Skip navigation

2018 Audit Plan

The 2018 Audit Plan consists of integrated audits that incorporate performance, financial, information technology, and fraud-detection objectives. The Plan is flexible and could change as conditions evolve. Auditor O'Brien meets regularly with elected officials, agency leadership, and community members to gather input related to operational risks so as to concentrate the work of the Auditor's Office in areas where it will have the greatest impact.

Download the 2018 Audit Plan  |  Download Auditor O'Brien's Letter

Planned audits for 2018

Audits Required in Municipal
Code

The Auditor’s Office conducts audits required under the Denver Revised Municipal Code.

Procurement Practices

The audit will assess the internal controls associated with the City’s procurement practices. The audit may include a review of the Master Purchase Order process and resulting agreements to assess whether purchases are in the best interest of the City. The audit may also include a review of bidding practices to ensure the City is in alignment with internal policy and procedure and applicable City rules. 

Contracting Practices

The audit will review the economy, efficiency, and effectiveness of the City’s complex contracting process.

Contracts and Agreements

The Auditor’s Office will audit selected City contracts and agreements as required under Denver City Charter, §5.2.1, to evaluate and ensure performance, value, and proper City oversight.

Financial Audits

The Auditor’s Office will conduct audits of some of the City’s financial balances, transactions and processes, including their related internal controls, to determine whether the transactions were properly accounted for and reported in the City’s Comprehensive Annual Financial Report (CAFR) and the internal control systems are efficient and effective.

Cybersecurity

The assessment will examine the City’s vulnerability to cybersecurity attacks and information theft. The assessment will build on the results of the 2016 and 2017 cybersecurity assessments by examining additional areas of potential vulnerability, including an updated security risk analysis of the City’s system infrastructure.

Homeless Services

This audit will examine the efficiency and effectiveness of certain homeless services. This audit may include an analysis of the effects of certain social policies and may also assess the resources dedicated to addressing homelessness and the collaboration among agencies citywide.

Indirect Cost Accounting Practices

The audit will review how indirect costs are calculated and cost recoveries are managed and allocated to various City funds and programs.

Workday Financial Implementation

The audit will review the implementation of the Workday financial system, including conversion of data from PeopleSoft, as well as system access and change management controls.

Procurement Card Expenditure Process

The audit will assess the efficiency and effectiveness of the controls over procurement card transactions, including a focus on specific risks identified during the continuous auditing effort.

Concessions Contract Audit

The audit will examine the financial performance and contract compliance between the City and the third-party vendor that provides concessions service and facilities management for some of the City’s Arts and Venues locations.

Property Tax Assessment Process

The Assessor’s Office is implementing a new system to track and report on all property taxes assessed and collected on behalf of the City and all other property taxing entities within the City’s boundaries. The audit will analyze the efficacy of the processes and controls the City uses to assess and collect taxes. The audit will also examine implementation and controls around the new property tax system.

County Court Operations

The Auditor’s Office will review the County Court’s governance structure and examine processes, such as administration, information technology, and collection of fines and penalties.

Scientific and Cultural Facilities District Tier I Organizations

This audit will be part of an audit series exploring efficiency, effectiveness, and financial operations of an SCFD Tier 1 recipient under the operating agreement with the City.

Security Operations Center

This audit will evaluate the documentation, standardization of processes and detection and response capabilities of Denver International Airport’s Information technology Security Operations Center.

Airport Security and Coordination Practices

The audit will assess the effectiveness of coordination and communication practices of Denver International Airport’s Airport Security function with federal agencies such as Transportation Security Administration and the Department of Homeland Security. This audit will also review internal controls in place for airport security’s badging processes.

Financial and Administration Management

The audit will assess the effectiveness and organizational structure of the financial and administrative management areas of Denver International Airport, including a review of the overall internal control environment.

Airport Hotel Revenue

The audit will review the Westin Denver International Airport Hotel contract with the airport to assess whether the hotel is in compliance with the revenue-sharing agreement established in the contract.

Workforce Development

The audit will review the effectiveness and efficiency of Workforce Development Services and associated third-party providers. The audit may include a review of the internal control environment, monitoring of workforce services providers, training, and the effectiveness and efficiency of privatizing the workforce development function.

Affordable Housing Fund

The Auditor’s Office may audit the efficiency, effectiveness, and financial operations of the recently established Affordable Housing Fund.

Debt Management

Bonds issued by the City to fund major capital projects are subject to bond covenants and regulatory compliance requirements through maturity many years later. The audit assesses the City’s oversight and compliance practices for outstanding bonds and other debt instruments.

Capital Assets - Buildings and Equipment

The audit reviews the accuracy and internal controls over the classification, recording, and inventory of the City’s purchased or constructed buildings and equipment as reported in the City’s Comprehensive Annual Financial Report.

Denver Employees Retirement Plan Actuarial Valuation

This evaluation will review the actuarial valuation, including the assumptions and process used to calculate the net pension liability for the Denver Employees Retirement Plan as reported in the City’s Comprehensive Annual Financial Report.

Employee Compensation and Benefits

The assessment will review the Office of Human Resources’ recent external assessment evaluation of the City’s compensation and benefits philosophy.

Community Center Board Mill Levy Expenditure Compliance

The audit will review the oversight, management, and effectiveness of expending the dedicated mill levy funding for Denver’s Community Center Board (CCB). The audit may include a review of Denver Human Services’ oversight and monitoring of the funds directed to the CCB, as well as the impact of state regulations that will change the way CCBs operate.

Workers' Compensation

The audit will examine the self-insurance funding, reinsurance coverage, and claims management processes to ensure that the City’s Workers’ Compensation Program is in compliance with the applicable state statutes.

Department of Public Safety - Use of Force

The audit will review the extent to which the use-of-force policies of the Department of Public Safety have been implemented and may also assess the effectiveness of those policies.

Data Centers

The audit will evaluate the City’s data centers, including those serving the Denver International Airport, against federal standards to ensure the security and availability of these technology assets.

Disaster Recovery

The audit will review the Information Technology systems disaster recovery plan to evaluate its ability to restore critical systems in a timely manner.

Network Access

The audit will review the change management and access controls in place to manage the citywide network system.

Follow-up
Audits

All audits by the Auditor’s Office provide recommendations for improvement, to which the audited agency must respond whether they agree or disagree. For recommendations that were agreed to by the responsible entity, we complete a follow-up audit after the agreed-upon recommendation implementation date. Each follow-up audit will assess the status and quality of implementation for each recommendation.

Monitoring
of Financial and
Operational
Data Using Analytics

Throughout the year, the Auditor’s Office will assess possible risk areas by working with departments to analyze specific data relevant to ongoing audits as well as analyzing general financial and operations information. Data analytics and audit tools will be used to identify anomalies in the data for further review.

Plan Description

The Audit Plan incorporates many elements to deliver value and impact to the City and its residents, workers, and decision-makers.

Auditor O'Brien's Letter
MORE: Read more below

 
Audit Selection Process

Developing the plan is an ongoing process, conducted by assembling ideas from a variety of sources, examining a broad range of City activities, and then assessing risk factors. 

MORE: Visit the Audit Services page

 
Auditor's Authority

The Auditor's Office's authority is granted by the City Charter, Article V, Part 2, Section 1, General Powers and Duties of Auditor.

MORE: Visit the Audit Services page

 

Plan Description

The vision of the Denver Auditor’s Office is to deliver value and impact for Denver by performing audits that follow the highest professional standards. Our mission is to deliver independent, transparent, and professional oversight in order to safeguard and improve the public’s investment in the City and County of Denver. Our work is performed on behalf of everyone who cares about the City, including its residents, workers, and decision-makers.

The Auditor and the Auditor’s Office are nationally recognized as providing a top-performing government audit function for Denver. The 2018 Audit Plan reflects Auditor O’Brien’s steadfast commitment to continuous improvement by enhancing the value, products, communications, and overall positive impact of the Denver Auditor’s Office on behalf of Denver’s residents, businesses, and visitors.

Auditing under the Denver Charter

The Charter provides that the Auditor shall conduct:

  • Financial and performance audits of the City and County of Denver in accordance with Generally Accepted Government Auditing Standards;
  • Audits of individual financial transactions, contracts, and franchises; and
  • Audits of financial and accounting systems and procedures, including records systems, revenue identification, and accounting and payment practices, for compliance with generally accepted accounting principles, best financial management practices, and any applicable laws and regulations governing the financial practices of the City and County of Denver.

The 2018 Audit Plan, like the past two Audit Plans, ensures broad audit coverage throughout the City while also addressing specific performance, financial, contractual, systems, and regulatory risks. According to the Charter, the ultimate decision to perform any audit shall be at the sole discretion of the Auditor.

Integrated Auditing

Integrated audits incorporate elements of performance auditing, financial auditing, information technology auditing, and contract compliance auditing. The 2018 Audit Plan is aligned with the national focus in the public sector on strengthening and improving organizational governance, internal control environments, transparency, quality of services, financial reporting, and fraud prevention activities. We blend our integrated capabilities to align our audit activities with this focus and to assure that the City is operating in the most effective and efficient manner possible while simultaneously championing the growth of our team of dedicated auditors.

Integrated auditing incorporates diverse approaches to accomplish audit coverage: 

  •  Performance Auditing – In addition to identifying opportunities to improve the efficiency and effectiveness of City activities, performance audits also assess the City’s ability to mitigate risk. We select performance audits that align with the City’s major strategic initiatives, which focus on transportation and mobility, housing affordability, and behavioral health, as well as public safety, sustainability, and customer service. The performance audit focus in the 2018 Audit Plan reflects these priorities as carried out in various City departments and programs.
  • Financial Auditing – The 2018 Audit Plan has a strong focus on the condition, accounting, and overall financial management activities of the city. Our 2018 audits will assess the general financial control environment and critical City fiscal activities, including financial governance, reporting practices, and high-risk financial transactional areas.
  • Information Technology (IT) Auditing – This year’s IT audits will continue to focus on the effectiveness of cybersecurity, data security, and critical systems in support of our ongoing communications with the City’s Technology Services department to address IT risks.
  •  Contract Compliance Auditing – The 2018 Audit Plan reflects a continued emphasis on auditing City contracts to assess the scope of work and the efficiency and timeliness of services delivered by third parties.

Data Analytics and Continuous Auditing Program

As part of Auditor O’Brien’s original vision for the Auditor’s Office, the Data Analytics and Continuous Auditing Program expands the Office’s risk assessment and auditing capability, and continues leading-edge audit practices to provide greater value and impact.

  • Data Analytics – The Auditor’s Office uses Data Analytics to review audit-related data to provide improved understanding of City processes and internal controls. For example, data analytics can be used to ensure that data is accurate, consistent, and complete or on information technology systems to inform our audit work. For example, auditors may use data analytics to test internal controls to ensure processes and safeguards are appropriately implemented to minimize risk, detect mistakes, and identify possible suspicious transactions.
  • Continuous Auditing – Continuous auditing is a specific data analytics methodology to identify high risk areas of the City in an efficient and timely manner. It provides the City with timely feedback of anomalies or outliers in the City’s processes and transactions. The Auditor’s Office regularly analyzes data from the various IT systems that contain key City operational processes and financial transactions, and evaluates related information technology system controls.

Anti-Fraud Focus

The City’s operational management is responsible for establishing internal controls to detect and prevent fraud for each City entity. Although fraud detection is not a primary responsibility of the Auditor’s Office, we work to identify risk areas and offer recommendations to prevent fraud. By highlighting potential gaps within internal control systems, the opportunity for fraud can be reduced. The Auditor’s Office incorporates the Government Accountability Office’s Anti-Fraud Framework into its assessment practices.

Audit Follow-up Program

Audit follow-up activities are conducted for every audit, using auditing techniques to assess whether City personnel implemented the agreed-upon audit recommendations for improvement and impact.

The Auditor’s Office regularly issues follow-up audit reports to the Audit Committee and the City and County of Denver’s operational management on the status of audit findings and on our recommendations for improved business practices.

Our office measures the audit recommendation implementation rate as an indicator of the degree to which the City is utilizing information provided by our audit reports to mitigate identified risks and to enhance efficiency, effectiveness, and economy of operations.

Focus on Flexibility, Transparency, Responsiveness, and Collaboration

As described throughout the 2018 Audit Plan, the concepts of flexibility, transparency, responsiveness, and collaboration are core tenets of operations within the Auditor’s Office. Although the Auditor’s Office operates independently from other City entities, Auditor O’Brien and Auditor’s Office leadership meet regularly throughout the year with the Mayor, City Council members, other elected officials, city personnel, neighborhood groups, and civic leaders to solicit input regarding risks facing the City. The collective objective of this collaboration is to improve services and stewardship of City resources.

 

 

 

 

 

 

 

 
Contact Audit Services

auditor@denvergov.org

720-913-5000

Auditor's Office News