Page 1 of 3
PORT OF SEATTLE
MEMORANDUM
DATE: June 2, 2011
TO: Audit Committee
FROM: Tom Barnard, Audit Committee Staff
SUBJECT: Report back on Self-assessment tool and next steps
Survey Results
I have attached a copy of a survey containing and summarizing results from the three
Committee members and myself as staff on the work of the Audit Committee. Although there
are notes in the responses I would like to summarize the finding here.
Not all were in agreement, with variations that can be accounted for by
o Experience with the Audit Committee,
o General exposure to Commission knowledge, and
o General knowledge of auditing
Although no one was very dissatisfied with the work of the Committee, there was
general agreement that improvements were needed.
There were questions raised about the auditing knowledge level of the non-professional
members of the Audit Committee and whether that should be improved. General
knowledge of audit issues seems lacking.
There is a general feeling that more resources are needed for Internal Audit, and that
more control over the level of resources should be exercised by the Commission and/or
the Audit Committee. Tied to this question are doubts about whether there is sufficient
outside contracted expertise available or sufficient for the work of Internal Audit or the
Audit Committee.
The yearly structure of reporting to the Commission is invisible to the public member,
and there are doubts about whether it is often enough. There are also doubts about
whether the Commission is aware enough of audit matters, or weighing in enough.
Although the Port has general “whistleblower” protection, it is unclear whether this is
sufficient for the Audit Committee itself.
There seems to be a lack of understanding on how, or whether, the Audit Committee
should weigh in on the work of senior financial staff.
Memorandum
Page 2 of 3
Because financial matters including the annual report, the budget, and the quarterly
results go to the Commission instead of the Audit Committee, there is a knowledge gap
on part of the Audit Committee. This is particularly sharp in the area of understanding
business risks to the Port of Seattle.
There is agreement that the Audit Committee does not itself have the expertise to
evaluate the internal control testing done by the Internal Audit or outside auditors.
The risk assessment analysis work done by Internal Audit is still somewhat opaque to
the Audit Committee.
Based on these results, the following recommendations, as well as due dates, are being made
to improve the ability of the Audit Committee to carry out its function. These build on and add
to the earlier recommendations made in April.
1. That the Audit Committee decide whether there immediate gaps exist in the staffing
resources available, either to the Internal Audit Department, or to the Audit Committee
itself. If there is agreement on immediate needs, the Audit Committee would go before
the Commission in August with a particular budget recommendation to fill these gaps in
2012. If the Commission so approved this recommendation, it would then be passed on
to the CEO to direct hiring of staff, or retention of outside contractors. Due date:
August, 2011, driven by the need to get in budget requests early.
2. That the Audit Committee Charter be brought in to compliance with IIA and
governmental auditing standards, unless precluded by the unique nature of the
organization, as decided by the Audit Committee. Part of this is the decision whether or
not to include a specific “whistleblower” provision in the Charter. Vicki Rawlins could
come in to the July meeting and brief us on the Port’s “whistleblower” provision, as a
way of guiding that decision. Due Date, August, 2011.
3. That the Audit Committee should retain an outside firm to assess the work of Internal
Audit, and particularly, the risk assessment methodology used in preparing the annual
risk assessment plan and the subsequent work plan. This would require the issuing of
an RFP, in consultation with management and internal audit. This may be part of, or
dovetail, with a planned quality control review of Internal Audit planned by Joyce
Kirangi for next year. Due date: RFP out by September, 2011, hires by December 2011.
4. That a system be developed to insure that all basic financial information provided to the
Commission in briefings be provided to the public member of the Audit Committee.
This would include quarterly reports, budget materials as requested and other measures
of financial performance. Due date: September, 2011.
5. That the Audit Committee come to an agreement on what kinds of auditing risk and
business risk they feel the Committee wishes itself and Internal Audit to focus on, and
Memorandum
Page 3 of 3
incorporate that into a 2011-2013 Long Range Goals and Objectives Plan. This will
require a better understanding of risk itself, as well as a better understanding of the
unique risks faced by the Port, an organization that both serves the public, AND is
required to continue to make a profit as a private enterprise is. Due date: October,
2011.
6. That some form of formal training in auditing concepts, especially concepts of risk, be
given at the beginning of all Audit Committee members who are Commissioners. This
training would be developed based on concepts developed by the IIA, and/or
government accounting associations. Due date: January, 2012
7. That the Audit Committee would submit annual budget requests to the Commission for
review and approval by the Commission, and thereupon passed on to the CEO. Due
date: August of budget year.
8. That the Performance Metrics being developed by different sub-organizations within the
Port be reviewed periodically by the Audit Committee so as to increase its ability to
assess internal performance. In addition, the Audit Committee may require additional
performance audits in areas that the Commission may charge it with. Due date: as
Performance Metrics developed.
Both the specific recommendations and the due dates can be discussed at the June Audit
Committee meeting.
