Audit Annual Plan
Caltech's Audit Services completes over 30 Audits and Advisory Projects annually at both Campus and JPL.
2025 Campus Audits
Evaluate the adequacy and effectiveness of controls implemented to ensure the safety and security of operations at the Palomar facility including an evaluation of both the fire safety and emergency response plans.
Evaluate the adequacy and effectiveness of controls over the management and safeguarding of controlled substances and chemical precusors used in research in accordance with respective laws, regulations, and Campus policies and procedures.
Evaluate the adequacy and effectiveness of controls implemented over the Machine Guarding Program
Evaluate the adequacy and effectiveness of controls implemented to ensure compliance with NDAA 889 requirements which prohibit the purchase of covered telecommunications and video surveillance services or equipment from vendors who sell products containing spyware.
Evaluate the adequacy and effectiveness of controls implemented as part of the Radiation Safety Program to ensure safe operating practices during research activities.
Evaluate the adequacy and effectiveness of controls implemented over leaves and accommodations in accordance with laws, regulations, and Institute policies and procedures.
Evaluate the adequacy and effectiveness of controls implemented for key data repositories to ensure encryption at rest and in transit. This audit will include data maintained by key cloud providers.
Evaluate the adequacy and effectiveness of controls over backing up data for both managed and unmanaged systems.
Evaluate whether gross operating income is fairly stated in The Athenaeum FY2025 Summary P&L Statement. We will also evaluate the adequacy and effectiveness of IT controls as appropriate. We perform this audit biennially.
2025 JPL Audits
Evaluate the adequacy and effectiveness of controls implemented as part of the Radiation Safety Program to ensure safe operating practices during research activities.
Evaluate the adequacy and effectiveness of controls implemented over leaves and accommodations in accordance with laws, regulations, and Institute policies and procedures.
Evaluate the adequacy and effectiveness of controls implemented over supply change management.
Evaluate the adequacy and effectiveness of controls implemented over the newly appointed facilities management subcontractor to ensure compliance with contractual agreement.
Evaluate the adequacy and effectiveness of controls implemented in the I&T Facility to ensure compliance with federal, state, Prime Contract, and other internal requirements. This will include an evaluation of IT general controls. We will focus on the I&T Facility in Building 179.
Evaluate the adequacy and effectiveness of controls implemented over the storage, safety, and use of materials used in 3D printing.
Evaluate the adequacy and effectiveness of controls implemented to ensure the safety and security of operations at the Goldstone facility.
Evaluate the adequacy and effectiveness of controls implemented to ensure JPL's computing resources are appropriately patched.
Evaluate the adequacy and effectiveness of controls implemented for key data repositories to ensure encryption at rest and in transit. This audit will include data maintained by key cloud providers.
Evaluate the adequacy and effectiveness of processes and procedures implemented to grant internal and external users' access to JPL's Flight Mission Network.
Evaluate the adequacy and effectiveness of IT controls including penetration and vulnerability tests for selected systems. We will use a consultant to perform these tests.