It is the policy of the Durham County to maintain an audit department as a means of providing the Board of County Commissioners, the County Manager and all levels of management with information to assist in the control of operations and in reaching a conclusion concerning the overall control over assets and the effectiveness of the system of internal control in achieving its broad objectives.
This charter establishes the general authority and responsibility of the Audit Department and supersedes any other Audit Charter Policy.
II. AUTHORITY AND SCOPE OF AUDIT ACTIVITIES
III. REPORTING STRUCTURE
The Audit Department shall have the authority to conduct financial, compliance, operational, performance, and information systems audits for all departments, offices, activities, and programs under the control of the County. Additionally, the Audit Department shall have the authority to perform special reviews, investigate allegations of misuse of County funds and resources. With approval of the Audit Oversight Committee, the Audit Department, the County Manager, and or the Board of County Commissioners shall have the authority to obtain contract services of public accountants, management consultants or other professional experts necessary to assist in the discharge of its responsibilities.
To properly carry out their responsibilities, the Audit Department personnel are authorized to have:
Full, free, and unrestricted access to County functions, activities, operations, records, data files, computer programs, property and personnel. In addition, authority is granted to Audit staff to request reasonable assistance from appropriate County personnel in acquiring requested records, documents and files, as well as inspection and entry privileges to all assets owned, leased, or borrowed by the County. It is expected that the Audit staff will exercise discretion in the review of records to ensure the confidentiality of all matters that come to their attention.
Scope of Audit Activities
Audit coverage will encompass, as deemed appropriate by the Audit Director, independent reviews and evaluations of any and all management operations and activities to appraise:
- Measures taken to safeguard assets, including tests of existence and ownership as appropriate.
- The reliability, consistency, and integrity of financial and operating information.
- Compliance with policies, plans, standards, laws, and regulations that could have significant impact on operations.
- Economy and efficiency in the use of resources.
- Effectiveness in the accomplishment of the mission, objectives, and goals established for the County’s operations and projects.
Audit activities will be coordinated, to the extent possible, with Federal and State agencies and external auditors, so as to enhance audit efficiency.
Limitation of Authority and Responsibility
In performing their functions, the Audit Director and the Audit Department staff have neither direct authority over, nor responsibility for, any of the activities reviewed. The Audit Department will not develop and install procedures, prepare records, make management decisions, or engage in any other activity that could be reasonably construed to compromise their independence. However, in connection with the complementary objectives of this audit function, the Audit Department will recommend accounting policies and procedures for approval and implementation by appropriate management. Therefore, internal audit review and appraisal do not in any way substitute for other activities or relieve other persons in the County of the responsibilities assigned to them.
The Director of Audit Department reports to and is accountable to the County Manager for day-to-day operations. The Director has full access, and is expected to use this access, to the Audit Oversight Committee for any matters deemed appropriate. The Audit Oversight Committee (AOC) has oversight responsibilities of the audit function and activities, including review and approval of the annual audit plan and any revisions thereto. The AOC shall work to ensure maximum coordination between the work of the Director of Audit and the needs of the County Manager and the County Commissioners.
A. The Audit Director is responsible for properly managing the department so that (1) audit work fulfills the purposes and responsibilities established herein; (2) resources are efficiently and effectively employed; and (3) audit work conforms to the Government Audit Standards, issued by the Comptroller General of the United States.
The Audit Director will report in writing on all audits and reviews conducted and will attend the AOC meetings on a quarterly basis to report on significant recommendations and the operations of the audit services function.
B. Generally, the Audit Director will notify the department director or manager (“auditee”) that a review is scheduled. This written notification should inform the auditee of when the audit is scheduled, who will be performing the audit, and why the audit has been planned (regularly scheduled, management or external auditor request, etc.). The notification should also include the objectives and scope of the audit; the expected start date and planned duration of the audit; and advance preparation needs.
C. The director or manager of the department under audit is responsible for:
- Ensuring that a spirit of cooperation prevails throughout the course of the examination.
- Ensuring corrective action is taken if inadequacies are identified in the written audit reports.
- Informing the Audit Director of any actual or suspected fraud or illegal acts for independent review.
D. The Audit Oversight Committee is responsible for ensuring that areas of risk within the County are reviewed on a regular basis; activities susceptible to fraud, waste, and abuse of County resources are audited; and internal controls are in place and implemented.
V. REPORTS AND PROCEDURES
VI. INDEPENDENCE AND CODE OF ETHICS
Annual Audit Plan
The Audit Director is required to publish an annual audit plan to the Audit Oversight Committee and perform the systems audits contained within the plan. The overall results of the audit work will be reported quarterly to the AOC (who in turn report to the County Commissioners). Unforeseen audit requirements and management requests for investigations into matters of fraud and compliance can create the need for changes in both audit programs and the overall plans; therefore, appropriate flexibility should be incorporated into the annual plan. The AOC must approve significant deviations from the objectives contained within the annual audit plan.
Communication of Findings
Upon the completion of audit fieldwork, the Audit Director should discuss the proposed audit findings and recommendations with the auditee at a closing conference. Audit will prepare a report draft with their proposed findings and recommendations along with a space for management’s responses. The draft is then forwarded to the appropriate manager to respond and outline corrective actions to be taken. The responses are due two (2) weeks after the receipt of the draft report. The auditee’s response will include comments, action items, and target dates and will be incorporated in the final report. If a timely response is not received, the County Manager will be contacted for assistance in resolving the matter.
The final audit report will be submitted by the Audit Director to appropriate levels of County management. All audit reports will be distributed to the AOC as they are released, or as part of the normal distribution of audit reports. Audit findings will also be summarized and reported to the Audit Committee and the Board of County Commissioners on a quarterly basis.
Subsequent to the issuance of the final report, the Audit Department should schedule a follow up review to ensure that needed actions based on the audit were actually taken. The director or manager of the department, is responsible for seeing that corrective action on recommendations are made or deficient conditions reported by Audit are planned and taken. If the proper corrective action is not taken, the Audit Director is responsible for presenting a report on significant matters to the AOC.
Independence is essential for effective operation of the internal audit function. It is the policy of the County; therefore, that all audit activities shall remain free of influence by any organizational elements. This shall include such matters as scope of audit programs, the frequency and timing of audits, and the content of audit reports. Furthermore, the Audit staff has a responsibility to conduct themselves so that their good faith and integrity are not open to question. Standards of professional behavior are based upon the Code of Ethics issued by the Institute of Internal Auditors.
VII. QUALITY ASSURANCE
A program of quality assurance reviews will help ensure the County’s ongoing commitment to financial integrity and resource management. An external reviewer will provide significant value by assessing internal audit operations and sharing an objective perspective of the Audit Department’s compliance with professional standards and a comparison to “best practices” of other similar audit organizations.
Therefore, the Audit Department will undergo an external quality assurance review at least once every three years. At the conclusion of the review, a report summarizing results and recommendations will be produced. Copies of the quality assurance report will be submitted to the Audit Director, the AOC and the Board of County Commissioners. The cost of the review shall be included in the Audit Department’s budget.
In an effort to continually improve the audit function, the Audit staff shall be encouraged to attend continuing education courses and maintain membership in and attend meetings of local, state, and national organizations that serve to promote the modern practice of auditing.
VIII. CHARTER AMENDMENTS
Amendments of this charter are subject to the approval of the Audit Director and the Audit Oversight Committee recommended and approved by the Board of County Commissioners. Recommendations regarding Amendments to the Charter may be made by a majority of the members present at the regularly scheduled meetings of AOC on seven (7) days notice.
APPROVED: Date September 12, 2005