City of Cape Coral
City Auditor's Office Annual Audit Plan
Per Ordinance 79-10 in Section One (d) Nature, Objective and Scope of the Audit Function the City Auditor shall submit an Annual Audit Plan to the City Council for approval by October of each fiscal year. FY 2023 Approved Strategic Plan and Audit Plan
How are audits selected for inclusion in the audit plan?
It is the policy of the City Auditor’s Office to conduct a Citywide Risk Assessment every three years. This assessment process provides a systematic and disciplined methodology for ranking risks throughout the City. We use this to identify those areas where the use of audit resources would be most beneficial.
Why is a risk assessment used?
The focus of a risk assessment analysis is to provide a comprehensive and systematic approach to evaluating risk exposures. A risk assessment methodology is established to enhance objectivity and transparency of the audit prioritization process and to provide a sound basis for the selection of potential engagements to be included in the audit plan.
What is a risk assessment?
The focus of a risk assessment analysis is to provide a comprehensive and systematic approach to evaluating risk exposures. For this purpose, we define Risk as “the potential likelihood that some event will impair the City’s ability to achieve its objectives in an effective, efficient or economic manner; comply with laws and regulations; and/or ensure proper financial reporting”.
The factors used to quantify risk
We base our risk model on six factors or elements of risk listed below with their assigned weights:
- Monetary Impact
- Operational Impact
- Number of Years Since Last Audit
- Compliance with Law, Regulations, and Provisions
- Quality of and Adherence to Internal Control
- Number of Staff
Conducting a risk assessment within the City
The risk assessment includes interviews with management throughout the City as well as Council Members and the Audit Committee members. It also includes a review and analyses of key documents such as budget documents, organization charts, the long and short-range department plans, as well as review of risks and best practices that could be applicable.
The Objective for Internal Audit’s Risk Model
The refinement of the risk assessment model will remain an ongoing priority of internal auditing. Our objective will be to assign internal audit resources in the optimum manner to audits with the greatest risk, and with the greatest opportunity for potential improvements and/or potential savings or recoveries.
To view the current Fiscal Year Annual Audit Plan, click here. (Adobe Acrobat Required)