Jurris.COM
Part 3.5. Internal Audits of California Government Code >> Division 3. >> Title 2. >> Part 3.5.
The Legislature finds and declares as follows:
(a) Recent corporate scandals and federal legislation, such as the Sarbanes-Oxley Act of 2002 (P.L. 107-204), focus attention on the importance of internal audit activity to public accountability and governance.
(b) Ensuring the independence of internal auditors of state agencies and that their findings are reported to the appropriate levels of government is critical to safeguarding public funds and the public trust.
(a) Recent corporate scandals and federal legislation, such as the Sarbanes-Oxley Act of 2002 (P.L. 107-204), focus attention on the importance of internal audit activity to public accountability and governance.
(b) Ensuring the independence of internal auditors of state agencies and that their findings are reported to the appropriate levels of government is critical to safeguarding public funds and the public trust.
(a) Any governing body that oversees a state agency that
performs or reviews internal audits shall establish an audit
committee that generally meets the frameworks recommended by the
American Institute of Certified Public Accountants, as set forth in
the publication entitled "AICPA Audit Committee Toolkit: Government
Organizations."
(b) For purposes of this chapter, "governing body" means a board, commission, board of trustees, council, or other similar body that oversees a state agency.
(b) For purposes of this chapter, "governing body" means a board, commission, board of trustees, council, or other similar body that oversees a state agency.
(a) The Controller, the Director of Finance, and the
respective staffs thereof, and all state agencies that have their own
internal auditors or that conduct internal audits or internal audit
activities, shall conduct internal audit activity under the general
and specified standards of internal auditing prescribed by the
Institute of Internal Auditors or the Government Auditing Standards
issued by the Comptroller General of the United States, as
appropriate.
(b) Nothing in this article is intended to limit the rights or obligations of internal auditors to conduct internal audits and audit activities in accordance with other laws and regulations that may apply to a particular entity.
(b) Nothing in this article is intended to limit the rights or obligations of internal auditors to conduct internal audits and audit activities in accordance with other laws and regulations that may apply to a particular entity.
(a) In order to achieve independence and objectivity
pursuant to Section 13886, for any state agency that does not report
to a governing body, the internal auditor operations shall meet all
of the following requirements:
(1) The chief internal auditor shall be accountable to the head or deputy head of the state agency.
(2) The chief internal auditor shall report audit findings and recommendations made under his or her jurisdiction to the head or deputy head of the state agency and to the general counsel to the state agency, if applicable.
(3) The operations shall be organizationally outside the staff or line management function of the unit under audit.
(b) In order to achieve independence and objectivity as required by the standards identified in Section 13886, for any state agency that is overseen by a governing body, the internal audit operations shall meet all of the following requirements:
(1) The chief internal auditor shall be accountable to the audit committee of the governing body.
(2) The chief internal auditor shall report audit findings and recommendations made under his or her jurisdiction to the audit committee and the general counsel to the governing body.
(3) The operations shall be organizationally outside the staff or line management function of the unit under audit.
(1) The chief internal auditor shall be accountable to the head or deputy head of the state agency.
(2) The chief internal auditor shall report audit findings and recommendations made under his or her jurisdiction to the head or deputy head of the state agency and to the general counsel to the state agency, if applicable.
(3) The operations shall be organizationally outside the staff or line management function of the unit under audit.
(b) In order to achieve independence and objectivity as required by the standards identified in Section 13886, for any state agency that is overseen by a governing body, the internal audit operations shall meet all of the following requirements:
(1) The chief internal auditor shall be accountable to the audit committee of the governing body.
(2) The chief internal auditor shall report audit findings and recommendations made under his or her jurisdiction to the audit committee and the general counsel to the governing body.
(3) The operations shall be organizationally outside the staff or line management function of the unit under audit.
(a) When the chief internal auditor of a state agency
believes that senior management in the state agency has accepted a
level of residual risk that may be unacceptable to the organization
or that senior management has otherwise not taken appropriate action
in response to a finding or recommendation by its internal auditors,
the chief internal auditor shall discuss the matter with senior
management and the general counsel to the state agency. If that
decision regarding residual risk or the need for appropriate action
in response to an audit finding or recommendation, or both, does not
resolve the issue, the chief internal auditor and general counsel
shall jointly report the matter to the next highest level of
management as pertains to the state agency, including, but not
limited to, the chair of the governing body overseeing the state
agency, the agency secretary, the Governor's office, or the
appropriate constitutional officer.
(b) If the decision regarding residual risk or the need for appropriate action in response to an audit finding or recommendation that could have a significant impact on the state's fiscal operations, the performance of a significant government program, or the delivery of a significant government service, or other similar significant or critical government services, as determined by the chief internal auditor, is still not resolved after making the disclosures required pursuant to subdivision (a), the chief internal auditor shall report the matter to the Joint Legislative Audit Committee and the State Auditor. At the direction of the Joint Legislative Audit Committee, the State Auditor shall investigate a disclosure made pursuant to subdivision (b) and report the results of the investigation in accordance with Chapter 6.5 (commencing with Section 8543) of Division 1. The disclosure requirements of this subdivision shall not apply to any chief internal auditor who reports and makes disclosures to an audit committee, as described in subdivision (b) of Section 13887.
(c) Any chief internal auditor who makes a disclosure pursuant to this section shall receive all protection available under the California Whistleblower Protection Act (Article 3 (commencing with Section 8547) of Chapter 6.5 of Division 1).
(b) If the decision regarding residual risk or the need for appropriate action in response to an audit finding or recommendation that could have a significant impact on the state's fiscal operations, the performance of a significant government program, or the delivery of a significant government service, or other similar significant or critical government services, as determined by the chief internal auditor, is still not resolved after making the disclosures required pursuant to subdivision (a), the chief internal auditor shall report the matter to the Joint Legislative Audit Committee and the State Auditor. At the direction of the Joint Legislative Audit Committee, the State Auditor shall investigate a disclosure made pursuant to subdivision (b) and report the results of the investigation in accordance with Chapter 6.5 (commencing with Section 8543) of Division 1. The disclosure requirements of this subdivision shall not apply to any chief internal auditor who reports and makes disclosures to an audit committee, as described in subdivision (b) of Section 13887.
(c) Any chief internal auditor who makes a disclosure pursuant to this section shall receive all protection available under the California Whistleblower Protection Act (Article 3 (commencing with Section 8547) of Chapter 6.5 of Division 1).
(a) If an internal auditor employed by a state agency has a
good faith belief that the agency management is interfering with the
internal auditor's or auditors' ability to comply with the provisions
of this part, that the internal auditor or auditors are under
pressure to modify or limit findings or recommendations, or that
senior management is not taking appropriate action in response to an
audit finding or recommendation, the internal auditor may report the
information supporting that good faith belief to the State Auditor.
(b) The State Auditor may investigate any report made pursuant to subdivision (a) and if the allegations are substantiated, shall report his or her findings pursuant to Chapter 6.5 (commencing with Section 8545) of Division 1.
(c) Any internal auditor making a report pursuant to this section shall receive all protection available under the California Whistleblower Protection Act (Article 3 (commencing with Section 8547) of Chapter 6.5 of Division 1).
(b) The State Auditor may investigate any report made pursuant to subdivision (a) and if the allegations are substantiated, shall report his or her findings pursuant to Chapter 6.5 (commencing with Section 8545) of Division 1.
(c) Any internal auditor making a report pursuant to this section shall receive all protection available under the California Whistleblower Protection Act (Article 3 (commencing with Section 8547) of Chapter 6.5 of Division 1).
