BILL NUMBER: SB 1452 INTRODUCED
BILL TEXT
INTRODUCED BY Senator Speier
FEBRUARY 23, 2006
An act to amend Sections 1236, 1237, 8546.5, and 8546.6 of, to add
Section 8546.2 to, to add Article 4 (commencing with Section 8548.7)
to Chapter 6.5 of Division 1 of Title 2 of, and to add Part 3.5
(commencing with Section 13885) to Division 3 of Title 2 of, the
Government Code, and to amend Sections 11751.5 and 11873 of the
Insurance Code, relating to state audits.
LEGISLATIVE COUNSEL'S DIGEST
SB 1452, as introduced, Speier State audits.
(1) Existing law requires that the Controller, the Director of
Finance, and the respective staffs of all state agencies that have
their own internal auditors or that conduct internal audits or
internal audit activities, and all city, county, city and county, and
district employees that conduct internal audits or internal audit
activities of those respective agencies, utilize the general and
specified standards of internal auditing specified in a publication
of the Institute of Internal Audits.
This bill instead would require these entities to conduct their
work under the general and specified standards prescribed by the
Institute of Internal Auditors or the Government Auditing Standards
issued by the Comptroller General of the United States, as
appropriate, and except as specified.
(2) Existing law sets forth the duties and authority of the State
Auditor generally in conducting audit activities on behalf of the
state.
This bill would require the State Auditor to request that any
state or local agency, or any publicly created entity, that is the
subject of an audit conducted under these provisions to provide
updates on its progress in implementing the recommendations made by
the State Auditor, at intervals prescribed by the State Auditor. It
would require state agencies to provide these updates to the State
Auditor.
This bill would enact the Omnibus Audit Accountability Act of
2006, to require the State Auditor to, by January 15th of each year,
report to specified entities with respect to each state agency audit
recommendation it has made that is more than 1 year old and that has
not been implemented by the affected agency. It would require any
state agency that is notified by the State Auditor that it has not
implemented a recommendation made pursuant to this chapter more than
one year prior, to provide specified information in that regard.
(3) Existing law authorizes the State Auditor to establish a
high-risk government agency audit program for the purpose of
identifying, auditing, and issuing reports on any agency of the
state, that the State Auditor identifies as being at high risk for
the potential of waste, fraud, abuse, and mismanagement or that has
major challenges associated with its economy, efficiency, or
effectiveness, subject to specified criteria.
This bill instead would require the State Auditor to establish
this program.
(4) Existing law requires all state and local agencies with an
aggregate spending of $50,000,000 or more annually to consider
establishing an ongoing internal audit function.
This bill instead would apply this provision to local agencies
only.
The bill would enact the Speier Internal Auditor Integrity and
Accountability Act of 2006, to require all state agencies with an
aggregate spending of $100,000,000 or more annually to establish an
ongoing internal audit function, subject to specified criteria. It
would require any governing body that oversees a state agency with
that aggregate spending amount to establish an audit committee,
subject to specified criteria. It would set forth the requirements
for reporting audit findings and recommendations by chief internal
auditors, and specifically provide that an individual reporting
certain information under these provisions is protected under
provisions of law protecting state employees from retaliation for
reporting waste, fraud, or abuse. It would further require the State
Auditor to annually select not less that two state agencies and
conduct a performance audit of the internal audit organizations
within the selected state agencies to determine whether the audit
organizations are meeting the requirements of these provisions.
(5) Existing law requires the Insurance Commissioner to designate
a licensed rating organization as his or her statistical agent to
gather and compile insurer experience statistics for specified
purposes.
This bill would specify that the designated statistical agent is a
publicly created entity for purposes of audits by the State Auditor.
(6) Existing law exempts the State Compensation Insurance fund
from certain provisions of law applying to state agencies, with
specified exceptions.
This bill would specify that the fund is subject to the provisions
of law governing audits by the State Auditor.
Vote: majority. Appropriation: no. Fiscal committee: yes.
State-mandated local program: no.
THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS:
SECTION 1. Section 1236 of the Government Code is amended to read:
1236. The Controller, the Director of the Department of
Finance, and the respective staffs thereof, all state agencies that
have their own internal auditors or that conduct internal audits or
that conduct internal audit activities, and all (a)
All city, county, city and county, and district employees that
conduct internal audits or that conduct internal audit activities of
those respective agencies, shall utilize
conduct their work under the general and specified standards
of internal auditing specified on the effective date of this
section in the publication entitled "Standards for the Professional
Practice of Internal Auditing," as published by the Institute of
Internal Auditors, Inc. in its fourth printing, dated April 1980. The
standards contained therein provide that: auditors should be
independent of the activities they audit; internal audits should be
performed with proficiency and due professional care; the scope of
the internal audit should encompass the examination and evaluation of
the adequacy and effectiveness of the organization's system of
internal control and the quality of performance in carrying out
assigned responsibilities; audit work should include planning the
audit, examining and evaluating information, communicating results
and following up; and the director of internal auditing should
properly manage the internal auditing department
prescribed by the Institute of Internal Auditors or the Government
Auditing Standards issued by the Comptroller General of the United
States, as appropriate .
(b) Nothing in this section is intended to limit the rights or
obligations of internal auditors to conduct internal audits and audit
activities in accordance with other laws and regulations that may
apply to a particular entity.
SEC. 2. Section 1237 of the Government Code is amended to read:
1237. All state and local agencies with an
aggregate spending of fifty million dollars ($50,000,000) or more
annually shall consider establishing an ongoing internal audit
function.
SEC. 3. Section 8546.2 is added to the Government Code, to read:
8546.2. (a) The State Auditor shall request that any state
agency, as defined in Section 11000, whether created by the
California Constitution or otherwise, any local governmental agency,
including any city, county, city and county, school, or special
district, or any publicly created entity, that is the subject of an
audit conducted pursuant to this chapter provide updates on its
progress in implementing the recommendations made by the State
Auditor, at intervals prescribed by the State Auditor.
(b) Any state agency described in subdivision (a) shall provide
the State Auditor, in the form prescribed by the State Auditor, with
updates on implementation of recommendations as described in
subdivision (a).
SEC. 4. Section 8546.5 of the Government Code is amended to read:
8546.5. (a) The State Auditor may shall
establish a high-risk government agency audit program for the
purpose of identifying, auditing, and issuing reports on any agency
of the state, whether created by the California Constitution or
otherwise, that the State Auditor identifies as being at high risk
for the potential of waste, fraud, abuse, and mismanagement or that
has major challenges associated with its economy, efficiency, or
effectiveness.
(b) In addition to identifying an agency as high risk on the basis
of weaknesses identified in audit and investigative reports produced
by the bureau, the State Auditor may consult with the Legislative
Analyst, the Milton Marks "Little Hoover" Commission on California
State Government Organization and Economy, the Office of Inspector
General within the Department of Corrections, the Department of
Finance, and other state agencies that have oversight
responsibilities over any other agency of the state, in identifying
state agencies that are at high risk.
(c) The State Auditor shall notify the Joint Legislative Audit
Committee whenever it identifies a state agency as at high risk.
(d) The State Auditor may issue audit reports with recommendations
for improvement in state agencies identified as at high risk not
less than once every two years.
(e) The State Auditor may require state agencies identified as
high risk to periodically report to the auditor regarding the status
of recommendations for improvement made by the State Auditor or other
state oversight agencies.
SEC. 5. Article 4 (commencing with Section 8548.7) is added to
Chapter 6.5 of Division 1 of Title 2 of the Government Code, to read:
Article 4. Omnibus Audit Accountability Act of 2006
8548.7. This article shall be known and may be cited as the
Omnibus Audit Accountability Act of 2006.
8548.9. (a) The State Auditor shall, by January 15th of each
year, report to the Joint Legislative Budget Committee, the Joint
Legislative Audit Committee, and the Department of Finance with
respect to each state agency audit recommendation it has made that is
more than one year old and that has not been implemented by the
affected agency.
(b) The report shall clearly identify the state agency audited,
the audit that contained the recommendation, a brief description of
the recommendation, the date it was issued, and the most recent
explanation provided by the agency to the State Auditor on the status
of the recommendation.
(c) Any state agency that is notified by the State Auditor that it
has not implemented a recommendation made pursuant to this chapter
more than one year prior, shall do either of the following:
(1) Provide a written report to the State Auditor, the respective
policy committees and budget subcommittees of the Assembly and Senate
with oversight of the agency, and the Department of Finance,
explaining why the audit recommendation has not been implemented.
(2) Notify all entities described in subdivision (a) that it will
begin implementing the audit recommendation within 90 days of the
notification by the State Auditor, and include the estimated date of
implementation.
SEC. 6. Part 3.5 (commencing with Section 13885) is added to
Division 3 of Title 2 of the Government Code, to read:
PART 3.5. Speier Internal Auditor Integrity and Accountability
Act of 2006
13885. This act shall be known and may be cited as the Speier
Internal Auditor Integrity and Accountability Act of 2006.
13885.5. The Legislature finds and declares as follows:
(a) Recent corporate scandals and federal legislation, such as the
Sarbanes-Oxley Act of 2002 (Pub. L. No. 107-204), focus attention
on the importance of internal audit activity to public accountability
and governance.
(b) Ensuring the independence of internal auditors of state
agencies and that their findings are reported to the appropriate
levels of government is critical to safeguarding public funds and the
public trust.
13886. (a) (1) All state agencies with an aggregate spending of
one hundred million dollars ($100,000,00) or more annually shall
establish an ongoing internal audit function.
(2) For purposes of this chapter, "state agency" has the same
meaning as set forth in Section 11000, whether created by the
California Constitution or otherwise.
(b) Any governing body that oversees a state agency with the
aggregate spending described in subdivision (a) shall establish an
audit committee that generally meets the frameworks recommended by
the American Institute of Certified Public Accountants, as set forth
in the publication entitled "AICPA Audit Committee Toolkit:
Government Organizations."
13886.5. (a) The Controller, the Director of Finance, and the
respective staffs thereof, and all state agencies that have their own
internal auditors or that conduct internal audits or internal audit
activities, shall conduct internal audit activity under the general
and specified standards of internal auditing prescribed by the
Institute of Internal Auditors or the Government Auditing Standards
issued by the Comptroller General of the United States, as
appropriate.
(b) Nothing in this section is intended to limit the rights or
obligations of internal auditors to conduct internal audits and audit
activities in accordance with other laws and regulations that may
apply to a particular entity.
13887. (a) In order to achieve independence and objectivity
pursuant to Section 13886, for any state agency that does not report
to a governing body, the internal auditor operations shall meet all
of the following requirements:
(1) The chief internal auditor shall be accountable to the head or
deputy head of the state agency.
(2) The chief internal auditor shall report audit findings and
recommendations made under his or her jurisdiction to the head or
deputy head of the state agency and to the general counsel to the
state agency, if applicable.
(3) The operations shall be organizationally outside the staff or
line management function of the unit under audit.
(b) In order to achieve independence and objectivity as required
by the standards identified in Section 13886, for any state agency
that is overseen by a governing body, the internal audit operations
shall meet all of the following requirements:
(1) The chief internal auditor shall be accountable to the audit
committee of the governing body.
(2) The chief internal auditor shall report audit findings and
recommendations made under his or her jurisdiction to the audit
committee and the general counsel to the governing body.
(3) The operations shall be organizationally outside the staff or
line management function of the unit under audit.
13887.5. (a) When the chief internal auditor of a state agency
believes that senior management in the state agency has accepted a
level of residual risk that may be unacceptable to the organization
or that senior management has otherwise not taken appropriate action
in response to a finding or recommendation by its internal auditors,
the chief internal auditor shall discuss the matter with senior
management and the general counsel to the state agency. If that
decision regarding residual risk or the need for appropriate action
in response to an audit finding or recommendation, or both, does not
resolve the issue, the chief internal auditor and general counsel
shall jointly report the matter to the next highest level of
management as pertains to the state agency, including, but not
limited to, the chair of the governing body overseeing the state
agency, the agency secretary, the Governor's office, or the
appropriate constitutional officer.
(b) If the decision regarding residual risk or the need for
appropriate action in response to an audit finding or recommendation
that could have a significant impact on the state's fiscal
operations, the performance of a significant government program, or
the delivery of a significant government service, or other similar
significant or critical government services, as determined by the
chief internal auditor, is still not resolved after making the
disclosures required pursuant to subdivision (a), the chief internal
auditor shall report the matter to the Joint Legislative Audit
Committee and the State Auditor. At the direction of the Joint
Legislative Audit Committee, the State Auditor shall investigate a
disclosure made pursuant to subdivision (b) and report the results of
the investigation in accordance with Chapter 6.5 (commencing with
Section 8543) of Division 1. The disclosure requirements of this
subdivision shall not apply to any chief internal auditor who reports
and make disclosures to an audit committee, as described in
subdivision (b) of Section 13887.
(c) Any chief internal auditor who makes a disclosure pursuant to
this section shall receive all protection available under the
California Whistleblower Protection Act (Article 3 (commencing with
Section 8547) of Chapter 6.5 of Division 1).
13888. (a) If an internal auditor employed by a state agency has
a good faith belief that the agency management is interfering with
the internal auditor's or auditors' ability to comply with the
provisions of this part, that the internal auditor or auditors are
under pressure to modify or limit findings or recommendations, or
that senior management is not taking appropriate action in response
to an audit finding or recommendation, the internal auditor may
report the information supporting that good faith belief to the State
Auditor.
(b) The State Auditor may investigate any report made pursuant to
subdivision (a) and if the allegations are substantiated, shall
report his or her findings pursuant to Chapter 6.5 (commencing with
Section 8545) of Division 1.
(c) Any internal auditor making a report pursuant to this section
shall receive all protection available under the California
Whistleblower Protection Act (Article 3 (commencing with Section
8547) of Chapter 6.5 of Division 1).
13888.5. In order to determine that internal audit organizations
have the controls in place to ensure that they are free to
independently conduct audit work, and that state agencies take
appropriate action in response to the findings and recommendations
made by their internal auditors, the State Auditor shall annually
select not less that two state agencies and conduct a performance
audit of the internal audit organizations within the selected state
agencies for that fiscal year to determine whether the audit
organizations are meeting the requirements of this chapter.
SEC. 7. Section 11751.5 of the Insurance Code is amended to read:
11751.5. The commissioner, after notice and hearing, may
promulgate reasonable rules and statistical plans, which may be
modified from time to time and which shall be used thereafter in the
recording and reporting by insurers of their loss and expense
experience in order that the experiences of all insurers may be made
available in such form and detail as may be necessary to aid the
commissioner in administering the provisions of Article 2 (commencing
with Section 11730). The commissioner shall designate a rating
organization licensed under this article as his or her statistical
agent to gather and compile such those
experience statistics and all licensed rating organizations shall
report the experience of their members to such
the designated rating organization. The
designated statistical agent is a publicly created entity
for purposes of Chapter 6.5 (commencing with Section 8543) of
Division 1 of Title 2 of the Government Code. Subject to
reasonable rules approved by the commissioner, such
the designated rating organization shall make
such the experience statistics, when compiled,
available to all licensed rating organizations and may make a
reasonable charge to other rating organizations for the expense
incurred by it in combining, tabulating , and compiling
the experience of all workers' compensation insurers.
SEC. 8. Section 11873 of the Insurance Code is amended to read:
11873. (a) Except as provided by subdivision (b), the fund shall
not be subject to the provisions of the Government Code made
applicable to state agencies generally or collectively, unless the
section specifically names the fund as an agency to which the
provision applies.
(b) The fund shall be subject to the provisions of Chapter 10.3
(commencing with Section 3512) of Division 4 of Title 1 of, and
Chapter 6.5 (commencing with Section 8543) of Division 1 of Title 2
of, the Government Code, and Division 5 (commencing with
Section 18000) of Title 2 of , the Government
Code, with the exception of all of the following provisions of
that division :
(1) Article 1 (commencing with Section 19820) and Article 2
(commencing with Section 19823) of Chapter 2 of Part 2.6 of Division
5 of Title 2 of the Government Code .
(2) Sections 19849.2, 19849.3, 19849.4, and 19849.5 of
the Government Code .
(3) Chapter 4.5 (commencing with Section 19993.1) of Part 2.6 of
Division 5 of Title 2 of the Government Code .
(c) Notwithstanding any provision of the Government Code or any
other provision of law, the positions funded by the State
Compensation Insurance Fund are exempt from any hiring freezes and
staff cutbacks otherwise required by law. This subdivision is
declaratory of existing law.