of Illino St ate is Illinoi dit Of Au s al fi c e rn of Inte Re-Designing State Internal Auditing in Illinois A Value-Added Approach Presented by John W. Cressman, Chief Internal Auditor Illinois Office of Internal Audit As Introduced by William G. Holland, Auditor General State of Illinois Illinois Management Issues • Reducing Budget Deficits • Increasing state government efficiency and producing cost savings • Coordinating functions common to multiple agencies • Sharing information and developing standards across like functions • Establishing a statewide risk management structure Governor’s Executive Order 2003-10 • Coordinate certain functions common to many state agencies, including facilities management, staff legal functions, and internal auditing • Consolidated the internal audit function from 26 agencies into a single statewide function covering 46 agencies/boards/commissions. • Created a statewide risk management structure for effective management control, proactive risk management, governance, and ongoing business process improvement. Audit Process Efficiencies Before After Consolidation Consolidation Senior Management 30 8 Audited Agencies 26 46 Physical Locations 26 2 Audit Plans 26 1 Budget 11.3M 8.6M Pre-Consolidation Post-Consolidation Governor Governor’s Director of CMS Audit Committee Illinois Office of Internal Audit • Increased objectivity • Increased independence A Closer Look At IOIA Illinois Governor Illinois Office of Internal Audit Director CMS Audit Committee Members Named By Governor Administration Program Administrative Support Chief Internal Auditor Admin Support Division Manager Division Manager Admin Support Admin Support Audit Manager Audit Manager Admin Support Audit Manager Audit Manager Admin Audit Manager Admin Support Support Economic Development, Government Services Business Regulation & Labor Human Services & Grants Public Services Office Operations Environmental Regulation & Law & Infrastructure Quality Relations IT Operations Manager Enforcement Assurance Aging Emergency Mgt Agency Manager Arts Council Manager Financial Regulations Children & Family Services - Nuclear Safety Agriculture Capital Development Board - Banks & Real Estate Criminal Justice Info Authority State Fire Marshal Commerce & Economic Op Central Management Services - Financial Institutions Deaf & Hard of Hearing Com Military Affairs Corrections Illinois Community College Board - Insurance Development Disabilities Council Public Aid Environmental Protection Agency Historic Preservation Agency - Professional Regulations Employment Security Public Health Law Enforcement Trng & Std Bd Property Tax Appeal Board Quality Education Labor Relations Board Guardianship & Advocacy Com Veteran Affairs IT Operations Office Operations Human Rights Natural Resources Revenue Operations Labor Illinois State Police - Illinois Gaming Board Labor Relations Board Human Rights Commission General Controls Administrative Human Services Prisoner Review Board - Liquor Control Commission Quality Application Audits Support Violence Prevention Agency - Lottery Assurance System Human - Illinois Racing Board Risk Development Resources Toll Highway Authority Assessment IT Support Fiscal Operations Transportation Operational - Compliance - Financial - Special - Consulting - Shared Services Springfield Office Chicago Office How Risk-Based Auditing Adds Value • Creates pro-active risk management • Identifies high-risk audit areas across 46 agencies/boards/commissions. • Allows resources to be allocated to audit projects by risk. • Identifies patterns of risk across multiple agencies/boards/commissions. Adding Value through Statewide and Multi-Agency Auditing • More flexibility in scheduling auditors. • Ability to match auditor expertise to cover multi-agency/statewide functions. • Ability to assess similar agencies with similar functions in order to identify similar problems. • Ability to implement recommendations and corrective action plans that impact statewide problems. Adding Value with Consolidated IT Auditing • Ability to establish IT audit teams with specialized skill sets to provide statewide audit coverage. • Increased coverage of IT systems and controls including those at smaller agencies that previously did not have an IT staff. • Ability to assess similar agencies with similar data systems in order to identify any similar problems. The Governor’s Audit Committee • To ensure independence of internal audit functions. • To ensure IOIA follows accepted auditing standards. • Approves the appointment of the IOIA Chief Internal Auditor. • Reviews and approves the IOIA Audit Charter and 2-year Audit Plan. Adding Value by Expanding Cooperative Relationships • Office of the Auditor General (OAG) – Communication – Information Sharing • Inspector General – Referrals • Legislative Audit Commission – Information Sharing • State Agency Management – Consulting Projects Standards Illinois Internal Auditing • Executive Order 2003-10 requires a statewide risk management structure. • Fiscal Control and Internal Auditing Act (FCIAA) Compliance. • The State Internal Audit Advisory Board (SIAAB) promulgates the standards and rules for Internal Auditing in Illinois. • SIAAB adopted The Institute of Internal Audit (IIA) Standards for Internal Auditing that require risk-based auditing. Assessing Risk • Statewide Risk Assessment – Risk Assessment meetings conducted at 46 agencies/boards/commissions. – Risk Matrix completed that represented over 500 risk variables within each of the 46 agencies/boards/ commissions. – Agencies/boards/commissions and statewide functions are grouped by risk to prioritize audits and provide statewide coverage. The Risk Matrix Risk Categories Compliance/Legal/Reg Facilities/Capital Org/Structural Strategy/Perf. Media Issues Process/Ops Technology Programs Funding Index People # Audit Area I L I L I L I L I L I L I L I L I L I L Additional Inform ation A Program Delivery B Program Adm inistration C Grant Adm inistration D Debt E Revenue/Receivables F Treasury G Personnel & Payroll Key Description Key Description 0 Auditable segment not present/not know n to exist at this agency I Impact to agency if risk materializes 1 Low L Likelihood, or probability, or risk materializing 2 Low -Medium 3 Medium-High 4 High Risk Rankings Agency Audit Area Auditable Entity Audit Department Agency App. Risk Type Level Score Residential Finance (Thrift and Illinois Of f ice of Banks and Real EstateMortgage Banking) Program Delivery Environment & Business Reg. Agency C 720 Mental Health & Developmental Disabilities Programs & Substance Depar tm of Program Delivery ent Hum S vices an er Abuse Programs Human Services Department A 710 Depar tm of Program tation ent Tr anspor Delivery Roadway Maintenance/Repair Government Services Department A 670 ent Pr of essional Regulation Licensing and Testing Depar tm of Program Delivery Environment & Business Reg. Department C 660 Depar tm of Program tation ent Tr anspor Delivery Highway Contruction Government Services Department A 660 Depar tm of Information Tech. ent S tate Police Information Security Law Enforcement Department B 660 Depar tm of Debt ent Em ploym S ent ecur ity Debt Management Economic Development Department B 520 ent Pr of essional Regulation Adjudication Depar tm of Program Admin Environment & Business Reg. Department C 520 Depar tm of Program Deliveryvices Vehicle Services ent Centr al Mgm St. er Government Services Department A 520 Depar tm of Program tation ent Tr anspor Delivery Public Transportation Government Services Department A 520 ic Monitoring Depar tm of Granter ce and Econom Oppor tunity and Management ent Com Admin m Economic Development Department A 260 Depar tm of Personnel & Payroll Compensation and Classification ent Labor Economic Development Department D 260 Depar tm of Accounting Regulation Financial Reporting ent Pr of essional Environment & Business Reg. Department C 260 Depar tm of Communications ent Tr anspor tation Public Information Government Services Department A 260 Systems Dev., Implementation, Major Depar tm onInformation Tech. ent Aging Modifications Human Services Department B 260 Depar tm of Program Admin ent State Police Monitoring and Compliance Law Enforcement Department B 260 The Future Illinois Internal Auditing • To improve auditing services that result in: – More efficient interagency communications and collaboration. – Expanded capabilities to perform special projects requested by the Governor, Audit Committee, and Agency Management. – Proactive statewide risk management. – Identification of opportunities to improve utilization and coordination of available resources. – Enhanced communication, cooperation and coordination with the Office of the Auditor General resulting in more comprehensive audit coverage.
Pages to are hidden for
"Re-Designing State Internal Auditing in Illinois"Please download to view full document