Academics (BTA)

Small WorksCapitalization/Valuation

CIP

Appropriate Usage of Capital Funds

Staffing

Supplies and textbooks

Storage of Furniture and Portables

Technology

Board Disclosure Public Bids/Splitting of Contracts/Change Orders

Project Planning/Design

Current capacity vs. future need

Change Orders

Disclosure of Known Conditions Upfront

Planning for Unknown Conditions

Impact of Enrollment Projections

Levy Planning Process

Overpayments to Vendors

Invoice Standardization

Asset Management

Technology Services (DoTS)

Tech Plan Long term strategies for upgrades and replacement

System Security & Access

Backup & Recovery Procedures

Data Disaster Recovery (Also relates to Continuity of Operations)Equipment Purchasing

Equipment Tracking

Equipment Surplus

Software Licenses

Publishing Services

Project Management

Application Services

Customer Support/TechLine

Operations/Network Services

Web Publishing Support

Classroom TechnologyProper Use of Capital Funds

Use of Contractors vs. Hiring of Employees

Telephones (Telecommunications)

Voicemail

Standard Course Catalog Search

eSIS Student Reporting System

Records Management

Page 28 of 45


31/47



2011-2012

Department/Program

Archives (Legal?)

School Record Retention

Student Records

Safety & Emergency ManagementEmergency Communications

Alarm Response

Fingerprinting

School Security

Key Inventory

Athletics

Gate Receipts

Tournaments


Fundraising/ASB Compliance

Recruiting

Academic Integrity

Coordinated School Health

School Nurses

Nutrition Services

Cash Handling

Expenditure Cycle

Fixed Assets

Inventory Controls

Inter-dept billing

Federal and State Health Regulations Compliance

Centralized Cooking Did it reduce costs? Did it also reduce sales?

Family Support ProgramHealth Intervention

Truancy

Discipline

Intervention

Homelessness

Health Network

Operations Analysis & Special Projects

Management Systems

Professional Development

Tracking & Compliance

Administration/Course OfferingsData Analysis-Grants Management

Asst Superintendant Business & Finance

Accounting/Finance

Audit Response

Budget Office

Development

Page 29 of 45


32/47



2011-2012

Department/Program

Monitoring

Transfers


Scope of WorkManagement of Contract/Invoice Review

Insurance/Liability

Accounts Payable

Employee Expense Reimbursements (Avenue to bypass purchasing procedures?)

Travel Agent & Expenditures

Purchasing Cards???


Billing

Accounts Receivable/Collections

General Ledger/Financial Reporting

Grant Accounting

Cash Collection

Treasury/Investment Management (King County)

Centralized ASB Procedures

Purchasing (1/1/12)

Contracting Services/Bid Compliance (1/1/12)

Debt Service Fund

Bonds



Furlough Administration

Risk Management

Enterprise Risk ManagementInsurance Claims & Processing

Safety DOSH Compliance

Workers Compensation (Also related to HR)

Administration

Disability Payments

School Health Rules DOH

Student Safety

Insurance WORMP

Incident/Accident Reviews

Safe Routes to School

DOT Random drug/alcohol screeningMedicare Secondary Payout

On-school Activities (Bouncy Houses, Dunk Tanks, etc)

Fire Prevention

HIV/AIDS Education Compliance

School Site Emergency Mgmt Plan/Critical Incident Mgmt for School Training

Asbestos Management Plan

Continuity of Operations

Page 30 of 45


33/47



2011-2012

Department/Program

Plan in place for disasters, loss of facilities, pandemics, loss of key personnel?

Enrollment

Planning and Projections

Impact on Staffing (# of Teachers Impact to Principals and HR)Impact on zoning, construction, & school resources (equip, lunches, books)

Local Levies

Time & Effort Reporting Federal Funds

Deputy Superintendants Office

General Counsel

Public Records Requests

Section 504 Coordinator

Contracting

Human Resources and Employment

Recruitment & Selection

Position Control

Staff Mix S-275 Reporting

Transfers & Promotions

Performance Evaluations

Terminations/Retirements

Temporary Contracts (Are they really an employee?)

Personnel Records

Professional Certification

Employee Labor Relations/Discipline

Timeliness of investigations/resolutions

Quality of investigations

Severance PackagesSubstitutes

Compensation

Benefits

Regular bidding of providers and administrator contracts

Employee Assistance Program (EAP)

Compliance (FMLA, Harassment, etc)

Adding/Removing Employees from Payroll System

File Room

Professional Growth & Leadership

Teacher Consulting

SIG SchoolsPrincipal Consulting

Teacher Incentive Fund (TIF)

Career Advancement, Growth and Support


Internal Audit Peer Review

Page 31 of 45


34/47



2011-2012

Department/Program

Additional Audit Areas (Not Identified on the Org Charts)

Grants and Fiscal Compliance(Part of Teaching & Learning Merit & School Improvement

Grants or part of Partnership, Policy, & Communications Community Schools Grant

Coordinator or part of Operations Data Analysis Grants Mgmt?)Inventory(Part of Nutrition Services, warehouse, or ICT? What is accountings role?)

Physical Inventories/Tracking

Valuation

Surplus/Retirements

Small and Attractive Assets

Scrap Metal

National Board Certification(Part of Teaching & Learning or HR?)

Service Learning

Inter-department billing

Source

Teach for America

Reduction in Force Planning

Self Help Accounting

Contract Negotiations (An audit could be valuable in an area is due for negotiation soon.)

Seattle Schools Scholarship Fund Outside Agency

Alliance for Education Outside Agency

Public Education Foundations???

DonationsIs there a centralized donation office? Does central office know when a school receives

a donation?

Other Projects to Include in the Audit Plan

12.Special Requests, investigations, and hotline referrals13.SAO Loss Reporting and Restitution Agreements14.Hiring of new staff members15.Developing department Mission, goals, and objectives16.Developing department policy and procedures manual17.Documenting GAGAS (Yellow Book) compliance18.Department Website creation19.Audit Plan Development20.Annual Summary for School Board21. Internal Audit Administrative Duties22.Professional Development

Page 32 of 45


35/47

Appendix C Risk Assessment and Audit Plan

1 2 3 4 5 6 7 8 9 10

Audit Area

Compliance

Impact

Financial

Impact

Previous Audit

Exceptions *Overall

Risk

Rating

Planned

Control

Monitoring

Current or Planned

Activities

(Non-Internal Audit)

2011/2012

Audit Plan2009 2010 2011

Human Resources High High SAO SAO SAO High OWS 3/21/12 Review and restructuringFull-Scope

AuditCentralized ASB Procedures High Medium SAO High Increased training

Technology Services High High High

Inventory/Equipment Tracking High Medium SAO SAO SAO High A&F Annual Improved process Follow-up

AuditPersonal Service Contracting High Medium SAO SAO SAO High Improved procedures

Transportation High High SAO SAO High OWS 2/8/12 New service model

Limited Site-

Based

Procedures

(Procedures

will verify that

key controls

specific to

these areas are

be performed

at 6 schools.

The results of

these audits

will also

support the

Full-Scope

Audits and the

Follow-Up

Audits.)

Payroll and Leave Time Reporting High High SAO SAO SAO High OWS 10/26/11 Improved procedures

Enrollment/Student Counts High High SAO SAO SAO High Improved procedures

School Security High High High

Risk Management High High High OWS 6/6/12

Grants and Fiscal Compliance High High SAO SAO SAO High

Purchasing & Contracting High High High OWS 8/17/11

Nutrition Services High High SAO High OWS 11/30/11 Centralized production

Volunteering with SPS High High High

Rentals/Facility Usage Medium High SAO SAO High OWS 2/1/12

Time & Effort Reporting High Medium SAO SAO Medium Training

Donations High Medium Medium

Athletics High Medium SAO Medium OWS 11/30/11

Expense Reimbursements High Medium Medium

Travel Agent & Expenditures High Medium SAO SAO Medium Revised procedure

Kindergarten Tuition High Medium SAO Medium Centralized billing function

ASB and Self Help at Schools High Medium SAO SAO Medium Increased training

Class Fees & Student Fines High Medium Medium

Loss Reporting to the SAO High Low SAO SAO SAO Medium Revised procedure

Booster Clubs Medium Low Medium

OWS = Oversight Work Session *Includes Audit Findings, Management Letter Items, and Exit Items, as

well as recommendations from Performance Audits and Special

Investigations.

SAO = State Auditors Office

A&F = Audit & Finance Committee

ESD = Educational Service District

Page 33 of 45


36/47

Appendix C Risk Assessment and Audit Plan

1 2 3 4 5 6 7 8 9 10

Audit Area

Compliance

Impact

Financial

Impact

Previous Audit

Exceptions *Overall

Risk

Rating

Planned

Control

Monitoring

Current or Planned

Activities

(Non-Internal Audit)

2011/2012

Audit Plan2009 2010 2011

Capital Projects & Planning High High SAO SAO SAO High OWS 4/4/12ESD 112 review &

SAO Audit-Winter2011/2012

Future Audit

Engagement

Based on

Subsequent

Years Risk

Assessment

Enrollment Planning & Projection High High High OWS 3/7/12

Special Education High High SAO SAO High

Staff Mix High High SAO SAO High

Federal Programs (Head Start, Title1, Native American Education)

High High SAO SAO SAO High

Treasury/Investment Mgmt High High SAO High

Safety & Emergency Mgmt High High High OWS 5/23/12

Maintenance Medium High SAO High OWS 2/1/12

Accounts Payable Medium High SAO SAO SAO High OWS 10/26/11 Improved procedures

Budget Development Medium High High

General Counsel High High High OWS 6/20/12

Reduction in Force Planning Medium High High

Custodial Services Medium High High OWS 2/1/12

Energy Conservation Low Medium Medium

Central Office Cash Collection High Medium SAO Medium

Property Management High Medium SAO Medium OWS 2/1/12 Improved procedures

Purchasing Cards High Medium SAO Medium

Alternative Learning Experience High Medium MediumGL/Financial Reporting High Low SAO SAO Medium OWS 10/26/11 Improved process

Billing, A/R, & Collections Medium High Medium

Overall Control Environment Medium Medium Medium

Traffic Education Medium Medium Medium

Warehouse & Distribution Medium High Medium OWS 8/17/11

Fleet Management Medium Medium Medium

Enrollment & Customer Services Medium Low Medium

School & Community Partners Medium Medium Medium

Surplus Warehouse Medium Medium Medium

Environmental Services Low Medium Medium

Enterprise Risk Management Low Medium Medium New Function - A&F Quarterly & OWS 6/6/12

Page 34 of 45


37/47



2011-2012

Appendix D - Available Resources

The following information is based on the Director of Internal Audit being available for audit work on

October 12, 2011, and the two Internal Audit staff members being available on January 3, 2012. Resources

are calculated through August 31, 2012:

Description Hours

% of Total

Time Available

Total Contract Hours 4648 100%

Less Total Leave Time 565 12%

Net Hours Available 4083 88%

Less General Administration (10%) 408 9%

Hours Available for Project Scheduling: 3674 79%

Department-Wide Projects:

Supervision of Staff Auditors (45% of Staff Project Time) 886 19%

District/New Employee Training (5 days per person) 120 3%

CPE Training (40 hrs per person annually) 93 2%

Special Request Protocols 24 1%

Hiring of New Staff Members 40 1%

Developing Department Mission, goals, and Objectives 16 0%

Developing Department Policy and Procedures Manual 40 1%

Documenting GAGAS (Yellow Book) Compliance 40 1%

Department Website Creation & Maintenance 40 1%

Total Dept-Wide Projects: 1299 28%

Audit Projects:

Audit Plan Development 120 3%

Special Requests (12% of Available Project Time) 414 9%

Internal Audit Annual Summary 40 1%

Special Request - Capital Contracting 80 2%

Special Request - Use of Special Ed Funds 50 1%

Development of Site-Based Audit Program 80 2%

Human Resources System Audit 400 9%

CSA - High School 150 3%

CSA - Middle School 120 3%

CSA - Elementary School 100 2%

Inventory/Equipment Tracking System Audit 100 2%

CSA - High School 150 3%CSA - Middle School 120 3%

CSA - Elementary School 100 2%

Personal Service Contracts System Audit 100 2%

Centralized ASB System Audit 150 3%

Technology Services System Audit (101 hrs this year) 400 9%

Total Audit Projects 2674 58%

Planned Carryover Hours (DoTS) -299 -6%

Page 35 of 45


38/47



2011-2012

Appendix E Internal Audit Process Flowchart

Page 36 of 45


39/47



2011-2012

Appendix F Staff Biographies

Andrew Medina, CPA, CFE,Director of the Office of Internal Audit

Andrew is a Certified Public Accountant (CPA), a Certified Fraud Examiner (CFE), and has over 18 years of

audit experience. He joined Seattle Public Schools in August of 2011, after serving four years as a SeniorAuditor for the Port of Seattle. Prior to joining the Port, Andrew was an internal auditor for the Clark

County School District in Las Vegas, Nevada. He spent five years managing and conducting financial,

operational, and compliance audits of the Nations fifth largest school district. As a Certified Fraud

Examiner, Andrew was the department's fraud specialist, responsible for conducting the majority of the

Districts fraud investigations, as well as providing training to management and staff on fraud awareness

and prevention. His fraud case study based on actual elementary school events was published in Internal

Auditormagazine in February 2009. Prior to joining the Clark County School District, Andrew was a

senior auditor with the State of Nevada Gaming Control Board. For 10 years Andrew helped regulate the

casino industry by managing and conducting compliance, money laundering, and financial audits of

Nevadas largest casinos.

Vacant Internal Auditor

Vacant Internal Auditor

Page 37 of 45


40/47



2011-2012

Appendix G

Page 38 of 45


41/47

Organizational Chart2011-12

SuperintendentSusan Enfield

(Interim)saenfield

206.252.0167

Assistant SuperintendentTeaching & LearningCatherine Thompson

ctthompson206.252.0017

AssistanO

P

2

Director,Logistics

Bob Westgard

Director,Capital Projec

Lucy Morello

Manager, SafetEmergency Mg

Larry Dorsey

School Board206.252.0040

Director,Internal Audit

Andrew Medina

ajmedina

Executive Directorsof Schools

NE RegionPhil Brockman

pbrockman206.252.0150

Central RegionNancy Coogan

necoogan206.252.0103

NW RegionMarni Campbell

macampbell206.252.0396

W. Seattle RegionAurora Lora

aalora206.252.0396

SE RegionMichael Tolley

mftolley206.252.0150

SE RegionBree Dusseault

bndusseault206.252.0103

ManagerSchool FamilyPartnerships

Bernardo Ruiz

Manager, School &CommunityPartnerships

Courtney Cameron

Manager, SchoolBoard OfficeErinn Bennett

Director, AthletEric McCurdy

Exec. DirectorResearch, Eval.Assessment &Development

Mark Teoh

Exec. DirectorSpecial Ed

Becky Clifford(Interim)

Director, EnglishLanguage Learners

& InternationalPrograms

Veronica Gallardo

Manager,Career & Technical

EdShep Siegel

Coordinator,College & Career

Readiness

Janet Blanford

Director, Curriculum& Instruction Support

Wendy London

Exec. Director,Merit & School

Improvement GrantsScott Whitbeck

Manager,Early Learning

Kimberly Kinzer

Manager,Advanced Learning

Robert Vaughan

Traffic Education

ChiefCommunications

OfficerLesl

sps annual risk assessment and audit plan - october 2011

Documents