You will review the initial Risk Assessment performed by the District’s previous internal auditor and will complete an annual Risk Assessment update in each of the subsequent year(s) of service. For each year of service contained in your proposal, you will identify systems with the greatest risk to the District, and make recommendations for the testing of the systems. A minimum of one system shall be tested each year, in accordance the NYS Comptroller’s Five Point Plan as adopted by the State of New York. Subsequent to testing of systems, a report shall be issued to the Audit Committee and Board of Education that identifies and prioritizes the District’s significant risks, outlines the results of the testing and assessments performed on the system, and details recommendations for changes including enhancements or corrective action or any problems noted in the risk assessment. A timeline for implementation of the suggestions shall be given in all instances. The report shall also detail any further testing that is recommended by the Auditor to be performed subsequent to the implementation of the corrective action plan, to mitigate the identified risk. The internal audit services will be conducted in accordance with generally accepted auditing standards; the standards for financial audits contained in Government Auditing Standards, issued by the Comptroller General of the United States; or the standards for internal audits established by the Institute of Internal Auditors and guidelines promulgated by the Department of Audit and Control and Education Department of the State of New York. The audit will include tests of the various operational systems of the District (i.e.: financial systems, computer security and access systems, extraclassroom activities and school food service including free and reduced price meal application process) and other procedures you consider necessary to enable you to assess the areas of risk that you have identified for the district.
