MINUTES OF THE REGULAR MEETING
Table of Contents
Subject Page No. Exhibit
1. Adoption of Proposed Meeting Agenda 2
2. Approval of the Minutes of the Regular Meeting of March 21, 2013 2
3. Internal Audit Activity Report 2 3-A
4. Risk Management Update 3
· Status of Comprehensive NYPA-wide Risk Assessment 3
5. Next Meeting 3
Minutes of the regular meeting of the New York Power Authority’s Audit Committee held at the Authority’s offices at 123 Main Street, White Plains, New York at approximately 9:20 a.m.
The following Members of the Audit Committee were present:
Also in attendance were:
John Koelmel Chairman, New York Power Authority
Gil Quiniones President and Chief Executive Officer
Edward Welz Chief Operating Officer
Judith McCarthy Executive Vice President and General Counsel
Donald Russak Executive Vice President and Chief Financial Officer
William Nadeau Senior Vice President and Chief Risk Officer
Karen Delince Corporate Secretary
Dennis Eccleston Vice President – Information Technology/Chief Information Officer
Lesly Pardo Vice President – Internal Audit
Frank Deaton Director – Enterprise Risk Management
Charles Douma Director – General Accounting and Financial Accounting
Gary Schmid Manager – Network Services
Lorna Johnson Associate Corporate Secretary
Sheila Baughman Assistant Corporate Secretary
Chairman Terrance P. Flynn presided over the meeting. Corporate Secretary Delince kept the Minutes.
Chairman Flynn welcomed committee members Trustees Nicandri and LeChase, the Authority’s Chairman and senior staff to the meeting. He said the meeting had been duly noticed as required by the Open Meetings Law and called the meeting to order pursuant to section B(4) of the Audit Committee Charter.
1. Adoption of the Proposed Meeting Agenda
By motion made and seconded the agenda for the meeting was adopted.
2. Approval of the Minutes
Upon motion made and seconded, the Minutes of the Committee’s Regular Meeting of September 24, 2012 were approved.
3. Internal Audit Activity Report
The Vice President of Internal Audit submitted the following report:
The Internal Audit Activity Report covers the performance of the Internal Audit Department for the period January 1 through June 30, 2013. The report provides the status of the 2013 Audit Plan as of June 30, 2013, including a summary of completed audits, audits in progress and reports issued (see Exhibit ‘3-A’).
The Internal Audit Department is an independent, objective and consulting function designed to add value by improving the Authority’s internal control structure and operations. It helps the organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate, test and improve the effectiveness of internal controls, risk management and governance processes.
The Audit Committee Charter states that the Committee shall provide oversight of the Office of Internal Audit (‘OIA’) and the OIA’s resources and activities to facilitate the OIA’s improvement of internal controls. In addition, the Committee shall meet at least three times a year with the head of the OIA for the purpose of reviewing audit activities, audit findings, management’s responses, remedial action plans, and providing the OIA with an opportunity to discuss items and topics of relevance to the Audit Committee.
The purpose of this report is to provide the Audit Committee the status of the 2013 Internal Audit Plan, which was reviewed by the Committee at its meeting in March.”
In response to a question from Authority Chairman Koelmel, Mr. Pardo said the OIA generally provides an overall opinion on all reports and that the OIA does not rate its own report. He said the OIA uses three types of opinions: (1) internal controls are adequate and effective; (2) Internal controls need improvement (3) internal controls are inadequate. In response to further questioning from Authority Chairman Koelmel, Mr. Pardo said OIA staff did not note any material deficiencies in the Authority’s internal control system; however, they made a number of recommendations for improvement. Responding to still further questioning from Authority Chairman Koelmel, Mr. Pardo opined that the Authority has a very sound internal control system and reiterated that OIA made recommendations with regard to certain areas where the controls could be improved or strengthened. He said, overall, the Authority’s internal control system is effective.
4. Risk Management Update – Status of Comprehensive NYPA-wide Risk Assessment
Mr. William Nadeau provided an update of the Authority’s Risk Management. He said Risk Management staff initiated a comprehensive reassessment of the Authority’s risk profile. To date, they have completed sixteen of the eighteen workshops designed to examine the risk profiles of all the functional areas within the Authority. Mr. Nadeau continued that previously, the Authority had a comprehensive risk inventory; however, Mr. Donald Russak, Chairman of the Executive Risk Management Committee, along with Ms. Judith McCarthy, Mr. Edward Welz and Risk Management staff are working on establishing a framework for how risks are identified and assessed. They will also be working with a consultant to identify key risk indicators. He ended by saying that a report with respect to risk at the Authority will be presented at the September 24 Audit Committee and Board of Trustees meetings.
In response to a question from Trustee Nicandri, Mr. Nadeau said there were strong responses from staff when the Risk Management team gathered information for the report. He said, although aware of the sensitivity of the information in certain areas, staff’s objective was to collect the information responsibly and present it to the Audit Committee and Trustees in a transparent manner. Responding to further questioning from Trustee Nicandri, Mr. Nadeau said staff has visited all of the Authority’s facilities with the exception of SENY in Astoria and Corporate Support Services, which are scheduled for the following week.
In response to a question from Authority Chairman Koelmel, Mr. Nadeau said there were no major risk assessment issues that should be of concern to the Trustees. Although cyber security, for example, is high on the list from an impact and probability perspective, it is important to review all functional areas to ensure that nothing is overlooked. He said Risk Management endeavors to keep the Audit Committee and Board of Trustees appraised on risk management concerns within the Authority.
5. Next Meeting
Chairman Flynn said that the next regular meeting of the Audit Committee will be held on Tuesday, September 24, 2013, at the Niagara Power Project Power Vista (Visitors’ Center) in Lewiston, New York.
On motion made and seconded, the meeting was adjourned by the Chairman at approximately 9:35 a.m.