CURRENT AUDITS
NIST Cybersecurity
We are conducting a performance audit of Atlanta Information Management’s implementation of the NIST Cybersecurity Framework. Our objectives are to understand whether AIM is progressing along an implementation roadmap provided by its cybersecurity contractor. We also intend to assess whether there are barriers to implementation of the NIST Cybersecurity Framework. Due to the sensitive security nature of this audit, our public reporting will be limited.
Continuous Auditing
Continuous auditing leverages technology to test controls and to identify potential red flags in transactions as, or soon after, they occur. We will work with the Department of Finance and other stakeholders to identify high-risk transactions to develop a continuous audit program.
Recreation Fees
A member of City Council expressed interest in a performance audit of the Department of Parks and Recreation’s process for setting recreation fees due to concerns about inconsistent fees at the city’s recreation centers. Also, the Department had one of the highest risk scores in our risk assessment based on its size and complexity. Our objectives will focus on understanding how Recreation fees are set and whether the fee structure is consistent with peer cities. We also plan to assess whether controls are sufficient to ensure that fees are collected and recorded accurately.
Aviation Maintenance
A previous risk assessment identified potential staffing issues in the Department of Aviation’s Facilities Management Division. The department will be implementing its Maximo system upgrade to enhance system capabilities and improve work order and asset management. We will be assessing if the division’s staffing and scheduling processes and Maximo system controls meet workload needs.
Streetlighting
We undertook this audit because streetlighting may improve motorist, cyclist, and pedestrian safety and reduce criminal activity. The City of Atlanta Department of Transportation oversees streetlight operation, which includes roughly 10,000 city-owned lights and 40,000 lights owned by Georgia Power Company. Based on a recent assessment completed by Georgia Institute of Technology students, the department decided that it should add 10,000 additional lights. This audit will address whether streetlighting operational and maintenance costs are consistent with industry standards and whether adequate controls are in place to ensure that streetlight operability meets industry standards.
Office of Buildings' Zoning Enforcement Unit
City Council members expressed interest in a performance audit of the Office of Buildings' Zoning Enforcement unit. The unit is responsible for investigating complaints and potential violations of the city's building and zoning codes. This audit will focus on assessing the unit's enforcement procedures and performance targets.
Direct Payments
As part of continuous monitoring, the Finance department identified that as of March 2021, 40% of invoices were paid via direct payment — transactions where competitive sourcing is not possible – such as conference registrations, subscriptions, settlements, court fees–-but departments have used them to pay invoices after the fact instead of getting a purchase order. The city’s forensic audit released in June 2021 identified control deficiencies in the procurement process regarding certain purchases that allowed a city executive to circumvent controls through the direct payment method. Our audit will assess whether controls are in place to ensure that direct payments are appropriate.
We are conducting a performance audit of Atlanta Information Management’s implementation of the NIST Cybersecurity Framework. Our objectives are to understand whether AIM is progressing along an implementation roadmap provided by its cybersecurity contractor. We also intend to assess whether there are barriers to implementation of the NIST Cybersecurity Framework. Due to the sensitive security nature of this audit, our public reporting will be limited.
Continuous Auditing
Continuous auditing leverages technology to test controls and to identify potential red flags in transactions as, or soon after, they occur. We will work with the Department of Finance and other stakeholders to identify high-risk transactions to develop a continuous audit program.
Recreation Fees
A member of City Council expressed interest in a performance audit of the Department of Parks and Recreation’s process for setting recreation fees due to concerns about inconsistent fees at the city’s recreation centers. Also, the Department had one of the highest risk scores in our risk assessment based on its size and complexity. Our objectives will focus on understanding how Recreation fees are set and whether the fee structure is consistent with peer cities. We also plan to assess whether controls are sufficient to ensure that fees are collected and recorded accurately.
Aviation Maintenance
A previous risk assessment identified potential staffing issues in the Department of Aviation’s Facilities Management Division. The department will be implementing its Maximo system upgrade to enhance system capabilities and improve work order and asset management. We will be assessing if the division’s staffing and scheduling processes and Maximo system controls meet workload needs.
Streetlighting
We undertook this audit because streetlighting may improve motorist, cyclist, and pedestrian safety and reduce criminal activity. The City of Atlanta Department of Transportation oversees streetlight operation, which includes roughly 10,000 city-owned lights and 40,000 lights owned by Georgia Power Company. Based on a recent assessment completed by Georgia Institute of Technology students, the department decided that it should add 10,000 additional lights. This audit will address whether streetlighting operational and maintenance costs are consistent with industry standards and whether adequate controls are in place to ensure that streetlight operability meets industry standards.
Office of Buildings' Zoning Enforcement Unit
City Council members expressed interest in a performance audit of the Office of Buildings' Zoning Enforcement unit. The unit is responsible for investigating complaints and potential violations of the city's building and zoning codes. This audit will focus on assessing the unit's enforcement procedures and performance targets.
Direct Payments
As part of continuous monitoring, the Finance department identified that as of March 2021, 40% of invoices were paid via direct payment — transactions where competitive sourcing is not possible – such as conference registrations, subscriptions, settlements, court fees–-but departments have used them to pay invoices after the fact instead of getting a purchase order. The city’s forensic audit released in June 2021 identified control deficiencies in the procurement process regarding certain purchases that allowed a city executive to circumvent controls through the direct payment method. Our audit will assess whether controls are in place to ensure that direct payments are appropriate.