Frequently Asked Questions

​​​​​What should I do if I suspect fraud, waste or abuse of City resources? 

Contact the City Auditor's Office. We can be reached at (757) 385-5870. Please be as specific as possible when describing the situation. Communication with us is confidential. If you wish to remain anonymous, send us a detailed description of the situation through the mail. Our address is City of Virginia Beach, Office of the City Auditor, 2401 Courthouse Drive, Room 344, Virginia Beach VA 23456-9012.

How does the Office of the City Auditor maintain objectivity and confidentiality?

To ensure objectivity, confidentiality and reliability of audit work, the Office of the City Auditor operates independently of all other City functions, programs and departments. The City Auditor reports to City Council through the Council-appointed Audit Committee.

Is the Office of the City Auditor required to comply with professional standards?

Yes. Following professional standards ensures reliable products. The professional standards by which we abide are described in the Government Auditing Standards and are adhered to in conducting all engagements. These standards include requirements for determining the scope of review; planning of work; ensuring evidence is sufficient, competent and relevant; and reporting is clear and accurate.

How do we determine what to review?

Determining areas on which to focus limited audit resources is the key to a successful audit function, particularly in a large organization such as ours. With this in mind, the Office of the City Auditor uses a multi-faceted approach to project planning and selection. Our process includes (1) soliciting input from City leadership; (2) reviewing departmental requests; and (3) assessing audit risk.

The Office has developed an enterprise audit risk model which provides an in-depth assessment of audit risk based on our evaluation of indicators in the following business risk areas: financial, legal liability, regulatory compliance, public image, program/agency specific, data integrity and reliability, confidentiality of data, safeguarding proprietary data, disaster recovery/contingency planning.

The risk assessment model is organized by auditable units (primarily City programs) within departments. Extensive data is collected for each auditable unit in order to evaluate the program's inherent risk. Inherent risk refers to the business or other risks present in an organization or program due to the nature of the services or activities performed.

Our evaluation includes gathering and analyzing data from various sources (i.e., management interviews, budgets, financial reports, and the City programs themselves).

We then use these results, in conjunction with input from City leadership and departmental requests, to develop our annual audit plan.

What is the Office of the City Auditor's involvement in the external audit of the City?

City Charter, Chapter 8, Financial Administration, Section 8.06 states, "The council shall cause to be made an independent audit of the city's finances at the end of each fiscal year by the auditor of public accounts of the commonwealth or by a firm of independent certified public accountants to be selected by the council. One copy of the report of such audit shall be always available for public inspection in the office of the city clerk during regular business hours."

The annual audit is conducted by a Certified Public Accounting firm. The Office of the City Auditor manages the contract and coordinates efforts toward accomplishing external audit work. The annual audit combined with the audits performed by the Office of the City Auditor help the City to maintain financially sound operations with strong internal controls.
Contact Information