Presented by Sandra Healy, CGFM Principal Auditor Idaho Transportation Department

Audit of Idaho Transportation Dept’s Division of Motor Vehicles Vehicle Services Section & Financial Unit Fraud discovered at a county DMV office Data analysis 2

County Headline 3

DMV & Counties DMV works closely with counties MOA’s with Assessors & Sheriffs Offices Risks & Internal Controls Data analysis of all counties Visits to 23 assessors offices/44 counties 4

Visits to Counties Goal: Gather best practices Offer suggestions to improve internal controls Wide range of cash handling procedures Counties welcomed internal control ideas Ada County Internal Auditor 5

Assessors’ Conference Presented on cash handling internal controls Shared concerns about safeguarding cash Best practices to be distributed to counties 6

Results of DMV Audit Financial unit became the Internal Control, Fraud Prevention and Finance unit Increased emphasis on internal controls, fraud detection & prevention Centralized DMV mail handling to secure receipts and distribute work to units Provided ‘Items for Consideration’ in development of new data base system 7

Individual Audit Risk Assessment Risk assessment for internal audits Improve Internal Control awareness and education Survey of employees on their unit’s internal controls 8

Pilot Training Program Developed Internal Control training for front line employees 9

Objectives Interaction Increase awareness Increase understanding Confidence to speak up Confidence to suggest improvements Survey 10

Brainstorming What are Internal Controls? What is the purpose of Internal Controls? What is ethical behavior? 11

Understanding Internal Controls You may or may not realize that you are affected by internal controls throughout your daily lives. 12

COSO MODEL 13

Control Environment Foundation of internal controls Baseball example Integrity and ethical values Commitment to competency (staff) Management’s philosophy & operating style Managing change Communication 14

Control Environment 15

Risk Assessment Know your goals & objectives Identify potential risks to the achievement of goals & objectives. Risks are the opposite of goals & objectives Risks are what are addressed by internal controls 16

Control Activities Policies, procedures and other safeguards to ensure objectives are accomplished 17

Information & Communication Information must be identified, captured and communicated Communication must go up, down and across an organization and must be timely Communication enables people to carry out their responsibilities 18

Monitoring Evaluation and feedback processes (self evaluations, performance evaluations, peer reviews, audits, reports) Monitor organizations performance over time Monitoring should be a regular activity Part of culture 19

Internal Control Survey Send employees link to survey in SharePoint Positive statements on internal controls Statements grouped by 5 components Strongly agree to strongly disagree Comment section for ‘disagree’ and ‘strongly disagree’ responses Calculated weighted average for each component Compiled comments Surveys were anonymous 20

Results 21

Survey Results Significant # of comments Used in audit planning for Motor Carrier Services Unit Shared with DMV management and HR Held meetings with employees to discuss results Requested feedback on the training & survey 22

In Summary DMV is inherently a high risk area Internal Control training at staff level beneficial Employees felt a part of the process Survey provided insight into the unit’s environment Audit planning feedback Survey designed for use in any section 23

Thank You 24

Contact Information Sandra Healy, CGFM Principal Auditor Idaho Transportation Department Office of Internal Review PO Box 7129 Boise, ID