Audit Plan
Audits
Audit Plan Purpose & Considerations
The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s Office for the year. Factors considered when selecting audits may include requests from the City Council or City Manager, statutory mandates or volume of regulations, prior audit history, activities commonly susceptible to fraud, complexity or significant changes in operations, impact and likelihood of potential adverse events.
The Audit Plan intentionally exceeds our capacity by approximately 20%, providing flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently.
Audits Planned for FY 2025/2026
| Area |
Description
|
| * City Clerk – Public Record Requests |
Evaluate the effectiveness of the public records request process administered by the City Clerk’s Office to comply with applicable policies, statutes, and other requirements. |
| * Water Resources – Annual Ordering and Reporting |
Review the processes and procedures in place for the Water Resources Department’s annual water ordering and reporting process to ensure compliance with applicable policies, statutes, other requirements; and identify any potential efficiencies with the ordering and reporting process. |
| * Police Department – Off-Duty Employment Program |
Determine whether internal controls over off-duty employment are in place and operating effectively to ensure compliance with applicable policies and are adequate to monitor the program. |
| Facilities Management – Work Order Process |
Evaluate the effectiveness of the work order management process. This includes assessing the lifecycle of a work order from start to finish, ensuring proper documentation, timely completion, and compliance with City and department policies and procedures. |
| Code Compliance – Case Management |
Determine whether effective controls are in place to ensure case management activities are performed consistently in accordance with applicable policies, statutes, ordinances, and other requirements. |
* These audits were not completed during the previous audit period and will be carried forward to this year’s audit plan.
FY 2024/2025 Work in Progress
(as of 6/30/2025)
Area
|
Objectives
|
| Police Department – Mental Health Support Team |
Determine whether effective controls are in place to properly administer the Victims of Crime Act Crime Victim Assistance Program in accordance with applicable policies, statutes, and other requirements. |
| Human Resources – Hiring & Recruitment Practices |
Determine whether Human Resources’ hiring and recruiting practices are consistent with industry standards and are sufficient to comply with applicable policies, statutes, and other requirements. |
| City Attorney – VOCA Program |
Determine whether effective controls are in place to properly administer the Victims of Crime Act Crime Victim Assistance Program in accordance with applicable policies, statutes, and other requirements. |
| Citywide – Take Home Vehicles |
Determine whether effective controls are in place to ensure that employee use of city-owned vehicles is done in accordance with applicable policies, statutes, and other requirements. |
| Citywide – Special Pay Programs |
Determine whether effective controls are in place to ensure that special pay programs are administered and approved in accordance with applicable policies, statutes, and other requirements. |
| Engineering – ASU Facilities at Mesa City Center Post-Construction |
Determine the City’s total cost incurred, and funding sources used, for design, construction, and any related capital improvements for the Arizona State University Facilities as Mesa City Center. |
| Arts & Culture – Mesa Arts Center Revenues |
Determine whether effective controls are in place to ensure all due fees and charges are accurately calculated, recorded, and collected. The audit may also include other operational and contract performance objectives. |
Follow-up Reviews Due in FY 2024/2025
The objective of follow-up reviews is to ensure that corrective action plans that were agreed to in response to the audit were implemented as agreed and effective in resolving the underlying audit findings. The following follow-up reviews are due in FY 2025/2026:
- Citywide – Intergovernmental Agreements Cost Recovery
- DoIT – Software/Application Asset Management (2nd Follow-up)
- DoIT – Remote Access
- DoIT – Cybersecurity
- Police Department – Criminal Investigations Case Management
- Transportation Department – Street Maintenance
Other Activities
In audition to audits, the City Auditor also performs the following activities:
- Biennial Citywide Cash Handling Audits – Unannounced audits of cash handling sites throughout the year. Report issued every two years.
- Annual Credit Card Security Review – Annual review of payment card acceptance sites for PCI DSS compliance.
- Fraud & Ethics Hotline Investigations – Monitor the City’s Fraud & Ethics Hotline and conduct investigations when necessary. Issues can be reported at speakupmesa.com or 1-866-820-7812.
- Consulting Services – Provide independent consulting/advisory services; internal control reviews, risk analyses; financial statement reviews; etc. as needed.
- Unscheduled Audits – As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.