Laserfiche WebLink
• General risk analysis — This will contain our overall audit plan, including materiality calculations, fraud risk <br />assessments, overall audit risk assessments, effects of our IS assessment, timing, staffing, client assistance, a <br />listing of significant provisions of laws and regulations, and other key planning considerations. <br />• Account risk analysis — This document will contain the audit plan for the financial statements, including risk <br />assessment and the extent and nature of testing by assertion. <br />• Prepared by client listing — This document will contain a listing of schedules and reports to be prepared by <br />the City personnel with due dates for each item. <br />• Assurance Information Exchange (AIE) — CLA uses a secure web -based application to request and obtain <br />documents. This application allows clients to view detailed information, including due dates for all items CLA <br />is requesting. Clients can attach electronic files and add commentary directly on the application. <br />A key element in planning this audit engagement will be the heavy involvement of principals and managers. We <br />will clearly communicate any issues in a timely manner and will be in constant contact as to what we are finding <br />and where we expect it will lead. <br />Using the information we have gathered and the risks identified, we will produce an audit program specifically <br />tailored to the City that will detail the nature and types of tests to be performed. We view our programs as living <br />documents, subject to change as conditions warrant. <br />Phase 2: Systems evaluation <br />We will gain an understanding of the internal control structure of the City for financial accounting and relevant <br />operations. Next, we will identify control objectives for each type of control material to the financial statements, <br />and then identify and gain an understanding of the relevant control policies and procedures that effectively <br />achieve the control objectives. Finally, we will determine the nature, timing, and extent of our control testing <br />and perform tests of controls. This phase of the audit will include testing of certain key internal controls: <br />Electronic data, including general and application controls reviews and various user controls <br />Financial reporting and compliance with laws and regulations <br />We will test controls over certain key cycles, not only to gather evidence about the existence and effectiveness <br />of internal control for purposes of assessing control risk, but also to gather evidence about the reasonableness <br />of an account balance. Our use of multi -purpose tests allows us to provide a more efficient audit without <br />sacrificing quality. <br />Our assessment of internal controls will determine whether the City has established and maintained internal <br />controls to provide reasonable assurance that the following objectives are met: <br />Transactions are properly recorded, processed, and summarized to permit the preparation of reliable <br />financial statements and to maintain accountability over assets <br />Assets are safeguarded against loss from unauthorized acquisition, use, or disposition <br />Transactions are executed in accordance with laws and regulations that could have a direct and material <br />effect on the financial statements <br />We will finalize our audit programs during this phase. We will also provide an updated prepared by client listing <br />based on our test results and anticipated substantive testing. <br />City of Santa Ana RFP No. 24-009 Page 33 of 63 <br />