Translate
Meeting materials
Attend the meeting
- Join via Zoom
Phone: 253-205-0468
Free language assistance services are available for this meeting. Contact ocia@clackamas.us (48-hour notice needed).
Agenda
| Time | Agenda item |
|---|---|
| 2:30 | Welcome and introductions (10 min) Presenter: Chair Minh Dan Vuong Note: All meeting materials provided prior to meeting start. Note: No public comments will be heard. Emailed comments are welcome at OCIA@Clackamas.us |
| 2:40 | Meeting minutes: April 29, 2026 (5 min) Presenter: Chair Minh Dan Vuong Materials: April 29, 2026 Minutes Draft for approval |
| 2:45 | 2025-2030 Strategic Plan (Draft) (10 min) Presenter: Jodi Cochran, County Internal Auditor Materials:
|
| 2:55 | Internal Audit Oversight Committee Charter & Bylaws (10 min) Presenter: Jodi Cochran, County Internal Auditor Materials: Internal Audit Oversight Committee Charter & Bylaws Draft-clean |
| 3:15 | Risk Assessment (20 min) Presenter: Jodi Cochran, County Materials: Risk assessment presentation |
| 3:35 | Quarterly status updates (10 min)
Presenter: Jodi Cochran, County Internal Auditor Materials:
|
| 3:45 | Round Table Presenter: All |
Meeting adjournment Presenter: Chair Minh Dan Vuong |
Next IAOC Meeting: Wednesday, July 8, 2:00 PM to 3:30 PM
Future Internal Audit Oversight Committee Schedule
Quarterly on the second Wednesday of the month (January, April, June, October)
- Wednesday, October 14, 2026
2:00 PM to 3:30 PM
Virtual – Zoom - Wednesday, January 13, 2027
2:00 PM to 3:30 PM
Virtual – Zoom - Wednesday, April 14, 2027
2:00 PM to 3:30 PM
Virtual – Zoom
2025-2030 Strategic Plan
Proposed Draft
2025 External Quality Assessment
- External quality assessment
- Governance structure
- Strategic plan
- Communication tools
- Policies and procedures
Five Years, Four Strategies, 18 Goals
Ethics & Professionalism
- Public internet
- Employee intranet
- Annual disclosures
- Knighton Award submissions
Governance
- County Code
- Oversight Committee composition
- Charters
- Budgetary authority
- Signing authority
Management
- Audit resources
- Assessments
- Performance metrics
- Strategic plan
- Quality assessment
Performance
- Policies and procedures
- Templates
- Recommendation dashboard
- Expanded audit reporting communications
Recommend approval of strategic plan
- April–June 2026
Solicit Oversight Committee feedback - June 24, 2026
Oversight Committee approval of 2025–2030 Strategic Plan
Thank you
Office of County Internal Audit: 2026-2030 Strategic Plan
April 2026
Report by the Clackamas County
Office of County Internal Audit
Jodi Cochran, CPA, CIA, CGMA,
CRMA County Internal Auditor
Kathy Yeung, CPA, CIA
Senior Internal Auditor
Purpose
We strengthen the county's ability to serve the public by providing independent assessment, assurance and advice to the board of county commissioners, management and the public.
Mission
The mission of the Office of County Internal Audit (Office) is to enhance and protect Clackamas County's ability to serve by providing risk-based and objective assurance, advice, and insight.
Vision
The Office provides assurance, advisory, and investigative services to the public, employees and departments of Clackamas County so they can feel confident that the public's interests are protected and can engage with an accountable, high performing, and transparent local government. Strategy The Office uses a strategic framework with four areas of focus:
- Ethics & Professionalism
- Governance
- Management
- Performance
Professional standards
The Office of County Internal Audit governs itself by adherence to The Institute of Internal Auditors’ Global Internal Audit Standards. Audit functions are independently evaluated to assess conformance with professional standards.
Authority
The Office is established under the authority provided in County Code Chapter 2.15 County Internal Auditor. The county internal auditor reports functionally to the Clackamas County Internal Audit Oversight Committee and administratively through the Internal Audit Administrator.
Strategy
Ethics & Professionalism
We instill trust in the Office of County Internal Audit and provide the basis for reliance on our work and judgment by behaving in the highest ethical and professional manner.
Goals
- Public internet
Update website content, appearance, and ease of use to enhance accessibility and build trust. - Employee intranet
Develop an intranet site to increase awareness and enhance access to audit services. - Annual disclosures
Document the presence or affirm the absence of objectivity impairments or conflicts of interest on an annual basis to demonstrate transparency and accountability. - Knighton Award submission
Submit audit reports for Association of Local Government Auditors' Knighton Award consideration to solicit peer feedback and highlight Clackamas County accomplishments.
Management
We establish goals, measure performance and communicate results to achieve long-term success.
Goals
- Audit resources
Create an internship program and add a principal internal auditor position to enhance audit resource availability, retention, and succession planning. - Assessments
Assess the county’s governance, risk management, and control activities biennially to inform leadership of risk and opportunities. - Performance metrics
Collect and analyze performance data to improve efficiency and effectiveness
of the Office of County Internal Audit. - Strategic plan
Create and implement the 2026-2030 strategic plan to demonstrate transparency and accountability. - Quality assessment
Conduct a self-assessment and obtain an external quality assessment review to comply with Global Internal Audit Standards.
Performance
Through a continuous improvement lens, we plan, execute and communicate results of our services using documented and standardized processes.
Goals
- Policies and procedures
Address gaps in internal audit policies and procedures to reinforce existing practices and align with industry standards. - Templates
Update audit workpaper templates to demonstrate compliance with newly revised Global Internal Audit Standards. - Recommendations dashboard
Develop an audit recommendations dashboard to increase efficiency of monitoring activities, enhance accessibility, and promote transparency. - Expanded audit reporting communications
Leverage technology and provide audit reports in audio/video format to increase accessibility.
Accountability
To ensure optimal implementation and success, we hold ourselves accountable to the strategic plan. Accountability is demonstrated through quarterly, annual, and external monitoring, including the county's Performance Clackamas plan.
Quarterly
The quality assurance and improvement program is reviewed at the Internal Audit Oversight Committee meetings. This program highlights the status of short-term goals (one to three years).
Annually
The five-year strategic plan is reviewed annually at the Internal Audit Oversight Committee meeting. The progress and status of all goals within the four strategies are shared.
Externally
In five years, an independent assessment team will conduct an external quality assessment review to evaluate compliance with professional standards. Results will support the development of the next strategic plan.
Performance Clackamas
The Office participates in Performance Clackamas, the county's strategic plan and process focused on measurable goals. Performance metrics are reviewed and reported annually.
About the Office of County Internal Audit
Our team
Jodi Cochran, CPA, CIA, CGMA, CRMA, County Internal Auditor
Kathy Yeung, CPA, CIA, Senior Internal Auditor
Contact us
Office of County Internal Audit
2051 Kaen Road #460
Oregon City, OR 97045
Office: 503-742-5983
ocia@clackamas.us
Draft Internal Audit Oversight Committee Charter and Bylaws
MISSION
Through oversight of the Office of County Internal Audit (Office) activities, strengthen Clackamas County’s ability to serve and enrich our community by promoting independent, risk-based and objective assurance, advice, and insight.
VISION
By safeguarding its independence, the Office’s assurance, advisory and investigative services:
- enhance the confidence of Clackamas County residents, employees, and departments that the public’s interests are protected
- encourage engagement with an accountable, high performing and transparent local government.
PURPOSE
The Clackamas County Internal Audit Oversight Committee (Oversight Committee) ensures the Office of County Internal Audit’s independence and ability to assess:
- Efficient and effective use of public resources
- Financial and operational reporting
- Information and asset security
- Compliance with laws, regulations, policies and ethics
The Oversight Committee ensures the Office is independent and acts to promote its integrity and effectiveness. Independence is freedom from conditions that impair the Office’s ability to carry out its responsibilities in an unbiased manner.
The Oversight Committee supports the Office in its efforts to bring a systematic, disciplined approach to evaluating and improving the county’s governance, risk management, and control processes.
AUTHORITY
The Oversight Committee is established in County Code Chapter 2.15:County Internal Auditor.
COMPOSITION
The Oversight Committee is comprised of five members - the Board of County Commissioners Chair, a commissioner selected by the Board of County Commissioners, and three members of the community appointed by the Internal Audit Administrator from a list of nominees submitted by the County Internal Auditor. The Oversight Committee membership represents a base of expertise in some or all the following areas: local government, finance, risk, information security, equity and process improvement.
Community members must be Clackamas County residents and avoid conflicts of interest, or the appearance of such conflicts, that would impair independence. Should a conflict arise, members will advise the County Internal Auditor. Community members may serve consecutive two-year terms. The Oversight Committee chair is elected by the Committee from one of the community members.
MEETINGS AND RECORDS
Oversight Committee meetings adhere to Oregon Public Meeting Law. The Oversight Committee determines the frequency of its meetings, meeting at least three times annually. The Oversight Committee may invite guests to provide pertinent information. The Internal Audit Administrator, County Administrator and County Counsel are encouraged to attend and participate in Committee discussions. Meeting agendas and materials are provided in advance. Minutes are documented. A quorum is required for all Oversight Committee actions requiring a vote. The quorum consists of three Oversight Committee members.
The Oversight Committee adheres to Oregon Public Records Law. The Office provides staff resources to the Oversight Committee and maintains all Oversight Committee permanent records. Distribution and retention of all Office and Oversight Committee records is administered through the Office. The Oversight Committee safeguards and maintains the security of unpublished information from unauthorized access.
All public records requests are administered through the Office.
RESPONSIBILITIES
The Oversight Committee has the responsibility to:
Office of County Internal Audit
- Review and approve the Office charter.
- Ensure there are no unjustified restrictions or limitations on the County Internal Auditor.
- Ensure the Office is free from interference when determining scope, performing activities and communicating results.
- Assess the adequacy and effectiveness of the Office activities, resources, organizational structure, including compliance with Global Internal Audit Standards.
- Provide input in the appointment or dismissal of the County Internal Auditor prior to county action.
- Review and approve the internal audit risk-based audit plan and all major changes to the plan.
Internal Control and Compliance
- Receive and review significant internal audit and external review communications, reports, and management letters, as well as management responses and follow-up activities.
- Consider the Office’s assessment of the effectiveness of the county’s governance processes.
- Consider the Office’s assessment of the effectiveness of the county’s risk management processes.
- Consider the Office’s assessment of the effectiveness of the county’s control processes, including information security and fraud detection.
- Consider the Office’s assessment of the effectiveness of the county’s system for monitoring law, rule and policy compliance.
- Review reports summarizing investigations of potentially fraudulent activities. Reporting Responsibilities
- Ensure an open avenue of communication between the Board of County Commissioners, County Administrator, county departments, Office of County Internal Audit, and external auditors.
- Regularly, in coordination with the County Internal Auditor, present to the Board of County Commissioners results of Oversight Committee and County Internal Audit activities.
Other Responsibilities
- Assess the adequacy of the Oversight Committee charter and bylaws at least annually and approve revisions.
- Confirm annually the responsibilities outlined in this charter have been carried out.
COUNTY MANAGEMENT RESPONSIBILITIES
County management is responsible for the county’s governance, risk management, and control processes. The Oversight Committee’s commitment to the review and assessment of these processes does not relieve management of its responsibilities.
Approved this 24th day of June 2026, by Internal Audit Oversight Committee vote.
Draft Office of County Internal Audit Charter
MISSION
Enhance and protect the county’s ability to serve the public by providing risk-based and objective assurance, advice, and insight.
VISION
The Office of County Internal Audit’s (Office’s) assurance, advisory, and investigative services:
- enhance the confidence of Clackamas County residents, employees and departments that the public’s interests are protected
- encourage engagement with an accountable, high performing, and transparent local government
PURPOSE
Through independent and objective assurance, advisory and investigative services, the Office strengthens the county’s ability to serve the public.
The Office uses a systematic, disciplined approach to evaluate the county’s governance, risk management, and control processes, by assessing:
- Efficient and effective use of public resources
- Financial and operational reporting
- Information and asset security
- Compliance with laws, regulations, policies and ethics
AUTHORITY
The Office is established in County Code Chapter 2.15: County Internal Auditor.
The Office is authorized to examine and evaluate the operations and activities of any office, department, political subdivision, or organization which receives appropriations from the Board of County Commissioners, or for which governing bodies are, or are appointed by, the Board of County Commissioners.
The Office is granted full, free and unrestricted timely access to all activities, information, records, property and personnel required to provide assurance, advisory or investigative services. The Office has the authority to request reasonable assistance from county personnel in acquiring records, documents and files, as well as inspection and entry privileges to all assets owned, leased or borrowed by the County. Office internal auditors are held strictly accountable for the safeguard of all materials and the confidentiality of information, when appropriate.
PROFESSIONALISM
The Office governs itself by adherence to The Institute of Internal Auditors’ Global Internal Audit Standards (Standards). The Standards constitute principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of the Office’s performance. The County Internal Auditor annually affirms to the Oversight Committee compliance with the Global Internal Audit Standards.
INDEPENDENCE AND OBJECTIVITY
The County Internal Auditor is the Chief Audit Executive. The County Internal Auditor reports functionally to the Internal Audit Oversight Committee (Oversight Committee) and administratively to the Internal Audit Administrator.
- Functional oversight responsibilities of the Oversight Committee include ensuring the independence of the Office, approving the risk-based audit plan, reviewing audit reports and recommendations, and providing input regarding the appointment or removal of the County Internal Auditor.
- Administrative responsibilities of the Internal Audit Administrator include facilitating Office budgetary processes and administering personnel activities supporting the County Internal Auditor position, including the appointment and removal of the County Internal Auditor with input from the Oversight Committee.
The Office remains free from conditions that may impair the ability of the Office to carry out internal audit responsibilities in an unbiased manner, including matters of engagement selection, scope, procedures, frequency, timing and communication form or content.
The Office does not perform, or have authority over, operational responsibilities or non-audit functions or duties subject to periodic internal audit assessments, as this may compromise its independence or objectivity.
Office internal auditors exhibit the highest level of professional objectivity in gathering, evaluating and communicating information about the activity or process being assessed. Office internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments. Office internal auditors have impartial, unbiased attitudes and avoid any conflicts of interest. Any potential impairment or conflict of interest will be documented within audit files and disclosed to the Oversight Committee.
The County Internal Auditor annually affirms to the Oversight Committee the organizational independence of the internal audit function and the professional objectivity of the internal auditors.
SCOPE OF WORK AND RESPONSIBILITIES
The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the county’s governance, risk management and control process, as well as the quality of performance in carrying out assigned responsibilities to achieve its goals and objectives. The Office provides three types of services – assurance, advisory and investigative.
Assurance services are services through which internal auditors perform objective assessments and provide assurance statements. These statements are intended to increase the level of stakeholders’ confidence about the county’s governance, risk management, and control processes over an issue, condition, subject matter, or activity under review when compared to established criteria. Examples of assurance services include compliance, financial, operational or performance, and technology engagements. The Office may provide limited or reasonable assurance, depending on the nature, timing, and extent of procedures performed.
Advisory services are consultative and include service activities such as counsel, advice, facilitation, training and participation in standing or temporary management committees or project teams. The objective of advisory services is to add value in the development, modification or validation of county processes, procedures and controls to minimize risk, achieve objectives and foster continuous improvement. Advisory services do not provide assurance or assume management responsibilities.
Investigative services are independent special reviews and investigations addressing allegations of fraud, waste, abuse, or misuse of county assets and resources. The Office develops, implements, and manages the county fraud, waste, and abuse hotline program.
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM
The Office maintains a quality assurance and improvement program. The program is an evaluation tool that ensures the internal audit function conforms with the Global Internal Audit Standards, achieves performance objectives, and pursues continuous improvement. The County Internal Auditor reviews program results with the Oversight Committee at least annually.
The County Internal Auditor reviews and assesses the adequacy of this charter with the Oversight Committee at least annually. Revisions are submitted to the Oversight Committee for approval. All approved revisions supersede prior Office of County Internal Audit charters.
COUNTY MANAGEMENT RESPONSIBILITIES
County management is responsible for the county’s governance, risk management, and control processes. The performance of assurance, advisory and investigative services by the Office does not relieve management of any responsibilities.
Approved as revised this 24th day of June 2026 by Internal Audit Oversight Committee vote, and in collaboration with the Internal Audit Administrator and the County Internal Auditor.
Clackamas County Risk Assessment
Facilitated by the Office of County Internal Audit, February –June 2026
Why conduct a risk assessment?
Professional standards require the Office of County Internal Audit to establish a systematic, risk-based approach to determine the priorities for internal audit activities.
- Identify, analyze and evaluate potential risks to the county’s ability to achieve its objectives
- Provide insight to county leadership and inform its decision-making processes
- Enhance the county’s risk culture and support a countywide approach to resource allocation
- Support the allocation of the Office of County Internal Audit’s limited resources
How do we conduct a risk assessment?
A risk is the potential of an event happening that could impact the county’s ability to achieve its objectives.
- Establish a methodology
- Identify auditable units
- Define criteria
- Calculate risk score
- Sort results
What are the criteria?
Success is dependent on broad engagement with the risk assessment process and strategic consideration of the results – from top leadership and throughout all county employee teams
- Survey – Input from key stakeholders via interviews; # risk claims, # Good Government Hotline reports, # personnel complaints, results of litigation
- Complexity – Evaluation of the complexity of processes overseen by the unit; 6 evaluation areas scored
- Financial Impact – Calculation of the value of expenditure and revenue transactions
- Audit Frequency – Recognition of past internal audits and lapse of time between audits
- Strategic Impact – Recognition of formal participation in Board of Commissioners’ Strategic Initiative implementation processes
What is the math?
What does the score mean?
A high-risk score does not mean an auditable unit is being managed ineffectively or internal controls are inadequate.
- A general indication that if something were to go wrong it could have a significant impact
- An indication that the services or functions a unit is responsible for are, by nature, high priority activities with high-risk potential because of factors as:
- having a large amount of revenue or expenditure;
- having a high level of sensitive assets, such as cash, election ballots, protected or secured data;
- management’s assessment of the control environment; or
- a high degree of public interest.
What happens after?
Success is dependent on broad engagement with the risk assessment process and strategic consideration of the results – from top leadership and throughout all county employee teams
- The identified potential risks are presented to county leadership and management teams
- The county’s strategic decision-making processes are informed by additional data points
- An enhanced county risk culture continues to support transparent countywide resource allocation
- The Office of County Internal Audit’s limited resources are allocated through the committee-approved Audit Plan
What are the scored results?
A high-risk score does NOT mean a Line of Business is being managed ineffectively or internal controls are inadequate.
- 72 Programs
- Highest score 764.20
- Lowest score 65.80
- Average score 391.25
What are the high-risk areas?
A high-risk score does NOT mean a Line of Business is being managed ineffectively or internal controls are inadequate.
- County Administration
- County Clerk
- District Attorney’s Office
- Department of Transportation & Development
- Finance
- Health, Housing and Human Services
- Human Resources
- Sheriff’s Office
- Water Environment Services
What area audits are being considered?
Independent assurance supports transparent, accountable and informed decision-making. We help the county serve the public and enrich our communities.
- Board of County Commissioners with a focus on special district governance and intergovernmental relationships*
- County Administration with a focus on Public Meeting Law compliance
- District Attorney with a focus on the deflection program
- Finance with a focus on financial health and trend analysis
- Finance with a focus on travel and training expenses*
- Finance with a focus on countywide policy management
- Human Resources with a focus on countywide workforce succession planning
- Juvenile department with a focus on youth services and contract management*
How will you evaluate the Audit Plan?
Based on meeting professionally-defined criteria, the Oversight Committee indicates its support of the County Internal Auditor’s proposed audit engagements through approval of the proposed Audit Plan.
Collectively, the engagements:
- are risk-based.
- support County strategic priorities.
- emphasize public services and community impact.
- Consider comprehensive coverage of county services and operations.
- Optimize County Internal Audit resources.
Now & next steps
Wednesday, June 24, 2026
2:30 PM
The Oversight Committee reviews the 2026 risk scores, high risk areas and considered audit topics
Wednesday, July 8, 2026
2:00 PM
The Oversight Committee reviews and considers approval of recommended FY27 Audit Plan
For today’s discussion:
- Tiered considerations
- Resource capacity
- Feedback on priority for FY26 Audit Plan
FY25-26 Audit Plan
Assurance & Advisory Engagements – Status update June 24, 2026
| Engagements | Status | Notes |
|---|---|---|
| Asset Management | Complete | Report date August 2025. Two recommendations made. Engagement results presented to Oversight Committee 10/29/2025. |
| Annual Audit Recommendation Monitoring | Complete | Results presented to Oversight Committee 1/14/2026. |
| Public Land Corners Program | Complete | Report date March 2026. Two recommendations made. Engagement results presented to Oversight Committee 4/29/2026. |
| Annual Risk Assessment | Complete | Initial results presented to Oversight Committee 6/24/2026. |
| Special Districts: Governance and intergovernmental agreements | In progress | Planning and survey work in progress. Target engagement letter and fieldwork start: June 2026. Target report draft: September 2026 |
| Travel and Training Expenses | In progress | Planning and survey work in progress. Target engagement letter and fieldwork start: June 2026.Target report draft: August 2026 |
| Quality Assurance and Improvement Program – 5-Year Strategic Plan Update | In progress | Strategic work sessions ongoing. Analysis of report and recommendations. Identification of key initiatives and implementation milestones. Draft plan presented to Oversight Committee 4/29/2026. Target adoption June 2026. (This is a significant, non-routine administrative activity included in updates due to time allocation equivalent to an assurance or advisory engagement.) |
| Juvenile Department – Youth Services | Paused | Work paused during department director transition; Coordination with interim director tbd; (Previous status - Planning and survey work in progress. Target engagement letter start: June 2026. Target report draft: October 2026) |
| Deflection Program | Planned | Engagement to be considered in FY27 Audit Plan |
Quality Assurance and Improvement Plan
Status update June 24, 2026
| QAIP Goals & Activity | Status/Target | Notes |
|---|---|---|
| Oversight Committee Composition | Complete | Independence of County Internal Auditor reinforced. Oversight Committee restructured from 7 to 5 members via amendment to County Code Ordinance #03-2026. County Administrator & County Counsel redefined by non-voting participants. |
| County Code | Complete | County Code 2.15-County Internal Auditor updated through Ordinance #03-2026 reinforcing independence and alignment with Global Internal Audit Standards. |
| Knighton Award submissions | Complete | Submitted Asset Management report for peer feedback and consideration. Awarded 2025 ALGA Knighton Award – only Exemplary Award granted to an extra-small shop from the United State and Canadian submissions. Future submissions expected. |
| Strategic Plan | Complete | Oversight Committee proposed approval date 6/24/2026. |
| Charters | Complete | Updated to reflect revised Global Internal Audit Standards and county code. Oversight Committee proposed approval date 6/24/2026 |
| Performance Measures | In progress – 2026 | Develop and implement enhanced performance measures and reporting – Committee presentation and discussions to be scheduled, Target 6/2026 |
| Policies and Procedures | In progress – 2026 / 2027 | Expand and revise to reflect Global Internal Audit Standards, incorporate current practices and templates, and address Good Government Hotline investigative services; Documents to include Office Procedures Manual, Good Government Hotline policy and Oversight Committee Handbook |
| Public Internet | In progress – 2026 / 2027 / 2028/ 2029 | Current countywide projects to address Limited English Proficiency access and mandated Americans with Disabilities Act web compliance – significant office and county resources required for training, new design, and implementation, 90% complete, Target completion 4/2026; Federal deadline extension 4/2027 Future projects: Update to incorporate public access and usability standards; Leverage technology to increase transparency; Develop a recommendations dashboard to enhance accountability |
| Audit Resources | Planned – 2026/2028 | Establish budget and resource plan (i.e. budget authority and budget standards; contract signing authority; add additional audit personnel resources (Principal Auditor) |
| Employee Intranet | Planned – 2027/2028 | Establish site to expand employee engagement; Leverage technology to increase transparency; Develop a performance measure dashboard to model enhanced accountability |
Coordinated Assurance and Compliance Activities | Planned – 2030 | Develop a countywide assurance and compliance activity map |
| Assessments | Planned – 2028/2030 | Conduct a self-assessment and report the status of the 2024 Quality Assessment Review recommendations; Participate in an external quality assessment review by 2030 |
| Standard | Summary of Requirement |
|---|---|
| IPPF 1000.C1 | The Office of County Internal Audit charter is reviewed with the IAOC to ensure its adequacy and compliance with Standards. |
| IPPF 1010 | The CAE discusses with the IAOC the Standards – as documented within the Office of County Internal Audit charter. |
| IPPF 1010 | The CAE discusses with senior management the Definition of Internal Auditing, the Code of Ethics, and the Standards – as documented within the Office of County Internal Audit charter. |
| IPPF 1110 | The CAE confirms to the IAOC annually the organizational independence of the Office of County Internal Audit. |
| IPPF 1111 | The CAE communicates and interacts directly with the Board – providing annual activity updates. |
| IPPF 1130.A1&A2 | The CAE confirms to the IAOC annually the objectivity of the Office of County Internal Audit staff. |
| IPPF1300 | The CAE discusses the results of the Quality Assurance and Improvement Program, including ongoing monitoring of individual engagements, self-assessment results and recommendations, and external peer reviews. |
IPPF 2200 through IPPF 2450 | The CAE discusses with the IAOC the results of individual engagement quality assurance reviews when presenting engagement results. |
| IPPF 1312 | The CAE discusses with the IAOC external assessments, including the independence and qualifications of the external reviewer. |
| IPPF 1320 | The CAE communicates the results of the external assessment to the IAOC and the status of recommendations. |
| IPPF 1320 | The CAE communicates the results of the external assessment to senior management. |
IPPF 1321 & IPPF 1322 | The CAE addresses with the IAOC the Office of County Internal Audit’s use of statements of Standard conformity or nonconformity in engagement communications. |
| IPPF 2040 | The CAE confirms to the IAOC the adequacy of the Office policies and procedures, including the IAOC Member Handbook. |
| IPPF 2050 | The CAE reviews coordination of combined assurance functions within the county. |
| IPPF 2500 | The CAE monitors the status of management recommendations (internal and external) and communicates the results to the IAOC to ensure management actions have been effectively implemented or management has accepted the risk of not acting. |
| IPPF 2600 | The CAE communicates to the IAOC all circumstances in which the CAE has determined that senior management has accepted a level of risk that may be unacceptable to the county organization. |
IPPF 2010.A1 IPPF 2010. C1 | The CAE performs and documents an annual countywide risk assessment, incorporating input from the IAOC, Board, and senior management. |
| IPPF 1210 & IPPF1230 | The CAE demonstrates to the IAOC the Office collectively possesses or obtains the knowledge, skills, and other competencies needed to perform its responsibilities. CAE annually confirms compliance with continuing professional education requirements. |
| IPPF 1210.A2 | The CAE addresses with the IAOC the sufficiency of fraud detection and investigation resources. |
| IPPF 1210.A3 | The CAE addresses with the IAOC the sufficiency of IT auditing resources within the Office of County Internal Audit. |
| IPPF 2000 & IPPF 2010 | The CAE prepares and presents to the IAOC and senior management an audit plan which adds value to the county organization and represents a risk-based prioritization of Office of County Internal Audit resources. |
| IPPF 2020 | The IAOC reviews and approves the audit plan, considering resources limitations as communicated by the CAE. |
IPPF 2100 through IPPF 2130.C1 | The CAE formally assesses and contributes to the improvement of county governance, risk management, and control processes. |
** Table to be revised to reflect new Global Internal Audit Standards