AUDIT COMMITTEE SUMMARY
Follow-Up Audit of Office of Risk Management
Liability Claims Process
Audit Objective
Determine if recommendations made in the prior audit of Risk Management Liability Claims have been effectively implemented.
Background
On September 19, 2019 the Office of the City Auditor completed an audit of the Office of Risk Management Liability Claims Process. The objective of the audit was to determine if in-house liability claims are managed in accordance with internal policies and State statutes.
The Office of the City Auditor concluded that Risk Management is managing in-house liability claims in accordance with internal policies and State statutes. Internal policies are consistent with State statutes. Risk Management produced the monthly reconciliation and performance measure reports. Finally, Risk Management was in adherence with the regulatory requirements in the Texas Tort Claims Act and the City Charter.
However, we identified an area in need of improvement. Risk Management did not have a documented process in place to control user access to VOS, the Valley Oaks System. In addition, we became aware of control weaknesses surrounding the claim payment process. As a result, we made additional recommendations to strengthen controls surrounding the check issuance process.
Scope and Methodology
The audit scope was limited to the recommendations and corrective action plans made in the original report for the time frame from October 2019 to September 2020.
Conclusions
We determined that the Office of Risk Management has successfully implemented adequate controls to address the prior audit recommendations. Specifically, the Office of Risk Management has implemented a process to manage access to VOS that includes granting, changing, delimiting, and monitoring access.
Risk Management also implemented controls that strengthen the control environment for claims payments. Risk Management has implemented controls including proper review, authorization, and document support of liability claims. Risk Management has also eliminated the practice of allowing departmental staff to physically pick up claim checks.
There are no findings. Consequently, we make no recommendations to management.