Internal Audit Briefing

Presented to the Port of Seattle

Audit Committee and Tay Yoshitani, CEO

Joyce Kirangi, CPA

Director, Internal Audit

December 06, 2011

Agenda

• Audit Report

1. Lease and Concession Audits

 None

2. Operational Audits

• Central Processing System

 None

• Comprehensive Operational Audit

 Airfield Operations

• Limited Operational Audit

 None

• 3

Party Audit

 None

• Peer Review

• 2011 Work Plan Status Update

• 2012 Proposed Internal Work Plan

• Preliminary Scope Discussion for IT Risk Assessment and Performance Audit

Comprehensive Operational Audit-

Airfield Operations

Background

The Airfield Operations Department has 24 employees with an annual operating

budget of $3.5 million (exclusive of depreciation expenses). The Department is

responsible for ensuring continuing compliance with the Federal Aviation

Administration (FAA) regulations for airfield operations, operating certification,

training and wildlife management. Additionally, the Department oversees the

Airport Communications Center, and has taken the lead in implementing one of the

nation’s first Safety Management Systems at Seattle-Tacoma International Airport

(STIA).

The Department accounts for all airfield revenues, including landing fees, gate fees

and parking fees for all aircraft, in accordance with the fee schedule under Port

Tariff No. 1. During the period under audit, the Department collected at an average

of $62 million annually.

Source: PeopleSoft

Comprehensive Operational Audit-

Airfield Operations

Audit Objectives

The purpose of the audit was to determine whether management has implemented

adequate controls to ensure:

1.Revenue generated by the Airfield Operations Department is complete and

accurate

2.Professional services contracts are in compliance with requirements

3.Small and attractive items are properly safeguarded

4.Benchmarks are available and can be used to help improve airport operations

We reviewed information for the period of January 1, 2008, through December 31,

2010, including activity through the end of fieldwork in November 2011.

Comprehensive Operational Audit-

Airfield Operations

Audit Result

 Clean Audit Report

2011 Work Plan Status Update

 2011 Work Plan Status

 audit progress attached

Preliminary 2012 Work Plan Discussion

Risk-Based Internal Audit Steps

 Understand Port businesses and objectives

 Discuss Port risks with Port leadership and Commissioners (see attached)

 Identify potential Port wide risks

 Link the risk to specific Port objectives that could be disrupted/impaired

 Determine and set the scale to be used in the risk assessment

 Assess and rank risk factors/drivers

 2012 project selection based on risk ranking

Preliminary 2012 Work Plan Discussion

Risk-Based Internal Audit Universe

Risk

Strategic/

Governance

Risk

Operational

Risk

Compliance

Risk

Accountability/

Transparency

Risk

Reporting

Risk

Business Units/Departments

X X X X

Lease and

Concession

Central Key Processing Systems

X X

3RD

Party Mgmt.

X X X

Federal Assistance

X X

Financial Reporting

X X X X

Capital Improvement

Program

X X X X

Commission Directives/Policies

X X

Information

Technology (IT)

Non

-audit Services

X X X

Preliminary 2012 Work Plan Discussion

Preliminary 2012 Audits by Type

Audit Type Count %

Lease and Concession

44%

Limited Operational Audit

25%

Business Units/Departments

19%

3RD Party Management

Central Key Processing System

Preliminary Scope Discussion

for IT Risk Assessment and

Performance Audit

 Preliminary Scope attached