Laserfiche WebLink
The City will be provided a draft of any comments that we propose to include in the management letter, <br />enabling you to review the comments for accuracy prior to final release. Any items that come to our attention <br />that are not what we consider major items may be discussed verbally with management and not included in the <br />management letter. Our management letter will include items noted during our analysis of your operations. <br />We will also make a formal presentation of the results of the audit to those charged with governance of the City, <br />if requested. <br />Sample size and statistical sampling <br />We follow the guidance of AU-C Section 530, Audit Sampling, in using statistical and nonstatistical approach. We <br />use quality control material in all our audit engagements. These AU-C Section 530 — "Audit Sampling' forms <br />guide our staff through a logical process of assessing inherent risk, control risk, and combined audit risk, <br />followed by an assessment of appropriate sample size for testing. <br />Sample sizes will vary depending on the nature of the testing (compliance versus substantive) and the size of the <br />population being sampled. Sampling techniques are utilized in compliance and internal control testing, as well as <br />substantive testing of certain asset and liability account balances. Sample sizes used for internal control testing <br />depend on a number of factors, namely the number of expected or actual control deviations, size of population, <br />and level of control assurance anticipated. Sample sizes can range from 20 to 90 possible selections. <br />To illustrate, if no internal control deviations are anticipated and the frequency of the population (i.e., the <br />number of times the control is performed in a given year) is less than 100, then we will test 20 transactions in <br />order to obtain moderate control assurance. If 2 internal control deviations are anticipated, and the frequency <br />of the population is greater than 200, then we will test 90 transactions in order to obtain low control assurance. <br />We are usually able to cover a substantial portion of the compliance and controls testing with one sample, <br />resulting in a very efficient approach. <br />Data analytics <br />In addition to standard auditing methodology, a distinguishing aspect of CLA's audit services incorporates the <br />power of data analytics to multiply the value of the analyses and the results we produce for clients. CLA's data <br />methodology is a six -phase, systematic approach to examining an organization's known risks and identifying <br />unknown risks. Successful data analysis is a dynamic process that continuously evolves throughout the duration <br />of an engagement and requires collaboration of the engagement team. <br />Data analytics are utilized throughout our audit process, our Risk Assessment, Data Analytics and Review <br />("RADAR") is a specific application of general ledger data analytics that has been implemented on all audit <br />engagements. RADAR is an innovative approach created and used only by CLA that aims to improve and replace <br />traditional preliminary analytics that were being performed. <br />The phases in our data analytics process are as follows: <br />1. Planning <br />In the planning stage of the engagement, the use of data analysis is considered and discussed to determine that <br />analytics are directed and focused on accomplishing objectives within the risk assessment. Areas of focus, such as <br />journal entries, cash disbursements, inventory, and accounts receivable are common. <br />2. Expectations <br />We consider the risks facing our client and design analytics to address these risks. Through preliminary <br />discussions with management and governance, we develop and document expectations of financial transactions <br />