1. Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on Internal Auditing (ISIA)

2. 1100- Independence & Objectivity Organizational –Free from interference in scope of work, performance and communication Individual –Impartial, unbiased, no conflict of interest Impairments –If impaired in fact or appearance = must disclose

3. 1100- Independence & Objectivity in IFTA\IRP Is audit group within Motor Carrier management group? May be impaired Does auditor know carrier? May be impaired Has auditor or manager designed or specified recordkeeping system for carrier? May be impaired.

4. 1200 Proficiency & Due Professional Care Proficiency –Possess knowledge, skills, and competencies to perform the responsibilities –Obtain competent advice or assistance –Sufficient knowledge to identify fraud indicators, but not expertise. –Knowledge of key information technology risks, controls and audit techniques to perform work.

5. 1200 Proficiency & Due Professional Care Due professional care –Reasonably prudent and competent –Exercise due care by considering Extent of work needed to accomplish objective Complexity, materiality, significance of matters Adequacy & effectiveness of risk management, control and processes Probability of significant errors, irregularities, noncompliance Cost\benefit analysis of assurances

6. 1200 Proficiency & Due Professional Care Continuing professional development –No minimum\maximum hours required as with GAO or AICPA, but “should enhance knowledge”

7. 1200 Proficiency & Due Professional Care in IFTA\IRP Knowledge of record requirements, effects of over\understating fuel\miles, equipment norms, trends 1220 considerations Reasonable adjustments Not infallible

8. 1300 Quality Assurance & Improvement Program QA –Continuously monitor effectiveness Internal Assessments –Ongoing reviews of audit activity –Periodic self assessment or others within organization External Assessments –At least every 5 years by qualified, independent reviewer

9. 1300 Quality Assurance & Improvement Program Reporting on QA –Results should be communicated to board Use of “Conducted…” statement –Used only if program is in compliance with all standards Noncompliance –Disclosure of areas of non-compliance.

10. QA in IFTA\IRP Formal process of program compliance reviews and peer review Informal process using formal guidelines Annual or Biennial

11. Performance Standards 2000 Managing Audit Activity Planning –Risk based planning determines priorities consistent with goals Communication –Audit activity plans and resource requirement should be discussed & approved with management Resource Management –Appropriate, sufficient, and effectively deployed

12. Performance Standards Policies\Procedures –Established policies to guide audit activities Coordination –Adequate coverage & no duplication of effort Reporting to Management –Periodic report on purpose, authority, responsibility, performance, risks, control issues, etc.

13. Performance Standards in IFTA\IRP Audit procedures manuals for both define –Goals –General audit procedures –Several evaluation tools

14. 2100 Nature of Work Risk Management –Evaluate effectiveness of risk management system –Reliability of data –Effectiveness of operations –Safeguarding assets –Compliance with laws, regulations, & contracts –Awareness of other significant risks –Use past experience to evaluate organizations risks

15. 2100 Nature of Work Control –Reliability & integrity of operational information –Effectiveness & efficiency of operations –Safeguard assets –Compliance with laws, regulations, & contracts

16. 2100 Nature of Work Governance –Promote appropriate ethics & values –Effective performance, management, & accountability –Communicate risk & control to appropriate parties –Coordinate activities & communication of information

17. Nature of Work in IFTA\IRP Risk assessment in selection of carriers for audit Required audits maintain controls over programs Assure that objectives of the programs are met Recommendations to carriers and administrators support program goals

18. 2200 Engagement Planning Planning considerations –Objective\scope Engagement objectives –Assess risks –Potential for errors, noncompliance Engagement scope –Consider ALL systems, records, & properties Engagement resource allocation –Staffing based on objectives, complexity, time, resources Engagement work program –Developed to achieve objective –Specific procedures for analysis & recording of info

19. Engagement Planning in IFTA\IRP Audit manuals provide basis of planning Pre-audit notification Internal control review Records review Analytical review of carrier reports

20. 2300 Performing the Engagement Identifying information –Sufficient, reliable, relevant, useful Analysis & Evaluation –Support conclusions Recording Information –Controlled access, retention Engagement Supervision

21. Performing the Engagement in IFTA\IRP Uniformity Standard approach Sampling Flow of documents Verification of records Audit file documentation – generic, Supervision- how much is enough

23. 2400 Communicating Results Criteria for communicating –Overall opinion, conclusions, limitations Quality of communications –Accurate, concise, constructive, timely Errors & Omissions –Corrected info to all ASAP

24. 2400 Communicating Results Engagement disclosure of noncompliance with standards –Standard, reason, impact Disseminating results –To appropriate parties –Restricted use of results

25. Communicating Results in IFTA\IRP Standard audit reports –Standards followed Required information –Inter-jurisdictional report Supplemental information –Supporting schedules, conference notes, contact log Required conferences with carrier

26. 2500 Monitoring Progress Follow-up process 2600 Resolution of Management’s Acceptance of Risks