1. 2013 Office of City Auditor September 2013 Kenneth J. Mory CPA, CIA, CISA Presentation to the IIA Austin Chapter September 10, 2013

2.  IIARF Competency Framework  Building a Competency Plan  Case Study

3. “ The ability of an individual to perform a job or a task properly, being a set of defined knowledge, skills, and behavior. ”

4.  Changes in expectations of 21 st century auditors  Changes in the Competency Landscape  Financial Crisis and Aftermath  Social Media  Cyber Threats  Governance Changes  Regulation Changes (Affordable Care Act and Pension Accounting)  Why developing a competency process is critical to ongoing credibility

5.  Insights  Sustainability  Governance  Soft Skills  Root Cause Analysis - Defensive Mechanisms  Strong Core Skills and Knowledge

6.  How to develop a competency process “pathway to ensure competency, capacity, and relevance”  Where to focus your competency efforts  Why all traits, skills, and knowledge are not created equal  How to progress through the higher levels of the Internal Audit Capability Model

9. CompetentGapAction Governing Body Audit Committee CAE Auditor

10. The IIA Global Internal Audit Competency Framework

12. T HE 12 S TEP P ROCESS !

13. Description of Competency Capability Level Level 1 Initial Level 2 Infrastructure Level 3 Integrated Level 4 Managed Level 5 Optimizing Top-level professional and specialized skills Requisite skills/ competencies in place renewable and shareable Professionally qualified staff/Internal Audit Activity coordination Continued reliance on individual auditor Skills of individual auditor

15. Evaluate Current Staff Competency Evaluate Current Job Descriptions OCA STRATEGIC AUDIT PLAN CAE Identifies Needed Competencies Professional Judgment Risk-Based Prioritization of Competency Areas Determine Competency Strategies Training Recruiting SME Current Horizon Internal External STRATEGIC COMPETENCY PLAN A Competency Initiatives Revise Job Descriptions Revise Priorities Revise Organization A B B

16. KEY COMPETENCY AREAS Core Construction Cyber Security Engineering Financial Health Care Organizational Development Regulatory Matters Sustainability OBJECTIVES To ensure OCA possesses the knowledge, skills, and other competencies to meet GAGAS xxxxxx xxx To increase capability to address key risk areas xxxxxxxx COMPETENCY FOCUS Methodologies ( incl. RCA, I/C, & data analysis) xxxxxxxxx Evidence standardsx Communications (incl. inquiry & report writing) x Project managementx Develop capabilities addressing strategic risksxxxxxxxxx Strengthen staff insightxxxxxxxx IMPLEMENTATION STRATEGY Require relevant audit certificationx Provide cost-effective core competency trainingxxxxxxxxx Identify “go to” OCA staff to developxxxxxxxx Provide effective training in priority risk areasxxxxxxxx Encourage CISA certificationx TABLE 5 OCA Strategic Competency Plan

17.  Developing Integrated Auditors  Developing General Management Insight  Certification (Baseline)  Special Training  Removing the Mystique from IT Auditing  Becoming an Expert at Becoming an Expert  Defensive Mechanisms  Management Controls  Specialty Areas that are Key

18.  Auditing Standards GAGAS, IPPF, and others  City of Austin Government Council, Departments, Processes, Comprehensive Plan  OCA’s Governance Role Audit Services, Integrity Services, Strategic Audit Plan  Audit Process Planning; Fieldwork, Findings, and Evidence; Reporting; IT Audit; Fraud  Audit Tools and Resources Office, City, and Professional Organization Resources