City auditor lays out FY27 audit plan focused on cybersecurity, contracts and high‑risk services

Tammy Dancler, the city auditor, presented the Newport News FY27 annual audit plan and told council the office will focus on high‑risk areas including cybersecurity, financial assets, government services and contract administration.

"The purpose of the audit plan . . . it guides the audit activities and workflow for the office and it outlines the audit focus for the next 12 months," Dancler said, describing a three‑phase approach of planning, fieldwork and public reporting.

Dancler listed proposed audits that the office expects to pursue in the coming year: a cybersecurity posture review; a fixed‑asset inventory and tracking audit; consulting and contract compliance reviews (including engineering and procurement contracts); audits of development business loans and grants; motorpool and fleet management; EMS billing accuracy and compliance; adult‑services program management; and code‑related reviews of permit fees and timelines.

Councilmembers welcomed the plan but emphasized council must rank priorities so the auditor can sequence work and carry items into future fiscal years if capacity is limited. Councilmember Long asked specifically whether the planned engineering contract audit would include pedestrian‑safety projects that residents have raised; Dancler said the audit team will pull particular contracts to evaluate as part of that scope.

The office also said it will continue running the fraud, waste and abuse hotline, perform quarterly SEAG and continuous credit‑card audits, and respond to council special requests. All draft and final audit reports will be made public on the auditor’s website.

The auditor’s presentation functions as a proposed work program; council members said they expect a recommendation to come back for formal consideration at the next council meeting and signaled they will review and prioritize the listed audits before final adoption.