Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
NOTE: All operational audits issued by Internal Audit may be obtained by submitting a Texas Public Information Act (TPIA) request. All reports along with their distribution dates have been listed in the Operational Audit List.
Fort Bend ISD’s Internal Audit department performs two basic types of audits:
Evaluation is made of management's performance and conformity with policies, procedures, and budgets. The department and its operations are analyzed including appraisal of structure, controls, procedures, and processes. The objective is to appraise the effectiveness and efficiency of an activity or operation of the department in meeting organizational goals. Recommendations to improve performance are also made.
The majority of the administrative departments throughout the District will fall under operational audits.
An area is selected for an audit in one of three ways:
- Risk Assessment: The Internal Audit Department develops an audit plan utilizing a risk assessment to identify the major areas that would require audit attention. Each year, the internal audit department evaluates the top risk areas and determines which should be included in the annual audit plan.
- Spot-check Audits: These audits are conducted on a random basis for various types of transactions (i.e., inventory, cash counts, petty cash, etc.). This allows the audit department to review selected activities or transactions for accuracy and compliance with district policies and procedures.
- Special Projects: These projects are audits or investigations that are conducted upon request by the Superintendent, Board of Trustees, and/or departments.
Compliance audits are fundamentally documentation reviews. Compliance audits within FBISD are typically found in the area of student and campus activity fund audits and PEIMS integrity audits. These audits ensure that compliance is obtained in accordance with the applicable guidelines (i.e. student activity fund manual or PEIMS submission guidelines).
Student Activity Fund audits are performed throughout the year utilizing a risk assessment scoring process which is based on specific criteria. The campuses with the highest risk score are selected for an audit.
PEIMS audits are performed throughout the year either annually or on a rotation schedule
Internal Audit Process
The internal audit process consists of the following phases for all audit types. These include operational, PEIMS, and activity fund audits:
A notification memo is sent to department or campus management and copied to the appropriate Cabinet member, Superintendent, and Board of Trustees informing you of the start of the audit. The auditor will send you a list of documents and reports that are needed for our office to learn about your area before planning the audit. This is the most important phase of the audit and it is necessary to receive accurate and complete information since this serves as the ba sis for the entire review.
Research and Planning
After reviewing the information requested, the auditor will plan the review. The auditor under the guidance of the Director identifies the significant internal controls risks within the area, drafts an audit program, and schedules and an opening conference.
The opening conference will include all affected senior management and any administrative staff that may be involved in the audit. During this meeting, the scope of the audit will be discussed. This is a good time to ask the auditor to review areas that you are concerned about. The time frame of the audit will be discussed and potential timing issues (e.g. vacations, out of town meetings etc.) that could impact the audit should also be discussed so that we can work out the scheduling of staff interviews.
After the opening meeting, the auditor will finalize the audit program and begin fieldwork. Fieldwork typically consists of staff interviews, reviewing procedure manuals, policies, and procedures, administrative regulations, documenting your specific day to day procedures, testing for compliance with applicable local, state, and federal laws and regulations, and assessing the adequacy of internal controls. Please note that often times the majority of our audit testing can be performed at our office, but there will be times in which we will need access to you and your staff in order to obtain documents and/or ask questions. We understand that you still have your job to do and we do our best to minimize interruptions to your daily schedule.
The results of the audit will be communicated via a formal audit report. The purpose of this written document is for Internal Audit to report the conclusions drawn from the audit tests, observations and inquires.
The first report you will receive is the draft audit report. We make every effort to communicate with department staff and management to discuss any potential audit observations during the fieldwork phase that include missing or incomplete source documentation to support transactions, financial reports, expenditures, contracts, approvals, etc. Timely responses to our questions and requests usually resolve open audit observations and often do not result comment in the report. However, if we do not receive the information we need, and cannot determine the sufficiency of an observation, it can end up in the draft report for discussion.
A closing meeting will be held so that everyone can discuss the audit observations. The exit conference provides an opportunity to resolve any questions or concerns you may have about the audit or observations and to resolve any other issues before the report is ready for the management response phase. This is the most important phase of the audit because we are confirming our understanding of what we noted during our review and need to ensure that what we have is accurate and complete.
Management responses for operational audits and activity funds differ in the following manner. For operational audits, once the report is finalized, and any corrections have been made if necessary, the Director of Internal Audit sends the report for legal review and then presents the report to the Superintendent. Management responses will be requested and can be documented directly in the report. You may accept the recommendations offered by Internal Audit, present your own remedy to the findings noted, or accept the risks associated with the findings. Estimated completion dates for each observation should be included with all management responses.
For activity fund audits, the principal will prepare responses usually within ten business days and send the responses to the auditor who performed the audit. The Director of Internal Audit reviews the final audit report and if necessary discusses any potential changes with the principal and then sends out the final report to all parties.
Final Audit Report
Once the responses are received and reviewed, the final report is presented to the audit committee at the next scheduled meeting. Thirty days after the audit committee has reviewed the final report, providing there are no changes needed, the report is distributed to the Board of Trustees and all parties. Lastly, the title of the final report is posted on the Internal Audit department webpage thirty days after the Board has reviewed the report. This allows the Board time to review the report and to ask any questions they may have.
Post Audit Survey
An audit survey will be sent to the department or campus that was audited in order to gain feedback about the audit. Your feedback is very important to us since it can help us improve our audit process and customer service to you.
Periodically, follow up reviews on previous audit observations are performed for operational and PEIMS audits to determine if management action plans have been implemented. The auditor will interview department management and staff and perform tests, or review procedures to perform the verification. We will document the review and prepare a summary report that follows the same procedure as final reports for operational and PEIMS audits.
*Note – Follow up reviews for activity fund audits are conducted if a campus scores below 75% and generally are performed 90 days after the initial audit.