Laserfiche WebLink
• Adriana Buford, Accountant/Auditor <br />The nature, timing, and extent of the specific procedures to be performed by the Internal Auditor <br />will be discussed and approved at the completion of the initial program risk assessment and <br />updated annually by the parties. Any substantive change to the Services described herein will be <br />reduced to writing in the form of an Authorization of Change in Services as stipulated in Section <br />4.2 of the Agreement. Professional staff will be added as needed throughout the term of the <br />engagement to execute the monitoring services as specified herein. <br />1.1 TASK 1— CDBG-DR MONITORING <br />In monitoring projects managed by the City and its subrecipients, the Internal Auditor will: <br />1.1.1 Design. Under the design task, the Internal Auditor will generally assess types of projects <br />and subrecipients and design a protocol and risk based plan based on this assessment (the "risk <br />assessment") that will set the process and priorities for monitoring the City's CDBG-DR activities <br />as well as the subrecipient's CDBG-DR activities. The Internal Auditor will customize a <br />monitoring protocol for the City that is inclusive of relevant requirements from Chapter 24 of the <br />Code of Federal Regulations (C.F.R.), depending upon the types of projects implemented by the <br />City, as well as 2 C.F.R. 200. Further, the Internal Auditor will test the City's and the <br />subrecipient's CDBG-DR activity against any agreement conditions specified in the City's grant <br />agreement with HUD and the City's subrecipient agreements with their subrecipients. In addition, <br />the Internal Auditor will review City activity by understanding the City's policies, procedures, and <br />activities related to the administration of the CDBG-DR program, comparing those activities <br />against grant requirements and best practices to identify areas of potential concern, testing for <br />compliance with federal regulations and City policy and procedures, and communicating <br />observations through periodic written reports to the City. The City's subrecipients, depending <br />upon the risk of the entity and the Project, will undergo ongoing desk monitoring and may be <br />subjected to one or more onsite visits whereby monitors can ascertain the adequacy of policies and <br />procedures, accounting systems, project progress, and test a certain number of federal grant <br />transactions. The purpose and nature of projects chosen by the City will drive the monitoring <br />approach and the Internal Auditor will select the appropriate monitoring approach for each project. <br />The Internal Auditor will utilize protocols that will address all types of projects under broad <br />categories of housing, service, and infrastructure. Finally, the risk assessment of the subrecipient <br />will involve examining the entity's audit findings from their single audits and will assess <br />experience managing federal funding, indicators, among other key factors. <br />1. 1.2 Monitor. Under the monitoring task, the Internal Auditor will generally use the protocols <br />and risk based monitory plan, communicate with subrecipients and establish monitoring cadence. <br />The Internal Auditor will work with City staff to ensure that all subrecipients are aware of <br />monitoring requirements and events. The Internal Auditor will devise a schedule based upon a <br />risk assessment of the projects and the subrecipients so that together, the City and the Internal <br />Auditor can engage in effective monitoring. Whether the monitoring required is a mix of ongoing <br />desk monitoring of financial reports and progress reports or onsite monitoring visits, the Internal <br />Deloitte & Touche, LLP Agreement for Internal Auditor Services 2017 <br />3 <br />