Audit Plan

Press Enter to show all options, press Tab go to next option

Mission: The City Auditor’s office provides audit, consulting, and investigative services to identify and minimize risks, maximize efficiencies, improve internal controls and strengthen accountability to Mesa’s citizens.

Audit Planning Process: The Audit Plan is a Council-approved document which outlines the planned activities of the City Auditor’s office for the year. It is developed based on a combination of key risk factors, as well as direction provided by the City Council and City Manager. Changes in scope or complexity of individual audits, or other unforeseen circumstances, may impact our ability to complete all work on the plan. Factors considered when selecting audits may include:

  • Requests and/or Suggestions received from the City Council or City Manager
  • Statutory mandates and/or regulation levels (highly regulated vs. unregulated activities)
  • Prior audit history or lack thereof
  • Complexity of operations or significant changes in operations or organizational structure
  • Technological advances or challenges
  • Cash handling volume and number of locations
  • Impact & likelihood of potential adverse events (risk management/control failures)
  • Activities commonly susceptible to fraud

The Audit Plan intentionally exceeds our capacity by approximately 20%, in order to provide flexibility to adjust the timing of a project to accommodate the needs of the client, while also managing our resources most efficiently. It also lets us adapt to changing circumstances and priorities during the year. If necessary, audits may be carried forward to the next Plan year, as is the case with three* of this year’s audits.

FY 2018/2019 Audits

Audit Subject

Initial Objectives

*Business Services/Purchasing Division – Procurement Processes


Determine whether effective internal controls are in place to prevent or detect errors, fraud, waste, abuse, etc.; and to evaluate compliance with City policies, State statutes, and other applicable requirements.

*Development & Services – Fees & Charges

Determine whether effective controls are in place to ensure that all due fees & charges are accurately calculated, recorded, and collected.
*HR/Employee Benefits - Claims Admin Contract
Determine whether effective controls are in place to ensure accuracy, compliance, and performance expectations are being met.

Police – Jail Services Contract
Determine whether the contractor is complying with all contract terms, performance expectations are being met, and expected net savings are being realized.
Utilities – Metering Processes Determine whether effective controls are in place to ensure that usage is accurately metered and recorded for billing purposes.
Fire & Medical – Transport Services & Billing Determine whether effective controls are in place to ensure all eligible costs are recovered, billing services meet contract terms, and other financial risks are mitigated.
Parks, Recreation & Community Facilities  – Convention Center Operations

Determine whether effective controls are in place to ensure all due fees and charges are accurately calculated, recorded, and collected.


The audit may also include other operational and financial performance objectives.

FY 2017/2018 Work in Progress

As of5/31/2018

  • Arts and Culture – Agreements with Nonprofit Support Organizations
  • PRCF – Dobson Ranch Golf Course & Restaurant Contracts
  • Citywide – Procurement Card Program
  • Financial Services – Eastmark CFD
  • Transportation – Contract Monitoring (Follow-up Review)

Follow-Up Reviews Due in FY 2018/2019

Audit Subject Initial Objectives
  • CDBG – Contract Monitoring
  • Housing – Rehab Program (2nd Follow-up)
  • Facilities Maintenance – Contract Monitoring
  • i.d.e.a. Museum – Earned Revenues
  • Police Department – Supplies and Equipment
  • Financial Services – Payroll (Delayed)
  • Police Department – Off Duty Program (2nd Follow-up – Delayed)
The objective of each follow-up review is to verify that corrective action(s) agreed to in response to the audit were: 1) Implemented as agreed; and 2) Effective in resolving the related audit finding(s).

Other Activities

Activity Description
Citywide Cash Audits Unannounced audits of cash handling sites citywide are conducted throughout the year.
Payment Card Industry Data Security Standards (PCI DSS) Review
Annual review of credit card acceptance sites for compliance with PCI DSS. 
Fraud & Ethics Hotline Investigations
Monitor the City’s Fraud & Ethics Hotline and conduct investigations as needed.

Consulting Services

 Provide independent consulting/advisory services; data collection, validation and/or analysis; internal control reviews; risk analyses; financial statement reviews; etc. as needed.

Unscheduled Audits
As directed by the City Council or City Manager, conduct unscheduled audits, which may arise due to unforeseen circumstances.