Office of the Inspector General
Overview
The Office of the Inspector General of the Maryland-National Capital Park and Planning Commission is established pursuant to the Annotated Code of Maryland, Land Use Article, Division II, Title 15, Subtitle 5 of the Code.
The Office of the Inspector General (OIG) assists the Commission by providing independent evaluation and recommendations regarding opportunities to:
- Improve the effectiveness, productivity, or efficiency of Commission programs, policies, practices, and operations;
- Ensure public accountability by preventing, investigating, and reporting instances of fraud, waste, and abuse of Commission property or funds; and
- Examine, evaluate, and report on the adequacy and effectiveness of the systems of internal controls and their related accounting, financial, technology, and operational policies; and
- Preserve the Commission’s reputation.
The OIG is independent.  The OIG is led by the Inspector General (IG), who is appointed by the Commission’s Audit Committee.  OIG staff includes an Inspector General, a Deputy Inspector General, and five (5) professional auditors/inspectors.  Contact Information
In carrying out the mission, the OIG produces a number of confidential and public documents. Public documents include the Inspectors General Annual Work Plan, audit reports, and publications.
Performance Audits
Performance audits are completed in accordance with Generally Accepted Government Auditing Standards (GAGAS). Performance audits provide findings and recommendations based on an evaluation of sufficient, appropriate evidence against criteria. Within the Commission, performance audits often include a review of internal controls of a Commission facility, process or function (e.g. accounts payable, purchase card), or information systems.
The OIG also completes Follow-Up reviews to ensure management’s responses to audit recommendations have been successfully implemented and audit findings are resolved.
Information System/Information Technology Reviews (IS/IT)
IS/IT reviews are considered performance audits and are completed in accordance with GAGAS. IS/IT reviews may include pre or post implementation audits of Commission applications, review of general IT Controls (e.g. business recovery processes, user account management, etc.), compliance audits (e.g. Payment Card Industry Data Security Standards), or IT process audits.
Fraud, Waste, and Abuse Audit (FWA)
The Annotated Code of Maryland, Section §15-501 includes definitions for fraud, waste, and abuse. The OIG places the highest priority on evaluating and appropriately responding to allegations of fraud, waste, and abuse. Commission employees are required to report all suspected instances of fraud, waste, or abuse to the OIG. This includes suspected security breaches of Personally Identifiable Information (PII). (Please See Commission Practice 3-31, Fraud, Waste, and Abuse).
FWA audits are completed in accordance with the Principles and Standards for Offices of Inspector General.
Management Advisories
Commission management can request a management advisory review. The completion of these advisories is based on available resources and identified risks. Management advisories can include administrative investigations (e.g. review of general internal controls, budgetary analysis, operational review, etc.)
The depth of these reviews vary significantly resulting in a variety of presentations of the results including a short phone call or email message, a short memorandum, or an extensive memorandum that includes various recommendations. Management Advisories are considered non-audit services.
FAQs
Why does M-NCPPC have an Office of the Inspector General?
The creation of the Office of the Inspector General is mandated in the Annotated Code of Maryland, Land Use Division II, §15-401 – 15-508.
The Office of the Inspector General (OIG) assists the Commission by providing independent evaluation and recommendations regarding opportunities to:
- Improve the effectiveness, productivity, or efficiency of Commission programs, policies, practices, and operations;
- Ensure public accountability by preventing, investigating, and reporting instances of fraud, waste, and abuse of Commission property or funds;
- Examine, evaluate, and report on the adequacy and effectiveness of the systems of internal controls and their related accounting, financial, technology, and operational policies; and
- Preserve the Commission’s reputation.
Where does the OIG fit in the organization?
The OIG is independent. The OIG is led by the Inspector General (IG), who is appointed by the Commission’s Audit Committee. The OIG is governed by the Audit Committee.
OIG staff includes one (1) Inspector General, one (1) Deputy Inspector General, two (2) Assistant Inspector General, one (1) Senior IT Auditor, one (1) Senior Auditor, and one (1) Staff Auditor.
Who audits the Office of the Inspector General?
The Generally Accepted Government Auditing Standards (GAGAS) promulgated by the Government Accountability Office states that each audit organization performing audits in accordance with GAGAS must have an external peer review performed by reviewers independent of the audit organization at least once every three (3) years. The OIG partners with the Association of Local Government Auditors (ALGA) for the completion of a triennial annual peer review.  A copy of the OIG’s most recent peer review can be found at Office of the Inspector General Peer Review Reports.
If I call you with information about a possible irregularity, will my identity be kept a secret?
The Commission has implemented a Governance, Risk Management, and Compliance (GRC) hotline. The hotline or web reporting system is a confidential and anonymous solution for reporting illegal and unethical activities. It can be accessed toll-free at 1-800-363-5524 or http://www.reportlineweb.com/mncppc.
If you contact us directly, your identity will be kept confidential within the legal limits of the law. We will not reveal our sources to the person being investigated; and we always try to corroborate any accusations with our own observation.
How do I Report, Fraud, Waste, and Abuse?
Please call or email the Governance, Risk Management, and Compliance hotline.  The hotline or web reporting system is a confidential and anonymous solution for reporting illegal and unethical activities. It can be accessed toll-free at 1-800-363-5524 or http://www.reportlineweb.com/mncpc.
If you prefer to contact the Inspector General directly, please email your concerns to renee.kenney@mncppc.org.
What are internal inspectors/auditors looking for?
Primarily compliance with Commission policies and sound internal controls. M-NCPPC’s policies are designed to help ensure we all comply with applicable laws and regulations and operate efficiently. By following these policies, we help protect the Commission from unnecessary risks and help ensure sound business practices are consistent throughout the Commission.
However, not all internal controls can be codified in policy. If we find control weaknesses, we regularly make recommendations to implement a control even though it may not be specifically required by policy.
How are units selected for audit?
The IG, in coordination with the Audit Committee, develops an annual work plan based on an assessment of relative risks, that identifies areas and processes to be reviewed. In developing the work plan, the IG takes into consideration requests from the planning boards, commissioners, Commission employees, elected officials and members of the public.  The IG has final authority on the completion of work assignments.
To assist in this process, each year, the OIG performs a comprehensive risk assessment. With input from Commission management and key stakeholders, audit risk areas, such as purchase card processes, information systems or facilities are identified. The OIG then decides which areas to audit based on the results of the assessment and the audit resources available.
