Skip navigation

2017 Audit Plan

The 2017 Audit Plan consists of integrated audits that incorporate performance, financial, information technology, and fraud-detection objectives. The Plan is flexible to change as conditions evolve. Auditor O'Brien meets regularly with elected officials, agency leadership, and community members to gather input related to operational risks so as to concentrate the work of the Auditor's Office in areas where it will have the greatest impact.

Download the 2017 Audit Plan  |  Download Auditor O'Brien's Letter

Planned audits for 2017

Audits Required in Municipal

The Auditor's Office conducts audits required under the Denver Revised Municipal Code. These audits may include financial accounts related to the Board of Water Commissioners, employee flex-cash, transit benefits, and deferred compensation.

Contracting Practices

The audit will review compliance, efficiency, and consistency within the City’s complex contracting process, beginning with the request for bids through change orders to a completed contract. The audit may also examine the City’s use of purchase orders and on-call contracts.

Contracts and Agreements

The Auditor’s Office will audit selected City contracts and agreements as required under Denver City Charter §5.2.1 to evaluate and ensure performance, value, and proper City oversight.


The audit will examine the City’s vulnerability to cybersecurity attacks and information theft. The audit will build on the results of the 2016 Cybersecurity Audit by examining additional areas of potential vulnerability and an updated security risk analysis of the City’s system infrastructure.

Fund Management

Enterprise Funds are financed and operated in a manner similar to business enterprises where the cost of providing goods and services is financed or recovered primarily through user charges. Audits of the Golf Enterprise Fund or Wastewater Management Fund may review governance, services, or financial results.

Indirect Cost Accounting Practices

The audit will review how indirect costs are calculated and cost recoveries are managed and allocated to various City funds and programs. The audit may also review the allocation methodology and third-party contracts associated with
the model.


Special Revenue Funds are used for the proceeds of revenue sources that are restricted by law or administrative action to expend for specific purposes. We will audit one or more of these programs for compliance with regulations, governance policies, and appropriate accounting for the revenue and expenditures, which may include an assessment of whether any funds are outdated or inactive.

Building Permitting

The audit will evaluate the efficiency and effectiveness of the building permitting process and may include an evaluation of systems and resources.  

Zoning and Licensing

The audit will review the decision-making, communication, and approval processes used by the City for new business models, such as recreational marijuana and food trucks. The Departments of Excise and Licenses and Department of Environmental Health may also be included in this audit.

County Court Operations

The Auditor’s Office will review the County Court’s governance structure and examine processes, such as administration and collection of fines and penalties.

Scientific and Cultural
Tier I Organizations

The City’s “Tier 1” cultural institutions are funded by a variety of sources, including receiving approximately 65% of the Scientific and Cultural Facilities District sales tax revenue. This audit series exploring capital improvement investments and operational and financial performance of a Tier 1 recipient under an operating agreement with the City began with the Denver Zoo in 2016. Another organization will be selected for the 2017 audit.

Construction and Capital Improvements

The audit will examine Denver International Airport’s procedures for planning and managing construction and maintenance of capital assets at the airport. The audit objectives may include a review of the airport’s long-term capital asset plan, airport construction management, and the airport’s plans and goals related to the terminal and concourse expansions. 

Financial and Administration Management

The audit will assess the effectiveness and organizational structure of the financial and administrative management areas of Denver International Airport, including a review of the overall internal control environment.

Rental Car Agreements

The audit will assess rental car administration practices at Denver International Airport, including assessing internal controls surrounding revenue reporting.
The audit will utilize a risk assessment process to identify specific agreements
for detailed examination on a sample basis.

Short-term Residential
Rental Enforcement

A new City ordinance regulates short-term residential rentals. The audit will assess the efficacy of the processes the City uses for enforcement of the ordinance. The audit may also examine enforcement by Community Planning and Development.

Bond Management

Bonds issued by the City to fund major capital projects are subject to bond covenants and regulatory compliance requirements through maturity many years later. The audit will assess the City’s oversight and compliance practices for outstanding bonds.

Capital Assets — Buildings or Infrastructure

The audit will review the accuracy and internal controls over the classification, recording, and inventory of the City’s purchased or constructed buildings and associated infrastructure as disclosed in the Comprehensive Annual Financial Report. 

Denver Employees Retirement
Plan Management

The Denver Employees Retirement Plan (DERP) requires that City employees contribute a percentage of their gross pay to the retirement plan. Likewise, the City also contributes a percentage to the plan. The audit will review the contribution requirements as well as the management of the funds in the plan against similar plans, investment strategies, benchmarks, and the plan document.

Employee Compensation
and Benefits

The audit will examine the Office of Human Resources’ compensation and benefits evaluation and data procedures, including an evaluation of the City’s compensation and benefits philosophy; methodologies employed to determine employee compensation; the City’s use of market-survey data, benchmarking, and comparative organizations; and the City’s use and procedures for merit pay and pay adjustments.


The audit will assess Denver Human Services’ case management and service delivery practices, including following up on the State of Colorado’s review of the Division. Audit objectives may include a review of case management practices, staffing levels, and training activities.


The audit will examine the efficiency and effectiveness of the Department of Parks and Recreation’s permitting process. This audit will also evaluate how well the process supports quality customer service, including the accessibility and equity of the process for residents and others who seek to reserve parks and other public facilities in the City and County of Denver.

Right-of-Way Services

The audit will focus on services that may include: road maintenance and repair; household trash, recycling, and compost collection service; design and construction management of streets, bridges, public buildings, and storm and sanitary sewers; and/or oversight and regulation of development and use of the public right-of-way.


The audit will evaluate how the Denver Police Department is utilizing technology and data analysis techniques to deter crime within the City.

Denver Sheriff
Jail Operations

The audit will examine the Sheriff Department’s operation of the Denver County jail. The audit objectives may include the use and implementation of past external consultant recommendations, analyses of employee and inmate safety and
access to medical care, the jail’s budget, and compliance with best
practices and federal regulations. 

and Disaster

The audit will evaluate the City’s readiness for recovery and operation of Citywide operational systems in the event of an extended loss of use.  The audit may include benchmarking; existing guidance, monitoring and testing of recovery systems; and communication plans before and after major events.

Project Intake

The audit will review the process used to collect and evaluate the requirements and expected benefits for major information techology projects.

Tax Collection System

The audit will assess the effectiveness of information technology general controls over the City’s integrated tax collection system, GenTax.


All audits by the Auditor’s Office provide recommendations for the City that were agreed to by the responsible entity, and all audits have a follow-up audit completed after the agreed-upon recommendation implementation date. Each follow-up audit will assess the status and quality of implementation for each recommendation.

of Financial and
Data Using Analytics

Throughout the year, the Auditor’s Office will assess possible risk areas through working with departments to analyze specific data relevant to ongoing audits, as well as more general financial and operations information. Data analytics and audit tools will be used to identify anomalies in the data for further review.

Plan Description

The Audit Plan incorporates many elements to deliver value and impact to the City and its residents, workers, and decision-makers.

Auditor O'Brien's Letter
MORE: Read more below

Audit Selection Process

Developing the plan is an ongoing process, conducted by assembling ideas from a variety of sources, examining a broad range of City activities, and then assessing risk factors. 

MORE: Visit the Audit Services page

Auditor's Authority

The Auditor's Office's authority is granted by the City Charter, Article V, Part 2, Section 1, General Powers and Duties of Auditor.

MORE: Visit the Audit Services page


Plan Description

The vision of the Denver Auditor’s Office is to deliver value and impact for Denver by performing audits that follow the highest professional standards. Our mission is to deliver independent, transparent, and professional oversight in order to safeguard and improve the public’s investment in the City and County of Denver. Our work is performed on behalf of everyone who cares about the City, including its residents, workers, and decision-makers.

Auditor O’Brien’s Continuous Improvement Strategy

The 2017 Audit Plan reflects Auditor O’Brien’s steadfast commitment to enhancing the value, products, communications, and overall impact of the Denver Auditor’s Office on behalf of Denver’s residents, businesses, and visitors. Under Auditor O’Brien’s leadership, continuous improvement initiatives have resulted in the Office receiving accolades from the Association of Local Government Auditors for outstanding performance audits. The Office has also been recognized by the Institute of Internal Auditors for having a top-performing city audit function, based on our use of best practices. 

Integrated Auditing

Our approach to audit planning is flexible, in that each year’s audit plan is subject to change, and the ultimate decision to perform any audit is at the sole discretion of the City’s Auditor. The 2017 Audit Plan reflects a strong emphasis on integrated auditing, which incorporates elements of performance auditing, financial auditing, information technology auditing, and contract compliance auditing.  The 2017 Audit Plan is aligned with the national focus in the public sector on strengthening and improving organizational governance, internal control environments, transparency, quality of services, financial reporting, and fraud prevention activities. We blend our integrated capabilities to align our audit activities with this focus and to assure that the City is operating in the most efficient manner possible, while simultaneously championing the growth of our team of dedicated auditors.

Integrated auditing incorporates diverse approaches to accomplish audit coverage: 

  • Performance Auditing — In addition to identifying opportunities to improve the efficiency and effectiveness of City activities, performance audits also assess the City’s ability to mitigate risk. We select performance audits that align with the City’s major strategic initiatives focusing on economic vitality, public safety, youth, sustainability, transparency, and performance measurement. The performance audit emphasis in the 2017 Audit Plan reflects these priorities as carried out in various City departments and programs.
  • Financial Auditing — The 2017 Audit Plan has a strong focus on the condition, accounting, and overall financial management activities of the City. Our 2017 audits will assess the general financial control environment and critical City fiscal activities, including financial governance, reporting practices, high-risk financial transactional areas, revenue enhancement opportunities, and tax collection processes, to name a few. 
  • Information Technology (IT) Auditing — This year’s plan includes several audits involving potentially high-risk areas involving information technology.  These IT audits include an examination of the effectiveness of cybersecurity, in support of our ongoing communications with the City’s Technology Services department to advance security safeguards. 
  • Contract Compliance Auditing — The 2017 Audit Plan reflects an increased emphasis on auditing City contracts to assess scope of work and the efficiency and timeliness of services delivered by third parties. We will continue to refine our contract risk assessment process and will audit City contracts accordingly.  

Flexibility, Transparency, Responsiveness, and Collaboration

As described throughout the 2017 Audit Plan, the concepts of flexibility, transparency, responsiveness, and collaboration are core tenets of operations within the Auditor’s Office. Although the Auditor’s Office operates independently from other City entities, the majority of which fall under the oversight of the Mayor, Auditor O’Brien and Auditor’s Office leadership meet regularly throughout the year with the Mayor, City Council members, other elected officials, City personnel, and other civic leaders to solicit input regarding risks facing the City and proposed audit engagements. The objective of this collaboration is to improve services and stewardship of City resources.

Auditor O’Brien’s goal is to assist the City and County of Denver in developing continuous monitoring capabilities that can be used by City officials not only to monitor and mitigate risk on a day-to-day basis, but also to help identify emerging risks that can be incorporated in future annual audit plans.

Formal Data Analytics and Continuous Auditing Program

The 2017 Audit Plan includes the implementation of a formal Data Analytics and Continuous Auditing Program. In an era of increasing data collection, it is critical for City entities to ensure that data is collected, securely stored, and utilized to inform decisions regarding regulations, internal policies and procedures, program development, and asset allocation. Auditing functions use data analytics to test internal controls to ensure that processes and safeguards are appropriately implemented to minimize risk, detect mistakes, and identify possible suspicious transactions. The Auditor’s Office’s Data Analytics and Continuous Auditing Program will consist of the following two components:

  • Data Analytics — Data analytics refers to qualitative and quantitative techniques and processes used to identify trends and root causes related to operational risks and performance. With a greater ability to collect and analyze data, the Office will perform both retrospective and prospective analyses of trends, patterns, and relationships. This information will be utilized to inform City officials and stakeholders of performance trends and operational risks, as well as to elevate awareness of the critical importance of audits.
  • Continuous Auditing — Continuous auditing is an audit approach based on the repeatable and frequent basis of collecting and assessing various data sources, including data from IT systems.  These systems govern key City operational processes, transactions, controls, and security; therefore, it is important to assess the effectiveness of various controls to identify exceptions and errors in a timely manner.

Aligned with Auditor O’Brien’s vision, the Data Analytics and Continuous Auditing Program expands the Office’s auditing capability and continues leading edge audit practices to provide greater value and impact. 

Anti-Fraud Focus

The City’s operational management is responsible for establishing internal controls to detect and prevent fraud for each City entity. Although fraud detection is not a primary responsibility of the Auditor’s Office, we work to identify fraud risk areas and offer recommendations to stakeholders aimed toward preventing detrimental activity. By highlighting potential gaps within internal control systems, the opportunity for fraud can be reduced. The Auditor’s Office incorporates the Government Accountability Office’s Anti-Fraud Framework, GAO-15-593SP, into its anti-fraud assessment practices.

Audit Follow-up Program

The 2017 Audit Plan continues to emphasize follow-up activities, trend analysis, and automated reporting activities, as well as measuring our audit recommendation implementation rate. This rate is an indicator of the degree to which the City is utilizing information provided by our audit reports to mitigate identified risks and to enhance efficiency, effectiveness, and economy of operations.

The Auditor’s Office periodically reports to the Audit Committee and City and County of Denver’s operational management on the status of various audit findings and our recommendations for improved business practices. We conduct a follow-up report of every audit 18 to 24 months after the release of the audit report. Our Audit Follow-up Program provides ongoing guidance and assistance to City entities, ultimately offering greater assurance that continuous quality improvement activities are occurring and that agencies are finding audit recommendations relevant, feasible, and worthwhile.







Contact Audit Services


Auditor's Office News